Privacy Policy

Data processing is subject to the General Data Protection Regulation of the European Union (GDPR), as well as the relevant rules and regulations that are in force in the Republic of Latvia. This privacy policy describes in general the way in which the COMPANY processes and protects personal data relating to individuals. Additional information on the processing of personal data is included in contracts and other documents related to the provision of services provided by the COMPANY.

 

Definitions:

Controller - Your Personal Data Controller is the COMPANY to which you have submitted your personal data on the basis of a contractual or pre-contractual relationship, or whose goods and services you (or the legal person or entity whose true beneficiary and/or representative of which you are) intend to buy.

Customer - a natural person who uses or has expressed an intention to purchase the goods and services that are offered by the COMPANY.

GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).

Personal data - any information directly or indirectly relating to an identified or identifiable Customer or other natural person whose data is processed in accordance with this Privacy Policy and the applicable law (such as the true beneficiary, legal representative, employee of a client who is a legal person).

Processing - any activity carried out using the Personal Data (including the collection, recording, storing, modification, provision of access, request, transfer of such data, etc.).

Service/Product - any service provided and/or goods sold by the COMPANY.


I. General information

 

In which cases does this Privacy Policy apply?

This Privacy Policy applies when you use, have used, or have expressed an intention or interest in purchasing the Services/Products offered by the COMPANY. It also applies to cases where you are indirectly affiliated with a Service (for example, as a provider of a collateral, as an insured person in an insurance contract or a representative of corporate or private clients). It also applies to cases when a relationship has been established prior to the entry into force of this Privacy Policy, as well as if you have provided and/or the COMPANY has acquired your Personal Data.

 

What type of my Personal Data is processed?

The exact set of processed Personal Data depends on the type of Service/Product and the relationship with the COMPANY. We are processing your Personal Data in order to provide and improve the service of Services/Product Sales. In addition, the COMPANY also processes the personal data of its corporate, private customers and supplier representatives. The Personal Data that is collected and processed by us contains the following information: - identification details such as name, surname, second name, personal code (national identification number, customer identification number), date of birth, taxpayer identification number; - contact details such as contact address for communication purposes, correspondence address, telephone number (e.g. landline and mobile number), e-mail address. Other data: video surveillance data, such as video recordings within the areas pertaining to the departments of the COMPANY. The COMPANY shall not process sensitive data relating to your health, nationality, religious or political beliefs, except as required by the applicable law or in specific cases where, for example, you disclose such data through the use of Services (for example, by indicating it in the payment information).

 

In what way does the COMPANY collect my Personal Data?

In principle, the COMPANY obtains Personal Data directly from the person to whom the data relates, for example, if you apply for the purchase of Services/Products, contact the COMPANY or provide your contact information to the COMPANY for any other reason. In some cases, the COMPANY collects Personal Data from other persons who are not data subjects, for example, when legal entities buy the Services/Goods of the COMPANY, which are received, transported or otherwise used by employees related to them. In such cases, the COMPANY requires the data subjects to be informed of the disclosure of their Personal Data to the COMPANY and of the purposes of processing such Personal Data. In addition, in cases where you provide information about other data subjects, the COMPANY requires you to disclose the Privacy Policy of the COMPANY to such data subjects. The Personal Data may also be provided by the COMPANY to third parties at the request of the potential client. The COMPANY may also receive Personal Data by signing various contracts where the other contracting party or the representative of the contracting party may not be the Customer (e.g. a mortgage contract, a guarantee agreement, an agreement concluded with a legal entity by specifying the details of the contact persons or representatives). All the departments of the COMPANY shall have access to the Personal Data disclosed to the COMPANY in so far as such access is necessary for administrative purposes or in the legitimate interests of the COMPANY. We obtain your Personal Data from other external sources, such as credit history research (credit information) agencies, public and private registers, other companies and public authorities, if it is in our legitimate interests or in the cases where it is required by the applicable laws and regulations.

 

Why does the COMPANY compile and process my Personal Data?

Your Personal Data is needed by the COMPANY to enable us to sell Services/Products to you. We will always need certain Personal Data regardless of your chosen Service/Product, such as your identification data or contact information. However, some Services will require additional information due to their nature. For example, for the purposes of a loan or purchasing an item with post-payment terms, we will need information about your income, as well as your liabilities. If you have liabilities to the COMPANY that are secured by a mortgage as a result of a mutual agreement, we will need information about the property, including its insurance. The COMPANY will request and receive most of the data from you, however some of the data will be collected by the COMPANY from other sources, such as AS "Kredītinformācijas birojs".

 

Does the COMPANY use cookies?

Yes, the COMPANY uses cookies, which are small text files that are stored on a computer, smartphone or other devices to improve the functionality of the site and the user experience. Cookies are small files that are sent by the websites you visit to the end device of the website’s visitor (such as a computer, mobile phone). Cookies are stored in the file directory of a web browser (such as Internet Explorer, Firefox) on the hard drive of the website visitor's end device. The next time a visitor of a website visits the same website, the Internet browser reads the cookie and returns the information to the website or element that set up the cookie originally. Cookies do not in any way pose a risk to the computer of a website’s visitor.

 

What cookies does the COMPANY use?

Websites use the following types of cookies to improve the functionality of websites and to make it easier to use the websites:

  • Session cookies: These are temporary cookies that are stored only for as long as the website’s visitor does not close the Internet browser after accessing the website. Session cookies help the website remember what visitors have chosen on the previous page, so that they wouldn’t need to re-enter the information.
  • Persistent cookies: These cookies are stored in the end device of the visitor of the COMPANY’s website in the form of a randomly created number. They identify the website’s visitor as a unique user, and when the visitor returns to the website, they help to remember the visitor’s information and the activities that the visitor of the website has done in the past. The length of time a cookie remains on the device of the website's visitor will depend on the type of cookie.
  • Tracking cookies: These cookies are used by the COMPANY to gather statistical information on the structure of the website’s viewing.
  • Third-party cookies: The COMPANY uses third-party cookies, such as cookies provided by Google, to serve advertisements and to optimize marketing communications. Third-party advertisers use cookies stored in the end device to evaluate the effectiveness of the ad and to personalize the content of the ad displayed to the visitor of the website. Information collected by third-party advertisers may include data such as geographic location data (derived from an IP address).

 

How do I limit the storage of cookies or remove cookies from the end device?

Cookies used by the COMPANY do not contain personal data of the website’s visitor and cannot be used to identify the personality of the website’s visitor. However, if a visitor of the website wants to restrict (disallow) the storage of cookies in his or her end device or to delete cookies already stored on it, this can be done using their Internet browser settings.

 

II. Advertising and direct marketing

 

Who receives the COMPANY’s ads and direct marketing communications?

Our advertising and direct marketing messages (such as those relating to our Services/Products and related campaigns) are sent to Customers who have agreed to receive direct marketing and promotional offers from the COMPANY. Such Customers receive COMPANY’s offers and direct marketing messages via the selected communication channels. The COMPANY may offer its Services to existing Customers on the basis of legitimate interests.

 

How can I give my consent to receive advertisements and direct marketing announcements?

Customers can give their consent to receive advertisements and direct marketing messages by signing a direct marketing consent form or requesting direct marketing messages within the framework of a contract concluded with us. Customers who already receive direct marketing messages from us will continue to receive such messages also after the entry into force of GDPR.

 

What kind of advertising and direct marketing activity does the COMPANY do?

The COMPANY sends out offers and direct marketing messages. Services and products can also be advertised in a variety of customer events organised by the COMPANY.

 

May I object to the use of my Personal Data for direct marketing purposes?

Customers are entitled to object free of charge at any time to the processing of their Personal Data for direct marketing purposes. To enforce such rights, please contact the COMPANY’s department whose direct marketing materials you no longer want to receive. Customers can opt out of receiving our offer, as well as any other advertising and direct marketing messages by using the link indicated in the email message or by following other clues in the direct marketing message.

 

III. Personal Data Protection

 

Who can access my Personal Data?

Your Personal Data can only be accessed within the COMPANY by those persons who are allowed to access it. If the processing of Personal Data is carried out by third parties on behalf of the COMPANY, the COMPANY may attract only such third parties who provide sufficient guarantees for the implementation of technical and organisational measures to ensure that the data processing complies with the requirements set out in the applicable laws and regulations, and that the protection of your rights is secured. The processing operations which are carried out by the data processors (third parties) shall at all times be governed by the Privacy and Data Processing Agreement or by other specific provisions agreed between the COMPANY and such data processor.

 

In what way does the COMPANY protect my Personal Data?

In order to protect your Personal Data from unauthorised access, unlawful processing or disclosure, accidental loss, modification or destruction, we take appropriate measures to meet the requirements of the applicable laws and regulations. Such measures include technical measures, such as the selection and configuration of appropriate computer systems, ensuring the security of the relevant connections, data and file protection, as well as organisational measures such as limiting access to such systems, files and objects.

 

IV. Your rights with regard to the processing of Personal Data

 

What rights do I have?

The COMPANY wants to ensure that the processing of Personal Data is proportionate, fair, lawful and transparent, and that all the rights of persons arising from the applicable laws and regulations are always implementable. In particular, you have the right to access your Personal Data, which are processed by the COMPANY. Upon your request, the COMPANY shall confirm whether Personal Data relating to you is being processed, and provide information on the purposes of Data Processing, Personal Data categories and Personal Data recipients or categories of recipients to whom Personal Data has been disclosed; it shall inform you of the Personal Data that is being processed, as well as regarding the available information about its sources; it shall provide information regarding the logic of automated Personal Data processing in the case of automated decisions. You have the right to request corrections to inaccurate Personal Data. If the processing of Personal Data is based on consent, you have the right to withdraw such consent at any time, without it having any effect as to the legality of the processing carried out on the basis of the consent given prior to the withdrawal of the consent. You are entitled to receive the Processed Personal Data in a structured, widely used and machine-readable format and, under certain circumstances, have the right to send the Personal Data to another Data Controller. Under certain circumstances, you have the right to request the deletion or restriction of your Personal Data. You have the right to object to the processing of Personal Data for certain purposes and under certain conditions. You also have the right to lodge a complaint with the supervisory authority - the Data State Inspectorate of Latvia.

 

V. For how long does the COMPANY keep Personal Data?

 

Personal Data shall be stored in accordance with the applicable laws and regulations and for no longer than necessary. The period of retention of Personal Data shall be determined by the COMPANY and shall be subject to the relevant agreement and the basis for the processing of Personal Data. Personal Data obtained by video surveillance are stored by the COMPANY for a time period of up to ten days after which they are automatically deleted.

 

VI. Profiling and automated decision-making

 

What is profiling?

Profiling is the process of segmenting Customers by assessing the personal aspects related to the physical person in order to apply an appropriate model of services, customized marketing offers.

 

Does the COMPANY use profiling?

The COMPANY does not use profiling.


VII. Video surveillance

 

Does the COMPANY carry out video surveillance?

The COMPANY carries out video surveillance in its departments aimed at preventing or detecting criminal offences related to the protection of property and the protection of vital interests of persons, including their life and health. The legal basis for video surveillance is Section 6, Paragraph one, Sub-clause (f) of GDPR: processing is necessary to observe the legitimate interests of the Data Controller or third parties.


VIII. Final provisions

 

This Privacy Policy is not a legally binding agreement between the COMPANY and the Customer; these are the COMPANY’s Personal Data Protection Guidelines. As the COMPANY continually improves and develops the services and website of the COMPANY, the COMPANY may occasionally make changes to the Privacy Policy. The COMPANY will not diminish your rights as a result of such changes. In the event of major changes, and if the COMPANY considers it to be binding, the COMPANY will notify you of the changes no later than 1 (one) month before they enter into force through the COMPANY's website, postal services, email or any other form of communication chosen by the COMPANY. The privacy policy is also available upon request at the COMPANY’s branches. Do you have any questions? If you have any questions or concerns regarding the processing of your personal data by the COMPANY or if you would like to exercise any of your rights, we encourage you to contact us by phone, email or in writing.

Do you have any questions and would like us to call you back?
Leave your phone number and we will call you back during business hours: