Serveris.lv Privacy Policy

 

1. Controller of the processing of personal data

1.1. The controller of the processing of personal data is Serveris.lv (hereinafter “Serveris.lv”; unified registration no. 40003611251; registered office address: Cēsu 31, Riga, LV-1012; telephone +371 67299523; e-mail address: info@serveris.lv, hereinafter referred to as “(the) Controller”. Using technical and organisational data protection measures, it will process the data of the service recipient, hereinafter referred to as “(the) Customer” (Serveris.lv existing or future service recipient), as well as that of other persons, to the extent and in the manner required and permitted by the laws and regulations of the Republic of Latvia and the European Union.

Processor: other personal data processors affiliated with and authorised by Serveris.lv are also entitled to receive and process the Customer’s data on behalf of the Controller.

2. TERMS AND DEFINITIONS

2.1. Data Subject (hereinafter referred to as “Subject”): this refers to any natural person or legal entity who has communicated his/her/its personal data to the Controller and whose data is processed by the Controller in accordance with the general principles for the processing of personal data.

2.2. Personal Data (hereinafter referred to as “Data”): this refers to data about the Subject provided by the Subject to the Controller via the Controller’s website https://www.serveris.lv, online application forms, cookies, subscription to the Controller’s newsletter, notifications or other services, by e-mail or by telephone. This Data includes the Subject’s name, surname, contact telephone number, e-mail address, and other personal identification data.

2.3. Processing of personal data: this refers to any operation performed on the Data, including the collection, recording, organisation, storage, and transformation thereof, granting of access thereto, viewing, acquisition and use thereof, transfer thereof to third parties (for the purposes of initiating and providing services, as well as for the fulfilment and securing of contractual obligations), mutual use thereof, erasure thereof, or any of the operations mentioned above, regardless of the manner in which the operations are performed or the means by which they are performed.

2.4. Third Party: this refers to any natural person or legal entity other than the Subject, the Controller, or persons who process the Data on behalf of the Controller.

3. Applicable law:

3.1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “(the) General Data Protection Regulation”);

3.2. Personal Data Processing Law;

3.3. Archives Law;

3.4. Accounting Law;

3.5. Electronic Documents Law;

3.6. etc.

4. What is the Privacy Policy?

4.1. The Privacy Policy (hereinafter referred to as “(the) Policy”) provides information on how the Controller (Serveris.lv) collects, processes, stores, shares, deletes and protects the Customer’s and other persons’ data, thereby ensuring that the Customer’s personal data is processed lawfully, fairly and in a manner that is transparent to the Customer. The Policy applies to the Customer’s personal data, the processing of any natural person’s personal data, and the service provided to the Customer.

4.2. If the Controller updates this policy, any changes will be published in the “Privacy Policy” section of the serveris.lv website.

4.3. In order to provide better and more suitable products and services to the Customer, and also for the purpose of providing, maintaining, protecting and improving existing products and services, Serveris.lv processes data collected from the provision of services.

5. What personal data is processed by SIA Datateks?   

Serveris.lv only processes data that you voluntarily provide via application form, e-mail, or any other avenue (e-mail, telephone, name, etc., if provided).

6. PURPOSES AND PRINCIPLES OF THE PROCESSING OF PERSONAL DATA

6.1. Customer’s consent: the customer, as the personal data subject, gives his/her consent to the collection and processing of personal data for certain purposes. The Customer’s consent for direct marketing purposes, for the making of new and individual offers, will apply to the activities of Serveris.lv after the General Data Protection Regulation becomes applicable. The Customer’s consent shall be of his/her free will and his/her independent decision, which may be given at any time, thus allowing SIA Datateks to process personal data for the specified purposes. The Customer’s consent shall be binding on the Customer if it is given orally (during a telephone conversation, after the Customer has been identified) or via the sending of an electronic request after the Customer has been identified. The Customer has the right to withdraw his/her consent at any time by using the specified communication channels with Serveris.lv. Changes of which notification is given will take effect within three working days of receipt of the application. Withdrawal of consent shall not affect the lawfulness of processing based on consent before the withdrawal.

6.2. The Policy shall apply to privacy and Data Protection for: a) natural persons (customers); b) visitors to websites and mobile apps maintained by the Controller.

6.3. The Controller shall take care of the privacy and Data protection of the Subjects, and shall respect the Subjects’ right to lawfulness of Data processing according to Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and according to other applicable privacy and data processing legislation.

6.4. The Policy applies to the processing of Data regardless of the form and/or medium in which the Subject provides the Data (on the Controller’s website, via mobile apps, in paper form, or by telephone) and in which of the Controller’s systems or in which paper form they are processed.

6.5. The Controller undertakes not to transfer or lease the Data to third parties (except in cases where the transfer of the Data is necessary for the fulfilment of mutual obligations).

6.6. When processing the Data, the Controller shall comply with the principles set out in the Personal Data Protection Law and the EU’s General Data Protection Regulation.

7. For what purposes will Serveris.lv process the Customer’s personal data?

7.1. Serveris.lv will be processing personal data in order to ensure high-quality, timely and appropriate provision of services to the Customer during the effective period of the contractual relationship with Serveris.lv:

7.1.1. Entry into, and fulfilment of, the Agreement: to enable Serveris.lv to enter into and fulfil the Agreement with the Customer.

7.1.2. To enable Serveris.lv to process invoices and accounting data.

7.1.3. To comply with laws and regulations, and to respond to legitimate requests from the state and local government.

7.1.4. To provide customer support.

7.1.5. To be able to take actions to promote trade.

7.1.6. For efficient cash flow management, including administration of the Customer’s payments and debts.

7.2. Serveris.lv processes personal data in order to create and maintain internal processes of SIA Datateks, and to ensure document circulation and other internal processes (e.g. archiving of agreements and other documents) to the extent necessary and sufficient for this purpose.

8. Does the Customer have the right to restrict the processing of his/her data?

8.1. The Customer has the right to object, at any time, to the processing of his/her personal data, or to decline to receive commercial communications, by giving notice thereof to Serveris.lv, by sending an electronic request to the e-mail address, signed with a secure electronic signature. Changes of which notification is given will take effect within three working days, and may apply to some or all of the data provided by the Customer (depending on the Customer’s wishes), but not to data without which fulfilment of the contractual obligations is impossible. The changes will not affect the lawfulness of any processing of personal data that took place prior to the Customer’s objection and/or refusal referred to in this paragraph.

9. How does Serveris.lv obtain the Customer’s personal data?

9.1. Serveris.lv obtains the Customer’s personal data when the Customer:

9.1.1. uses services of Serveris.lv (in the Datateks office or remotely, subject to prior identification of the Customer);

9.1.2. participates in competitions, lotteries or surveys.

9.2. Serveris.lv may process personal data of the Customer that has been received from third parties if the Customer has consented to this (e.g., from holders of debt history databases, etc.).

10. What is the time period for processing of the Customer’s personal data?

10.1. Serveris.lv will process the Customer’s personal data as long as at least one of the following circumstances exists:

10.1.1. the Agreement between the Customer and Serveris.lv is in force;

10.1.2. a period of storage of the personal data has been defined by or results from the laws and regulations of the Republic of Latvia and the European Union;

10.1.3. to the extent necessary for the exercise and protection of legitimate interests of Serveris.lv, such as:

10.1.3.1. when reserving: 10 years, subject to statutory storage obligations;

10.1.3.2. for requests/offers: 2 years;

10.1.4. until the Customer’s consent to the processing of personal data has been withdrawn.

11. How does Serveris.lv protect personal data of the Customer that is in its possession?

12.1. Serveris.lv shall ensure, continuously review and improve security measures to protect the Customer’s personal data from unauthorised access, accidental loss, disclosure, or destruction. To ensure this, Serveris.lv applies modern technologies and technical and organisational requirements, including the use of firewalls, intrusion detection, analytical software, and data encryption.

12.2. Serveris.lv shall not be liable for any unauthorised access to personal data and/or loss of personal data if this is not due to the fault and/or negligence of Serveris.lv.

12.3. Serveris.lv shall not disclose to third parties the Customer’s personal data or any information obtained during the provision of services and the effective period of the agreement, including information about the services received, except: if the third party in question is required, within the framework of an agreement that has been entered into, to transfer the data in order to perform a function necessary for fulfilment of the agreement or delegated by law; on the basis of the Customer’s explicit and unambiguous consent; to persons provided for by external laws and regulations, upon justified request for it, in the manner and to the extent provided for by external laws and regulations; in cases provided for by external laws and regulations for the protection of the legitimate interests of the Controller (for example, a petition to a court or other public authorities against a person who has infringed these legitimate interests of the Controller).

13. What rights does the Customer have?

13.1. The right to contact Serveris.lv to obtain copies of personal data held by the Controller.

13.2. The right to correct any personal data on the Customer that is held by the Controller, by sending an electronic request, signed with a secure electronic signature, to the provided e-mail address.

13.3. The right to obtain information about any natural persons or legal entities who have received information about the Customer from the Controller within a given period of time. Serveris.lv will not provide the Customer with information about any state institutions that are conducting criminal proceedings, subjects of operational activity, or other institutions about which the law prohibits the disclosure of such information.

13.4. The right to request erasure or restriction of the processing of personal data when the processing thereof is no longer necessary for the purposes for which it was collected and processed (“right to be forgotten”).

13.5. The Customer has the right to the portability of his/her personal data when he/she changes service providers.

13.6. Contact the Controller or the authority supervising the personal data processing (Data State Inspectorate, www.dvi.gov.lv) with any questions on processing of personal data.

13.7. Contact the Controller’s data protection officer for information on the processing and protection of the Customer’s personal data.

 

In case of any questions about the processing of personal data, you can contact the Controller (registered office at SIA Datateks; registration number 40003611251; telephone +371 67299523; e-mail address: info@serveris.lv).