Privacy policy

1. The purpose of this Privacy Policy (hereinafter – Privacy Policy) of SIA "IV-1", unified registration No. (hereinafter – Company or Controller) is to provide information to the natural person – data subject – regarding the purpose, legal basis, scope, protection, and term of processing of personal data at the time of data acquisition, when processing the data subject's personal data.

SIA "IV-1" transfers personal data necessary for payment processing to the authorized processor "Klix".

Personal Data Processing

2. The Company processes personal data for the following purposes: 
2.1. for providing and selling services; 
2.2. for client identification;
2.3. for contract preparation and conclusion; 
2.4. for contract performance;
2.5. for new service development;
2.6. for advertising and distributing services, i.e., for commercial purposes;
2.7. for customer service;
2.8. for reviewing objections or claims;
2.9. for payment administration;
2.10. for debt recovery and collection; 
2.11. for website and mobile application maintenance and improvement;
2.12. for business planning and analytics;
2.13. for client safety and company property protection; 
2.14. for other specific purposes.
3. The Company may also process data for other purposes compatible with the initial purpose, ensuring appropriate data subject rights.

Legal Basis for Personal Data Processing

4. The Company primarily processes Client's personal data based on the following legal grounds: 
4.1. for concluding and performing a contract – to conclude a contract based on the Client's application and ensure its performance (a verbal agreement on purchasing a service is also understood as a contract);
4.2. for compliance with legal obligations – to fulfill an obligation stipulated in external regulatory acts binding on the Company;
4.3. with the data subject's consent;
4.4. for legitimate interests – to realize legitimate (lawful) interests arising from the existing obligations or a concluded contract between the Company and the Client, or other legitimate (lawful) interests of the Company or a third party.
5. The Company's legitimate interests are:
5.1. to conduct commercial activities;
5.2. to verify the Client's identity before providing certain services;
5.3. to ensure the performance of contractual obligations;
5.4. to retain Client applications and requests for service provision;
5.5. to develop and improve services;
5.6. to advertise its services by sending commercial communications;
5.7. to send other messages regarding the progress of contract performance and events crucial to contract performance, as well as to conduct Client surveys about services and their usage experience; 
5.8. to prevent fraudulent activities against the company;
5.9. to ensure corporate governance, financial and business accounting, and analytics;
5.10. to ensure efficient company management processes; 
5.11. to ensure and improve service quality; 
5.12. to administer payments;
5.13. to inform the public about its activities.

Personal Data Protection

6. The Company protects Client data using modern technological capabilities, considering existing privacy risks and the Company's reasonably available organizational, financial, and technical resources, including the use of the following security measures: 
6.1. firewalls;
6.2. intrusion prevention and detection programs;
6.3. other protective measures in accordance with current technical development capabilities.
7. Technological and organizational measures for the protection of information (including personal data) are stipulated in the Company's internal regulatory acts governing information security and information systems.

Personal Data Disclosure

8. The Company does not disclose Client's personal data or any information obtained during the provision of services and the term of the contract, including information about received goods and services, to third parties, except:
8.1. in accordance with the Client's clear and unambiguous consent;
8.2. by engaging a personal data processor in accordance with a concluded contract for personal data processing;
8.3. in accordance with the legitimate interests of the Company or a third party (to whom the data will be transferred), ensuring a balance with the rights and interests of the data subject, to persons stipulated in external regulatory acts upon their justified request, in the manner and scope specified in external regulatory acts;
8.4. in cases stipulated by external regulatory acts for the protection of the Company's legitimate interests, for example, by appealing to a court or other state institutions against a person who has infringed the Company's legitimate interests.

Personal Data Transfer

9. The Company does not transfer personal data to third parties, except insofar as it is necessary for the reasonable conduct of commercial activities, ensuring that the respective third parties maintain the confidentiality of personal data and ensure appropriate protection.
10. The Company has the right to transfer personal data to the Company's suppliers, subcontractors, strategic partners, and others who assist the Company and its Clients in conducting commercial activities to implement the respective cooperation. However, in such cases, the Company requires data recipients to undertake to use the received information only for the purposes for which the data was transferred and in accordance with the requirements of applicable regulatory acts.

Personal Data Processing Territory

11. Personal data is processed within the European Union/European Economic Area (EU/EEA), however, in individual cases, it may be transferred to and processed in countries outside the EU/EEA.
12. Transfer and processing of personal data outside the EU/EEA may occur if there is a legal basis for it, namely, to fulfill a legal obligation, conclude or perform a contract, or with the data subject's consent, and appropriate security measures have been taken. Appropriate security measures include, for example:
12.1. an agreement has been concluded, including standard contractual clauses of the EU or other approved rules, code of conduct, certification, etc., approved in accordance with the Regulation;
12.2. in the non-EU/EEA country where the recipient is located, an adequate level of data protection is ensured in accordance with the EU Commission's decision.

Personal Data Storage

13. The Company determines personal data retention periods, observing the following criteria:
13.1 personal data are stored at least as long as they are necessary to achieve the purpose of their processing;
13.2. personal data are stored at least for the retention periods specified in legal acts;
13.3. personal data are stored at least as long as someone can raise legal claims and/or initiate litigation against the Company to ensure the preservation of evidence.
14. After the aforementioned circumstances cease, the Client's personal data is deleted or anonymized.

Data Subject Rights

15. The Client has the right to receive information regarding the processing of their data as stipulated in regulatory acts.
16. In accordance with regulatory acts, the Client has the right to request access to their personal data from the Company, request the Company to supplement, rectify, erase, or restrict processing in relation to the Client, object to processing (including objecting to personal data processing carried out based on the Company's legitimate interests), as well as the right to data portability. These rights are exercised observing the restrictions specified in regulatory acts.
17. The Client can submit a request for the exercise of their rights in the following ways:
17.1. in writing to the Company's actual address: "Leduži", Bārbeles pag., Bauskas nov., LV-3905 or by using postal services;
17.2. via email, signed with a secure electronic signature and sent to the email address: info@ugunsakmens.lv.
18. Upon receiving the Client's request for the exercise of their rights, the Company verifies the Client's identity, evaluates the request, and fulfills it in accordance with regulatory acts.
19. The Company provides the response to the Client in a secure manner, verifying their identity.
20. The scope of information provided to data subjects may be limited to prevent adverse effects on the rights and freedoms of other persons (including Company employees, other data subjects).
21. The Company undertakes to ensure the accuracy of personal data and relies on its Clients, suppliers, and other third parties who transfer personal data to ensure the completeness and accuracy of the transferred personal data.

Client Consent to Data Processing and Right to Withdraw

22. The Client has the right to withdraw their consent given for data processing at any time in the same manner as it was given and/or by submitting a separate application. In such a case, further data processing based on the previously given consent for the specific purpose will no longer be performed. Withdrawal of consent does not affect data processing carried out at the time when the Client's consent was in force.
23. Withdrawal of consent cannot stop data processing performed based on other legal grounds.
24. The use of student photographs in informational materials, on the website, their public use on institution premises, or otherwise is permitted after the student's representative has been informed in accordance with Article 13 of the General Data Protection Regulation and no objections have been received regarding the use of photographs for the stated purpose.

Commercial Communications

25. The Company communicates commercial messages regarding the Company's and/or third-party services and other messages not directly related to the provision of the agreed services (e.g., customer surveys) in accordance with external regulatory acts or with the Client's consent.
26. The Company may communicate, including commercial messages, using automated calling or electronic communication equipment.
27. The Client gives consent for receiving commercial messages from the Company and/or its cooperation partners in writing, on the Company's website and mobile applications, or in another place where the Company organizes marketing activities.
28. The Client's given consent for receiving commercial messages is valid until its withdrawal (even after the termination of the service contract). The Client can refuse to receive further commercial messages at any time in one of the following ways:
28.1. by sending an email to: info@ugunsakmens.lv;
28.2. by calling the phone number: 25869044; 
28.3. by submitting a written application to the Company;
28.4. by using the automated option provided in the commercial message to unsubscribe from further messages, by clicking on the unsubscribe link at the end of the respective commercial message (email).
29. The Company stops sending commercial messages as soon as the Client's request is processed.
30. By expressing their opinion in surveys and leaving their contact information (email, phone), the Client agrees that the Company may contact them using the provided contact information in connection with the Client's feedback.
31. The Company may communicate, including commercial messages, using automated calling or electronic communication equipment.
32. The Client gives consent for receiving commercial messages from the Company and/or its cooperation partners in writing, on the Company's website and mobile applications, or in another place where the Company organizes marketing activities.
33. The Client's given consent for receiving commercial messages is valid until its withdrawal (even after the termination of the service contract). The Client can refuse to receive further commercial messages at any time in one of the following ways: 
33.1. by sending an email to: info@ugunsakmens.lv;
33.2. by calling the phone number: 25869044;
33.3. by submitting a written application to the Company;
33.4. by using the automated option provided in the commercial message to unsubscribe from further messages, by clicking on the unsubscribe link at the end of the respective commercial message (email).
34. The Company stops sending commercial messages as soon as the Client's request is processed.
35. By expressing their opinion in surveys and leaving their contact information (email, phone), the Client agrees that the Company may contact them using the provided contact information in connection with the Client's feedback.

Website Visits and Cookies

36. The Company's websites may use cookies, about which a notice is to be placed on the website.
37. Cookies are files that websites place on users' computers to recognize the user and facilitate their use of the site. Internet browsers can be configured to warn the Client about the use of cookies and allow the Client to choose whether they agree to accept them. Not accepting cookies will not prevent the Client from using the website, but it may limit the Client's ability to use the website.
38. The Company's website may contain links to third-party websites that have their own terms of use and personal data protection policies, for whose completeness the Company is not responsible.

About the Terms

39. This Privacy Policy may be reviewed and amended, about which the Company undertakes to inform data subjects as clearly and accessibly as possible.