SIA “Samadanta” privacy policy

The purpose of the privacy policy is to provide the natural person - data subject - with information on the purpose of processing personal data, legal basis, scope of protection, protection and processing time during the collection of data and processing of personal data of the data subject.

Member of the Board of SIA "Samadanta"
November 1, 2021

Manager and its contact information

  1. Personal data processing manager, in relation to the visitors of SIA “Samadanta”; clients; Visitors to the website, as well as candidates for vacancies who have submitted the application are SIA “Samadanta”, unified registration No. 40203315751, legal address: Dīķa Iela 44, Riga, LV-1004 (hereinafter - the Company).
  2. The company's contact information on issues related to the processing of personal data, including information on possible data protection violations is info@samadanta.lv
  3. When using this contact information or by contacting the Company's registered office, you may ask questions about the processing of personal data. A request for the exercise of one's rights may be made in accordance with paragraph 24.

General terms

  1. Personal data is any information about an identified or identifiable natural person.
  2. The Privacy Policy applies to the protection of privacy and personal data in relation to the following groups (hereinafter together - the Clients):
    1. for natural persons - candidates (applicants);
    2. Company customers (including potential, past and present);
    3. Visitors to the company's website.
  1. The Company takes care of the Customer's privacy and protection of personal data, respects the Customer's right to the lawfulness of personal data processing in accordance with applicable law - Personal Data Processing Law, Regulation 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data (hereinafter referred to as the Regulation) and other applicable privacy and data processing legislation.
  1. The Privacy Policy applies to the processing of data, regardless of the form and / or environment in which the Customer provides personal data (in person, on the Company's website, in paper format or by telephone).

Purpose of the processing of personal data

  1. The company processes personal data for the following purposes:
    1. For the provision of services:
      1. Customer (natural person) identification;
      2. preparation and conclusion of the contract;
      3. for the provision of services;
      4. development of new services;
      5. consideration of objections or claims;
      6. settlement administration;
      7. debt recovery and recovery;
      8. maintenance and improvement of websites.
    2. Business planning and analytics;
    3. Customer safety, protection of company property;
    4. In order to ensure the conduct of the recruitment competition and to safeguard its legal interests as far as recruitment is concerned:

8.4.1. to assess the candidate's compliance with the requirements set by the Company for the specified vacancy;

8.4.2. to enter into an agreement with a candidate who meets the Company's most stringent requirements;

8.4.3. to raise, enforce and defend the Company's legal claims.

    1. For the company's legitimate purposes:

8.5.1. to carry out commercial activities;

8.5.2. to check the identity of the Customer (natural person) before purchasing the services;

8.5.3. to ensure the fulfillment of contractual obligations;

8.5.4. to save the Client's applications and submissions regarding the provision of services;

8.5.5. to segment the customer database for more efficient provision of services;

8.5.6. to design and develop services;

8.5.7. to send other reports on the progress of the performance of the contract and events relevant to the performance of the contract, as well as to conduct customer surveys on the services;

8.5.9. to prevent fraudulent activities against the company;

8.5.10. provide corporate governance, financial and business accounting and analytics;

8.5.11. to ensure efficient company management processes;

8.5.12. to ensure and improve the quality of services;

8.5.13. administer payments;

8.5.14. perform video surveillance for business security;

8.5.15. to inform the public about its activities.

  1. The company may process candidates' personal data for recruitment purposes for the specific vacancy for which the candidate is applying or for future-oriented recruitment, if the candidate has agreed.

Legal basis for the processing of personal data

  1. The legal basis for the processing of personal data by the company for the following purposes of personal data processing:

Provision of services:

Article 6 (1):

(b) (processing is necessary for the performance of a contract to which the data subject is party or in order to take action at the request of the data subject prior to entering into a contract);

(c) (processing is necessary for compliance with a legal obligation to which the controller is subject); and

Subparagraph (f) (processing is necessary for the legitimate interests of the controller).

Business planning and analytics:
Article 6 (1) (f) (processing is necessary for the legitimate interests of the controller).

For customer safety, protection of company property:
Article 6 (1) (f) (processing is necessary for the legitimate interests of the controller).

For the staff selection competition:

Article 6 (1):

(a) (the data subject has consented to the processing of his or her personal data for one or more specific purposes),

(c) (processing is necessary for compliance with a legal obligation to which the controller is subject); and

(f) (processing is necessary in the legitimate interests of the controller);

Sections 33, 35, 38 of the Labor Law.

Legitimate interests of the company:
Article 6 (1) (f) of the General Data Protection Regulation (processing is necessary for the legitimate interests of the controller).

Processing of personal data

  1. The Company processes the Customer's data using the capabilities of modern technology, taking into account the existing privacy risks and the organizational, financial and technical resources available to the Company.
  2. The Company may make automated decisions regarding the Customer. The Client is informed about such activities of the Company separately in accordance with regulatory enactments.
  3. Automated decision-making that has legal consequences for the Customer (for example, approval or rejection of the Customer's application) may be performed only during the conclusion or performance of the agreement between the Company and the Customer, or on the basis of the Customer's explicit consent.

Protection of personal data

  1. The Company protects the Customer's data using the capabilities of modern technology, taking into account the existing privacy risks and the Company's reasonably available organizational, financial and technical resources, including the following security measures-
    1. Firewalls;
    2. Intrusion protection and detection programs;
    3. Other protection measures in accordance with current technical progress.

Categories of recipients of personal data

  1. The Company does not disclose to third parties the Customer's personal data or any information obtained during the provision of services and the term of the agreement, including information about the services received, except for:
    1. in accordance with the Client's explicit and unambiguous consent;
    2. to the persons provided for in external regulatory enactments upon their justified request, in accordance with the procedures and to the extent specified in external regulatory enactments;
    3. in cases specified in external regulatory enactments, for the protection of the legitimate interests of the Company, for example, by applying to a court or other state institutions against a person who has infringed the legitimate interests of the Company.

Transfer of personal data

  1. The Company will not transfer Personal Data to third parties except to the extent necessary for the reasonable conduct of business, ensuring that such third parties maintain the confidentiality of Personal Data and provide appropriate protection.
  2. The Company has the right to transfer Personal Data to the Company's suppliers, subcontractors, strategic partners and others who assist the Company in the conduct of its business for the purpose of implementing the relevant cooperation. However, in such cases, the Company requires the recipients of the data to undertake to use the information received only for the purposes for which the data were transferred and in accordance with the requirements of applicable laws and regulations.

Access to personal data by third country entities

  1. The company does not transfer personal data to third countries (outside the European Union and the European Economic Area).

Duration of storage of personal data

  1. The Company stores and processes the Customer's personal data as long as at least one of the following criteria exists:
    1. only as long as the service is provided;
    2. the data are necessary for the purpose for which they were collected;
    3. while the Company or the Client may realize its legitimate interests in accordance with the procedures specified in external regulatory enactments;
    4. as long as the Company has a legal obligation to retain the data;
    5. as long as the Customer's consent to the relevant processing of personal data is valid, if there is no other legal basis for data processing.
  1. After the circumstances referred to in Clause 19 end, the Customer's personal data shall be deleted. Audit records shall be kept for at least one year from the date on which they were performed.
  2. The Company shall store and process the personal data submitted by the Applicant for 6 (six) calendar months after the end of the selection or until the consent of the Applicant to the relevant personal data processing is valid, if no other legal basis for data processing exists, and the personal data is deleted after this period.

Access to personal data and other rights of the Customer

  1. The customer has the right to receive the information specified in regulatory enactments in connection with the processing of his data.
  2. In accordance with regulatory enactments, the Customer also has the right to request the Company to access its personal data, as well as to request the Company to supplement, correct or delete or restrict the processing in relation to the Customer, or the right to object to processing (including processing of personal data to the legitimate interests of the Company) as well as the right to data portability. This right shall be exercised to the extent that the processing of the data does not result from the obligations of the Company imposed by the applicable laws and regulations and which are performed in the public interest.
  3. The Client may submit a request for the exercise of his rights in the following manner -
    1. in writing in the Company's office in Riga (address: Dīķa iela 44, Rīga, LV-1004) or using the postal service;
    2. in the form of e-mail, signed with a secure electronic signature and sent to the e-mail address: info@samadanta.lv
  1. Upon receipt of the Customer's request for the exercise of its rights, the Company verifies the Customer's identity, evaluates the request and executes it in accordance with regulatory enactments.
  2. The Company's response shall be sent to the Customer by post to the contact address indicated by him in a registered letter or to an e-mail with a secure electronic signature (if the application is submitted with a secure electronic signature), taking into account the Customer's response.
  3. The Company ensures the fulfillment of data processing and protection requirements in accordance with regulatory enactments and in case of the Customer's objections performs useful actions to resolve the objection. However, if this fails, the Customer has the right to apply to the Data State Inspectorate.
  4. The Customer has the right to receive one copy of his personal data processed by the Company free of charge.
  5. The receipt and / or use of the information referred to in paragraph 28 of this document may be restricted for the purpose of preventing adverse effects on the rights and freedoms of others (including employees of the Company).
  6. The Company undertakes to ensure the accuracy of the Personal Data and relies on its customers, suppliers and other third parties who transfer the Personal Data to ensure the completeness and accuracy of the transferred Personal Data.

Customer's consent to data processing and the right to withdraw it

  1. The Customer consents to the processing of personal data based on consent (eg for commercial communications, personal data analysis, loyalty cards) in writing at the Company's reception, on the Company's website and in mobile applications or at any other place where marketing activities are organized.
  2. The Customer has the right to revoke the consent for data processing at any time in the same manner and / or in accordance with the procedure specified in Clause 24. In this case, further processing based on the prior consent for the specific purpose will no longer take place.
  3. Withdrawal of consent does not affect data processing performed at the time when the Customer's consent was valid.
  4. Withdrawal of consent may not suspend the processing of data on other legal grounds.

Commercial communications

  1. The Company communicates regarding commercial communications about the Company's and / or third party services and other communications not directly related to the provision of the agreed services (such as customer surveys) in accordance with external regulations or with the Customer's consent.
  2. The Customer consents to the receipt of commercial communications by the Company and / or its business partners in writing in person at the Company's office, on the Company's website and in mobile applications or at any other place where the Company organizes marketing activities.
  3. The customer's consent to receive commercial communications is valid until revoked (also after the termination of the service agreement). The customer may at any time opt out of receiving further commercial communications in any of the following ways:
    1. by sending an e-mail to: info@samadanta.lv
    2. by submitting a written application to the Company's reception;
    3. using the automated option provided in the commercial communication to opt out of receiving further notifications by clicking on the opt-out indication at the end of the relevant commercial communication (e-mail).
  1. The Company will stop sending commercial communications as soon as the Customer's request is processed. The processing of the request depends on the technological possibilities, which can take up to three days.
  2. By expressing his opinion in surveys and leaving his contact information (e-mail, telephone), the Customer agrees that the Company may contact him using the contact information provided due to the Customer's assessment.

Photography and filming

  1. Clients are informed that in some cases, when the Company's work is covered in the media or on the Company's media (Company's website), photos or videos of Company event attendees may be processed and the legal basis for such processing is legitimate interests, unless the data subject the interests or fundamental rights and freedoms which require the protection of personal data take precedence over such interests, in particular where the data subject is a child.
  2. Prior to the relevant event, the company shall inform the participants of the event about the planned processing of personal data in accordance with the requirements of Article 13 of the Regulation, placing information on the processing of personal data in invitations and before entering the venue.

Website visits and cookie handling

  1. The website of the company may use cookies -
    1. Cookies are files that websites place on users' computers in order to identify the user and make it easier for them to use the website. Internet browsers can be configured to alert the customer to the use of cookies and allow the customer to choose whether to accept them. Failure to accept cookies will not prevent the customer from using the website, but may restrict the customer's ability to use the website;
    2. The Company's websites may contain links to third party websites that have their own terms of use and personal data protection, the completeness of which the Company is not responsible for.

Different rules

  1. The Company has the right to make changes and additions to the Privacy Policy, as well as to make it available to the Customer, to place it on the Company's website.
  2. The Company retains the previous versions of the Privacy Policy and they are available on the website.

Šī tīmekļa vietne izmanto sīkdatnes, lai nodrošinātu vislabāko pieredzi mūsu mājas lapā. Izmantojot mūsu vietni, jūs piekrītat sīkdatnēm. Uzzini vairāk