Enjoy free delivery across Latvia | Explore the full selection at Tērbatas 85, Riga
PRIVACY POLICY
1. General Provisions
1.1. This Privacy Policy describes how SIA VASKALA, Reg. No. 40103921441, legal address Tērbatas iela 85-1, Riga, LV-1001, Latvija (hereinafter also referred to as the "Data Controller") collects, processes, and stores personal data obtained by VASKALA Online store from its customers and individuals visiting the website (hereinafter referred to as the "Data Subject" or "You").
1.2. Personal data is any information relating to an identified or identifiable natural person, i.e., the Data Subject. Processing includes any action related to personal data, such as obtaining, recording, modifying, using, viewing, deleting, or destroying data.
1.3. The Data Controller complies with the data processing principles established by law and confirms that personal data is processed in accordance with applicable regulations.
2. Collection, Processing, and Storage of Personal Data
2.1. Personally identifiable information is collected, processed, and stored by the Data Controller primarily through the online store website and email.
2.2. By visiting and using the services provided by the online store, You agree that any information You provide will be used and managed according to the purposes set out in this Privacy Policy.
2.3. The Data Subject is responsible for ensuring that the personal data submitted is accurate, correct, and complete. Knowingly providing false information is considered a violation of this Privacy Policy. The Data Subject must promptly notify the Data Controller of any changes in submitted personal data.
2.4. The Data Controller is not responsible for any losses incurred by the Data Subject or third parties due to false personal data submissions.
3. Processing of Customer Personal Data
3.1. The Data Controller may process the following personal data:
-
Name, surname
-
Date of birth
-
Contact information (email address and/or phone number)
-
Transaction data (purchased products, delivery address, price, payment details, etc.)
-
Any other information provided to us when purchasing services and goods offered on the website or when contacting us.
3.2. In addition, the Data Controller has the right to verify the accuracy of the submitted data using publicly available registers.
3.3. The legal basis for processing personal data is Article 6(1)(a), (b), (c), and (f) of the General Data Protection Regulation (GDPR):
(a) The Data Subject has given consent for the processing of their personal data for one or more specific purposes;
(b) Processing is necessary for the performance of a contract to which the Data Subject is a party or to take steps at the request of the Data Subject prior to entering into a contract;
(c) Processing is necessary for compliance with a legal obligation to which the Controller is subject; (f) Processing is necessary for the legitimate interests of the Controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject requiring data protection, especially if the Data Subject is a child.
3.4. The Data Controller stores and processes the Data Subject's personal data as long as at least one of the following criteria applies:
3.4.1. The personal data is necessary for the purposes for which it was collected; 3.4.2. The Data Controller and/or the Data Subject can exercise their legitimate interests under applicable regulations, such as filing objections or initiating legal proceedings; 3.4.3. There is a legal obligation to retain data, such as under accounting laws; 3.4.4. The Data Subject's consent for the relevant personal data processing is still valid, provided no other legal basis for processing exists.
Once the conditions outlined in this section expire, the personal data retention period ends, and all related personal data is irreversibly deleted from computer systems and electronic and/or paper documents containing such data, or these documents are anonymized.
3.5. To fulfill obligations to You, the Data Controller has the right to share Your personal data with business partners and data processors who process the necessary data on our behalf, such as accountants, courier services, etc. The payment processing is handled by the payment platform makecommerce.lv and STRIPE, meaning our company provides the necessary payment execution data to Maksekeskus AS, the platform owner and Stripe's secure system.
Upon request, we may disclose your personal data to governmental and law enforcement agencies if necessary to defend our legal interests by filing, submitting, and defending legal claims.
3.6. When processing and storing personal data, the Data Controller implements organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, or any other unlawful processing.
4. Data Subject Rights
4.1. Under the General Data Protection Regulation and the laws of the Republic of Latvija, You have the right to:
4.1.1. Access Your personal data, receive information about its processing, and request an electronic copy of Your data, as well as transfer it to another Controller (data portability); 4.1.2. Request the correction of incorrect, inaccurate, or incomplete personal data; 4.1.3. Request the deletion of Your personal data (“right to be forgotten”), except where laws require data retention; 4.1.4. Withdraw previously given consent for personal data processing; 4.1.5. Restrict the processing of Your data – the right to request that we temporarily stop processing all Your personal data; 4.1.6. File a complaint with the Data State Inspectorate.
You can submit a request to exercise Your rights in person at DESIGNERS 5, Tērbatas 85-1, LV-1001, Riga, Latvija or electronically by emailing designers5studio@gmail.com.
5. Final Provisions
5.1. This Privacy Policy is developed in accordance with the European Parliament and Council Regulation (EU) 2016/679 (April 27, 2016) on the protection of individuals regarding personal data processing and free movement, repealing Directive 95/46/EC (General Data Protection Regulation), as well as applicable laws of the Republic of Latvija and the European Union.
5.2. The Data Controller reserves the right to modify or supplement the Privacy Policy at any time without prior notice. Amendments take effect upon their publication on the website www.designers5.com.