The purpose of the privacy policy is to provide the physical person – data subject with information on the purpose and scope of personal data processing, protection and term of processing during the data collection and upon processing of the personal data of the data subject.


Personal data controller


Personal data controller is SIA “WITRAZ” (hereinafter – SIA), Reg. No: 40103789599, Jurkalnes Street 15/25, Riga, LV-1046, phone: +371 67405400, e-mail:


Contacts of the Agency on matters, related to personal data processing is:


General conditions


1. This privacy policy provides general description of the procedure of processing and protection of personal data by SIA. More detailed information on the processing and protection of personal datais available in the internal regulations of SIA and in the SIA’s website section "Processing of personal data of the physical persons". 


2. Within the framework of the applicable laws and regulations SIA will ensure confidentiality of the personal data and has undertaken corresponding technical and organizational measures for protection of personal data from unauthorized access, illegal processing or disclosure, accidental loss, modification or destruction.


3. SIA may use personal data processers to process the personal data. In such cases SIA will undertake necessary measures to ensure that such personal data processers shall perform processing of personal data in accordance with instructions of SIA and accordingly applicable laws and regulations, and shall demand conduct of corresponding safety measures.


Personal data categories


4. Personal data shall be collected both from the data subject and external sources, from databases and registers at the disposal of SIA. Personal data categories, from which SIA mostly, but not only collects and processes data, are following:

4.1. identification data – name, surname, personal code;
4.2. contact information – residence address, phone number, e-mail address;
4.3. special category personal data – bank accounts of the persons;
4.4. data, which may be collected and/or created upon performance of the obligations, stipulated by the laws and regulations;
4.5. data on satisfaction – satisfaction of the data subject.


Purpose and legal grounds of personal data processing


5. SIA shall process personal data for the purpose of providing services and goods:

5.1. customer identification;

5.2. preparation and signing of contract;

5.3. delivery of goods and provision of guarantee services (performance of contractual obligations);

5.4. ensuring / maintaining service provision;

5.5. performance of guarantee obligations;

5.6. improvement of goods and services, development of new goods and services;

5.7. promoting and distribution of services or commercial purposes;

5.8. provision of customer service;

5.9. review and processing of objections;

5.10. retaining of customers, improvement of loyalty, satisfaction measurements;

5.11. settlement of accounts; 

5.12. debt recovery; 

5.13. maintenance and improvement of functioning of websites and mobile applications.

5.14. statistics and business analysis;

5.15. planning and accounting;

5.16. data quality assurance;

5.17. reporting;

5.18. conducting of customer surveys. 


6. Legal ground of personal data processing:

6.1. execution of remote agreements and transactions – in order to sell and deliver the goods on the grounds of data subject application and to ensure execution thereof;
6.2. legislative compliance – in order to meet statutory obligations, applicable to SIA; 6.3. in accordance with the consent of data subject;
6.4. in lawful (legitimate) interests – in order to implement legitimate interests of SIA and the customer, resulting from the obligations existing between SIA and the data subject or resulting from the law.


7. Legitimate interests of SIA are:

7.1. to sell the goods to the customer and to deliver it, on the grounds of a separate agreement, if requested by the customer, therefore ensuring performance of transaction obligations;
7.2. to store customer applications in the website;
7.3. to conduct customer survey regarding operation of SIA;
7.4. to ensure and improve service quality;
7.5. to address law enforcement authorities for the protection of its lawful interests.

Personal data protection


8. SIA shall protect personal data, using possibilities offered by modern technologies, considering the existing privacy risks and the organizational, financial and technical resources reasonably available to SIA, including by undertaking the following safety measures and using the following safety solutions:

8.1. data encoding upon transmission of data;
8.2. firewall;
8.3. intrusion protection and detection programs;
8.4. other protection measures in accordance with the current technological developments.


Personal data recipients


9. Personal data may be transferred to recipients, for example:

9.1. law enforcement authorities;
9.2. auditors or other personal data processers of SIA in accordance with the requirements of the laws and regulations.

Geographical territory of personal data processing


10. Personal data shall be processed within the European Union / European Economic Zone (EU/EEZ).


11. Personal data shall be processed in Jūrkalnes Street 15/25, Riga, LV-1046.


Storage period


12. Personal data shall be processed for as long as necessary for the purpose of personal data processing. Storage period is based on the transaction with the customer, concluded in the Internet, legitimate interests of SIA, applicable laws and regulations or until the consent of the SIA’s customer for the relevant personal data processing is valid, unless there are other legal grounds for personal data processing.


13. The personal data shall be deleted after expiry of the circumstances specified in Article 12 of this Privacy Policy.


Rights of the data subject


14.To receive information on processing of own personal data by SIA as specified in the laws and regulations.


15. Pursuant to the laws and regulations request access to own personal data from SIA, to complement, correct, delete these or restrict processing thereof, rights to object to processing of own personal data, including to object to processing of personal data, undertaken by SIA, based on the lawful (legitimate) interests of SIA, as well as the rights to transferability of personal data and revocation of the consent for processing of personal data.


16. To submit complaint concerning personal data processing to the Data State Inspectorate (, if there is reason to believe that personal data processing infringes his/her rights and interests in accordance with the law.


SIA shall be entitled to make changes or additions to this Privacy policy by publishing the current version of the Privacy Policy in the SIA’s website section           "Privacy policy".