Privacy policy

SIA “SILVER FOX” PERSONAL DATA PROCESSING NOTICE FOR CUSTOMERS, BUSINESS PARTNERS AND RELATED PARTIES

1. Controller information

We are SIA “Silver Fox”, registration number: 4003675638, registered office: Vesetas iela 7, Rīga, LV-1013.

You may contact us by calling +371 67020591, +371 25472727, or writing an e-mail to dati@silverfox.lv or  property@silverfox.lv.

2. Contact information for personal data protection matters

If you have any questions regarding this notice or concerning the processing of your personal data, you may contact us using the means of communication specified in section 1 above or by contacting our personal data protection officer at: dati@silverfox.lv или property@silverfox.lv.

3. General description of our personal data processing

The purpose of this notice is to provide you with a general overview of the activities and purposes of personal data processing we perform, but please note that other documents (such as cooperation agreements, materials (videos, photos) published for marketing purposes and other documents currently or subsequently published on the www.silverfox.lv, website may contain additional information regarding the processing of your personal data.

This notice is to inform you that we process the personal data of our customers (including potential customers), customers’ contact persons, entities operating upon the assignment of potential customers (intermediaries), suppliers, business partners their representatives/contact persons, website visitors, company office visitors and other persons whose data may become available to us in the normal course of business.

We assume that, before using our website or becoming a customer/business partner, you have read this notice and have consented to the terms and conditions specified herein. This is the latest wording of the notice. We reserve the right to amend or update this notice as necessary. We hereby inform you that the personal data processing terms and conditions specified in this notice only apply to the processing of physical persons’ personal data.

In addition to these terms, you may get acquainted with our cookie policy (available at www.silverfox.lv)

We are aware that personal data are valuable to you, and will process them in line with confidentiality requirements and with care for the security of your personal data as available to us.

4. For what purposes, and on what legal basis, do we process your personal data?

We will only process your personal data in accordance with pre-defined legitimate purposes, including the following:

a) commencing and effecting profession of services, ensuring the execution and enforcement of obligations under an agreement (such as a cooperation agreement) –

For this purpose, we will need to identify you, perform calculations of relevant payments, and implement a payments process, contact you in matters regarding service provision and/or agreement execution (including sending invoices), and effecting collection of outsourcing payments.

The minimum scope of personal data we require for accomplishing the specified goals: attracting and onboarding a customer/supplier/business partner, concluding and executing a cooperation agreement, identifying a customer/supplier/business partner (e.g. personal data and contact information of a camp, supplier, business partner, and any representatives/contact persons), contact between company employees and customers for the purpose of providing a service (e.g. address, phone number, e-mail address), effecting settlement (e.g. bank account number, bank name, agreement conclusion date and number) etc.

The primary legal basis for accomplishing these purposes is:

- concluding an agreement with a data subject (General Data Protection Regulation Article 6(b));
- compliance with legal obligations (General Data Protection Regulation Article 6(c));
- legitimate interests of the controller (General Data Protection Regulation Article 6(f)), e.g. identification of yourself as the customer, business partner or representative/contact person, and maintenance of contact with you.

b) fulfilment of regulatory requirements regarding service provision, and other regulatory requirements –

Within the framework of this purpose we will be required to comply with personal data requirements specified in the Civil Law, Accounting Law, Archival Law, Law on the Prevention of Money Laundering and Terrorism and Proliferation Financing, and other regulations as pertaining to personal data and necessary for the provision or our services and/or satisfying legitimate interests for the following purposes: ensuring settlement with customers, business partners; maintaining cooperation, ensuring confidentiality, effecting due diligence activities specified in the Law on Prevention of Money Laundering and Financing of Terrorism.

Minimum scope of personal data we require: name, surname, identity code (date of birth), address, contact information, bank account number of a customer, business partner, potential customer, representative/contact person/assignee (intermediary); various data related to a customer’s/potential customer’s real property.

The primary legal basis for accomplishing these purposes is:

- compliance with legal obligations (General Data Protection Regulation Article 6(c)).

c) ensuring adequate provision of services –

Within the framework of this purpose, we would require maintenance and enhancement of technical systems and IT infrastructure, use of technical and organisational solutions, and use of your personal data (e.g. through the use of cookies), with the purpose of ensuring due provision of services.

The primary legal basis for accomplishing these purposes is:

- legitimate interests of the controller (General Data Protection Regulation Article 6(f)).

*REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

5. Who might access your personal data?

We take appropriate measures to process your personal data in accordance with applicable legislation and to ensure that no third parties that do not have a legal basis for processing your personal data gain access to your personal data.

As necessary, access to your personal data may be obtained by:

1. our employees or directly authorised persons, as necessary for fulfilling their occupational duties;
2. personal data processors (within the framework of services they provide and only to the extent necessary) – e.g. auditors, tax and legal advisors, database developers/technical maintenance contractors, other persons involved in providing the controller’s services;
3. state and municipal bodies (in the cases specified in the applicable regulations), e.g. law enforcement institutions, municipal governments, tax authorities;
4. third parties, provided a careful assessment of whether the transfer of such data has an adequate legal basis, e.g. debt collectors, extrajudicial dispute mediation institutions, insolvency administrators, third parties maintaining various registries (e.g. the Register of Residents, registers of debtors etc.).

6. What personal data processing business partners (personal data processors) do we select?

We take appropriate measures to ensure the processing, protection and transfer of your data to processors in accordance with the applicable regulations. We carefully select personal data processors and, upon transfer of data, evaluate the necessity thereof as well as the scope of data being transferred. Transfer of data to processors takes place in accordance with personal data confidentiality and secure processing requirements.

At this time, we may cooperate with the following categories of data processors:

1. tax and legal outsourcing service provider;
2. IT infrastructure maintenance outsourcing service provider;
3. document destruction outsourcing service provider;
4. other categories of processor as necessary;
5. other parties involved in ensuring the provision of our services.

Personal data processors may change subject to amendments made to this notice.

7. Are your personal data sent outside European Union (EU) or European Economic Area (EEA) member-states?

We do not transfer data to countries outside the European Union or the European Economic Area, with the exception of cases where such a necessity might arise in connection with the provision of certain services.

8. For how long will we keep your personal data?

Your personal data are stored for as long as necessary in accordance with relevant personal data processing purposes, and in accordance with the provisions of the applicable regulations.

While evaluating the duration of personal data retention, we consider the requirements of applicable legislation, aspects of fulfilling contractual obligations, your instructions (e.g. pertaining to consent), and our legitimate interests. If you personal data are no longer necessary for the aforementioned purposes, we will delete or destroy the data.

We store the following basic categories of personal data for the relevant periods of time:

• personal data necessary for executing contractual obligations – we will store these until the relevant agreement is executed and other storage periods expire (see below);
• personal data retained for legal compliance – we will store these as indicated in the relevant legislation; for instance, the Law On Accounting specifies that substantiating documents must be stored for as long as necessary in order to corroborate the initiation of a business transaction and audit its execution, but no less than 5 years;
• data proving the fulfilment of our obligations – we will store these for the general claims lapse period as specified in the applicable regulations: 10 years in accordance with the Civil Law, 3 years in accordance with the Commercial Law, as well as the relevant claim lapse periods specified in the Civil Procedure Law.

9. What rights do you, the data subject, have regarding the processing of your personal data?

Personal data updating

If any changes occur to personal data that you provided to us, e.g. change of identity code, contact address, phone number or e-mail, please contact us to present current data, so that we may accomplish the relevant personal data processing purposes.

Your right to access and rectify your personal data

In accordance with the General Data Protection Regulation, you are entitled to require us to provide access to your personal data as available to us, to require rectification, deletion thereof, to restrict processing, to object to data processing, and have the right to data portability in accordance with the procedure and in the cases specified in the General Data Protection Regulation.

We respect your right to access and monitor your personal data; therefore, upon receiving your request, we will provide a response within the term specified in the applicable regulations (generally no more than one month, unless some specific request requires a longer period of time for us to draft a response) and, wherever possible, we will rectify or delete your personal data as requested.

You may receive information about your personal data as available to us, and to exercise your rights as the data subject, in any of the following ways:

1. by submitting the relevant application in person and undergoing identification at our office: SIA “Silver Fox”, registration number: 4003675638, registered office: Vesetas iela 7, Rīga, on business days, from 09.00 till 17.00;
2. by submitting an application via mail sent to: SIA “Silver Fox”, registered office: Vesetas iela 7, Rīga, LV-1013.
3. by submitting an application to our e-mail address: dati@silverfox.lv or property@silverfox.lv, – in which case we recommend using a secure digital signature.

Upon receiving your application, we will evaluate its content and the feasibility of identifying you; we reserve the right to, considering the particulars of the situation at hand, request further identification of your person in order to ensure that your personal data are safe and are only disclosed to the relevant individual.

Revoking consent

If the processing of your data is based on consent you have given us, you are entitled to revoke it at any time, and we will no longer process your personal data on the basis of your consent for the relevant purpose. However, please note that revocation of consent might not affect the processing of personal data necessary for compliance with the applicable regulations, performed on the basis of an agreement, our legitimate interests, or other legal basis for data processing as specified in the applicable regulations.

You may also object to the processing of your personal data if the personal data processing is based on legitimate interests.

10. Where can you submit complaints in matters related to the processing of your personal data?

If you have any questions or objections regarding our processing of your personal data, we ask that you contact us first and foremost.

If, however, you believe that we have been unable to resolve your issue by consensus, and are convinced that we are violating your right to personal data protection, you may submit a complaint to the Data State Inspectorate.

11. Why do you have to provide us with your personal data?

We collect your information primarily in order to comply with obligations undertaken under an agreement, perform our legal obligations, or to pursue our legitimate interests. In such cases, the gathering of certain information is required in order to accomplish relevant purposes; thus, failure to provide the information may preclude the establishment of business relations or the execution of an agreement. If data are not required, but may help us improve services or offer you advantageous agreement terms and/or proposals, we will specify that such provision of data is voluntary.

Please consider this section in conjunction with section 4 of the notice.

12. How do we receive your personal data?

We may receive your personal data in any of the following ways:

1. in the course of concluding an agreement with you;
2. where an agreement is concluded with a third party that specifies you as a contact person/representative/employee;
3. whenever you submit any applications, e-mail addresses to us, or make calls to us;
4. on the www.silverfox.lv, website, through the use of cookies;
5. from third party databases in some cases – e.g. while evaluating your credit capacity, we may obtain data from third parties in certain cases necessary for accomplishing this purpose; from video surveillance recordings;
6. in some cases, we may receive data from third parties or our business partners, if necessary for fulfilling obligations under an agreement of complying with a legal requirement.

13. Are your personal data used in the course of automated decision-making?

We do not use your data for automated decision-making.