Privacy Policy
1. Introduction
SIA “ADIG”, VAT No. LV40103723934, Riga, Matīsa iela 45A, LV-1009
(hereinafter – the Controller), on the website https://hansabeauty.com (hereinafter – the Website) processes personal data obtained from the data subject – the Website user (hereinafter – the User).
The Controller takes care of the User’s privacy and personal data protection, respects the User’s right to the lawfulness of personal data processing in accordance with applicable law: Regulation No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (Regulation) and other applicable laws in the field of privacy and data processing.
Taking into account the above, the Controller has developed this privacy policy with the aim of providing the User with the information provided for in the Regulation.
The Privacy Policy applies to data processing regardless of the form and/or environment in which the User provides personal data (on the Site, in paper form or by telephone).
2. Identity and contact information of the Controller
The Controller is SIA “ADIG”, VAT. Reg. No. LV40103723934, Riga, Matīsa iela 45A, LV-1009, sespi@hansabeauty.com
3. Purposes of processing, legal basis for processing
If the User submits his/her personal data to the Controller, such as name, surname, e-mail or postal address, telephone number, personal messages, etc., using the Site’s contact forms, e-mail or other type of mail, the Controller stores and uses this information to fulfill or conclude a relevant service provision agreement.
The Controller needs to process the aforementioned data for the purpose of identifying the client, assessing solvency, preparing, concluding and proving the fact of conclusion of the contract, ensuring/maintaining the operation of the services, customer service, examining and processing applications and objections, administering payments, as well as for other purposes directly related to the conclusion or execution of the contract.
The legal basis for data processing is Article 6, Paragraph 1, Subparagraph b. of the Regulation, which states that data processing is lawful if the processing is necessary for the performance of the contract or for taking measures at the request of the data subject prior to the conclusion of the contract.
4. Categories of personal data
Categories of personal data – name, surname, e-mail or postal address, IP address, telephone number or content of the letter, etc.
5. Categories of recipients of personal data
The data are disclosed to those employees of the Controller who need them for the performance of their direct duties in order to perform or conclude a relevant service provision contract.
When obtaining and using personal data, the Controller partially uses the services of external service providers, who strictly follow the instructions of the Controller in accordance with the contract and whom the Controller monitors before using the service and continuously thereafter.
6. Categories of data subjects
Categories of data subjects – existing, former and potential customers of the Controller.
7. Data transfer outside the European Union
The data received is not and will not be transferred outside the European Union or the European Economic Area, nor will it be transferred to any international organization.
8. Duration of data storage
Unless otherwise stated in the data protection instructions, the Controller deletes personal data no later than three years after the initial reason for data retention no longer applies, except in cases where we are legally obliged to continue to retain these data (for example, but not limited to, for accounting or legal proceedings).
9. Access to personal data by the data subject
The data subject has the right to receive access to the personal data of the data subject within one month from the date of submission of the relevant request.
The User may submit a request for the exercise of his/her rights in writing in person, at the Controller’s legal address (by presenting an identity document) or by e-mail, signing with a secure electronic signature.
Upon receiving the User’s request for the exercise of his/her rights, the Controller shall verify the User’s identity, evaluate the request and execute it in accordance with regulatory enactments.
The User has the right to receive information specified in regulatory enactments regarding the processing of his/her data, the right to request access to his/her personal data, as well as to request the Controller to supplement, correct or delete it, restrict processing or object to processing, to the extent that these rights do not conflict with the purpose of data processing (conclusion or performance of contracts).
The data subject does not have the right to receive information if the disclosure of this information is prohibited by law in the field of national security, state defense, public safety, criminal law, as well as for the purpose of ensuring the state’s financial interests in tax matters or supervision and macroeconomic analysis of financial market participants.
10.Commercial communications
The Controller shall communicate commercial communications in accordance with the User’s consent. Section 9, Part 2 of the Information Society Services Law also provides for cases when commercial communications may be sent without consent, for example, if the e-mail address is
r obtained within the framework of the provision of a previously provided service or the sale of a product.
The User may give his consent to receive commercial communications from the Controller in the service application form published on the Site.
The consent given by the User to receive commercial communications is valid until its withdrawal. The User may at any time refuse to receive further commercial communications by using the automated option provided in the commercial communication to refuse to receive further communications by clicking on the opt-out indication at the end of the relevant commercial communication.
The Controller shall stop sending commercial communications as soon as the User’s request is processed.