1. General Provisions

1.1. This Privacy Policy regulates the principles governing the collection, processing and storage of personal data. Personal data are processed and stored by SIA Artvika, which is the controller of personal data (hereinafter referred to as the Controller).

1.2. For the purposes of the present Privacy Policy, the subject of the data is the Client or other natural person whose personal data are processed by the Controller.

1.3. For the purposes of the present Privacy Policy, the Client is any person who purchases goods or services via Controller's website.

1.4. The Controller respects the legal principles of processing of personal data and, in particular, processes all personal data in a legal, fair and secure manner. The Controller declares that the personal data have been processed in accordance with the provisions of the law.

2. Collection, processing and storage of personal data

2.1. The personal data collected, processed and stored by the Controller are collected electronically; in general, they are usually collected from the website and email.
2.2. By providing his/her personal data, the Client entitles the Controller to collect, organize, use and administer, for the purposes set out in the Privacy Policy, all personal data that the Client has directly or indirectly shared with the Controller when applying for a delivery service on the website.
2.3. The Client is responsible for the accuracy, correctness and integrity of the data he/she provides. Provision of false information is considered a violation of our Privacy Policy. The Client is obliged to notify the Controller immediately of any change in the data submitted.
2.4. The Controller shall not be liable for any loss or damage caused to the Client or to a third party as a result of false data provided by the data subject.

3. Processing of personal data of Clients

3.1. The Controller may process the following personal data of the Client:
3.1.1. Name and a family name;
3.1.2. Date of Birth;
3.1.3. Telephone number;
3.1.4. E-mail address;
3.1.5. Delivery adress;
3.1.6. Bank account number;
3.1.7. Payment card details;
3.2. In addition to the above, the Controller has the right to collect the Client’s data available in public registers.
3.3. The legal basis for the processing of personal data in Article 6 (1) (a), (b), (c) and (f) of the General Data Protection Regulation:
(a) the data subject has agreed to the processing of his/her personal data for one or more specific purposes;
(b) the data processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to the conclusion of an agreement;
(c) the data processing is necessary for the compliance with a legal obligation to which the Controller is subject;
(f) the data processing is necessary for the purposes of the legitimate interests of the Controller or a third party, unless such interests outweigh those of the data subject or fundamental rights and freedoms requiring the protection of personal data, in particular, where the data subject is a child.
3.4. Processing of personal data in accordance with the purpose of the processing:
3.4.1. Purpose of the processing: safety and security
The maximum period of storage of personal data in accordance with the terms established by law.
3.4.2. Purpose of processing: order processing
The maximum storage period for personal data is 3 months
3.4.3. Purpose of processing: customer management
The maximum storage period for personal data is 3 months
3.4.4. Purpose of the data processing: financial operations, accounting
The maximum period of storage of personal data in accordance with the terms established by law
3.4.5. Purpose of the data processing: marketing
The maximum storage period for personal data is 3 months
3.5. The Controller has the right to transfer personal data of Clients to third parties, such as processors, accountants, transport and courier companies, companies providing translation services. The Controller is responsible for the personal data processing.
3.6. The Controller processes and stores the personal data of the Client, by applying organizational and technical measures to ensure the protection of personal data against an accidental or unlawful destruction, alteration, disclosure and any other unlawful processing.
3.7. The Controller stores the data of the Client depending on the purpose of the processing, but not more than 3 years.
4. Rights of the Client:

4.1. The Client has the right to access and verify his/her personal data.
4.2. The Client has the right to receive information about the processing of his/her personal data.
4.3. The Client has the right to change or correct inaccurate data.
4.4. If the Controller processes the personal data of the Client on the basis of his or her consent, the Client has the right to withdraw his or her consent at any time.
4.5. In order to exercise his /her rights, the Client may contact the support service at info@artvika.lv.
4.6. In order to protect his /her rights, the Client may file a complaint with the Data Protection Inspectorate.

5. Final provisions

5.1. The data protection regulations are:
The conditions have been elaborated in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing the Directive. 95/46/EC, the Personal Data Protection Law of the Republic of Latvia and the legislation of the Republic of Latvia and of the European Union.
5.2. The Controller reserves the right to change the terms of data protection in whole or in part by notifying the Client of the change via www.artvika.lv