Privacy policy

FLOWER SHOP PRIVACY POLICY

PERSONAL DATA PROCESSING RULES

1. Purpose

The purpose of the privacy policy is to provide a natural person - data subject, with information on the purpose, scope, protection, term of processing and rights of the data subject during the acquisition of personal data, as well as when processing the personal data of the data subject.

This Privacy Policy, hereinafter referred to as the Policy, generally describes the procedure by which Emils Bernans, Personal Identification Code: 070577-10604, hereinafter referred to as the Company, processes personal data as a Data Controller.

By providing personal data to the Manager, the Person is aware and unambiguously agrees that the Manager processes the Personal Data in accordance with this Privacy Policy and the laws and regulations in force in the Republic of Latvia and the relevant legal acts of the European Union.

2. Personal data controller and his contact information

Manager - Emīls Bernans, Personal code: 070577-10604, Address: Misas iela 38, Rīga, LV-1058. phone +371 20523707, e-mail: birojs@violet.lv.

Company contact information birojs@violet.lv with the note “Data protection specialist”. The company's contact information is also available on the website: https://violet.lv/en/contact-us

The Partner may contact the Company regarding personal data processing issues, withdrawal of consent, requests, exercise of data subjects' rights and complaints about the use of personal data.

3. Scope of application of the document

The Privacy Policy applies to ensuring the protection of privacy and personal data with respect to:

For natural persons - representatives of the Company's customers, suppliers or partners, including potential, former and current, whose Personal Data is processed by the Company;
Visitors to the Company's offices and other premises, including those subject to video surveillance;
Visitors to the company's website.
Partner is any natural and legal person, their representatives and employees who uses, has used, or has expressed a desire to use any goods and / or services provided by the Company or is in any other way related to them or provides or intends to provide goods and / or services To the public or is in any other way connected with them;

Personal data is any information that relates or could relate to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as his name, identification number, location data, online identifier or one or more physical, physiological, genetic, factors of spiritual, economic, cultural or social identity.

The policy applies to data processing regardless of the form and / or environment in which the Partner provides personal data (paper, electronic or telephone) and in which company systems or paper form it is processed.

The Company takes care of the Partner's privacy and protection of personal data, respects the Partners' right to the lawfulness of personal data processing in accordance with applicable law - Personal Data Protection Law, Regulation 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data (Regulation) and other applicable privacy and data processing legislation.

With regard to specific types of data processing (eg cookie processing, etc.), environment, additional, specific rules may be laid down for purposes, of which the Partner is informed at the time he provides the relevant data to the Company.

When processing personal data, the Company ensures the confidentiality of personal data and implements appropriate technical and organizational measures to protect personal data from unauthorized access, unlawful processing or disclosure, accidental loss, alteration or destruction.

This Policy applies to any natural person (data subject) whose personal data is processed.

The Company may use personal data processors for the processing of personal data. In such cases, the Company shall take the necessary measures to ensure that such processors process personal data in accordance with the Company's instructions and in accordance with applicable laws and regulations and require appropriate security measures to be taken.

The Company has the right to make additions to the Policy by making the current version available to the Partners by placing it on the Company's website https://violet.lv.

4. Categories of personal data

Identification data, eg name, surname, personal identification number, date of birth (for non-residents);
Contact information, such as address, telephone number, e-mail address;
Information on current accounts;
Data related to services, such as performance or non-performance of contracts, transactions performed, concluded and expired contracts, submitted applications, requests and complaints;
Communication data, such as e-mail, letter or other information related to the Partner's communication with the Company;
Data that the Partner himself communicates to the Company;
Video surveillance recordings and images;
Photographs, for example, of corporate events;
Data provided by the Company's Partners to the Company for the purpose of publication in advertisements, announcements, etc.
5.Purposes of personal data processing

The company processes personal data for the following purposes:

(a) For the provision of services and the sale of goods:

To identify the Customer or another Partner and to prepare, receive and process the offer;
Preparation and conclusion, supplementation, switching and termination of the Agreement;
Customer service;
For the supply of goods and the installation and provision of services (fulfillment of contractual obligations);
Informing customers about the Company's products and services;
Provision / maintenance of services;
Guarantees for the fulfillment of obligations;
Creating and bidding on new products;
To improve products and services, to develop new goods and services;
For marketing purposes: advertising of products and the Company, distribution of products or for commercial purposes;
Opposition review and processing;
Measuring customer satisfaction, customer retention, building loyalty;
For conducting market and public opinion research;
For the administration of payments and settlements;
Creditworthiness assessment, credit monitoring;
Debt recovery and recovery;
Website maintenance and performance improvement;
To promote the use of the Service;
For reviewing customer complaints and providing support.
b) For business planning and analytics:

Statistics, accounting and business analysis;
Planning and accounting;
For measuring efficiency;
Data quality assurance;
For conducting market and public opinion research;
Preparation of reports;
For conducting customer surveys;
Within risk management activities.
c) For the provision of information to public administration institutions and subjects of operational activities in the cases and to the extent specified in external regulatory enactments.

d) For other specific purposes, of which the client or other partner is informed at the time he provides the relevant data to the Company.

6. Legal basis of personal data processing

The Company processes the Partner's personal data on the basis of the following legal bases:

Legal (legitimate) interests - to realize the legitimate (lawful) interests of the Company arising from the obligations existing between the Company and the Partner or the concluded agreement or the law;
For concluding and performing the Agreement - to enter into the Agreement and ensure its performance;
For the fulfillment of regulatory enactments - to fulfill the obligations specified in the external regulatory enactments binding on the Company;
Subject to the consent of the Partner - the data subject.
The legitimate (legitimate) interests of the society are:

Do business;
Check the identity of the Partner before concluding the contract and during servicing or cooperation - by phone, electronically or in person;
To ensure the fulfillment of contractual obligations;
Eliminate unreasonable financial and other risks for your business;
Save Partners' offers and Customer's applications for the purchase of products or services, other applications and submissions, notes on them, incl. those made electronically (by e-mail);
Advertise your products by sending commercial communications;
Send other reports on the progress of the contract execution and events important for the execution of the contract, as well as conduct customer surveys on the Company's products and service quality;
Inform about changes in the procedure, terms and price list for the provision of the service;
Inform Clients about news in the industry;
Prevent fraud;
To ensure efficient management processes of the Company, including the sale of the Company's products, provision of services and efficiency of supply, procurement organization;
To ensure and improve the quality of products and services;
To ensure the delivery of products;
Inform Partners about untimely payments or deliveries;
Send commercial communications and use other forms of communication;
Organize Customer Loyalty Programs and Events;
Address potential Partners;
Analyze the operation of the Company's website and Internet site, develop and implement their improvements, use cookies;
Apply to public administration and operational institutions and to the court to protect your legal interests.

7. Personal data processing and data protection

The Company processes the Partner's data using modern technology, taking into account the existing privacy risks and the Company's reasonably available organizational, financial and technical resources. The Company provides, constantly reviews and improves safeguards to protect the Partner's personal data from unauthorized access, accidental loss, disclosure or destruction.

In order to ensure the quality and operative fulfillment of the obligations of the agreement concluded with the Partner, the Company authorizes other companies, its cooperation partners, to provide product and material delivery services. If, in performing these tasks, the partners process the Partner's personal data held by the Company, the respective partners are considered to be the Company's data processing operators (processors) and the Company has the right to transfer to the partners the Partner's personal data necessary for these activities. performance.

The Company's cooperation partners (as a data controller) will ensure the fulfillment of personal data processing and protection requirements in accordance with the Company's requirements and legal acts, and will not use personal data for purposes other than fulfilling the obligations of the agreement with the Partner.

The Company carefully checks all partners - service providers (processors of personal data) who process the Partner's personal data on behalf and on behalf of the Company, as well as assesses whether cooperation partners (processors of personal data) apply appropriate security measures to process the Partner's personal data in accordance with the Company's delegation. and regulatory requirements. Cooperation partners are prohibited from processing the Partner's personal data for their own purposes.

The Company shall not be liable for any unauthorized access to and / or loss of personal data that is beyond the Company's control, such as through the fault and / or negligence of the Partner.

The Company guarantees the confidentiality and security of the Partner's data by taking appropriate technical and organizational measures, taking into account reasonably available organizational, financial and technical resources, ensuring the physical and environmental security of Personal Data, restricting access rights to Personal Data, encrypting Personal Data computer network, personal device protection, data backup, etc. safeguards, thus also ensuring the protection of the Partner's data against unauthorized access, use or disclosure.

8. Automated processing of personal data

The controller may perform automated processing of personal data, including profiling. The Partner has the right to contact the Manager for automated decision making and ask the Manager to make a decision involving an employee of the Manager.
The controller may use automated processing of personal data, incl. profiling, for its advertising purposes (see Clause 13 of the Policy). The Partner has the right to object to this type of profiling by notifying the Manager in writing.
9. Categories of recipients of personal data

The Company does not disclose to third parties the personal data of the Partner or any information obtained during the provision of services and the term of the agreement, except:

If the relevant third party has to transfer the data within the framework of the concluded agreement in order to perform any function necessary for the performance of the agreement or delegated by law (for example, to ensure the delivery of the Company's products to the Clients);
Sending mail to the Partner;
Subject to the consent of the Partner (see Clause 12 of the Policy);
To persons provided for in other regulatory enactments upon their justified request, in accordance with the procedures and to the extent specified in external regulatory enactments;
In other cases specified in regulatory enactments, for the protection of the legitimate interests of the Company, for example, by applying to a court or other state institutions against a person who has infringed the legitimate interests of this Company.
10. Access to personal data by third country entities

In certain cases, in compliance with the requirements of regulatory enactments, the Company's personal data is accessed by Partners located in third countries (i.e. countries outside the European Union and the European Economic Area) (within the meaning of the Regulation - transfer to third countries).

In such cases, the Company ensures the procedures specified in regulatory enactments to ensure a level of personal data processing and protection equivalent to that specified in the Regulation.

11. Duration of personal data storage

The Company stores and processes the Partner's personal data as long as at least one of the following criteria exists:

Only as long as the agreement with the Partner is valid;
As long as, in accordance with the procedures specified in external regulatory enactments, the Company or the Partner may exercise its legitimate interests (for example, submit objections or bring or bring an action in court);
As long as one of the parties has a legal obligation to retain the data;
As long as the Partner's consent to the relevant processing of personal data is valid, unless there is another legal basis for the processing.
After the above circumstances end, the Partner's personal data is deleted.

12. Access to personal data and other rights of the Partner

The partner has the right to receive the information specified in regulatory enactments in connection with the processing of his data.

The Partner also has the right, in accordance with regulatory enactments, to request the Company to access its personal data, as well as to request the Company to supplement, correct or delete them or restrict processing in relation to the Partner, or the right to object to processing (including processing of personal data performed on the basis of the Company's legitimate (legitimate) interests), as well as the right to data portability. This right shall be exercised insofar as the processing of data does not arise from the obligations of the Company imposed on it by the regulatory enactments in force and which are performed in the interests of the Company.

The partner may submit a request for the exercise of his rights:

in writing in person at the legal address of the Company, presenting an identity document;
in the form of electronic mail, signing with a secure electronic signature;
Upon receipt of the Partner's request for the exercise of its rights, the Company verifies the Partner's identity, evaluates the request and executes it in accordance with regulatory enactments.

The Company shall send the response to the Partner by post, to the contact address indicated by him - in a registered letter or, if possible, taking into account the type of response indicated by the Partner.

The Company ensures the fulfillment of data processing and protection requirements in accordance with regulatory enactments and in case of the Partner's objection, takes useful actions to resolve the objection. However, if this fails, the Partner has the right to apply to the supervisory authority - the Data State Inspectorate.

13. Partner's consent to data processing and the right to withdraw it

The Company assumes that the Company’s Partners, i. - customers, suppliers, partners, their representatives and / or employees (including existing, potential or former), initiating, continuing or renewing cooperation, or communication with the Company on possible, existing or former cooperation or other issues, by default consents to the processing of their personal data.

The Partner has the right to withdraw his consent and refuse the processing of Personal Data at any time. If the refusal has not been received, the Company is deemed to agree to the processing of its personal data.

The Partner may refuse data processing, mentioning a specific purpose of data processing (see Clause 4 of the Policy),

By sending an e-mail to VIOLET.LV e-mail address birojs@violet.lv and / or to the e-mail address of the sales representative, customer service or the employee of the Company from whom the communication was received so far;
In person, Emils Bernans, Personal identification code: 070577-10604, Address: Misas iela 38, Riga, LV-1058.
Withdrawal of consent does not affect the processing of data that took place while the Partner's consent was valid.

Withdrawal of consent may not interrupt the processing of data on other legal grounds.

If a refusal to process personal data has been received from the Partner, mentioning the purpose (s) of processing personal data that does not allow further cooperation based on legitimate (legitimate) interests, conclusion and performance of the agreement or enforcement, the Company has the right to limit or suspend its services and even stop cooperating.

14.Communication with Partners and Commercial Announcements

The Company communicates with the Partner using the contact information provided by the Partner (telephone number, e-mail address, legal address, postal address).

The Company communicates on the fulfillment of service contractual obligations on the basis of the concluded agreement or based on the application / order received by the Partner.

Communication on commercial communications - about the Company's and / or third party services and other communications not directly related to the provision of the agreed services (for example, customer surveys), the Company carries out in accordance with external regulations or with the consent of the Partner.

By expressing his opinion in surveys or leaving his contact information (e-mail, telephone), the Partner agrees that the Company may contact him using the contact information provided in connection with the assessment provided by the Partner.

The partner's consent to receive commercial communications is valid until revoked (also after the termination of the service contract).

The Company's Partner may at any time refuse to receive further commercial communications in any of the following ways (indicating the refusal of data processing for a specific purpose (see Clause 4 of the Policy):

By sending an e-mail to the address birojs@violet.lv and to the e-mail address of the sales representative, customer service or the employee of the Company from whom the communication was received so far;
In person at the registered office of the Company.
Withdrawal of consent does not affect the processing of data that took place while the Partner's consent was valid.

Withdrawal of consent may not interrupt the processing of data on other legal grounds.

15. Use of cookies

Cookies are detailed information that a website stores on a user's computer or mobile device when the user visits the website. It allows the server to collect information from the user's browser, so the user does not always have to re-enter data when he returns to the website or moves from one page to another. More information on how cookies work is available at www.cookiecentral.com.

The Company's website may use cookies to improve the quality of the services offered. The Company may use session cookies or persistent cookies to:

Recognize new or old Partners;
Remember Partner screen preferences;
Anonymously compile statistics on how and what products offered by the Company the Partner has searched for;
Collect reliable information on the use of the site to enable the Company to measure how well the site meets the needs of its users and to make any necessary improvements;
Analyze website traffic from specific geographic regions.
16. Changes in the Policy

This Policy is subject to change without notice. The latest version of the privacy policy, which is published on the website: https://violet.lv, replaces all previous versions of the privacy policy.

Approved: by order no. 5/18-GDPR on August 27, 2018