Client - any individual who is using or has used DEAC services.
Personal data - any information directly or indirectly related to the customer.
Processing - any activity performed with personal data (including collection, recording, storage, modification, provision of access, execution of requests, transfer, etc.).
Company or DEAC - SIA "DIGITĀLĀS EKONOMIKAS ATTĪSTĪBAS CENTRS", registration number 40003455216, legal address: Riga, Maskavas street 459, LV - 1063.
Regulation - REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND THE COUNCIL on the protection of individuals with regard to the processing of personal data and the free movement of this data, and the repeal of Directive 95/46 / EU.
2. General information
2.2. The purpose of developing and publishing the policy is not to explain all possible problems that may arise for data subjects, customers or third parties regarding the processing of personal data in the Company. Regulations and other sources of legal information should be used for legal interpretation and explanation of the procedures of processing personal data.
2.3. The Company ensures the confidentiality of personal data in its work and carries out appropriate technical and organizational measures to protect personal data from unauthorized access, illegal processing or disclosure, accidental loss, alteration or destruction.
2.4. This Policy applies to all cases in which the client intends to use or is already using the services of DEAC and is subject to the processing of personal data that the Company carries out as a manager for the processing of personal data.
2.5. The company does not have automated decision making, which has legal consequences for the client or the data subject.
2.6. Processing of personal data by DEAC occurs in the territory of the European Union / European Economic Area. Personal data of customers and data subjects are not sent to countries and/or processed in countries outside the European Union / European Economic Area.
3. Categories of personal data to be processed
3.1. For personal data processing operations managed by DEAC, personal data is collected by the data subject himself. Categories of personal data that DEAC processes as a manager:
a. Customer's identification data - name, surname, personal identification number (identification number), address;
b. Customer’s contact information - phone number and e-mail address;
c. Communication details that are collected when the client contacts DEAC;
d. Data received when the client visits the DEAC website;
e. Information from the client’s computer or device, such as information about the client’s computer or the IP address of the device, the operating system, and the browser used.
4. Objectives of processing personal data
4.1. As a manager, the Company performs personal data processing for the following purposes:
a. DEAC Customer Service;
b. Achievement of related goals related to the provision of services (promotion of services, notification of clients regarding issues related to the provision of services, etc.);
c. Improvement of the quality of services and quality control of customer services;
d. Protection of the legitimate interests of clients, the Company, third parties, including the prevention, limitation and investigation of violations of the use of DEAC services and their possible illegal exploitation.
5. Legal basis for processing personal data
5.1. The company processes personal data of customers according to the following legal basis:
a. In order to comply with the obligations specified by regulatory enactments;
b. To sign up and execute a service agreement;
c. If the data subject agrees for data processing;
d. Legal interests of DEAC.
6. Possible recipients of personal data
6.1. The Company does not disclose personal data to third parties, unless one of the above rules for transferring data is being implemented, such as laws and regulations in relation to a person on their reasoned request, regulations and scope (for example, investigative bodies based on a motivated request);
7. Storage time
7.1. The company stores and processes personal data as long as it is necessary to achieve the objectives of data processing, and also if one of the following criteria is fulfilled:
a. In accordance with the procedure provided for by regulatory enactments, the Company or the Customer can realize their legal interests;
b. The Company has a legal obligation to store this data;
c. While client's consent to the processing of personal data is in force, unless there is another legal basis for processing the data;
7.2. Personal data is deleted after the above conditions become not relevant.
8. Rights of the client as the data subject
8.1. The Client has the following rights with respect to the processing of his personal data in accordance with the provisions of the Regulations:
a. Ask to correct the personal data if it is inappropriate, incomplete or incorrect.
b. It is contrary to the processing of your personal data if the use of this data is based on legitimate interests. Despite the Client's objections, the Company will continue to process the client's personal data provided that the Company has sufficient reason and basis for continuing the processing of the client's personal data;
c. To request the removal of personal data if personal data is processed on the basis of consent, and the Customer withdrew his consent. This right is invalid if the personal data whose correction is requested are also processed on the basis of another legal basis, such as legitimate interests or obligations arising from relevant normative acts;
d. In the cases specified in the Rules, which limit the processing of your personal data;
e. Receive information about whether the Company processes the personal data of the Customer and, if they are processed, also access it.
f. Obtain the given personal data processed on the basis of consent in written or one of the most frequently used electronic formats and, if possible, transfer this data to another provider (data mobility).
g. Restore your consent to the processing of personal data.
h. Complain about the use of the personal data to the State Data Inspectorate (www.dvi.gov.lv), if the client believes that his personal data is being processed in violation of the rights and interests of users.
9. Contact information
9.1. The user can contact the DEAC regarding such issues as withdrawal of consent, requests for information, the use of data subject rights and complaints about the use of personal data by writing to the e-mail address of the company firstname.lastname@example.org or in the registered office at Maskavas Street 459, Riga, Latvia, LV-1063
9.2. Contact details of the data protection officer: email@example.com or Maskavas Street 459, Riga, Latvia, LV-1063
10. Validity of the Policy and its Amendments
10.1. This policy is available on the DEAC website at www.deac.eu.
10.2. The Company has the right to unilaterally amend this Policy at any time in accordance with applicable regulatory enactments.