1.1. This policy applies where we are acting as a data controller with respect to the personal data of regular website visitors and those who have filled in the contact form
1.2. We determine the purposes and means of the processing of that personal data.
1.3. In this policy, "we", "us" and "our" refer to SIA "Anyfor".
1.4. We are registered in Latvia under registration number 40103520457, and our registered office is at Maza Briezu 3, Mārupe, Latvia.
1.5. Our principal place of business is at Maza Briezu 3, Mārupe, Latvia.
1.6. You can contact us via [email protected]
1.7. Data protection officer
1.8. We have appointed a data protection officer to oversee compliance with this privacy notice. Data protection officer is liable for monitoring compliance with this Regulation, in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising, and training of staff involved in processing operations, and the related audits; providing advice where requested as regards the data protection impact assessment and for all decisions of matters relating to privacy and data protection. If you have any questions about this privacy notice or how we handle your personal information, please contact the Data protection officer. This Data Protection Officer can be reached at the following address: [email protected]
2. Data usage
2.1. The "usage data" data about your use of our website and services.
2.2. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
2.3. The source of the usage data is our analytics tracking system - Google Analytics. This usage data may be processed for the purposes of analysing the use of the website and services.
2.3. The legal basis for this processing is your consent.
2.4. We may process "enquiry data".
2.5. "enquiry data" is an information contained in any enquiry you submit to us regarding our services via our website.
2.6. The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is consent.
2.7. Please do not supply any other person's personal data to us, unless we prompt you to do so.
3. About cookies
3.2. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
3.3. Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
3.4. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. Cookies help us to analyse the use and performance of our website and services.
4. Providing your personal data to others
4.1. We share your information with third parties, including service providers, regulated institutions, affiliated entities, and business partners for such purposes and under such circumstances:
4.2. With our service providers and affiliates – to assist us with the provision of the Services and our everyday business purposes, such as to verify your identity, prevent fraudulent activity, conduct internal research and analytical assessments, and maintain your account(s);
4.3. With fraud prevention and detection service providers - for the purpose of detecting and preventing fraudulent activity. Such service providers may keep records of information provided and use it when providing fraud detection and prevention services to other users of their databases;
4.4. With our service providers and our affiliates – to market our own products and services and with non-affiliated third parties for joint marketing purposes;
4.5. In response to legal process – to comply with the law, a judicial proceeding, subpoena, court order, or other legal process.
4.6. In connection with business transfers – to another entity if we are acquired by or merged with such other entity, if substantially all of our assets are transferred to such other entity, or as part of a bankruptcy proceeding.
4.7. To protect us and others – we may disclose your information when we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms and Conditions or this Policy, or as evidence in litigation in which we are involved.
5. Retaining and deleting personal data
5.1. We will retain your "usage data" for a minimum period of 6 months, and for a maximum period of 12 months.
5.2. We will retain your "enquiry data" for a minimum period of 6 months, and for a maximum period of 12 months.
5.3. We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
6. Your rights
6.1. The legal basis for our processing of your personal data is consent.
6.2. Your principal rights under data protection law are:
- the right to access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to object to processing;
- the right to data portability;
- the right to complain to a supervisory authority; and
- the right to withdraw consent.
6.3. You have the right to confirm the data processing and then access the gathered personal data together with an information about purposes of the processing and the recipients of the processing. We will supply a copy of your personal data via email.
6.4. You have the right to rectify any incomplete or inaccurate personal data. Please contact [email protected] with inquiry accordingly.
6.5. You have the right to erasure your personal data in case:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law;
- the personal data have been unlawfully processed
The personal data can't be erased in a case when its needed for
exercising the right of freedom of expression and information;
for compliance with a legal obligation;
for the establishment, exercise or defense of legal claims.
6.6. You have the right to restrict the processing of your personal data in case:
- you contest the accuracy of the personal data; processing is unlawful but you oppose erasure;
- we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims;
- and you have objected to processing, pending the verification of that objection.
6.6.1. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
6.7. You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
6.8. You have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
6.9. If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
6.10. To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
6.11. You may exercise any of your rights in relation to your personal data by email to [email protected]
7.1. We may update this policy from time to time by publishing a new version on our website.
7.2. You should check this page occasionally to ensure you are happy with any changes to this policy.
7.3. We may notify you of significant changes to this policy by email.
8. Storing personal data
8.1. We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial controls to safeguard and secure the information we collect online.
8.2. All information you provide us will be transferred over the https protocol in order to provide a safety and privacy.
8.3. All information you provide us will be stored on a secure server provided by “Digital Ocean”. The full list of security compliance is provided here: https://www.digitalocean.com/security/compliance/
8.4. We review our information collection, storage, and processing practices, including physical security measures, to guard against unauthorized access to systems.