1. Personal data controller is SIA DIGIBRAND ( Digibrand), reg. No. 40003844150, legal adress Riga, Kursu str. 25a-6, LV-1006.
2. Contact information on issues related to the processing of personal data is firstname.lastname@example.org .
4. Digibrand takes care of Customers' privacy and personal data, observes the rights of the Clients to the lawfulness of personal data processing in accordance with the applicable legal acts- Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (Regulation) and other applicable privacy and data processing legislation.
7. Personal data is collected from both the data subject and external sources. The categories of personal data that are mostly, but not exclusively, collected and processed are: 7.1. identification data - name, surname, personal identification code, date of birth; 7.2. contact information - address, telephone number, e-mail address; 7.3. professional data - education, position, place of work; 7.4. data obtained and / or created in the performance of duties provided for in regulatory enactments.
8. Digibrand processes personal data:8.1. To provide services: - customer identification;- for the preparation, conclusion and proof of the fact of conclusion of the contract; - settlement administration;- maintaining and improving websites and mobile applications;- to run social media contest on behalf of agency client.8.2. For business planning and analytics;8.3. For information, information systems and enterprise security;8.4. For the provision of information to public administration institutions and subjects of operational activities in the cases and to the extent specified in external regulatory amount.
9. Legal basis for personal data processing:- for the conclusion and performance of the contract and for the conclusion and enforcement of the contract;- for the fulfillment of regulatory enactments - in order to fulfill an obligation specified in binding external regulatory enactments;- in the legitimate interests - to realize the legitimate interests of Digibrand arising from the obligations existing between Digibrand and the Customer or the concluded agreement or law;- to ensure the vital interests of the data subject or another natural person - to ensure the physical and property security of Digibrand employees, Customers and visitors.Digibrand legitimate interests are:- to carry out commercial activities;- provide services;- to ensure the fulfillment of contractual obligations;- analyze the operation of Digibrand websites, websites and mobile applications, develop and implement their improvements;- prevent fraud;- provide corporate governance, financial and business accounting and analytics;- to ensure efficient company management processes;- to ensure and improve the quality and efficiency of services;- administer payments;- in public administration and operational activities and in court to protect their legal interests;- to inform the public about its activities.
10. Digibrand processes Customer's data using the capabilities of modern technology, taking into account existing privacy risks and Digibrand's reasonably available organizational, financial and technical resources.
11. Digibrand protects Customer's data using modern technology, taking into account existing privacy risks and Digibrand's reasonably available organizational, financial and technical resources, including the following security measures:11.1. data encryption when transmitting data;11.2. firewalls;11.3. intrusion protection and detection programs;11.4. other protection measures in accordance with the current technical development possibilities.
12. Personal data may be transferred to recipients, for example:12.1. law enforcement authorities;12.2. auditors, accountants or other processors of personal data;
13. Personal data is processed in the European Union / European Economic Area (EU / EEA).
14. Digibrand stores and processes the Customer's personal data as long as at least one of the following criteria exists:14.1. as long as the agreement concluded with the Client is valid;14.2. the data are necessary for the purpose for which they were received;14.3. while Digibrand or the Customer may realize its legitimate interests (for example, submit objections or bring or bring a claim to court) in accordance with the procedures specified in external regulatory enactments;14.4. as long as one of the parties has a legal obligation to keep the data (for example, according to the Accounting Law, the company must keep the invoices issued for 5 years, etc.);14.5. as long as the Customer's consent to the relevant personal data processing is valid, if there is no other legal basis for data processing.After the circumstances referred to in this paragraph cease, the Customer's personal data shall be deleted.
15. The customer has the right to receive the information specified in regulatory enactments in connection with the processing of his data.
16. In accordance with regulatory enactments, the Customer also has the right to request Digibrand access to his personal data, as well as to request Digibrand to supplement, correct or delete them or restrict processing in relation to the Customer, or the right to object to processing (including processing of personal data legitimate interests of Digibrand) as well as the right to data portability. This right shall be exercised in so far as the processing of the data does not result from Digibrand's obligations under the laws and regulations in force and which are carried out in the public interest.
17. The Client may submit a request for the exercise of his rights:17.1. in writing in person, presenting an identity document;17.2. in the form of electronic mail, signing with a secure electronic signature.
18. Upon receipt of the Customer's request for the exercise of its rights, Digibrand verifies the Customer's identity, evaluates the request and executes it in accordance with regulatory enactments.
19. Digibrand shall send the response to the Customer electronically or by post to the contact address indicated by him/her, or taking into account the type of receipt of the response specified by the Customer.
20. Digibrand ensures the fulfillment of data processing and protection requirements in accordance with regulatory enactments and in case of the Customer's objections performs useful actions to resolve the objection. However, if this fails, the Customer has the right to apply to the supervisory authority - the Data State Inspectorate.