ENGPrivacy Policy
We are very delighted that you have shown interest in our enterprise. Data protection is one of a particularly high priority for the management of the PeepPlay. As data controller, SIA PeepPlay ("we", "us") is required to protect your personal data, and our aim is to make you feel secure when we process your personal data as we recognise and respect the importance of your privacy. This Privacy policy explains how we process (e.g. collect, use, share and otherwise process) your personal data when you visit our webshop - www.peep.lv ("the Webshop").
We will process personal data about you in accordance with this Privacy policy, as well as applicable law, including the General data protection regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (here in after the "GDPR") and any amendments thereto and other such legislation supplementing these rules.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR)
1.About company
The company responsible for the processing of your personal information is: SIA peepPlay, address- Ausekļa iela 15a-5, Lielvārde, Ogres novads, Latvia, LV 5070.
2. Why do we process your personal data?
2.1. When you make purchases in our Webshop we collect your name, address, e-mail address, phone number, the items you purchase and the price as well as delivery information. We will also process information on the payment card used as well as any information on returns. Please note that we will not process your card number.
The purpose of our processing is to provide you with the products you have ordered and to facilitate returns. We will also process information necessary to comply with legal requirements, including in relation to bookkeeping and accounting. This processing of personal data is necessary for the performance of the contract and to comply with a legal obligation (GDPR art. 6(1) (b) and (c)).
2.2. In case you file a claim that a product is defective we will process your name and contact information as well as information provided by you in connection with filing of the claim and our correspondence.
Processing of your personal data is necessary for the performance of the contract with you (GDPR art. 6(1) (b)). Processing may also be necessary to comply with a legal obligation, to pursue a warranty claim or for our legitimate interest to improve quality of our products and services (GDPR art. 6(1) (c) and (f)).
2.3. In case you contact us by using a form, we will process your name and contact information as well as information provided by you in connection to submitting the form and our correspondence. These data will be handled in accordance with this Privacy policy.
2.4. When you visit our Webshop, we collect cookies and other data about you and the way you use the Webshop e.g. your browser type, how much you use a specific function, items in your basket and your IP-address.
The purpose of our processing is to optimise the user experience and the Website’s functionality including creating statistics. This processing of personal data is necessary in order for us to pursue our legitimate interest in operating and improving the Webshop (GDPR Art.6(1)(f)). Please see the separate Cookie policy for further details [link].
If we intend to process your personal data for other purposes than those for which the personal data were initially collected, we will - prior to this further processing - inform you of the new purpose.
3. How do we collect personal information about you?
We will collect some of the personal data about you directly from you, for example when you make purchases on the Webshop.
4. Who do we share your personal information with?
We may share your personal information with:
a)
Suppliers and vendors that we work with, such as supplier of products that we
sell.
b) Third parties who process personal data on behalf of us,
and therefore acts as our data processors. We have entered into data processing
agreements that comply with article 28 of the GDPR with all our data processors
to ensure that such data processors implement appropriate organisational and
technical security measures in such a way that the processing complies with the
requirements of the GDPR and ensures the protection of your rights.
c)Public authorities such as tax authorities.
d)
We may share some information regarding your use of the Webshop with external
service providers for analytical purposes by means of cookies or similar
techniques. We only share such information if you accept the use of cookies.
You can opt-out at any time.
e) Providers of payment solutions when handling payment of
your webshop purchases.
From time to time, we may also need to disclose
personal information to other parties, such as any person (natural or legal) or
organization to whom we may be required by applicable laws to disclose personal
information, including, but not limited to, law enforcement authorities,
financial institutions, and central and local government.
Personal information may also be disclosed in connection with a corporate
restructuring, sale, or assignment of assets, merger, divestiture, or other
changes of the financial status of us or any of our affiliated entities.
5. For how long will we retain your personal information?
We will retain your personal information only for as long as it is necessary for the purposes for which the data was collected or later processed. As a general rule, we will store data on customer contracts and purchases for five (5) years from the end of the year, where the contract was entered into or the purchase completed to comply with our legal obligations.
If necessary, in order to fulfil the purposes mentioned above, we will store your information for an extended period. We may also retain your personal information for a longer period if we are legally required to do so or if retention is necessary for the establishment, exercise or defense of legal claims.
Information processed in relation to customer claims will be deleted five (5) years after the case has been closed
6. What if the provision of your personal information is mandatory?
In some cases, the provision of at least some of your personal information is a requirement necessary to enter into a contract.
Therefore, if you refuse to share such personal data, we may not be able to provide the services you request.
7. What are our security measures?
We will implement security measures to protect your personal data against manipulation, loss, destruction, and against unauthorized access. We continuously revise our security procedure based on the newest, technological developments.
8. What are your rights?
In general, you have the following rights:
• You have the
right to request access to and rectification or erasure of your personal data.
• You also have the right to object to the processing of your personal data and
have the processing of your personal data restricted.
• If processing
of your personal information is based on your consent, you have the right to
withdraw your consent at any time. Your withdrawal will not affect the
lawfulness of the processing carried out before you withdrew your consent.
• You have the right to receive your personal information in a structured,
commonly used and machine-readable format (data portability).
There may be conditions or limitations on these rights. It is therefore not certain for example you have the right of data portability in the specific case - this depends on the specific circumstances of the processing activity. Also, if you request to have your personal data deleted for example, we may not be able to provide the services you request.
You may always lodge a complaint with the Latvia Data Protection Agency or to the data protection authorities in the country where you live or where you consider a breach of data protection law has occurred.
