Privacy Policy

Thank you for visiting our website. The protection of your personal data is very important to us.

1. General

SIA "Baltic Photonics", reg.nr. 40203506411, Legal address. Valdemāra iela 37-5, Rīga, LV - 1010 (hereinafter - the Controller), on the Internet site www.balticphotonics.lv (hereinafter - the Site) carries out processing of personal data obtained from the data subject - the user of the Site (hereinafter - the User).

The Controller takes care of the User's privacy and personal data protection in accordance with the General Data Protection Regulation (GDPR), respects the User's right to lawful processing of personal data in accordance with the applicable legislation: the Regulation of the European Parliament and of the Council of 27 April 2016 No 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the Regulation) and other applicable legislation in the field of privacy and data processing. 
In light of the above, the Controller has developed this Privacy Policy for the purpose of providing the User with the information required by the Regulation.

The Privacy Policy applies to the processing of data regardless of the form and/or medium in which the User provides personal data (Website, paper or telephone).

User Data is collected either by the User providing it to us by visiting the Website. This is mainly technical data (such as internet browser, operating system or page view time). This data is collected automatically as soon as the user visits the website.

2. Purposes of processing, legal basis for processing

If the User provides the Controller with personal data such as name, surname, personal identification number, e-mail or postal address, telephone number, personal messages, etc. via the Site's contact forms, e-mail or other mail, the Controller stores and uses this information for the performance or conclusion of the relevant service contract.

The User's personal data will not be transferred to third parties outside the scope of the performance of this agreement without the User's express consent or legal basis. After the execution of the contract, the User's data shall be blocked against further use. After the expiry of the tax and commercial regulations, these data are deleted unless the User has expressly consented to their further use.

The website of the controller contains a contact form that can be used for electronic communication. If the User sends us a request using the contact form, the Data Controller will store the User's data from the request form, including the contact details provided therein, in order to process the request and in case of further questions. If the User contacts the Controller by e-mail or telephone, the User's request, including all personal data resulting from it (name, surname, request), will be stored and processed to enable the Controller to process the User's request. The Data Controller will not pass on this data without the User's consent.

The processing of such data by the Controller is necessary for the identification of the customer, the preparation, conclusion and proof of the conclusion of the contract, the operation/maintenance of the services, customer service, the examination and processing of applications and objections, the administration of payments, and other purposes directly related to the conclusion or performance of contracts.

The legal basis for processing is Article 6(1)(b) of the Regulation, which provides that processing is lawful if the processing is necessary for the performance of a contract or for taking measures at the request of the data subject prior to entering into a contract.

3. Categories of personal data

Categories of personal data - name, surname, personal identification number, job title, email or postal address, IP address, telephone number, content of the message or letter, etc.

4. Categories of recipients of personal data

The data will be disclosed to those employees of the Data Controller who need it to perform their direct duties in order to perform or conclude the relevant service contract.

When obtaining and using personal data, the Controller partly uses the services of external service providers who, in accordance with the contract, strictly comply with the Controller's instructions and who are under the Controller's constant control before the use of the service and in the future.

5. Categories of data subjects

Categories of data subjects - current, former and potential customers of the Controller.

6. Transfer of data outside Latvia

The data received is not and will not be transferred outside Latvia, the European Union or the European Economic Area, nor will it be transferred to any international organisation.

7. Information about cookies

This website does not use cookies.

8. Duration of data retention

Unless otherwise stated in the data protection instructions, we will delete personal data at the latest three months after the original reason for retaining the data no longer applies, unless we are legally obliged to continue to retain the data (for example, but not limited to, for accounting or litigation purposes).

9. Data subject access to personal data

The data subject shall have the right to obtain access to the personal data of the data subject within one month from the date of the request. 
The user may submit a request for the exercise of his/her right in writing in person, at the Controller's registered office (on presentation of an identity document) or by e-mail, signed with a secure electronic signature.

Upon receipt of the User's request to exercise his/her rights, the Manager shall verify the User's identity, assess the request and execute it in accordance with the laws and regulations.

The User has the right to receive the information required by the regulatory enactments in relation to the processing of his/her data, the right to request access to his/her personal data, as well as to request the Controller to supplement, correct or delete them, to restrict processing or to object to processing, insofar as these rights do not conflict with the purpose of data processing (conclusion or performance of contracts).

The data subject does not have the right to receive information if the disclosure of such information is prohibited by law in the field of national security, national defence, public security, criminal law, as well as for the purpose of safeguarding public financial interests in tax matters or the supervision of financial market participants and macroeconomic analysis.

10. Right to lodge a complaint with the supervisory authority

The data subject has the right to lodge a complaint with the supervisory authority (the State Data Inspectorate) at 11/13 Blaumaņa Street, Riga, the State Data Inspectorate also accepts electronic mail received at the following electronic mail address: info@dvi.gov.lv.

11. Changes to the Privacy Notice

This privacy notice is constantly adapted as the Internet environment or the controller's offerings evolve. The user will always find the current version on this website.