1. Who are we?
2. Why do we process your data?
We process your personal data in compliance with the General Data Protection Regulation (GDPR) in order to ensure lawfulness, fairness, and transparency of processing. The main goal of your personal data processing is to perform a contract in order to provide a Product or Service to you. For this purpose, we request your consent to process your personal data.
3. What categories of data are processed and what are purposes of a processing?
We process the following categories of personal data:
• Your first name (name);
• Your last name (surname);
• Your country of residence;
• Your address;
• Your phone number;
• Your email address.
We have to process your name and surname in order to identify you. We cannot accept any payment from you without such identification. We process your address to ensure compliance with the bookkeeping regulations on invoices.
We process your email address and phone number as the way of distributing information and contacting you. We provide answers to your requests or product inquiries, we send activation codes for our products and we announce important information via these communication channels. We can contact you to receive your feedback on Product or Service of your choice.
We need to process your country of residence to make sure our services are not limited or restricted in your country. We will inform you if any limitation is in place.
Sometimes if a purchase is made with a Discount Coupon provided to the customer by our Official Reseller, who signed a reseller agreement with us (hereinafter referred to as the "Resellers"), then we might share the following information to ensure that the Reseller can provide technical support and/or training for products you purchased from us:
• Your first name (name);
• Your last name (surname);
• Your email address;
• Company name.
We share your data only with those Resellers that have signed relevant reseller agreements with us and only if you received a discount coupon from the Resellers.
Our websites ("Websites", "Website") are integrated with Google Analytics service for web analytics. These services process the information collected from cookies and IP address.
4. Who can access your personal data?
Our employees will be allowed to process your personal data in order to provide the requested service or product. If you agreed to receive marketing information from us, then our PR manager will have access to your contact information as well.
Officials (police, tax officers, etc.) will be given access to your personal data only if so required by law. Our lawyers will examine any official request very closely beforehand. We will not disclose your personal data before we are 100% sure that officials have firm legal grounds to receive your personal data.
5. How long your personal data will be stored?
We will keep your personal data until you stop using our Product or Service or revoke your consent. Please keep in mind that the storage term depends on the Product or Service of your choice. To know exactly for how long we are going to keep your personal data, based on Products and Services of your choice, feel free to ask any question you may have via email.
However, we will not keep your personal data longer than required by law or the purpose specified in Clause 2 of this Policy.
6. What are your rights in regards to your personal data?
The GDPR stands tall since May 25, 2018 and, starting from this date, you, as our client, have rights in regards to your personal data:
• You have the right to access. You can request from us whether or not your personal data are being processed by us. You can ask for detailed information, which categories (such as name, surname, email address etc.) of your personal data are processed, who can access your personal data, for how long we are going to store your personal data. You can request us to provide a copy of your personal data.
• You have the right to rectification. In case you have seen a mistake in your personal data (for instance, your name is misspelled in our email), you can request for a correction of inaccurate personal data.
• You have the right to erasure of your personal data. You can request erasure of your personal data, when you withdraw your consent to the processing or when you stop using our Products or Services. However, please keep in mind that we cannot erase data required to be kept by law.
• You have the right to restrict processing of your personal data. You can restrict to process your personal data when you think we process your personal data without any ground.
• You have the right to withdraw your consent for the processing of your personal data at any time. However, please keep in mind that such revoke that such revoke will not retrospectively affect the lawfulness of processing conducted before.
• You have the right to portability. You have the right to receive your personal data from us in a structured form in order to transfer these data to another company. If technically possible, you can request us to transfer your personal data directly to another company.
• You have the right to complain. In case, you think we are violating your rights, you can complain to supervisory authority (like Data State Inspectorate (Datu Valsts Inspekcija)).
7. What will we do when you are performing your rights regarding rectification or erasure of personal data, as well as restrict processing of your personal data?
When you are requesting to perform the access, editing or erasure of your personal data, we will comply with your request and we will perform the requested action. If you ask for editing, erasure or restrict to process your personal data, we will notify of your request any third party to which we provided your personal data.
8. What if you don’t want to provide personal data to us?
In case the processing of personal data (such as name, surname, and email) is required for concluding a contract and you are not willing to share these personal data with us, we won't be able to identify you as a contracting party and thus comply with the accounting and anti-money laundering legislation. Therefore, we won't be able to sign a contract with you and provide you a Service or Product.
We strive to protect the integrity of your personal data, apply standard information security procedures, and ensure observance of your rights to and lawful interests in data we provide to our partners.
9. Do we transfer your personal data to third countries?
Yes, we transfer your data to third countries (outside of the European Union). However, we ensure of recipient's compliance with the GDPR prior to any such transfer. You can take a glance at our partners' statements on compliance with GDPR here:
To learn information confidentiality terms applicable to our Resellers, please visit their websites. Links are available here: https://www.ugcs.com/resellers.
10. At what age you can use our Products and Services?
We do not store personal data of minors and children under the age of 13. If you are a parent or a legal guardian of children or minors and you are aware that your ward has provided us with Personal Data, please contact us immediately via email: firstname.lastname@example.org. If we become aware that Personal Data from a person under the age of 13 are in our possession without verification of parental consent, we will take immediate steps to erase the data from our servers.
11. What will we do in case of a data breach?
In the case of a personal data breach, we will notify supervisory authority of the breach not later than 72 hours. We will notify you via email immediately if we see a high risk of your rights and freedoms (due to the breach) violation.
12. How can you protect your rights?
If a dispute arises, we will do our best to settle it by negotiations. We are always ready to hear from you and look for the best solution for all of us. In any case, you may complain to the Data State Inspectorate (Datu Valsts Inspekcija) or look for a help of a court to protect your rights.
Data State Inspectorate web-page: http://www.dvi.gov.lv/en/
In case of a personal data breach, we shall notify you so that you can get a full understanding of the problem and the measures taken to solve it.
If a personal data breach puts the rights and freedoms of our users at risk, we shall also notify the state authorities responsible for supervision of GDPR within 72 hours. Our notification will include the following information:
(a) description of the nature of the personal data breach, including, if possible, the category and approximate number of data subjects, category and approximate number of personal data records
(b) surname and contact details of the personal data protection inspector or other coordination center to receive more detailed information from
(c) description of the possible consequences of a personal data breach
(d) description of the measures taken or planned by the controller to cure the breach, including, where appropriate, measures to mitigate a possible negative impact
13. References to other internet-resources
To learn more about your data processing by these services, please visit:
- PayPal: https://www.paypal.com/lv/webapps/mpp/ua/legalhub-full?locale.x=en_LV
- Stripe https://stripe.com/en-gb-lv/privacy-center/legal
- Nuvei: https://nuvei.com/en-emea/privacy-notice/ and https://nuvei.com/en-emea/cookies-policy/
14. Legal and Contact Information
Company Name: SPH Engineering, registration number 50103629321, official (legal) address: Dzirnavu iela 62-9, Riga, Latvia, LV-1050.
Contact details of our representative: Janis Kuze, Director of Special Projects, +371 25453422, email@example.com.