Privacy Policy
1. General Provisions
1.1. This Privacy Policy describes how the self-employed person Vjačeslavs Sivjakovs, registration number 30058112206, address: Pumpuru iela 7, Dobele, Dobeles nov., LV-3701 (hereinafter referred to as the “Data Controller”), collects, processes, and stores personal data obtained from its customers and users of the website (hereinafter referred to as “Data Subject” or “You”).
1.2. Personal data refers to any information related to an identified or identifiable natural person (Data Subject). Processing refers to any activity involving personal data, such as collecting, recording, modifying, using, viewing, deleting, or destroying data.
1.3. The Data Controller follows the data processing principles set out in legislation and can confirm that personal data is processed in accordance with applicable legal requirements.
2. Collection, Processing, and Storage of Personal Data
2.1. Personally identifiable information is collected, processed, and stored primarily through the online store and email.
2.2. By visiting and using the services provided in the online store, you agree that any submitted information may be used and managed in accordance with the purposes described in this Privacy Policy.
2.3. The Data Subject is responsible for ensuring that the submitted personal data is accurate, precise, and complete. Knowingly providing false information is considered a violation of this Privacy Policy. The Data Subject is obliged to promptly notify the Data Controller of any changes in the submitted personal data.
2.4. The Data Controller is not liable for any damages caused to the Data Subject or third parties due to false personal data.
3. Processing of Customer Personal Data
3.1. The Data Controller may process the following personal data:
3.1.1 Full name
3.1.2. Contact information (email address and/or phone number)
3.1.3. Transaction details (purchased products, delivery address, price, payment information, etc.)
3.1.4. Any other information provided to us when using services or contacting us
3.1.5. Any other information submitted to us during the purchase of services and goods offered on the website or when communicating with us.
3.2. Additionally, the Data Controller has the right to verify the accuracy of the submitted data using publicly available registers.
3.3. The legal basis for personal data processing is Article 6(1) (a), (c), and (f) of the General Data Protection Regulation (GDPR): (a) The data subject has given consent to the processing of his or her personal data for one or more specific purposes; (c) Processing is necessary for compliance with a legal obligation to which the controller is subject; (f) Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.
3.4. The Data Controller stores and processes personal data as long as at least one of the following conditions applies:
3.4.1. The data is needed for the purposes for which it was collected;
3.4.2. The Data Controller or the Data Subject can exercise legitimate interests in accordance with applicable legal procedures (e.g., submit objections or file legal claims);
3.4.3. There is a legal obligation to store the data (e.g., in accordance with the Accounting Law);
3.4.4. Consent for the data processing is still valid and no other legal basis overrides it.
Once the above conditions no longer apply, personal data will be permanently deleted from all systems and physical documents or anonymized.
3.5. In order to fulfill its obligations to You, the Data Controller may transfer Your personal data to cooperation partners and data processors who perform necessary data processing on our behalf, such as accountants and courier service providers. A data processor processes personal data on behalf of the Data Controller. Payment processing is provided by the payment platform makecommerce.lv, therefore the personal data necessary for payment execution are transferred to the platform owner Maksekeskus AS.
Upon request, Your personal data may be transferred to state authorities and law enforcement institutions in order to protect our legal interests, including preparing, submitting, and defending legal claims.
3.6. The Data Controller implements organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, or any other unlawful processing.
4. Data Subject Rights
4.1. Under GDPR and Latvian law, you have the right to:
4.1.1. Access your personal data and receive information about processing, request an electronic copy, and request data transfer to another controller (data portability);
4.1.2. Request correction of inaccurate or incomplete data;
4.1.3. Request deletion of your data (“right to be forgotten”), unless legally required to retain it;
4.1.4. Withdraw previously given consent for data processing;
4.1.5. Restrict processing – temporarily stop all personal data processing;
File a complaint with the Data State Inspectorate (Datu valsts inspekcija).
To exercise your rights, request a form by emailing setesky@inbox.lv, which can be signed with a secure electronic signature.
5. Final Provisions
5.1. This Privacy Policy is prepared in accordance with EU Regulation 2016/679 (GDPR) and the current laws of the Republic of Latvia and the European Union.
5.2. The Data Controller reserves the right to change or update this Privacy Policy at any time without prior notice. Any changes take effect upon being published on the website www.setesky.lv.