Politik om beskyttelse af persondata

 

1. General Provisions

1.1. This Privacy Policy describes how Eventure SIA, reg. no. 40103761635, Vienības gatve 18a, Riga, LV-1004 (hereinafter referred to as the “Data Controller”), collects, processes, and stores personal data obtained from its clients and website visitors on www.berghoff.lv / www.berghoff.lt / www.berghoff.ee (hereinafter referred to as the “Data Subject” or “You”).
1.2. Personal data means any information relating to an identified or identifiable natural person. Processing means any operation performed on personal data such as collecting, recording, altering, using, viewing, deleting, or destroying.
1.3. The Data Controller adheres to the principles of data processing as defined by law and confirms that personal data is processed in accordance with applicable legislation.

2. Collection, Processing and Storage of Personal Data

2.1. The Data Controller collects, processes, and stores identifying information primarily via the online store and email.
2.2. By visiting and using the services of the website, you agree that any provided information is used and managed in accordance with the purposes outlined in this Privacy Policy.
2.3. The Data Subject is responsible for ensuring that the submitted data is accurate, correct, and complete. Knowingly providing false information is considered a violation of this Privacy Policy. You must inform the Data Controller without delay of any changes in your personal data.
2.4. The Data Controller is not responsible for any losses incurred by the Data Subject or third parties due to the submission of false data.

3. Processing of Client Personal Data

3.1. The Data Controller may process the following personal data:
3.1.1. First and last name
3.1.2. Contact information (email and/or phone number)
3.1.3. Transaction data (purchased items, delivery address, price, payment details, etc.)
3.1.4. Any other information provided during the use of services or when contacting us
3.2. Additionally, the Data Controller has the right to verify submitted data via public registers.
3.3. The legal basis for data processing is Article 6(1) of the GDPR:
a) the Data Subject has given consent;
b) processing is necessary for the performance of a contract;
c) processing is necessary for legal compliance;
f) processing is necessary for the legitimate interests of the Data Controller or a third party unless overridden by the Data Subject’s fundamental rights.
3.4. Personal data is stored and processed as long as at least one of the following applies:
3.4.1. Data is needed for the purposes it was collected;
3.4.2. The Data Controller and/or Data Subject can assert legal interests (e.g. claims, disputes);
3.4.3. Legal obligations require data storage (e.g. accounting laws);
3.4.4. The Data Subject’s consent is valid.
Once none of the above apply, data is permanently deleted or anonymized.
3.5. To fulfill its obligations, the Data Controller may share your data with partners and processors (e.g., accountants, couriers). Payment processing is handled by makecommerce.lv, and data is passed to Maksekeskus AS.

3.6. Payment processing is provided by the payment platform makecommerce.lv, which is why our company transfers the personal data required for payment execution to the platform owner, Maksekeskus AS.
Your data may also be shared with public authorities to defend legal interests if necessary.
3.7. The Data Controller implements technical and organizational measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, or other unauthorized processing.

4. Rights of the Data Subject

4.1. Under the GDPR and Latvian law, you have the right to:
4.1.1. Access your personal data and receive a copy, and request data portability;
4.1.2. Request correction of inaccurate or incomplete data;
4.1.3. Request deletion of your data (“right to be forgotten”), unless otherwise required by law;
4.1.4. Withdraw previously given consent;
4.1.5. Restrict processing of your data;
4.1.6. Submit a complaint to the Data State Inspectorate
Requests can be submitted by email to: info@berghoff.lv

5. Final Provisions

5.1. This Privacy Policy is drafted in accordance with Regulation (EU) 2016/679 (GDPR) and the applicable laws of the Republic of Latvia and the EU.
5.2. The Data Controller reserves the right to amend this Privacy Policy at any time without prior notice. Changes take effect upon publication on www.berghoff.lv / www.berghoff.lt / www.berghoff.ee