Privacy Policy
Privacy Policy
1. The purpose of the privacy policy (hereinafter - Privacy Policy) of SIA "XToys", unified registration No. 40203491559 (hereinafter - Company or Manager) is to provide the natural person - data subject - with information about the purpose, legal basis, scope of processing, protection of personal data and the processing term during data acquisition when processing the data subject's personal data.
II. MANAGER AND ITS CONTACT INFORMATION
2. The controller of personal data processing is the Company, legal address: Ikšķiles iela 16, Riga LV-1057, Latvia
3. The company's contact information for matters related to the processing of personal data, as well as for submitting data subject requests and informing about possible data protection violations, is info@erotshop.lv.
III. GENERAL TERMS
4. Personal data is any information about an identified or identifiable natural person.
5. The privacy policy is applied to ensure the protection of privacy and personal data in relation to all data subjects, including the following groups (hereinafter referred to as Clients):
5.1. for natural persons - the Company's clients (including potential, former and existing), their representatives, real estate owners and other related persons;
5.2. for natural persons – representatives of the Company's Customers (legal entities), contact persons;
5.3. Visitors to public premises, including those subject to video surveillance;
5.4. For visitors of the website maintained by the company;
5.5. persons whose personal data is processed in social networks in connection with the activities organized by the Company.
6. The Company takes care of Customer privacy and personal data protection, respects the Customer's right to the legality of personal data processing in accordance with the applicable legislation - the Law on the Protection of Personal Data, Regulation 2016/679 of the European Parliament and the Council of April 27, 2016 on the protection of natural persons regarding the processing of personal data and the free movement of such data (hereinafter - the Regulation) and other applicable laws in the field of privacy and data processing.
7. The privacy policy applies to data processing regardless of the form and/or medium in which the Customer provides personal data (in person, on the Company's website, electronically, in paper format or by telephone).
8. In the processing of personal data, the Company observes the following basic principles of data processing:
8.1. legality and integrity;
8.2. transparency;
8.3. limitation of intent;
8.4. adequacy (data minimization);
8.5. accuracy;
8.6. storage limit;
8.7. integrity and confidentiality;
8.8. accountability.
IV. PURPOSE OF PERSONAL DATA PROCESSING
9. The company processes personal data for the following purposes:
9.1. for providing services and selling services:
9.2. for customer identification;
9.3. for the preparation and conclusion of the contract;
9.4. for the fulfillment of contractual obligations;
9.5. for the development of new services;
9.6. for advertising and distribution of services or for commercial purposes;
9.7. for customer service;
9.8. for consideration of objections or claims;
9.9. for settlement administration;
9.10. for debt recovery and collection;
9.11. for maintaining and improving the operation of websites and mobile applications;
9.12. for business planning and analytics;
9.13. for customer safety, protection of company property;
9.14. for other specific purposes.
10. The company can also process data for other purposes compatible with the original purpose, ensuring the corresponding rights of the data subject.
V. LEGAL BASIS OF PERSONAL DATA PROCESSING
11. The Company processes the Client's personal data mainly based on the following legal bases:
11.1. for the conclusion and execution of the contract – to conclude the contract at the Customer's request and ensure its execution (a contract also means a verbal agreement on the purchase of a service);
11.2. for the fulfillment of regulatory acts - to fulfill the obligation specified in external regulatory acts binding on the Company;
11.3. in accordance with the consent of the data subject;
11.4. in legitimate (legitimate) interests – to realize the obligations existing between the Company and the Client or the legitimate (legitimate) interests of another Company or a third party resulting from a concluded contract.
12. The legal (legitimate) interests of the company are:
12.1. to carry out commercial activities;
12.2. verify the identity of the Client before providing certain services;
12.3. ensure fulfillment of contractual obligations;
12.4. save Customer applications and submissions regarding the provision of services;
12.5. design and develop services;
12.6. promote our services by sending commercial communications;
12.7. send other reports on the progress of contract execution and events relevant to contract execution, as well as conduct customer surveys about services and their experience of using them;
12.8. prevent fraudulent activities against the company;
12.9. provide corporate governance, financial and business accounting and analytics;
12.10. ensure effective company management processes;
12.11. ensure and improve the quality of services;
12.12. it costs to administer