Privacy Policy

Privacy Policy

1. General provisions.

1.1. This privacy policy describes how SIA ELAIR Jelgava, Miezites Road 20A REGI NR:40203265747(hereafter also referred to as “data controller”) obtains, processes and stores personal data obtained by WWW.ELAIR.LV from its customers and persons visiting the Internet homepage (hereafter referred to as “data subject” or “you”).

1.2. Personal data means any information relating to an identified or identifiable natural person, t.i., a data subject. Processing is any activity related to personal data, such as acquisition, recording, conversion, use, viewing, deletion, or destruction.

1.3. The data controller shall comply with the principles of data processing laid down in legislation and shall be able to confirm that personal data are processed in accordance with the applicable legislation.

2. Acquisition, processing and storage of personal data.

2.1. Personally identifiable information is obtained, processed and stored by the data controller, mainly through an online store site and email.

2.2. By visiting and using the services provided in the online store, you agree that any information provided is used and managed in accordance with the objectives set out in the privacy policy.

2.3. The data subject shall be responsible for ensuring that the personal data submitted are accurate, accurate and complete. Knowingly providing misinformation is considered a violation of our privacy policy. The data subject shall be obliged to notify the data controller without delay of any changes to the personal data submitted.

2.4. The data controller shall not be liable for losses caused to the data subject or third parties if they are caused by false submission of personal data.

3. Processing of customer personal data

3.1. The controller may process the following personal data:

3.1.1. Given name, surname
3.1.2. Date of birth
3.1.3. Contact information (e-mail address and/or telephone number)
3.1.4. Transaction data (goods purchased, delivery address, price, payment information, etc.).
3.1.5. Any other information submitted to us at the time of purchase of the services and items offered by the site or in contact with us.

3.2. In addition to the above, the data controller shall have the right to verify the accuracy of the data submitted through publicly available registers.

3.3. The legal basis for the processing of personal data is Article 6(1)(a), (b), (c) and (f) of the General data Protection Regulation:

(a) the data subject has consented to the processing of his personal data for one or more specific purposes;

(b) the processing is necessary for the performance of the contract to which the data subject is a party or for the taking of measures at the request of the data subject before the conclusion of the contract;

(c) the processing is necessary to fulfil a legal obligation relating to the controller;

(f) processing is necessary to respect the legitimate interests of the controller or of a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data outweigh those interests, in particular where the data subject is a child.

3.4. The controller shall store and process the personal data of the data subject as long as at least one of the following criteria exists:

3.4.1. Personal data are necessary for the purposes for which they have been received;
3.4.2. While, in accordance with the procedures laid down in external laws and regulations, the data controller and/or data subject may exercise his or her legitimate interests, such as lodging objections or bringing or bringing legal proceedings;
3.4.3. As long as there is a legal obligation to store data, such as under the Accounting Act;
3.4.4. Pending the consent of the data subject to the processing of the personal data concerned, where there is no other legitimate basis for the processing of personal data.

At the end of the circumstances referred to in this paragraph, the retention period of the personal data of the data subject shall also expire and all relevant personal data shall be permanently deleted from the computer systems and electronic and/or paper documents containing the personal data concerned or those documents shall be anonymised.

3.5. In order to fulfil its obligations towards you, the controller has the right to transfer your personal data to collaborators, data controllers who process the necessary data on our behalf, such as accountants, courier services, etc. The controller is the controller of the personal data. Payment processing is provided by the payment platform SEB, so our company passes on the personal data necessary to execute payments to the platform owner SEB AS.
Upon request, we may transfer your personal data to state and law enforcement to defend our legal interests, if necessary, by composing, filing and defending legal claims.

3.6. When processing and storing personal data, the controller shall implement organisational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure and any other unlawful processing.

4. Rights of the data subject

4.1. Under the General data Protection Regulation and the laws of the Republic of Latvia, you have the right to:
4.1.1. Access, receive information about the processing of personal data, and request a copy of your personal data in electronic form and the right to transfer such data to another controller (data portability);
4.1.2. Require the correction of incorrect, inaccurate or incomplete personal data;
4.1.3. Delete their personal data (“be forgotten”), except where the law requires the retention of data;
4.1.4. Withdraw its prior consent to the processing of personal data;
4.1.5. Limit the processing of your data – the right to request that we temporarily stop processing all your personal data altogether;
4.1.6. Refer to the data State Inspectorate

5. Final provisions

5.1. This privacy policy has been developed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General data Protection Regulation) and the laws in force in the Republic of Latvia and the European Union.

5.2. The data controller shall have the right to make changes or additions to the privacy policy at any time and without notice. Corrections shall come into force after their publication on the website WWW.ELAIR.LV.