<\/p>\n
LLC \u201cJ\u0101\u0146a s\u0113ta\u201d<\/strong> 1. Scope and area of application of the privacy policy<\/strong><\/p>\n 1.1. This privacy policy notice (hereinafter also referred to as the Policy) has been drawn up pursuant to the Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC (General Data Protection Regulation), hereinafter referred to as the Regulation.<\/p>\n 1.2. The aim of this Policy is to provide the personal data subject \u2013 identifiable natural persons (hereinafter referred to as the Data Subject, or You) \u2013 information on how the personal data processing controller \u2013 LLC \u201cJ\u0101\u0146a s\u0113ta\u201d (hereinafter referred to as the Controller) \u2013 collects, processes, stores, shares, erases and protects the personal data of natural persons. The Policy aims to protect the interests and freedoms of the Data Subject, ensuring at the same time that personal data are processed lawfully, fairly and transparently to the Data Subject. 1.4. This notice is applicable to the processing of natural persons\u2019 personal data regardless of the form and\/or environment in which the natural person provides his or her data (in person, by visiting the premises, in verbal communication, in writing, by mail, by telephone, digitally or via other technical means of communication, including mass media, application software, etc.), as well as regardless of the source from which the person\u2019s data are obtained or what systems the Controller uses to process the data.<\/p>\n <\/p>\n 2. Personal data processing controller and contact details<\/strong><\/p>\n 2.1. The personal data processing controller mentioned in this Policy is LLC \u201cJ\u0101\u0146a s\u0113ta\u201d (Unified Registration No. 40003426448), whose contact details are: 2.2. The personal data processing controller determines what data shall be collected, for what purposes, and how they are processed.<\/p>\n 3. How will You be informed about personal data processing?<\/strong><\/p>\n 3.1. To ensure a transparent data processing, the Controller informs and explains what personal data are being processed as part of the Controller\u2019s business operations and how they are being used. The aforementioned information is being provided in this Policy, and separate information shall be provided on websites where You will be asked to enter your personal data, for instance, our website www.kartes.lv<\/a> as You register the Purchase.<\/p>\n 4. What are the applicable laws and regulations?<\/strong><\/p>\n 4.1. Personal data shall be collected and processed pursuant to the following laws and regulations: 4.1.2. Personal Data Processing Law; 5. What is personal data?<\/strong><\/p>\n 5.1. Personal data is any information that relates to an identified or identifiable natural person (Data Subject). An identifiable natural person is a person that can be directly or indirectly identified, specifically referring to an identifier, for instance, the person\u2019s name, surname, identification number, location data, online identifier or one or several factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.<\/p>\n 6. WHAT ARE THE PURPOSES (OBJECTIVES) OF PERSONAL DATA PROCESSING?<\/strong><\/p>\n The Controller has defined the following purposes (objectives) of personal data processing as part of business operations:<\/p>\n 6.1 Personal data are processed for the purpose of enabling business operations, conclusion of agreements and fulfilment of contractual obligations, as well as for the purpose of the Controller\u2019s legitimate interests.<\/p>\n 6.1.1. What personal data does the Controller process?<\/strong> For instance, when the Data Subject expresses the wish to purchase one of our products at the www.kartes.lv<\/a> store, we will ask You to indicate your name, surname, address of delivery and e-mail to which we will send information about Your order and a phone number that will be used for communication about Your order or specify delivery details, for instance, to agree the delivery time with the courier.<\/p>\n While processing Your order at www.kartes.lv<\/a>, we also process the technical information relating to your visit on our website \u2013 we will save Your IP address, time of connection, No. of your device. For details, please see our cookie notice.<\/p>\n 6.1.2. What is the legal basis of personal data processing?<\/strong> In cases where the parties have entered into an agreement (an order has been made), the Controller, pursuant to the Law on Accounting, applies subparagraph c) of paragraph 1 of Article 6 of the Regulation – processing is necessary for compliance with a legal obligation to which the controller is subject. Namely, a billing invoice is being prepared, transactions are registered.<\/p>\n In all cases where the parties have entered into an agreement (an order has been made), the Controller, pursuant to the Law on Accounting, applies subparagraph f) of paragraph 1 of Article 6 of the Regulation \u2013 processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests of fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. The Controller applies subparagraph f) of paragraph 1 of Article 6 of the Regulation also to secure evidence to prove the circumstances of communication before the conclusion of a contract during its performance. For instance, to organize the Controller\u2019s business operations and fulfilment of the contracts that has been concluded with You, communicate with You and\/or state and\/or municipal authorities, investigate cases where complaints have been received about the quality of a service\/product, to conduct after-control, to improve the provision of services, as well as to secure evidence in case of complaints, claims or legal action. For the purpose of the Controller\u2019s legitimate interests, we also process technical data relating to the visit of the website and circumstances in which the order has been placed. Such data processing is necessary to ensure a safe usage of the website and processing of the data entered therein.<\/p>\n 6.1.3. What is the time period of data processing?<\/strong> When the retention period for data expires, the personal data shall be irretrievably erased unless a complaint about interaction are received. In such cases the Controller, based on legitimate interest, can retain all or part of the information until the issue is fully resolved. (i.e., ten-year limitation period stipulated in the Civil Law or the date on which the court verdict comes into force).<\/p>\n Technical information on the accessing of the website will be retained for up to two weeks. Please see detailed information in the cooky policy.<\/p>\n 6.1.4. Who does access information and to whom is it disclosed?<\/strong> Personal data can be transferred to the Controller\u2019s processors such as suppliers of goods, debt collectors, legal services providers, couriers, payment institutions, financial advisors, auditors and other consultants in accordance with the terms of the contract concluded between the parties. Personal data can be disclosed to law enforcement authorities, court or other state or municipal authorities if the respective institutions are authorized to receive the requested information (for instance, the State Revenue Service may request information about You as a party of a transaction, etc.). To protect the Controller\u2019s legitimate interests, personal data can be disclosed when taking legal action in court or other state institutions against the person who has infringed on the Controller\u2019s legitimate interests.<\/p>\n Personal data shall not be transferred to a recipient in a country outside the European Union or the European Economic Area.<\/p>\n 6.2. Retaining and recording of incoming and outgoing communication (e-mail, conventional mail) to ensure fulfilment of contractual obligations, fulfilment of the Controller\u2019s obligations and pursuing the Controller\u2019s legitimate interests.<\/p>\n 6.2.1. What personal data does the Controller process?<\/strong> 6.2.2. What is the legal basis of personal data processing?<\/strong> 6.2.3. What is the time period of personal data processing? <\/strong> If the accounting records are updated in connection with the received correspondence, the respective information is retained in accordance with the laws and regulations on accounting records, i.e., for 5 years.<\/p>\n After the end of the retaining period, personal data shall be irretrievably erased.<\/p>\n 6.2.4. Who can access information and to whom is it disclosed?<\/strong><\/p>\n Recipients of personal data can be employees authorized by the Controller in accordance with the scope of their work duties and requirements stipulated in laws and regulations, as well as providers of legal services, law enforcement, controlling, supervisory and inspecting authorities.<\/p>\n Personal data shall not be disclosed to recipients outside member states of the European Union or the European Economic Area.<\/p>\n 6.3. Personal data processing for the purpose of displaying corporate information in the mass media, the website administered by the Controller and social networks with the aim to promote and raise the profile of a brand and its products.<\/strong><\/p>\n 6.3.1. What personal data does the Controller process?<\/strong> 6.3.2. What is the legal basis of personal data processing?<\/strong> When selecting information for publication in mass media, on the Controller\u2019s website, or social network platforms, the Controller shall always make sure Your rights and freedoms as the Data Subject are not infringed upon. The Controller shall respect a person\u2019s rights to privacy. The Controller is aware that they do not know all facts and circumstances pertaining the possible impact of said actions. Therefore, to ensure an ethical data processing, any person has the opportunity to contact the Controller and object to the display of their data on the Controller\u2019s website or social network platforms. In such cases, the Controller has to be informed by sending an e-mail to the e-mail address provided in this Policy.<\/p>\n 6.3.3. <\/strong>What is the time period of personal data processing?<\/strong> 6.3.4. <\/strong>Who can access information and to whom is it disclosed?<\/strong> The Controller informs that for the purpose of data processing, personal data are processed in the electronic environment on the social network platforms managed by the Controller (facebook.com, Instagram.com, youtube.com, etc.), and the processers chosen by the Controller (facebook.com, Instagram.com, youtube.com, etc.) shall be recognized as enterprises operating outside member states of the European Union and the European Economic Area, therefore, the Controller offers to read the privacy policies of these enterprises (for instance, facebook.com privacy policy: https:\/\/www.facebook.com\/privacy\/explanation<\/a>, instagram.com privacy policy: : https:\/\/help.instagram.com\/519522125107875<\/a>) or to request the Controller to provide additional information on the terms of cooperation.<\/p>\n In compliance with data processing ethics, the Controller explains that, since the purpose of the given data processing is to publish information on the Controller\u2019s events, the obtained materials will be made publicly accessible and any third person will be able to access them.<\/p>\n 6.4. Processing of personal data for the operation of navigation services and the best route service.\u00a0<\/strong><\/p>\n 6.4.1. What personal data does the Controller process?\u00a0<\/strong><\/p>\n Balticmaps Android app uses the user’s location and route information to provide navigation services and the best route selection. Balticmaps Android app collects the user’s location data in an anonymized form, without saving any other user information. The location information of the device running the Balticmaps Android app is sent to the Controller’s servers after the user has activated the navigation functionality in the app.<\/span>\u00a0<\/span><\/p>\n 6.4.2. What is the legal basis of personal data processing?\u00a0<\/strong><\/p>\n The anonymized collection of users’ location fully complies with the requirements of regulatory acts, including Regulation (EU) 2016\/679 of the European Parliament and Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. The processing of users’ location data in this case is not implemented as a measure, evaluating personal aspects relating to the user which is based only on automated processing. Anonymized data collection guarantees that there are no possible risks to the rights and freedoms of natural persons, thus ensuring full compliance with the requirements of Paragraph 75 of the European Parliament and Council Regulation (EU) 2016\/679.<\/span>\u00a0<\/span><\/p>\n 6.4.3. What is the period of personal data processing?\u00a0<\/strong><\/p>\n To achieve the goal, the Controller will keep the information for no longer than five years. In most cases, location data will be stored for no longer than three months.<\/span>\u00a0<\/span><\/p>\n 6.4.4. Who accesses the information and to whom is it disclosed?<\/strong>\u00a0<\/span><\/p>\n Location data without information about the users from whom the data is collected will be used in the operation of data services to provide navigation services and the best route selection.<\/span>\u00a0<\/span><\/p>\n Recipients of location data can be employees authorized by the Controller in accordance with the scope of their work duties and in compliance with the requirements set forth in regulatory acts.<\/span>\u00a0<\/span><\/p>\n 7. Rights of the Data Subject<\/strong><\/p>\n 7.1. How will the Data Subject be informed about the processing of their data? <\/strong> 7.2. Rights to access personal data and edit them.<\/strong> \u2013 What data of the Data Subject are at the Controller\u2019s disposal; \u2013 Categories of personal data recipients (persons to whom the personal data have been or will be disclosed, provided that laws and regulations allow the Controller to disclose such information in this particular case);<\/p>\n \u2013 Information about the time period for which the personal data will be retained or criteria used to set the data retention period.<\/p>\n 7.2.2. If the Data Subject considers that the information at the Controller\u2019s disposal is outdated, inaccurate or incorrect, the Data Subject is entitled to request an updating of his or her personal data.<\/p>\n 7.2.3. The Data Subject is entitled to request that his or her personal data be erased or object to processing thereof if the person considers that the personal data have been processed illegally or that they are no longer serving the purpose for which they were obtained and\/or processed (exercising the \u201crights to be forgotten).<\/p>\n 7.2.4. The Controller informs that the Data Subject\u2019s personal data cannot be erased if personal data processing is necessary in the following cases:<\/p>\n \u2013 For the Controller to protect vital interests, including life and health, of the Data Subject or other natural person;<\/p>\n \u2013 For Controller or a third person to exercise or protect legitimate (legal) interests;<\/p>\n \u2013 Data processing is necessary pursuant to laws and regulations to which the Controller is subject. \u2013 The Data Subject disputes the accuracy of the personal data \u2013 until the Controller checks the accuracy of the personal data;<\/p>\n \u2013 Data processing is illegal and the Data Subject objects to the deletion of personal data and instead demands that the usage of the data be restricted:<\/p>\n \u2013 The Controller no longer needs the personal data for processing but they are necessary for the Data Subject to make, exercise or defend legal claims;<\/p>\n \u2013 The Data Subject has objected to processing \u2013 until it is established whether the Controller\u2019s legitimate reasons are prevalent over the Data Subject\u2019s legitimate reasons.<\/p>\n 7.2.6. If the processing of the Data Subject\u2019s personal data is restricted pursuant to paragraph 7.2.5, such personal data shall only be processed with the Data Subject\u2019s consent (excluding retainment), or with the aim to make, exercise or defend legal claims or to protect other natural or legal person\u2019s rights or vital public interests.<\/p>\n 7.2.7. Before lifting the restrictions on the processing of the Data Subject\u2019s personal data, the Controller informs the Data Subject.<\/p>\n 7.2.8. The Data Subject has the right to file a complaint with the Data State Inspectorate if he or she considers that the Controller has processed his or her data illegally. The Data Subject is asked to first approach the Controller about the problem to resolve it fast if the Data Subject\u2019s rights to personal data protection have been breached.<\/p>\n 7.3. The right to withdraw consent<\/strong> 8. Procedure for the review of the Data Subject\u2019s applications<\/strong><\/p>\n 8.1. If the Data Subject has any inquiries, claims, objections or complaints regarding the personal data processing carried out by the Controller, the Data Subject can submit to the Controller an inquiry about the exercise of his or her rights via the channels indicated in Section 2 of this Policy. If in doubt, the Controller reserves the right to request additional information from the Data Subject if the Controller deems it necessary. 8.3. The Data Subject is obliged, as far as possible, to specify in the inquiry the time, location and other circumstances that could help to comply with the Data Subject\u2019s request.<\/p>\n 8.4. Upon receipt of the Data Subject\u2019s inquiry about the exercise of his or her rights, the Controller:<\/p>\n 8.4.1. Verifies the person\u2019s identity; \u2013 If the Controller needs additional information to identify the Data Subject requesting information or to comply with the request, the Controller can ask the Data Subject to provide additional information (for instance, a specific date or time, use of services, data of a card or a purchase, etc., by which the Data Subject can be identified);<\/p>\n \u2013 If the information has been erased or the person requesting information is not the Data Subject, the request can be denied in accordance with this Policy and\/or laws and regulations;<\/p>\n \u2013 In the case where the Controller receives an inquiry but the Data Subject has not given his or her contact details so the Controller could contact the Data Subject during the review of the inquiry and inform about the results thereof, the Controller shall prepare within a month a written answer that will be available at the address given in the Controller\u2019s contact details. The letter will be retained and remain available to the Data Subject at the Controller\u2019s office for up to two months of the submission of the inquiry.<\/p>\n 9. What measures does the Controller take to ensure the protection of personal data?<\/strong><\/p>\n 9.1. The Controller regularly revises and updates personal data protection measures to protect the personal data of natural persons against unauthorized access, accidental loss, disclosure or destruction, using appropriate technical and organizational measures.<\/p>\n 9.2. The Controller thoroughly examines all service providers that process personal data of natural persons on behalf and under instructions of the Controller. The Controller assesses whether the partners (personal data processers) ensure appropriate security measures, so that the personal data of natural persons are processes in accordance with the authorization given by the Controller, as well as laws and regulations.<\/p>\n 9.3. In the case of personal data security incident that can pose a high risk to the Data Subject\u2019s rights and freedoms, the Controller shall inform the Data Subject about it, using available contact details (if possible), post the information on the Controller\u2019s website www.kartes.lv<\/a> and\/or the social networks administered by the Controller and\/or otherwise (for instance, using mass media)<\/p>\n 10. Final provisions <\/strong><\/p>\n 10.1. This Policy shall be periodically revised and updated. The current version of the Policy is effective as of the date given in the Policy. The current version of the Policy is posted on the website www.kartes.lv, and will be available also at the locations where the Controller conducts business.<\/p>","protected":false},"excerpt":{"rendered":" LLC \u201cJ\u0101\u0146a s\u0113ta\u201d PRIVACY POLICY 1. Scope and area of application of the privacy policy 1.1. This privacy policy notice (hereinafter also referred to as the Policy) has been drawn …<\/p>\n","protected":false},"author":45,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-7049","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/pages\/7049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/users\/45"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/comments?post=7049"}],"version-history":[{"count":19,"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/pages\/7049\/revisions"}],"predecessor-version":[{"id":16685,"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/pages\/7049\/revisions\/16685"}],"wp:attachment":[{"href":"https:\/\/www.kartes.lv\/lt\/wp-json\/wp\/v2\/media?parent=7049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nPRIVACY POLICY<\/strong><\/p>\n
\n1.3. For specific personal data processing cases, the Controller has worked out separate privacy policies about which the Controller provides information also in this Policy, for instance, the privacy policy for the purpose of staff selection<\/u>. In the light of the above, this Policy shall be considered a general privacy policy, while the privacy policies that have been drawn up for specific personal data processing cases shall be considered special privacy policies. In case of contradictions, the terms of the special privacy policies are prevalent.<\/p>\n
\nAddress: Krasta iela 105a, R\u012bga, Latvija, LV-1019
\nTelephone. +371 67317540
\nFax +371 67317541
\nE-mail kartes@kartes.lv<\/p>\n
\n4.1.1. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC (General Data Protection Regulation), hereinafter referred to as the Regulation;<\/p>\n
\n4.1.3. Other laws and regulations the Controller is subject to that are applicable to the processing and protection of personal data, for instance, the Law on Accounting or the Law on Information Society Services.<\/p>\n
\nThe categories of personal data the Controller processes depend on the concrete situation in which personal data are processed, i.e., the business operations carried out by the Controller, legislative requirements and the Controller\u2019s legitimate interests in the given situation.<\/p>\n
\nPersonal data are processed with the aim to enable the Controller\u2019s business operations, including conclusion and performance of a contract based on subparagraph b) of paragraph 1 of Article 6 of the Regulation – processing is necessary for the performance a of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.<\/p>\n
\nWhile providing services, the Controller complies with special laws and regulations stipulating the obligation to retain particular data. For instance, the Law on Accounting stipulates the obligation to keep information on transactions for five years. The Controller complies with the terms stipulated in laws and regulations. When providing services and selling goods, information is retained for all the time a service is being provided or a good is being sold, observing the limitation period for claims applicable to respective legal relations (for instance, 3 years for commercial transactions if one of the parties is a commercial operator). This provision is applicable to the mutual communication of the parties and, for instance, a telephone number that has been used to execute the order.<\/p>\n
\nRecipients of personal data can be employees authorized by the Controller in accordance with the scope of their work duties and the requirements of laws and regulations.<\/p>\n
\nWhen communicating with the Controller or submitting a complaint or proposal via the contact channels provided by the Controller (for instance, telephone, e-mail, conventional mail, etc.), written information relating to the particular document and the information contained therein, as well as the content, time and means of communication will be retained. In case You make a complaint about the fulfilment of contractual obligations, the Controller will need to identify the applicant or the person to whom the answer has to be provided. In such case, to pursue that purpose, the Controller can process personal data that include the name, surname and contact details of the Data Subject, information about the services\/goods received, the person\u2019s online identification data, including information related to the history of the use of services\/purchases (analysis of the system\u2019s auditing records) and other information related to the contract. Such information is recorded in documents and stored in the Controller\u2019s data processing systems. The Controller is obliged and authorized to process the information identifying the Data Subject and information authenticating the person\u2019s identity and right of representation (if the person represents other person) in contractual relations.<\/p>\n
\nInformation on the fact and content of communication is retained pursuant to subparagraph f) of paragraph 1) of Article 6 the Regulation \u2013 processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests of fundamental rights and freedoms of the data subject which require protection of personal data. In cases where you have submitted a document containing an\u00a0 inquiry, complaint or a proposal, the legal basis for data protection is this legal obligation (for instance, fulfilment of the provisions of consumer rights protection laws or the Regulation, as well as other laws and regulations applicable in solving the matter mentioned in the inquiry (proposal, complaint) pursuant to subparagraph c) of paragraph 1) of Article 6 the Regulation \u2013 processing is necessary for compliance with legal obligation to which the controller is subject. For the purposes of the legitimate interests pursued by the Controller and third persons (for instance, to investigate cases where complaints have been received about the quality of a service provided, as well as to secure evidence against possible claims), the legal basis for data processing is the legitimate interests pursued by the Controller. Correspondence is retained also for the purpose of systematization of the Controller\u2019s business operations and for the following business purposes \u2013 to inform about the range of services, terms of the delivery of goods, etc.<\/p>\n
\nTo achieve these objectives, the Controller will retain information for up to five years unless there is a need to use it longer for the purposes of the legitimate interests of the Controller (for instance, to secure evidence in case of a dispute).\u00a0 In such cases information will be retained as long as the legal interests of the Controller or a third party exist.<\/p>\n
\nThe Controller\u2019s information materials, events, news, photos of persons, video and audio recordings, events organized by the Controller and information on the Controller\u2019s participation in events organized by cooperation partners can be published in various mass media, on the Controller\u2019s website www.kartes.lv<\/a>, the Controller\u2019s social network accounts (for instance, facebook.com, Instagram.com, youtube.com), and saved in the Controller\u2019s archive with the aim to promote the Controller\u2019s brand and\/or to chronicle the development of the Controller\u2019s enterprise. In some cases, these materials can contain personal data (images, voice, information provided, time and date) of persons that have visited events organized by the Controller and have been captured in photos, recorded in video or audio formats, descriptions of events and interviews.<\/p>\n
\nPersonal data are processed pursuant to subparagraph f) of paragraph 1) of Article 6 the Regulation \u2013 processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests of fundamental rights and freedoms of the data subject which require protection of personal data. That means that displaying the events organized by the Controller or events in which the Controller takes part in mass media, on the Controller\u2019s website www.kartes.lv<\/a>, or social network platforms (for instance, facebook.com, Instagram.com, youtube.com), thus promoting the Controller\u2019s brand and its products, is a legitimate interest pursued by the Controller.<\/p>\n
\nPersonal data are retained until the objective is achieved, i. e., as long as the information that has been made public with the aim of promoting the Controller, remains relevant and serves the purpose, except information that is stored permanently in the Controller\u2019s archive. The Controller shall periodically revise the published information to ensure that information that no longer serves the purpose of data processing is regularly erased, except for the data processing necessary for the purpose of archiving.<\/p>\n
\nRecipients of personal data can be employees authorized by the Controller, users of the respective mass media, the Controller\u2019s website www.kartes.lv<\/a> and\/or social network platforms (for instance, facebook.com, Instagram.com, youtube.com), processers, law enforcement and supervisory authorities. Data can be transferred also to execute an agreement concluded between the Controller and a third person (for instance, to a service provider for making photographs and\/or video, audio recordings, producing, website administration, brand promotion, etc.).<\/p>\n
\nThe Data Subject is informed about personal data processing described in this Policy using a multilevel approach, which includes methods like posting this Policy or its parts on the Controller\u2019s website www.karte.lv<\/a>, or in some cases provding information in the form of an announcement or in some other way.<\/p>\n
\n7.2.1. Pursuant to the provisions of the Regulation, the Data Subject is entitled to request access to the Data Subject\u2019s personal data at the Controller\u2019s disposal and receive the following information:<\/p>\n
\n\u2013 For what purposes the Controller processes these data;<\/p>\n
\n7.2.5. The Data Subject has the right to request that the Controller restrict the processing of the Data Subject\u2019s personal data if any of the following circumstances exist:<\/p>\n
\nIf the Controller processes personal data based on the Data Subject\u2019s consent, the Data Subject has the right to withdraw the consent at any time by sending the withdrawal to the Controller as stipulated in paragraph 2 of the Policy. Upon receiving the withdrawal, the Controller shall not process the Data Subject\u2019s personal data for the purposes regarding which the withdrawal of consent has been received. To ensure the Controller processes the data lawfully and fairly, the Controller, considering technological possibilities, shall contact You each time to offer an additional opportunity to refuse to receive further information. Note that the personal data processing purposes described in this Policy have other personal data processing purposes and the Controller does not base his or her actions on consent as the legal basis of data processing.<\/p>\n
\n8.2. The Controller shall review the Data Subject\u2019s application, inquiry or complaint and prepare an answer that will be sent via a registered letter, thus making sure that unauthorized persons cannot receive this letter, or electronically. The channel for the provision of the answer shall be agreed with the Data Subject unless it is already explicitly clear and the proposed solution for the inquiry is acceptable to the Controller.<\/p>\n
\n8.4.2. Assesses the inquiry and takes the following steps:
\n\u2013 If the Controller is able to comply with the request, he or she does so in as short period of time as possible, and the Data Subject as the applicant can receive the requested information or data copy;<\/p>\n