The Controller takes care of visitors’ privacy and personal data processing, obeys visitors’ rights regarding personal data processing and lawfulness of processing in accordance with the applicable legal acts: Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (Regulation), and other applicable legal acts in the area of privacy and data processing.
1. Personal data processing Manager:
1.1. The personal data processing Manager is SIA “Skrivanek Baltic”, reg. No.: 40003626172, legal address Lāčplēša iela 87C, Riga, LV-1011, phone: (+371) 67 240 364 (hereinafter referred to as “Skrivanek”), websites: www.skrivanek.lv, www.bernunometnes.lv, www.valodumacibas.lv.
2. Personal data Processor:
2.1. Skrivanek processes the Customer’s personal data to the extent and in the manner prescribed and permitted by the laws of the Republic of Latvia and the European Union. Other Skrivanek data processors are also eligible to receive and process Customers’ data. For more information about partners, contact Skrivanek using the specified communication channels (see “Contacts” on the Skrivanek webpage).
3. Applicable laws:
3.2. Personal Data Processing Law;
3.3. Procedure for the organisation and operation of children’s camps (MK, No. 981);
3.4. The Law on the Protection of the Rights of the Child.
5. What personal data is processed by Skrivanek?
5.1. The categories of personal data processed by Skrivanek depend on the Services provided to Customers. Skrivanek is entitled to process the following personal data categories for the purposes indicated in paragraph 7 of this Policy:
5.1.1. name, surname, personal identity number/date of birth, correspondence address, telephone number and e-mail address;
5.1.2. bank details;
5.1.3. details of identity documents (document number, date and place of issue, etc.);
5.1.4. data provided by the Customer him/herself to Skrivanek;
5.1.5. video surveillance recordings and images;
5.1.6. the information required by the regulatory enactments regarding the participant’s health for the participants of the children’s camps.
5.2. Skrivanek processes such data for use of the Services for the purposes listed in paragraph 7 of this Policy:
5.2.1. Cookies (Web Browsing Data) – Information about the Skrivanek webpages (www.skrivanek.lv, www.bernunometnes.lv, www.valodumacibas.lv) (hereinafter referred to as the “Skrivanek webpages”) visits.
6. What is the legal basis for Customer Personal Data Processing?
6.1. Customer’s consent – The Customer as a personal data subject him/herself gives consent to the collection and processing of personal data for specified purposes. Customer’s consent is his/her free will and independent decision that can be made at any time, therefore allowing Skrivanek to process personal data for specified purposes. The Customer’s consent is binding if it is provided in writing (by filling out the form at Skrivanek’s office, sending an electronic request after the Customer’s identification or using the webpages www.skrivanek.lv, www.bernunometnes.lv, www.valodumacibas.lv). The Customer has the right to withdraw his/her prior consent at any time using the specified communication channels (see the “Contacts” section of Skrivanek’s webpage). The requested changes will take effect within three working days. The withdrawal of consent does not affect the legality of the processing, which was based on the consent before the withdrawal.
6.2. Conclusion and execution of an Agreement – in order to enable Skrivanek to enter into and execute an Agreement with the Customer by providing quality services and servicing the Customer, it must collect and process certain personal data collected before the conclusion of the Agreement with Skrivanek or during the time when the Agreement is already in force.
6.3. The legitimate interests of Skrivanek – Skrivanek’s interests are based on the provision of quality services and timely support to the Customer; Skrivanek has the right to process the Customer’s personal data to the extent that it is objectively necessary and sufficient for the purposes specified in paragraphs 7.1 to 7.3 of this Policy. Skrivanek’s legitimate interests include the processing of personal data through direct marketing, as a result of which the Customer is offered new and/or individual Skrivanek service offers (see also Paragraphs 8.2 and 8.3 of this Policy). Given the fact that Skrivanek is a part of SKRIVANEK Holding SE Group (see also Paragraph 12.4 of this Policy), it has a legitimate interest in processing its Customer data by sending it to other companies in the group for internal administrative purposes, including, so that SKRIVANEK Holding SE Group can offer the Customer services that serve modern needs.
6.4. Legal obligations – Skrivanek is entitled to process personal data in order to comply with the requirements of regulatory enactments and to provide answers to lawful requests of state and local governments.
6.5. Protection of vital interests – Skrivanek is entitled to process personal data in order to protect the vital interests of the Customer or other natural person, for example, if video recorded data is necessary for the prevention and detection of criminal offences.
7. What will Skrivanek process Customer Data for?
7.1. Skrivanek processes personal data to ensure the provision of quality services during the period of validity of the Agreement with Skrivanek:
7.1.1. to process customer complaints and provide support (including technical support) for the services provided;
7.1.2. to manage effective cash flow, including for the administration of the Customer’s payments and debts;
7.1.3. to inform Customers about services provided by other SKRIVANEK Holding SE Group companies;
7.1.4. for video surveillance for security purposes.
7.2. Skrivanek processes personal data to promote the development of the industry and offer new services to Customers, including:
7.2.1. the creation of new services and offers about them;
7.2.2. for analysis of the market and development of the business model, Skrivanek customer statistical data processing is carried out.
7.3. Skrivanek processes personal data to build and maintain Skrivanek’s internal processes, to ensure document circulation and other internal processes (for example, archiving of Agreements and other documents) to the extent and amount necessary.
7.4. Skrivanek has the right to process the data below and for other purposes upon receiving freely given and unambiguous consent from the Customer:
7.4.1. verification of the Customer’s personal data in debt register databases in order to assess the Customer’s ability to fulfil contractual obligations, during the validity period of the Agreement such verification is necessary in order to offer the Customer new and more modern services;
7.4.2. to promote the recognition of Skrivanek’s image in the market by sending customers good wishes, awarding bonuses, organising surveys to improve existing services and creating new services.
8. Does the Customer have the right to restrict the processing of his/her data?
8.1. Customer personal data profiling as data processing:
8.1.1. profiling is any type of automated processing of personal data, which is the use of personal data for the purpose of evaluating specific personal aspects of a natural person, in particular analysing or predicting aspects related to the personal preferences, interests, reliability, behaviour, location or movement of that individual;
8.1.2. by processing personal data of the Customer, Skrivanek can perform profiling to formulate and express individual offers. Automated individual decisions are made for business purposes only, and they will not produce legal consequences for the Customer. The Customer has the right to object to the adoption of an automated decision and not to be the subject of such a decision at any time, informing Skrivanek about it (see also the provisions of paragraph 8.3 of this Policy).
8.2. Direct marketing and the basis for sending Commercial Letters to Customers: Skrivanek carries out direct marketing by distributing commercial communications to Customers, so that Customers are always informed about new and/or directly created services for the Customers, as well as special contractual terms (for example, discounts) in accordance with the basis for the processing of personal data referred to in Paragraph 6.3 of this Policy. Customers have the right to refuse to receive commercial communications at any time and free of charge, by informing Skrivanek about it (see also the provisions of Paragraph 8.3 of this Policy).
8.3. Customers have the right to object to the profiling of their personal data (see paragraph 8.1) or to refuse to receive commercial communications (see paragraph 8.2) at any time, informing Skrivanek verbally (during a telephone conversation, after identification of the Customer, by calling (+371) 67 240 364) or in writing (by filling out the form at Skrivanek’s office, by sending an electronic request to [email protected] or by visiting the Skrivanek office. The requested changes will take effect within three working days. Changes will not affect the legality of the processing of personal data before the Customer’s objections and/or refusal specified in this clause.
9. What are cookies and how can Skrivanek process them?
9.1. Cookies are small data files that are important for providing certain website features (such as logging in). Cookies allow websites to remember a variety of settings, such as language, fonts and other options that you have chosen to display on webpages. Therefore cookies are stored on your computer. This is how most of the major webpages and service providers work.
9.2. Using cookies, common user behaviour and site usage history is processed, problems and disadvantages are detected on the site, user behaviour statistics are collected, and full and easy use of site functionality is provided.
10. How does Skrivanek acquire Customer Data?
10.1. Skrivanek obtains Customer Personal Data when Customers:
10.1.1. acquire Skrivanek services (at the Skrivanek office or remotely with previous Customer identification);
10.1.2. subscribe for news, announcements or other services from Skrivanek;
10.1.3. ask Skrivanek for more information about the service or contact Skrivanek regarding complaints or requests for information, by identifying the Customer;
10.1.4. participate in contests, lotteries or surveys;
10.1.5. visit or browse Skrivanek websites;
10.1.6. are filmed with Skrivanek Video Surveillance at Skrivanek.
10.2. Skrivanek may process Customer personal data received from third parties if the Customer has agreed to it (for example, from holders of debt register, etc.).
10.3. Skrivanek may process Customer personal data about the Customer from other companies, SKRIVANEK Holding SE Group companies and affiliates (see Paragraph 12 of this Policy).
11. What is the Customer's personal data processing time?
11.1. Skrivanek will process Customer Data while there is at least one of the following conditions:
11.1.1. the Agreement between the Customer and Skrivanek is in force;
11.1.2. the term for the storage of personal data is specified or arising from the laws of the Republic of Latvia and the European Union;
11.1.3. as much as is necessary for the realisation and protection of the legitimate interests of Skrivanek;
11.1.4. until the Customer’s consent to the processing of personal data has been revoked.
Customer’s personal data is deleted no later than three months after the original reason for retention no longer applies, unless we have a legal obligation to continue to retain such data (for, but not limited to, accounting or court proceeding purposes).
12. Customer Data Sharing:
12.1. In order to provide the Services to the Customers, Skrivanek may share personal data with:
12.1.1. SKRIVANEK Holding SE Group companies;
12.1.2. partners or institutions involved in the provision of services ordered or used by the Customer;
12.1.3. debt collection companies, credit information offices, proprietary database holders or other debt recovery organisations;
12.1.4. assignees – In order to ensure efficient cash flow management, Skrivanek has the right to assign a claim to the debtor or debtors.
12.2. Skrivanek has an obligation to provide personal information to the following authorities and services:
12.2.1. law enforcement authorities, the court or other state and local government institutions, if this is evident from the regulatory enactments or at the request of information of the relevant institution;
12.3. Skrivanek will only provide the Customer’s personal data in the necessary and sufficient amount in accordance with the requirements of the regulatory enactments and the objective circumstances of the particular situation.
12.4. Skrivanek reserves the right, if necessary, to transfer Customer personal data to other SKRIVANEK Holding SE Group companies or service providers if this is necessary for the provision of better and high-quality services to Customers. For information about SKRIVANEK Holding SE Group companies, debt collection agencies, credit information offices, debt register database holders or other debt recovery organisations, assignees can contact Skrivanek using the specified communication channels (see “Contacts” on the Skrivanek webpage).
13. How does Skrivanek protect the Customer's personal data at its disposal?
13.1. Skrivanek provides, continually reviews and improves protection measures to protect the Customer’s personal data from unauthorised access, accidental loss, disclosure or destruction. To ensure this, Skrivanek uses modern technology, technical and organisational requirements, i.e. Using Firewalls, Intrusion Detection, Analysis Software, and Data Encryption.
13.2. Skrivanek carefully scrutinises all service providers that process personal data of the Customer on behalf of and in the name of Skrivanek, as well as assesses whether the cooperation partners (data controllers) are taking appropriate security measures in order to process the Customer’s personal data in accordance with the Delegation of Skrivanek and the requirements of the regulatory enactments. Cooperation partners are not allowed to process the Customer’s personal data for their own purposes.
13.3. Skrivanek assumes no responsibility for any unauthorised access to personal data and/or loss of personal data if it is independent of Skrivanek, for example, due to the Customer’s fault and/or negligence.
13.4. In the event of a threat to the Customer’s personal data, Skrivanek will notify the Customer of this.
14. What rights do the Customers have?
14.1. To contact Skrivanek for a copy of personal data at Skrivanek.
14.2. To correct all personal data held by Skrivanek about yourself giving notification about changes by sending an e-mail electronically to [email protected], by calling (+371) 67 240 364 or at the Skrivanek office.
14.3. Customers have the right to obtain information about those natural or legal persons who have received information about them for a certain period of time from Skrivanek. Skrivanek will not provide the Customers with information about the state institutions that are guiding criminal proceedings, the subjects of the operational activities or other institutions for which the law prohibits the disclosure of such information.
14.4. To request the deletion or limitation of the processing of personal data that is no longer necessary for processing in accordance with the purposes for which they were collected and processed (right to be forgotten).
14.5. To contact the supervising institution of Skrivanek or personal data processing (Data State Inspection, www.dvi.gov.lv) in connection with issues related to the processing of personal data.
14.6. To contact the Skrivanek Data Protection Specialist for information on processing and protecting the customer’s personal data.
14.7. To have access to its personal data within one month of submission of the relevant request. The Client may submit a request for the exercise of his/her rights in writing at the legal address of the Controller (upon the presentation of a personal identification document) or by e-mail, signing the request with a secure electronic signature. Upon receiving the Customer’s request for exercising his/her rights, the Controller verifies the identity of the data subject, evaluates the request and executes it in accordance with applicable laws and regulations.
15. Providing online interpreting and learning process
15.1 In order to provide high-quality customer service, we also organise interpreting and language training services on the cloud-based video and voice communication platforms Zoom or Microsoft Teams.