“Lana S” Ltd.
Address: Krumu Street 11/13, Liepāja, LV-3405
“Lana S” Ltd. hereinafter referred to as – Controller), on the website www.lanas.lv (hereinafter - the Site) shall process such personal data obtained from the data subject - the User of the Website (hereinafter - the User). The controller shall take care of the User's privacy and protection of personal data, shall respect the User's right to the lawfulness of personal data processing in accordance with applicable law - Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 the free movement(Regulation) and other applicable legislation on privacy and data processing.
The Controller reserves the right to change these terms at any time. It is the responsibility of the visitor of the Site to independently check the content of the Site for any changes to the Terms.
2. Identity and contact details of the controller
The controller is “Lana S" Ltd., Reg.No. 52103033781. The address of the controller is Krumu Street 11/13, Liepāja, LV-3405, website – www.lanas.lv, e-mail - firstname.lastname@example.org, telephone – +371 28 224 823.
3. Purposes of the processing of personal data as well as the legal basis for the processing
If the User submits personal data to the Controller, by telephone, via the Site's contact forms, email or other form of mail, we retain and use that information to execute or enter into a relevant service agreement, including customer identification; preparation and conclusion of the contract; provision of services (to fulfill contractual obligations); customer service; consideration and processing of objections; building customer loyalty; administration of payments and settlements; debt recovery and recovery; proof of facts, website maintenance and performance improvement; business planning and analytics; planning and accounting. We will also process these data for the purpose of providing information to public authorities and investigators in the cases and to the extent required by external laws and regulations.
The legal basis for data processing is the conclusion and performance of the contract, the enforcement of laws and regulations, in accordance with the Customer's data subject consent, our legitimate interests (eg verifying the Customer's identity prior to entering into delivery efficiency, etc.
4. Categories of personal data
Categories of personal data - name, surname, personal code, e-mail or postal address, IP address, telephone number, message content, etc.
5. The categories of recipients of the personal data
The data is disclosed to those Controller employees who need it for the direct performance of their duties in order to execute or conclude the relevant service contract. For the collection and use of personal data, we partially use the services of external service providers who, in accordance with the contract, strictly follow our instructions and who are under our constant control before using the service.
6. Categories of data subjects
Categories of data subjects - existing, past and potential clients of the Controller as well as other persons expressing a wish to contact the Controller.
7. Data transfer outside Latvia
The data received is not intended to be transferred outside Latvia, the European Union or the European Economic Area, nor will it be transferred to any international organization. At the same time, given that the Site is affiliated with Google and Facebook, the Controller cannot guarantee that these companies will not transfer data outside the European Union or the European Economic Area.
8. Duration of data storage
We process and store the User's personal data as long as there is a legal obligation for either party to retain the data. After these circumstances cease, and unless otherwise stated in our data protection instructions, we delete personal data at the latest three months after the original reason for retaining the data has ceased to exist unless we are legally obliged to continue to store such data (for example, but not limited to accounting or litigation purposes).
9. Access to personal data by the data subject
The data subject shall have the right of access to the personal data of the data subject within one month of the request being made. The User may submit a request for the exercise of his / her rights in person, by writing to the legal address of the Controller (presenting his / her identity document), by post, or by e-mail with a secure electronic signature; Upon receipt of the User's request for the exercise of their rights, the Controller shall verify the User's identity, evaluate the request and execute it in accordance with the laws and regulations.
The User shall have the right to receive statutory information regarding the processing of his / her data, the right to request access to his / her personal data, and to request the Controller to add, correct or delete it, to limit processing or to object (conclusion or performance of contracts). The data subject shall not be entitled to receive information if such disclosure is prohibited by national law, national defense, public security, criminal law, or for the purpose of ensuring public finance interests in tax matters or the supervision and macroeconomic analysis of financial market participants.
10. Cookies processing
The Site collects data about the visitors, enabling the Site host to evaluate the usefulness of the Site and how it could be improved. The Controller is constantly improving the Site with the aim of improving its use, so the Controller needs to know what information is important to visitors of the Site, how often they visit this Site, what devices and browser they use, what region they come from, and what content they read best.
The Controller uses Google Analytics, which allows the Controller to analyze how visitors use the Site. You can find out how the Google Analytics Fundamentals work at the Google homepage https://support.google.com/analytics/answer/1012034?hl=enen&ref_topic=6157800. The Controller uses the collected data for its own legal interest in order to improve understanding of the needs of visitors of the Site and to improve the accessibility of the Controller's public information. A visitor may stop collecting data in Google Analytics at any time, as described at https://tools.google.com/dlpage/gaoptout/.
The server hosting the Site may record requests sent by the visitor (device used, browser, IP address, date and time accessed). The data referred to in this paragraph is used for technical purposes: to ensure the proper functioning and security of the Site and to investigate possible security incidents. The basis for collecting the data referred to in this paragraph is the Controller's legal interest in ensuring the technical availability and integrity of the Site.
Cookies are small files that are stored by the browser on the visitor's computer each time a visitor visits the Site, to the extent specified in the browser settings of the visitor's computer. Individual cookies are used to select and apply information and advertisements to the visitor based on the content the visitor has previously viewed, thus making the use of the Site simple, convenient and personalized for the visitor. More information about cookies, as well as deleting and managing cookies, can be found at www.aboutcookies.org.
The visitor may control and / or delete cookies of their choice. More information about this process is available here at www.aboutcookies.org. The visitor can delete all cookies on their computer and most browsers can be set to block cookies from being placed on the computer. The visitor may opt out of cookies in the browser menu or at https://tools.google.com/dlpage/gaoptout. To make the necessary settings, the visitor needs to familiarize themselves with the rules of their browser. In the case of cookie blocking, the visitor will have to manually adjust the settings each time they visit the Site, and some services and features may not work.
Only the Administrator responsible for analyzing such data may access statistics about visitors to the Site. Unless otherwise specified, cookies are stored for the duration of the activity for which they were collected and then deleted. In the event that the Controller's Site has a forum or comment option, then the Site will retain the IP address as well as data provided by the visitor himself. Cookies containing this data may be stored for one year for your convenience (so that you do not have to write again next time).
11. Third party websites
12. Right to lodge a complaint with the supervisory authority
The data subject has the right to lodge a complaint with the supervisory authority (Data State Inspectorate). Documents are accepted at the Data State Inspectorate by mail, electronic mail (documents signed with a secure electronic signature), and may be left at Blaumaņa Street 11/13, Riga, in the 1st floor mailbox. The Data State Inspectorate accepts e-mails received at the e-mail address: email@example.com.