Privacy policy
SIA E.A. FLOWER DESIGN
Reg. No. 50203583291
Legal address: Jomas iela 62, Jūrmala, LV-2015, Latvia
1. Introduction
SIA E.A. FLOWER DESIGN (hereinafter – the Controller), on the website https://kvflower.lv/ (hereinafter – the Site), processes personal data obtained from the data subject – the user of the Site (hereinafter – the User).
The Controller cares about the User's privacy and the protection of personal data, respecting the User's rights to the lawfulness of personal data processing in accordance with applicable legislation—Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the Regulation) and other applicable laws in the field of privacy and data processing.
In view of the above, the Controller has developed this privacy policy to provide the User with the information stipulated in the Regulation. The privacy policy applies to data processing regardless of the form and/or environment in which the User provides personal data (on the Site, in paper format, in person, or by telephone).
The Controller reserves the right to change these terms at any time. It is the responsibility of the Site visitor to independently check the content of the Site to become acquainted with changes to the terms.
2. Identity and Contact Information of the Controller
SIA E.A. FLOWER DESIGN
Reg. No. 50203583291
Legal address: Jomas iela 62, Jūrmala, LV-2015, Latvia
Website: https://kvflower.lv/
E-mail: k.v.flowerbq@gmail.com
Phone: +371 20416699
3. Purposes and Legal Basis for Personal Data Processing
If the User submits their personal data to the Controller via telephone, website contact forms, e-mail, or other types of mail, we store and use this information to fulfill or enter into a relevant service agreement, including: identifying the customer; preparing and concluding the agreement; providing services (fulfillment of contractual obligations); customer service; reviewing and processing objections; improving customer loyalty; payment and settlement administration; debt recovery and collection; proving facts; maintaining the website and improving its operation; business planning and analytics; planning and accounting. Likewise, we will process this data to provide information to state administrative authorities and subjects of operational activities in the cases and to the extent specified in external regulatory acts.
The legal bases for data processing are: the conclusion and execution of the agreement; compliance with regulatory acts; consent of the Customer (data subject); and our legitimate interests (e.g., verifying the Customer's identity before concluding an agreement; ensuring the fulfillment of contractual obligations; analyzing website usage; ensuring the efficiency of service delivery, etc.).
4. Categories of Personal Data
Categories of personal data: name, surname, personal identity number, e-mail or postal address, IP address, telephone number, content of a message or letter, etc.
5. Categories of Personal Data Recipients
Data is disclosed to those employees of the Controller who require it for the performance of their direct duties to fulfill or conclude the relevant service agreement.
In obtaining and using personal data, we partially use the services of external service providers who, according to the agreement, strictly follow our instructions and whom we control both before using the service and continuously thereafter.
6. Categories of Data Subjects
Categories of data subjects: the Controller's current, former, and potential customers, as well as other persons who express a desire to contact the Controller.
7. Data Transfer Outside Latvia
The received data is not planned to be transferred outside of Latvia, the European Union, or the European Economic Area, nor will it be transferred to any international organization. At the same time, considering that the Site is connected with Google and Facebook services, the Controller cannot guarantee that these companies will not transfer data outside the European Union or the European Economic Area.
8. Duration of Data Storage
We process and store the User's personal data as long as there is a legal obligation for either party to store the data. After these circumstances cease, and unless otherwise stated in the data protection instructions, we delete personal data no later than three months after the original reason for storing the data is no longer valid, except in cases where we have a legal obligation to continue storing this data (e.g., for accounting or litigation purposes).
9. Data Subject Access to Personal Data
The data subject has the right to receive access to their personal data within one month from the date of submission of the relevant request.
The User can submit a request for the exercise of their rights in writing: in person at the Controller's legal address (presenting an identification document); by post; or via e-mail signed with a secure electronic signature. Upon receiving the request, the Controller verifies the User's identity, evaluates the request, and executes it in accordance with regulatory acts.
The User has the right to receive information specified in regulatory acts regarding the processing of their data, the right to request access to their personal data, as well as to request the Controller to supplement, correct, delete, or restrict processing, or the right to object to processing, insofar as these rights do not conflict with the purpose of data processing (conclusion or execution of agreements).
The data subject does not have the right to receive information if its disclosure is prohibited by law in the fields of national security, state defense, public safety, or criminal law, or for the purpose of ensuring state financial interests in tax matters or the supervision of financial market participants and macroeconomic analysis.
10. Processing of Cookies
Data about Site visitors is collected to allow the Site maintainer to evaluate how useful the Site is and how it could be improved. The Controller constantly improves the Site to enhance its usability, and therefore needs to know what information is important to visitors, how often they visit, what devices and browsers they use, what region they come from, and what content they prefer to read.
The Controller uses Google Analytics, which allows for the analysis of how visitors use the Site. You can learn about the basic principles of Google Analytics on the Google website. The Controller uses the collected data in its legal interests to improve understanding of visitors' needs and the accessibility of published information. Visitors can stop data collection by Google Analytics at any time here: https://tools.google.com/dlpage/gaoptout/.
The server hosting the Site may record requests sent by the visitor (device used, browser, IP address, date and time of access). This data is used for technical purposes: to ensure the proper functioning and security of the Site and to investigate potential security incidents. The basis for collecting this data is the Controller's legitimate interest in ensuring the technical availability and integrity of the Site.
Cookies are small files stored by the browser on the visitor's computer each time they visit the Site, to the extent specified in the browser settings. Certain cookies are used to select and apply information and advertisements offered to the visitor based on content viewed previously, making the use of the Site simple, convenient, and personalized. For more information on cookies, including deletion and management, visit www.aboutcookies.org.
The Site uses cookies to collect IP addresses and browsing information to allow the Site to remember visitor choices. Cookies allow the Controller to track data traffic and user interaction with the Site. The legal basis for using cookies is the Controller's legitimate interest in ensuring the functionality, accessibility, and integrity of the Site.
Visitors can control or delete cookies. If cookies are blocked, the visitor will have to manually adjust settings every time they visit the Site, and some services/functions may not work. Statistical data is only accessible to employees responsible for data analysis. Unless otherwise specified, cookies are stored until the purpose for which they were collected is fulfilled, and then deleted.
If the Site provides a forum or comment option, the IP address and data provided by the visitor are saved. Cookies containing this data can be stored for one year for convenience.
11. Third-Party Websites
We may cooperate with third parties authorized to place third-party cookies on our sites or in our services, apps, and tools with your consent. These providers help us provide a better, faster, and safer experience. Please note that third-party cookies are subject to the third party's privacy policy; we assume no responsibility for these policies.
The Site uses the "Facebook pixel" tool to customize content and advertisements for Facebook users. More info: https://www.facebook.com/about/privacy/.
"Payment processing is provided by the payment platform makecommerce.lv; therefore, our company transfers the personal data necessary for the execution of payments to the platform owner Maksekeskus AS."
12. Right to Lodge a Complaint with a Supervisory Authority
The data subject has the right to lodge a complaint with the supervisory authority (Data State Inspectorate/Datu valsts inspekcija). Documents are accepted via mail, e-mail (signed with a secure electronic signature), or can be left in the mailbox at Blaumaņa iela 11/13, Riga. E-mail: info@dvi.gov.lv.
13. Validity of the Privacy Policy
We reserve the right to change and supplement the content of this privacy policy from time to time to clarify the description of how we process your data. We invite you to regularly review this policy to stay informed about the processing of your personal data on the Site.