top of page
uz augšu
Information on Auto26 personal data processing procedures (GDPR)
Please read the information below about how we, SIA AUTO 26, process personal data, namely, what is the purpose, amount, protection procedure and term of data processing.
General Information. GDPR - what is it?
The General Data Protection Regulation is the title of the Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the General Data Protection Regulation) (hereinafter the GDPR).
The aim of the GDPR is to protect the privacy of individuals in the European Union (EU) and to harmonize European national law. The Regulation was adopted by the European Parliament on 27 April 2016.
The GDPR does not prohibit the acquisition and processing of personal data, but sets out principles for the processing, storage and deletion of data.
In Latvia, the regulation will enter into force on 25 May 2018 and will replace the current Personal Data Protection Law.
The requirements of the GDPR apply to all companies, institutions and organizations that process personal data. They must be complied with not only by banks, but also by insurance companies, medical institutions, retailers and others.
The Regulation only applies to personal data. However, data on legal persons may also include data on individuals - for example, information on owners, board members, etc. In case a company has only one owner, then data on the company may also refer to the owner as an individual.
Manager and its contact information
-
The controller of personal data processing is SIA AUTO 26, registration No. 40103224935, legal address Mālpils iela 2, Sigulda, Siguldas novads, LV-2150.
-
Contact information for issues related to the processing of personal data is: guntars@auto26.lv Using this contact information or by contacting our legal address during working hours, you can ask questions about the processing of personal data. A request for the exercise of one's rights may be made in accordance with paragraph 24.
Scope of the document
-
Personal data is any information about an identified or identifiable natural person. Data such as: name, surname, personal identification code / ID, date of birth, passport No./ID number, address, telephone number, e-mail address, name, surname, e-mail address of the contact person of the client's legal entity are definitely considered to be Personal Data , telephone number, details of services received and placed by the customer, details of income and other data you have provided to us so that we can provide you with our services.
-
We apply these data processing procedures to ensure the protection of privacy and personal data in relation to:
- for natural persons - customers - users of our directly and indirectly provided services (including potential, former and current), as well as third parties who receive or transfer to us any information (including contact persons) in connection with the provision of services to a natural person (customer) , payers, etc.);
- visitors to our sales hall, office, service and other premises, including those for which video surveillance is performed;
- visitors to our website and mobile applications (hereinafter - Customers).
-
We care about the privacy of Customers and the protection of personal data, we respect the right of Customers to the lawfulness of the processing of personal data in accordance with applicable law - Personal Data Protection Law, Regulation 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data (Regulation) and other applicable privacy and data processing legislation.
-
The data processing procedure is applicable to data processing regardless of the form and / or environment in which the Customer provides personal data (website, mobile applications, paper format or telephone) and in which company systems or paper form they are processed.
-
With regard to specific types of data processing (eg cookie processing, etc.), environment, additional, specific rules may be set for purposes, of which the Customer is informed at the time he provides us with the relevant data.
Purposes of personal data processing
We process the personal data we receive for the following purposes:
-
For the provision of services and the sale of goods:
- customer identification;
- preparation and conclusion of the contract;
- supply of goods and provision of services (fulfillment of contractual obligations);
- guarantees for the fulfillment of obligations;
- improvement of goods and services, development of new goods and services; - promoting the use of services;
- advertising and distribution of services or for commercial purposes;
- customer service;
- examination and processing of objections;
- to increase customer loyalty, satisfaction measurements;
- settlement administration;
- creditworthiness assessment, credit monitoring;
- debt recovery and recovery;
- maintenance and improvement of websites and mobile applications.
-
For business planning and analytics:
- statistics and business analysis; - planning and accounting;
- for measuring efficiency;
- data quality assurance; - market research;- preparation of reports;
- for conducting customer surveys;
- within risk management activities. -
For the provision of information to public administration institutions and subjects of operational activities in the cases and to the extent specified in external regulatory enactments.
-
For other specific purposes, of which the Customer is informed at the time he provides us with the relevant data.
Legal basis for personal data processing
-
We process personal data on the following legal bases:
- for the conclusion and performance of the contract - to conclude the contract and ensure its performance;
- for the fulfillment of regulatory enactments - in order to fulfill the obligations specified in binding external regulatory enactments;
- in accordance with the consent of the Customer - data subject - for example, to receive information, news, offers;
- in the legitimate (legitimate) interests - to realize the legitimate (legitimate) interests arising from the obligations existing between us and the Client or the concluded agreement or the law.
-
Our legitimate (legitimate) interests are: to do business;
- provide services;
- to verify the Customer's identity before concluding the agreement;
- to ensure the fulfillment of contractual obligations;
- to prevent unreasonable financial risks for its business activities (incl., to perform credit risk assessment
- before the sale of goods and services and during the performance of the contract);
- to keep the Customer's applications and submissions regarding the purchase of goods and provision of services, other applications and submissions, notes on them, including those made orally by calling call centers, websites and in the self-service environment;
- analyze the operation of our website, website and mobile applications, develop and implement improvements;
- administer the Client's accounts on websites, websites and mobile applications, if any;
- perform actions for customer retention;
- to segment the customer database for more efficient provision of services;
- to design and develop goods and services;
- advertise your goods and services by sending commercial communications;
- to send other reports on the progress of the contract execution and events significant for the execution of the contract, as well as to conduct Customer surveys on goods and services and experience of their use (NPS);
- prevent fraud;
- provide corporate governance, financial and business accounting and analytics;
- to ensure efficient company management processes;
- to improve the efficiency of the provision of services and the sale and delivery of goods;
- to ensure and improve the quality of services;
- administer payments;
- administer outstanding payments;
- to apply to state administration and operational activities institutions and courts to protect their legal interests;
- to inform the public about its activities.
Processing of personal data
-
We process Customer data using the capabilities of modern technology, taking into account existing privacy risks and the organizational, financial and technical resources reasonably available to us.
-
In order to ensure the quality and operative fulfillment of the obligations entered into with the Customer, we may authorize our group companies, our cooperation partners to perform certain activities of delivery of goods or provision of services, such as delivery of goods, invoicing and the like. If, in performing these tasks, our group companies or partners process the Customer's personal data in our possession, the respective group companies or partners are considered to be our data processing operators (processors) and we have the right to transfer to our group companies and partners the necessary Customer's personal data to the extent necessary to perform these activities.
-
Our cooperation partners and our group companies (as a data controller) will ensure the fulfillment of personal data processing and protection requirements in accordance with legal requirements and legislation, and will not use personal data for purposes other than fulfilling the obligations of the agreement with the Customer on our behalf.
Protection of personal data
-
We protect Customer's data using the capabilities of modern technology, taking into account existing privacy risks and the organizational, financial and technical resources reasonably available to us, including the following security measures:
- data encryption when transmitting data (SSL encryption);
- firewalls;
- intrusion protection and detection programs;
- other protection measures in accordance with current technical development possibilities.
Categories of recipients of personal data
-
We do not disclose to third parties the Customer's personal data or any information obtained during the provision of services and the term of the agreement, including information about the services received, except:
- if the data must be transferred to the relevant third party within the concluded contract in order to perform any function necessary for the performance of the contract or delegated by law (for example, to the bank within settlement or provide services such as leasing, which the Customer is usually informed about in the relevant service contract);
- in accordance with the Client's explicit and unambiguous consent;
- to persons provided for in external regulatory enactments upon their justified request, in accordance with the procedures and to the extent specified in external regulatory enactments;
- in cases specified in external regulatory enactments, for the protection of our legitimate interests, for example, by applying to a court or other state institutions against a person who has violated these our legitimate interests.
Duration of personal data storage
-
We store and process the Customer's personal data as long as at least one of the following criteria exists:
- only as long as the agreement concluded with the Client is valid;
- while we or the Client may realize their legitimate interests in accordance with the procedures specified in external regulatory enactments (for example, to submit objections or to bring or bring a claim to court);
- as long as one of the parties has a legal obligation to retain the data;
- as long as the Customer's consent to the relevant personal data processing is valid, if there is no other legal basis for data processing.
After the circumstances referred to in the previous paragraph cease, the Customer's personal data shall be deleted.
Access to personal data and other rights of the Customer
-
The customer has the right to receive the information specified in regulatory enactments in connection with the processing of his data and to ascertain the correctness of his data and to correct them.
-
In accordance with regulatory enactments, the Customer also has the right to request access to our personal data, as well as to request their addition, correction or deletion, or restriction of processing in relation to the Customer, or the right to object to processing (including processing of personal data based on our legitimate (legitimate) interests) as well as the right to data portability. This right shall be exercised in so far as the processing of data does not result from our obligations under applicable laws and regulations which are performed in the public interest.
-
The Client may submit a request for the exercise of his rights:
- in writing in person at our office at the registered office, presenting an identity document;
- in the form of electronic mail, signed with a secure electronic signature;
-
Upon receipt of the Client's request for the exercise of our rights, we verify the Client's identity, evaluate the request and execute it in accordance with regulatory enactments.
-
We will send the answer to the Customer by post to the contact address indicated by him in a registered letter or, if possible, taking into account the method of receiving the answer indicated by the Customer.
-
We ensure the fulfillment of data processing and protection requirements in accordance with regulatory enactments and in case of the Customer's objections, we take useful actions to resolve the objections. However, if this fails, the Customer has the right to apply to the supervisory authority - the Data State Inspectorate.
Customer's consent to data processing and the right to withdraw it
-
The customer may consent to the processing of personal data based on consent (eg analysis of service usage data, customized advertising, etc.) on service application forms, our service portals / applications, our or other websites (eg newsletter registration forms). ), in person or by giving written consent to the signing of the contract.
-
The Customer has the right to revoke the consent to the processing of data at any time in the same way as it was given or in another convenient and unambiguous way, in which case further data processing based on the previously given consent for the specific purpose will no longer be performed.
-
Withdrawal of consent does not affect data processing performed at the time when the Customer's consent was valid.
-
Withdrawal of consent may not interrupt the processing of data on other legal grounds.
Communication with the Client
-
We communicate with the Customer using the contact information provided by the Customer (telephone number, e-mail address, postal address, self-service accounts, as well as using application notifications (notifications)).
-
We communicate about the fulfillment of the contractual obligations of the services on the basis of the concluded contract (for example, about the receipt and performance of the service or ordering the goods, information about invoices and payment terms, changes in services, etc.).
Commercial communications
-
We communicate commercial communications about our and / or third party services and other communications not directly related to the provision of the contracted services (such as customer surveys) in accordance with external regulations or with the Customer's consent.
-
The Customer may consent to the receipt of commercial communications from us and / or our business partners on service application forms, our service portals / applications, our or other websites (eg newsletter registration forms), in person or by giving written consent to the signing of the agreement.
-
The Customer's consent to receive commercial communications is valid until revoked (also after the termination of the service agreement). The customer may at any time opt out of further commercial communications in one of the following ways:
- by sending an e-mail to the address info@auto26.lv;
- in person at our office;
- changing the settings for receiving notifications to devices;
- using the automated opt-out option provided in the commercial communication by clicking on the opt-out indication at the end of the relevant commercial communication (e-mail).
-
We will stop sending commercial communications as soon as the Customer's request is processed. The processing of the request depends on the technological possibilities, which can be up to three days.
-
By expressing his opinion in surveys and leaving his contact information (e-mail, telephone), the Customer agrees that Lattelecom may contact him using the contact information provided in connection with the Customer's assessment.
Website visits and cookie handling
-
Our websites may use cookies. Cookie handling rules are stipulated separately.
-
Our website may contain links to third-party websites that have their own terms of use and personal data protection for which we are not responsible.
Different rules
-
We have the right to make additions to the procedure of personal data processing, making the current version available to the Customer by placing it on our website.
-
We definitely keep the data processing procedures of the previous versions and they will be available on our website.
bottom of page