PRIVACY POLICY

This privacy policy informs about the private practices and principles of personal data processing in connection with the msart.lv website and services. To communicate with data processing issues, please write an e-mail to [email protected]

WHAT INFORMATION DO WE COLLECT?

We collect personal data that you voluntarily provide to us through e-mail, web-based questionnaires, and other direct communications with you.

When placing an order, you must provide your name, contact information, shipping address, and other information that you can provide.

HOW DO WE USE THE PERSONAL DATA WE OBTAIN?

We may use the collected personal data to

provide you with the services and information you request,

apply for your order and draw up the necessary documents,

provide you with customer support,

prevent threats or fraudulent activities,

send you informational messages if you have expressly consented to receive them,

comply with the requirements of regulatory acts,

To provide the best level of service to the buyer. The seller transfers personal data to the Omniva parcel service provider to ensure the delivery of the goods. Personal data required for making payments are transferred to the licensed payment institution Maksekeskus AS.

We may share your information with others to determine regulatory requirements, to cooperate with surveillance to prevent criminal activity, and to protect our, your, and others' legal rights.

HOW DO WE PROTECT PERSONAL DATA?

We use various technical and organizational security measures to protect your personal data. Your personal data is available to a limited number of people, only authorized persons.

HOW LONG DO WE KEEP PERSONAL DATA?

We retain your personal data for as long as we need it for the purposes of acquisition and as permitted or determined by regulatory requirements.

HOW DO WE USE COOKIES?

Cookies are small text files that the websites you visit save on your computer. They meet for the operation of our website, as well as to provide information that is used by the website owners.

This website can view the following cookies:

Functional cookies. These files are necessary for you to browse the website and use its functions. Without these cookies, we cannot provide the services you request, such as shopping cart functionality.

Google Analytics cookies. In particular, these files are used to obtain visit statistics for our website. We use this information to improve website performance and advertising efforts.

Targeted advertising tool cookies. These cookies are used to increase the effectiveness of advertising and to show ads that are likely to interest you the most.

Third-party service provider cookies. Cookies can be indicated by third-party services used on this website: Facebook "Like" button, YouTube videos, and others. Some of these cookies may be used to track your activity on other websites and we have no control over them, as these cookies are not set by our website.

HOW TO OPT OUT OF COOKIES?

You can opt out of receiving cookies using the private browsing modes provided by most browsers (private window, incognito window or In Private window). Any cookies created while in private browsing mode are deleted as soon as you close all browser windows.

You can opt-out of the collection and use of information necessary for serving targeted advertising by using the free tool Your Online Choices or Your Ad Choices.

YOUR RIGHTS REGARDING YOUR PERSONAL DATA

If you are a data subject under the EU GDPR (for example, you are an EU citizen and you provide us with your personal data), you have the following rights in relation to your personal data:

Right to information. You have the right to receive information about why and how your personal data is collected. You have the right to receive a free copy of your personal data that we hold in a widely used electronic format.

Right to correct. You have the right to have inaccurate or incomplete personal data corrected or supplemented without unreasonable delay.

The right to be forgotten. You have the right to withdraw your consent to the processing of personal data and to have your personal data deleted without undue delay as soon as the data is no longer necessary to provide the services you requested and to comply with the requirements of regulatory acts.

The right to limited processing. You have the right to have the processing of your personal data restricted if you object to it and we have no legitimate grounds for continuing the processing, if you dispute the accuracy of the data, if the processing is unlawful, or if you request to bring, which ensures or defends legal claims.

The right objects. You have the right to object to data processing at any time unless it is necessary for a task carried out in the public interest or there is an indisputably legitimate basis for the processing.

Other rights under the GDPR. For more information, see the EU data protection website.

1. GENERAL RULES.

1.1. This Privacy Policy describes how Eriks Spulašs LV01117812884 JUR.ADRESE Nākotnes 4 Saldus LV3801 (hereinafter - "Data Controller") obtains, processes, and stores personal data that MSArt.lv obtains from its customers and persons visiting the website. hereinafter referred to as “Data Subject” or “You”).

1.2. Personal data is any information relating to an identified or identifiable natural person, i.e. a data subject. Processing is any activity related to a person, such as acquisition, recording, modification, use, viewing, erasure, or destruction.

1.3. The data controller complies with the principles of data processing provided for in the legislation and is able to confirm that the personal data has been approved in accordance with the applicable legislation.

2. Acquisition, processing, and storage of personal data.

2.1. Personally identifiable information is obtained, processed and stored by the Data Controller through the website of the online store and e-mail.

2.2. By visiting and using Internet services, you agree that all information provided is used and managed in accordance with the purposes set out in the Privacy Policy.

2.3. The data subject is responsible for ensuring that the submitted personal data is correct, accurate and complete. Knowingly providing false information is considered a violation of our Privacy Policy. The data controller must provide personal data for all subjects.

2.4. The data manager is not responsible for the losses caused to the data subject or the responsible persons if they were caused by falsely submitted personal data.

3. Processing of personal data of customers

3.1. The data controller can affect the following personal data:

3.1.1. Name and surname

3.1.2. Date of birth

3.1.3. Contact information (email address and/or phone number)

3.1.4. Transaction data (purchased goods, delivery address, price, information, etc.).

3.1.5. Any other information provided to us when you purchase services and goods offered on the website or when you contact us.

CUSTOMIZE THE LIST ACCORDING TO PERSONAL DATA YOUR COMPANY'S PROCESSES.

3.2. In addition to the above, the Data Controller has the right to verify the correctness of the data using publicly available registers.

3.3. The legal basis for personal data processing is Article 6, Clause 1, subparagraph a), b), c) and f) of the General Data Protection Regulation:

a) data subjects have given their consent to the processing of their personal data or for specific purposes;

b) the processing is necessary for the performance of a contract, the contracting parties of which are the data subjects, or to take measures at the request of the data subject prior to the conclusion of the contract;

c) the processing is necessary to fulfill a legal obligation attributable to the controller;

f) process and comply with the legitimate interests of the controller or a third party, except in cases where the interests of the data subject or the fundamental rights and fundamental freedoms that require the protection of personal data are more important than these interests, in particular, and the data subjects are children.

3.4. The Data Controller stores and processes the Personal Data of the Data Subject as long as at least one of the following criteria is met:

3.4.1. Personal data for the needs of the persons to whom they are received;

3.4.2. As long as it is necessary in accordance with the regulations, the Data Controller and/or Data Subjects can realize their legitimate interests, for example, submit objections or bring or file a lawsuit;

3.4.3. As long as there is a legal obligation to retain data, for example under accounting law;

3.4.4. As long as the Data Subject's consent to the processing of the relevant person's data is valid, and there is no legal basis for the processing of another person's data.

Upon expiry of the provisions of this paragraph, the term of storage of the personal data of the Data Subjects also expires and the relevant personal data are irreversibly deleted from the computer and/or paper documents that have saturated the data of the relevant persons' systems or these documents are anonymous.


3.5. The controller has the right to share personal data of customers with third parties such as processors, accountants, transport and courier companies, companies providing transfer services. The controller is in charge of the processing of personal data. The controller transmits the personal data necessary for making payments to the processor, Maksekeskus AS.

3.6. The controller processes and stores personal data of the data subject implementing the organizational and technical measures to ensure that the personal data is protected against any accidental or unlawful destruction, alteration, disclosure, and any other unlawful processing.

3.7. The controller stores the data of the data subjects depending on the purpose of processing, but no longer than for 8 years.

4. Rights of the data subject

4.1. The data subject has the right to gain access to and examine their personal data.

4.2. The data subject has the right to obtain information on the processing of their personal data.

4.3. The data subject has the right to modify or rectify inaccurate data.

4.4. If the controller processes personal data of the data subject based on the consent granted by the latter, the data subject has the right to withdraw their consent at any time.

4.5. To exercise their rights, the data subject can contact the customer support of the online store at [email protected]

4.6. To protect their rights, the data subject can file a complaint with the Data Protection Inspectorate.

5. Final provisions

5.1. These data protection terms and conditions have been prepared in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), the Personal Data Protection Act of the Republic of Estonia and legislation of the Republic of Estonia and the European Union.

5.2. The controller has the right to amend the data protection terms and conditions in part or in full, notifying the data subjects of the amendments via msart.lv