"ALTAS IT" Ltd. Privacy Policy

"ALTAS IT" SIA, single registration number, registered office at Brīvības gatve 221-1, Riga, LV-1039, e-mail: altas@altas.lv (hereinafter - the Company) distributes, installs and maintains video surveillance, vehicle equipment and security solution systems. The Company is the official representative of leading manufacturers of video surveillance and security solutions, such as Mobotix, etc. in the Baltic States. Here you can find the principles of the Company's Privacy Policy ("Privacy Policy"), which applies to the Company's collection, use, publication and storage of sensitive personal data. The Company's activities on the World Wide Web are conducted in accordance with the laws of the Republic of Latvia as well as the relevant laws and regulations of the European Union.

1. Definition and scope of the Privacy Policy

1.1. The Privacy Policy defines:
1.1.1. Processing means any act performed on personal data, including collecting, recording, storing, modifying, accessing, accessing, transferring, etc.
1.1.2. Client means a natural or legal person who has expressed a wish to purchase or purchases products distributed by the Company or receives services provided by the Company.
1.1.3. Personal Data means any information (e.g. name, contact details, address) directly or indirectly related to the Client.
1.1.4. Data Subject - any natural person who visits the website www.altas.lv, the Company's Facebook, LinkedIn, YouTube or Instagram account ALTAS IT Latvija (hereinafter also referred to as the website).

1.2. The Privacy Policy is applicable to the processing of personal data of Clients by the Company, regardless of the form (e-mail, telephone, paper, etc.) in which the data is obtained and from whom (the Client or another person).

2.  Legal basis for processing personal data

2.1. The Company processes the Client's personal data based on the following legal grounds:
2.1.1. for the conclusion and performance of the contract (e.g. collecting Client data necessary for the conclusion of the contract, ensuring delivery of the goods);
2.1.2. to enforce laws and regulations (e.g. providing information to law enforcement authorities);
2.1.3. in accordance with the Client's consent (e.g. for commercial communications);
2.1.4. legitimate interests (e.g. enforcing a contract out of court or in court proceedings, insolvency proceedings, improving marketing).

3.     The legitimate interests of the Company are:

3.1. carry out commercial activities
3.2. verify the Client's identity before entering into a contract;
3.3. ensure compliance with contractual obligations;
3.4. to store Client orders for goods and services, as well as notes (e.g. verbal or written) thereon;
3.5. analyse the performance of the Company's website;
3.6. advertise the goods distributed and the services provided by the Company by sending commercial communications;
3.7. send reports on the progress of orders and purchase contracts;
3.8. prevent fraudulent activities;
3.9. manage purchases, payments and orders;
3.10. where necessary, inform law enforcement authorities about the Company's business activities.

4.  Purposes for processing personal data

4.1. The Company processes personal data for the following purposes:
4.1.1. to identify the Client;
4.1.2. for the preparation and conclusion of the contract;
4.1.3. for the delivery of goods;
4.1.4. to fulfil their contractual obligations;
4.1.5. for advertising and distribution of goods or commercial purposes;
4.1.6. for Clients' service;
4.1.7. to examine and process objections;
4.1.8. for administering settlements;
4.1.9. to improve the website.

5. Category of personal data

5.1. The categories of Client personal data collected and processed by the Company are:
5.1.1. Identification data - name, surname, personal identification number, date of birth or data from a personal identification document (passport or ID card);
5.1.2. Contact details - Client's address, telephone number, email address, contact person's name, surname, email.

6.  Processing of personal data

6. The Company shall process the Client's data using modern technological capabilities, taking into account the existing privacy risks and available organisational, financial and technical resources.
6.2. In order to ensure the qualitative and operative performance of the contractual obligations with the Client, the Company may authorise its business partners to perform certain activities for the supply of goods or the provision of services, such as the delivery of goods, leasing and other settlement services, sending of warnings and the like. The Company's business partners process the Client's personal data and are deemed to be the Company's data processors (processors) and the Company has the right to transfer the Client's personal data necessary for the performance of these activities to the business partners to the extent necessary for the performance of these activities.
6.3. The Company in the capacity of a data processor will ensure compliance with the requirements for the processing and protection of personal data in accordance with the Data Processing Agreement and regulatory enactments and will not use personal data for any purposes other than to fulfil the obligations under the agreement entered into with the Client on behalf of the Company.

6.4. The Company shall not disclose the Client's personal data to third parties except in the following cases:
6.4.1. if the third party is to be provided with the data in the context of a contract (for the supply of goods);
6.4.2. if it is necessary for the protection of the interests of the Company as set out in paragraph 2.1.4 of the Privacy Policy;
6.4.3. if the Client has given his/her express and unambiguous consent;
6.4.4. to the persons provided for in external normative acts upon their justified request, in the manner and to the extent provided for in external normative acts.

6.5. The storage of personal data shall continue for as long as:
6.5.1. the contract concluded with the Client is valid;
6.5.2. the Company or the Client may exercise its legitimate interests in accordance with the procedure established by external regulatory enactments (three to ten years after the performance of the obligations);
6.5.3. there is a legal obligation to keep the data;
6.5.4. the Client's consent to the processing of personal data is valid, unless there is another lawful basis for the processing.

6.6. Data is stored in both paper and electronic formats on the Azure Cloud. Upon expiry of the periods referred to in paragraph 6.5 of the Privacy Policy, the data subject's data will be destroyed or deleted.
6.7. To ensure the security of Personal Data, the Company shall implement appropriate technical and organisational measures to protect Personal Data against unauthorised access, unlawful processing or disclosure, accidental loss, alteration or destruction. The Data Processor uses an SSL security certificate, so Personal Data is encrypted.
6.8. The data processing territory is the European Union and the European Economic Area (EU/EEA). The Company may transfer the Client's personal data outside the EU/EEA only if there is a legal basis - necessary to comply with a legal obligation, to conclude or perform a contract, or in accordance with the Client's  consent, and appropriate security measures have been taken as set out in the laws and regulations governing the protection of natural person data.

7.  Access to personal data and other rights and obligations of the Client

7.1. The Client has the right to receive the information required by the regulatory enactments in relation to the processing of his/her data.
7.2. The Client has the right to request the termination of the processing of his personal data, to request information on the purposes for which his personal data are used, as well as to request the transfer of his personal data in the commonly used format to himself or to third parties. In order to avoid abuse of the Client's data and rights, the application may only be submitted in a form that allows the identity of the person submitting the application to be identified (the application must be digitally signed or submitted to the Company in writing). The Company shall have the right to respond to such applications within 30 days.
7.3. A request for termination of data processing shall be deemed to be a request for termination of the Client's contract.
7.4. The Client is responsible for the data provided and is obliged to inform the Company of any changes to the Client's personal data (change of name, surname, address or contact details). The Company shall be entitled to request the Client to provide derivatives of the documents evidencing the changes and to produce the originals thereof.

8.  Client's consent to data processing and right to withdraw it

8.1. The Client may give consent to the processing of personal data for which consent is the legal basis (e.g. receipt of commercial communications, etc.) on the www.altas.lv website or on the Company's Facebook, LinkedIn, Instagram pages by filling in the application form, by emailing altas@altas.lv and info@altas.lv, by calling +371 66100650 or in person at the Company's registered office;
8.2. The Client shall have the right to withdraw consent to data processing at any time in the same manner as consent was given.
8.3. Withdrawal of consent shall not affect the processing of data carried out at the time when the Client's consent was valid.
8.4. Withdrawal of consent cannot interrupt the processing of data carried out on the basis of other legal grounds.

9.  Communication with the Client and commercial communications

9.1. The Company shall communicate with the Client using the contact information (telephone number, e-mail address, address) provided by the Client.
9.2. The Company shall communicate with you on the basis of the concluded contract (e.g. order confirmation, coordination of delivery times, information on purchases, orders and invoices, etc.).
9.3. The Company shall communicate commercial communications in accordance with the laws and regulations or with the Client's consent.
9.4. The Client may give consent to the processing of personal data, the legal basis of which is consent (for example, receipt of commercial communications, etc.) by filling in the application form on the Company's website and on the Facebook page created by the Company ALTAS IT Latvija.
9.5. The Client's consent to receive commercial communications is valid until revoked (including after termination of the service contract). The Client may at any time opt-out from receiving further commercial communications as set out in clause 11.3 of the Privacy Policy.
9.6. The Company shall stop sending commercial communications as soon as the Client's request is processed, which may be up to three days.

10.  Website visits and cookie processing

10.1. The Company's website uses cookies.
10.1.1. Cookies are small files of information that your browser saves on your computer's hard drive. They are often used as a mechanism for websites to remember useful information, such as login details, and can make a website easier to navigate.
10.1.2. Cookies are used to process data on the history of use of the website, diagnose problems and deficiencies in the functioning of the website, collect statistics on user habits, as well as to ensure the full and convenient use of the functionality of the website.
10.1.3. Cookies on the Company's website cannot identify the visitor personally. Cookies store information such as the type of device used, the browser used, activity on the website.

10.2. If you wish to restrict, block or delete cookies, you can do so by changing the settings of the browser you are using. In this case, the use of the Company's website may be disrupted and made more difficult. Deleting stored cookies is possible in the settings section of your device's internet browser by deleting the history of stored cookies.

10.3. The website uses several types of cookies for different purposes:
10.3.1. Functional cookies: cookies allow a website to remember the settings and choices you have made to make the website easier to use, for example if you want to stay logged in to the website. These cookies are used on the basis of the Company's legitimate interest to provide, improve and make the use of the website more convenient. Functional cookies are stored permanently on the device.
10.3.2. Analytical/performance cookies: these cookies allow us to recognise and count the number of visitors to the website and to see how these visitors move around the website, collect information about how the user uses the website, identify the most frequently visited sections, including the content that the user selects when browsing the website. The legal basis for the use of these cookies is the Company's legitimate interest in improving the website (the information is used for analytical purposes to find out what is of interest to website users and to improve the functionality of the website, making it more user-friendly, as well as to provide different website options). Analytical/performance cookies are stored permanently on your device. Analytical cookies only identify the user's device but do not reveal the user's identity.

10.4. The Company uses Google Analytics services, which you can opt-out of by downloading and installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout?hj=en). At the same time, Google Analytics uses the option of anonymising IP addresses to increase your privacy protection.
10.5. For more general information on cookies and how to manage them, please see www.aboutcookies.org
10.6. The Company's websites may contain links to third party websites which have their own terms of use and personal data protection, for which the Company is not responsible.

11.  Other provisions

11.1. The Client is deemed to have read and accepted the Privacy Policy and the Terms of Use of the Services Provided before placing an order, using or completing a request to become a regular client, and to have ticked the appropriate box before completing the order.
11.2. The Company shall have the right to amend the main terms of the Privacy Policy by notifying all regular Clients. The Company shall use its best endeavours to ensure that the Privacy Policy is kept up to date and is publicly available on the Company's website. Any version of the Privacy Policy published on the website shall supersede all previous versions of the Privacy Policy and shall take effect immediately upon publication.
11.3.  For all questions and problems related to the Privacy Policy or data processing, as well as in cases where the Client wishes to unsubscribe from receiving commercial communications or completely delete their data from their profile, please contact the Company via email at info@altas.lv.
11.4. The Client has the right to apply at any time to the Data Protection Inspectorate or to a court for the protection of his/her data. The Data Protection Inspectorate is also a public authority to which you can turn if you need advice or assistance in relation to the protection of your personal data.

Contact information:
"ALTAS IT" Ltd, single registration number 40103448367, registered office at Brīvības gatve 221 - 1, Riga, LV-1039, e-mail: altas@altas.lv, telephone number +371 66100650.