Last updated: 03/2023
We process personal data of Users in accordance with applicable law - Regulation (EU) 2016/679 Of The European Parliament And Of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“Regulation”), as well as legal acts governing data processing and the right to privacy.
1. Data Controller and contact information.
The controller of personal data is SIA “Triviums Apmācība” (reg.No. 40003602352), Riga, 11/13 Blaumana str., Office 12 (“Controller”, “we, our”).
Complaints or questions about the processing of personal data can be directed to our data protection specialist at: email@example.com .
2. Personal data processing purposes
Your data is processed for the following purposes:
• Application and registration for courses, events, activities, consultations;
• Provision of information and answers to Users;
• Provision of services and information for which the User has subscribed;
• Provision of information on upcoming events;
• Preparation of invoices;
• Preparation of lists of participants, name cards and certificates;
• Application for job vacancy;
• Maintenance and improvement of the Website;
• Marketing communications;
• Examination of complaints, suggestions and questions.
We process User’s data using the latest technological solutions, assess the risks of confidentiality and use our organizational, financial and technical resources, which are necessary to ensure the security of processing personal data in accordance with the principles set forth in the Regulation.
Our employees and contractors use Users’ personal data only for the purposes indicated above.
3. Data processing legal basis
The Controller processes personal data only on the basis of the following legal grounds:
a) User has given consent to the processing of his personal data for one or more specific purposes;
b) processing is necessary for the performance of a contract to which the User is party or in order to take steps at the request of the User prior to entering into a contract;
c) processing is necessary for compliance with a legal obligation to which Controller is subject;
d) processing is necessary in order to protect the vital interests of User or of another natural person;
e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
f) processing is necessary for the purposes of the legitimate interests pursued by Controller or by a third party.
4. Personal data storage term
We store the received personal data until:
• Data is necessary for the purpose for which it was obtained;
• The User or Controller can exercise their legitimate interests in the manner prescribed by regulatory enactments (to file objections or to initiate legal proceedings);
• There is a legal obligation to store personal data;
• User’s consent to the corresponding processing of personal data is valid, unless there is another legal basis for the processing.
5. Processing of personal data for the purposes of communication
Type of personal data: e-mail (name and/or surname only in certain cases);
Purpose of data processing: newsletters;
Legal basis for the processing of personal data: User’s consent or Controller’s legitimate interests;
Personal data processing term: permanently until the person withdraws his / her consent or unsubscribes from newsletters.
6. Rules for the processing of personal data of participants in events
1) Type of personal data: name and/or surname, e-mail, and/or other data;
Purpose of data processing: registration for event, reminder about the event, after-event communication regarding similar interests and events;
Legal basis for the processing of personal data: performance of a contract;
Personal data processing term: until the end of the event and 2 months thereafter.
2) Type of personal data: name and/or surname, e-mail;
Purpose of data processing: RISEBA newsletters;
Legal basis for the processing of personal data: User’s consent or Controller’s legitimate interests;
Personal data processing term: permanently until the person withdraws his / her consent or unsubscribes from newsletters (objects to the processing).
7. Application for consultations
Personal data submitted by the Users when applying for the consultation shall be processed by the Controller only for as long as is necessary for the provision of the consultation or for the purpose of providing another service for which the User has applied. The Controller processes the e-mail submitted by the User in accordance with the provisions of Clause 5.
8. Processing of personal data of job candidates
Purpose of processing: assessment of the candidate's suitability for the vacant position.
Legal basis for the processing of personal data: legitimate interests of the Controller. The processing of candidates' personal data is crucial in the recruitment process, as well as in assessing and approving the candidate's suitability for the vacancy.
Personal data processing term: if the candidate has not been recruited, the Controller shall store the candidate's personal data and delete the documents submitted by him within 1 year after the application deadline specified in the job advertisement or after receiving the candidate's application. Such a retention period is necessary for the re-examination of the candidate's application in the event of dismissal or appearance of the vacancy and for the exercise of the Controller's rights in the event of a candidate's complaint. After the expiry of these deadlines, the candidate's personal data will be permanently deleted from all systems, but the paper documents will be shredded.
The personal data of the selected candidate will be used for the preparation of the employment contract and processed during employment in accordance with certain rules for the processing of personal data of employees.
9. Data transfer to third parties
We do not disclose User’s personal data to third parties, except:
• according to the clear and undeniable consent of User;
• to persons provided for by regulatory enactments in the manner and amount established therein;
• in cases provided for by regulatory enactments for the protection of legitimate interests.
Services which presume processing of User’s personal data by third parties in the course of service provision to the Controller:
1) Hosting services: Controller processes all personal data entered by the User. The service provider has the possibility to access data, but without Controller’s request personal data is not accessed. Data is not transferred to third countries;
2) Newsletter services: Controller processes User’s e-mail address. Data is not transferred to third countries;
3) Chatbot: Controller processes all personal data submitted by the User through the Website. The service provider has the possibility to access data, but without Controller’s request personal data is not accessed. Data is transferred to third countries. Transfer is based on the Standard Contractual Clauses approved by EC;
4) Website support - Controller processes all personal data submitted by the User through the Website. The service provider has the possibility to access data, but without Controller’s request personal data is not accessed. Data is not transferred to third countries.
When changing providers of such services, we guarantee that we always cooperate only with trusted partners who ensure compliance with the requirements of the Regulation.
10. Rights of the Users
User have the right at any time to request information about User’s personal data in order to verify the accuracy of the stored data and / or to correct or update this data, restrict the processing, as well as object to the processing and withdraw the consent. User can also ask to completely delete personal data if it is not needed for further processing.
We will make commercially reasonable efforts to provide you with reasonable access to any of User’s personal data we maintain within 1 month as of receipt of access request.
In order to ensure User’s safety and privacy protection, we will take appropriate measures to verify User’s identity before disclosing information about the requested personal data.
“Cookie” is a small piece of data sent by the web server and stored on the user's computer.
We use first and third party cookies for several reasons. Some cookies are necessary for technical reasons, they are called essential cookies and session cookies, and their use does not require the consent of Users.
The Website uses the necessary cookies and session cookies in order to:
• maintain and manage the security of the Website;
• analyse User’s browsing experience;
The information related to cookies is not used for personal identification of the User. These cookies are not used for any purpose other than those described here.
Other, third party cookies, are used by the Website for analytical purposes to help measure the effectiveness of a marketing campaign, analyze Website usage, improve the Website or the services offered. The use of such cookies requires the consent of the User.
11.1. Third party cookie (analytics)
The data collected by Google Analytics cookies includes:
• User ID, consisting of a sequence of numbers unique to each user of the Website;
• Number and time of previous visits to the Website;
• Information about how the User found the Website, its search and browsing history.
Information on how Google Analytics processes personal data can be found here:
Personal data collected by Google Analytics may be sent to third countries on the basis of standard data protection clauses.
Data collected by Hotjar Ltd. cookies includes:
• IP address of the User;
• Demographic data of the User, location, information about the User's device from which he or she accesses the Website.
Information on how Hotjar Ltd processes personal data can be found here: https://help.hotjar.com/hc/en-us/articles/360045447214-Compliance-at-Hotjar
Data collected by Facebook pixel includes:
• Http header. The HTTP header is a standard web protocol that is passed between any browser request and any server on the Internet. The HTTP protocol includes IP addresses, information about the web browser, page location, document, referrer and person using the Website;
• Pixel Data - This includes the pixel ID and Facebook cookies;
• Button click data - this includes all buttons clicked by the Website User, labels for those buttons, and all pages visited at the time the button was clicked.
• Form Field Names - This includes the Website field names such as "email", "address" when the User purchased the service. The pixel does not capture field values.
12. How to control cookies?
User can delete all cookies on the User's device, clearing the browser's browsing history and thus disabling all cookies from all websites visited by the User.
Regarding different types of cookies, most browsers allow to control and manage cookies through browser settings.
However, please be aware that disabling functional cookies may affect the operation of the Website and / or restrict the services provided. By disabling such cookies, User may also lose useful information. User may need to manually adjust individual cookie selections each time when browsing the Website.
13. Questions, applications and complaints
Users can send their questions about general data protection issues or the processing of their personal data to the Conroller’s Data Protection Officer at: firstname.lastname@example.org.
If you believe that Controller is violating User’s statutory rights, User can lodge a complaint with the Data State Inspectorate (Datu valsts inspekcija) to: 17 Elijas str., Riga (Elijas iela 17, Rīga, LV-1050), tel.No. 67223131, e-mail: email@example.com.