Privacy policy
"UPTK" Ltd.
Registration No.: 42103006052
Address: Liepaja, Ezermalas Street 3A, LV-3401, Latvia
1. Introduction
"UPTK" Ltd. (hereinafter - the Controller), when operating the website www.uptk.lv (hereinafter - the Website), processes personal data obtained from the data subject – the Website user (hereinafter – the User).
The Controller respects the User’s privacy and protects personal data, observing the User’s rights to lawful processing of personal data in accordance with applicable legal acts, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the Regulation / GDPR), as well as other applicable legal acts in the field of privacy and data protection. Taking the above into account, the Controller has developed this Privacy Policy to provide the User with the information required under the Regulation.
This Privacy Policy applies to the processing of personal data regardless of the form and/or environment in which the User provides personal data (via the Website, in paper form, in person, or by telephone).
The Controller reserves the right to amend these terms at any time. It is the responsibility of the Website visitor to independently review the Website content in order to become acquainted with any changes to the terms.
2. Identity and Contact Details of the Controller
"UPTK" Ltd.
Registration No.: 42103006052
Address: Liepaja, Ezermalas Street 3A, LV-3401, Latvia
Phone: +371 634 25 452
3. Purposes of the processing of personal data as well as the legal basis for the processing
If the User submits personal data to the Controller by telephone, via the Website contact forms, e-mail, or postal mail, we store and use such information to conclude or perform a service provision agreement, including for the following purposes: client identification; preparation and conclusion of contracts; provision of services (performance of contractual obligations); customer service; handling and review of objections; customer loyalty improvement; payment and settlement administration; debt recovery and collection; proof of facts; Website maintenance and improvement; business planning and analytics; planning and accounting. Personal data may also be processed for providing information to public authorities and law enforcement bodies in cases and to the extent stipulated by external regulatory enactments.
The legal bases for data processing are: conclusion and performance of a contract; compliance with legal obligations; the consent of the Client – the data subject; and the Controller’s legitimate interests (for example, verifying the Client’s identity prior to contract conclusion; ensuring the performance of contractual obligations; analysing Website usage; improving service efficiency, etc.).
4. Categories of Personal Data
Categories of personal data include: name, surname, personal identity number, e-mail or postal address, IP address, telephone number, message or correspondence content, etc.
5. Categories of Recipients of Personal Data
Personal data is disclosed to those employees of the Controller who require it for the performance of their direct duties in order to conclude or perform a service provision agreement.
In obtaining and using personal data, we partially use the services of external service providers who, in accordance with contractual obligations, strictly follow our instructions and are subject to continuous supervision by the Controller.
6. Categories of Data Subjects
Categories of data subjects include existing, former, and potential clients of the Controller, as well as other persons who express a wish to contact the Controller.
7. Transfer of Data Outside Latvia
The received data is not intended to be transferred outside Latvia, the European Union, or the European Economic Area, nor transferred to any international organisation. However, given that the Website is connected with Google and Facebook services, the Controller cannot guarantee that these companies will not transfer data outside the European Union or the European Economic Area.
8. Data Retention Period
We process and store the User’s personal data as long as there is a legal obligation for either party to retain such data.
After the above circumstances cease to exist, and unless otherwise specified by data protection instructions, personal data shall be deleted no later than three months after the original reason for data retention has ceased to apply, except where the Controller has a legal obligation to retain such data further (for example, but not limited to, accounting or legal proceedings).
9. Data Subject’s Access to Personal Data
The data subject has the right to receive access to their personal data within one month from the date of submission of the relevant request.
The User may submit a request to exercise their rights in writing in person at the Controller’s legal address (upon presentation of an identity document), by post, or by e-mail signed with a secure electronic signature.
Upon receiving the User’s request, the Controller verifies the User’s identity, evaluates the request, and fulfils it in accordance with applicable legal acts.
The User has the right to receive information prescribed by law regarding the processing of their data, to request access to their personal data, as well as to request their supplementation, rectification or erasure, restriction of processing, or to object to processing, insofar as such rights do not conflict with the purpose of data processing (contract conclusion or performance).
The data subject is not entitled to receive information if disclosure of such information is prohibited by law in the interests of national security, defence, public safety, criminal law, or for ensuring the financial interests of the state in tax matters or supervision of financial market participants and macroeconomic analysis.
10. Cookies Processing
The Website collects data about its visitors, enabling the Website operator to evaluate the usefulness of the Website and how it can be improved.
The Controller continuously improves the Website in order to enhance user experience; therefore, it is necessary to know which information is important to visitors, how often they visit the Website, which devices and browsers they use, their geographic region, and which content they prefer.
The Controller uses Google Analytics to analyse how visitors use the Website. Information about Google Analytics principles is available on Google’s website https://support.google.com/analytics/answer/1012034?hl=enen&ref_topic=6157800. The collected data is used based on the Controller’s legitimate interests to better understand visitor needs and improve access to published information. Visitors may opt out of Google Analytics data collection at any time, as described here https://tools.google.com/dlpage/gaoptout/.
The server hosting the Website may record visitor requests (device used, browser, IP address, date and time of access). These data are used for technical purposes to ensure Website functionality and security and to investigate potential security incidents. The legal basis for such processing is the Controller’s legitimate interest in ensuring technical availability and integrity of the Website.
Cookies are small files stored on the visitor’s device according to browser settings. Some cookies are used to tailor information and advertising based on previously viewed content, making Website use simpler and more convenient. More information about cookies and their management is available at www.aboutcookies.org.
The Website uses cookies to collect IP addresses and browsing information and to remember visitor preferences. Cookies enable the Controller to monitor data flow and user interaction with the Website for analytical and improvement purposes. The legal basis for cookie use is the Controller’s legitimate interest in ensuring functionality, availability, and integrity of the Website.
Visitors may control or delete cookies at their discretion. More detailed information about this process is available here at www.aboutcookies.org. The visitor may delete all cookies stored on their device, and most web browsers can be configured to block the placement of cookies. The visitor may refuse the use of cookies via the browser settings or or at https://tools.google.com/dlpage/gaoptout.
o apply the necessary settings, the visitor should review the terms and instructions of their web browser. If cookies are blocked, the visitor will need to manually adjust the settings each time the Website is visited, and some services or features may not function properly.
Access to statistical data regarding Website visitors is granted only to those employees of the Controller who are responsible for analysing such data.
Unless otherwise specified, cookies are stored for the duration required to fulfil the purpose for which they were collected and are deleted thereafter.
If a forum or comment functionality is enabled on the Controller’s Website, the Website may store the visitor’s IP address as well as any data provided by the visitor. Cookies containing such data may be stored for up to one year for user convenience (so that the information does not need to be re-entered on subsequent visits).
11. Third-Party Websites
We may cooperate with third parties authorised to place third-party cookies on our Website or provide services with your consent. These service providers help ensure a better, faster, and safer browsing experience. Third-party cookies are subject to the privacy policies of those parties, for which the Controller assumes no responsibility.
The Website uses the “Facebook Pixel” tool to tailor content and advertising for Facebook users. More information about Facebook’s privacy policy is available on https://www.facebook.com/about/privacy/. Users may also adjust advertising settings in their Facebook profile.
12. Right to Lodge a Complaint with a Supervisory Authority
The data subject has the right to lodge a complaint with the supervisory authority – the Data State Inspectorate of Latvia. Documents may be submitted by post to Elijas street 17, Riga, LV-1050, or by e-mail to info@dvi.gov.lv.
13. Validity of the Privacy Policy
The Controller reserves the right to amend and supplement this Privacy Policy from time to time in order to clarify how personal data is processed.
Users are encouraged to regularly review this Privacy Policy to remain informed about the processing of their personal data on the Website.