Privacy Policy

1. Introduction

SIA "Nova Consult", Reg. No.: 40203584806 (hereinafter referred to as the Controller), processes personal data obtained from the data subject – the user of the website (hereinafter referred to as the User) on the website novaconsult.lv (hereinafter referred to as the Website). The Controller cares about the privacy and personal data protection of the User and respects the User's right to the lawfulness of personal data processing in accordance with applicable legislation – Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Taking into account the above, the Controller has developed this privacy policy with the aim of providing the User with the information required by the Regulation. In view of the above, the Controller has developed this privacy policy with the aim of providing the User with the information required by the Regulation. 

The privacy policy applies to data processing regardless of the form and/or environment in which the User provides personal data (on the Website, in paper format, in person, or by telephone). The Controller reserves the right to change these terms at any time.

It is the responsibility of the Website visitor to independently check the content of the Website in order to familiarise themselves with any changes to the terms and conditions.

2. Identity and contact details of the Controller

Controller: SIA "Nova Consult"

Reg. No.: 40203584806

Controller's address: Alīses iela 10-20, Rīga, Rīga, LV-1046

Website: novaconsult.lv

E-mail: info@novaconsult.lv

Phone: 22 488 507

3. Purposes of personal data processing and legal basis for processing

If the User submits their personal data to the Controller by telephone, using the Website contact forms, e-mail or other types of mail, we store and use this information in order to perform or conclude the relevant service provision agreement, including for customer identification; preparation and conclusion of the agreement; provision of services (performance of contractual obligations); customer service; examination and processing of objections; to increase customer loyalty; to administer payments and settlements; to recover and collect debts; to prove facts, maintain the website and improve its operation; for business planning and analytics; for planning and accounting. Similarly, we will process this data for the purpose of providing information to public authorities and operational entities in the cases and to the extent specified in external regulatory enactments. The legal basis for data processing is the conclusion and performance of a contract, compliance with regulatory enactments, in accordance with the consent of the Customer - data subject, our legitimate interests (e.g. to verify the Customer's identity before concluding a contract; to ensure the fulfilment of contractual obligations; to analyse website usage, to ensure the efficiency of service provision, etc.).

4. Categories of personal data

Categories of personal data – name, surname, personal identification number, e-mail or postal address, IP address, telephone number, content of messages or letters, etc.

5. Categories of recipients of personal data

The data is disclosed to those employees of the Controller who need it to perform their direct duties in order to fulfil or conclude the relevant service provision contract. When obtaining and using personal data, we partially use the services of external service providers who strictly follow our instructions in accordance with the contract and whom we monitor continuously before using their services and thereafter.

6. Categories of data subjects

Categories of data subjects – the Controller's existing, former and potential customers, as well as other persons who express a desire to communicate with the Controller.

7. Transfer of data outside Latvia

There are no plans to transfer the data received outside Latvia, the European Union or the European Economic Area, nor will it be transferred to any international organisation. At the same time, given that the Website is linked to Google and Facebook services, the Controller cannot guarantee that these companies will not transfer the data outside the European Union or the European Economic Area.

8. Data retention period

We process and store the User's personal data for as long as either party has a legal obligation to retain the data.

Once these circumstances cease to exist, and unless otherwise specified in the data protection guidelines, we will delete personal data no later than three months after the original reason for storing the data no longer applies, except in cases where we have a legal obligation to continue storing the data (e.g. for accounting or legal purposes).

9. Data subject's access to personal data

The data subject has the right to access their personal data within one month of submitting a request.

The user may submit a request to exercise their rights in writing in person at the Controller's legal address (presenting a personal identification document), by post, or by e-mail, signed with a secure electronic signature.

Upon receiving a request from the User to exercise their rights, the Controller shall verify the User's identity, evaluate the request and execute it in accordance with regulatory enactments. The User has the right to receive information specified in regulatory enactments in relation to the processing of their data, the right to request access to their personal data, as well as to request the Controller to supplement, correct or delete it, restrict its processing or the right to object to its processing, insofar as these rights do not conflict with the purpose of data processing (conclusion or performance of a contract).

The data subject shall not have the right to receive information if the disclosure of such information is prohibited by law in the interests of national security, public safety, criminal law, as well as for the purpose of safeguarding the financial interests of the State in tax matters or the supervision of financial market participants and macroeconomic analysis.

10. Cookie processing

The Website collects data about Website visitors, thus enabling the Website operator to assess how useful the Website is and how it could be improved. The Controller is constantly improving the Website with the aim of improve its usability, so the Controller needs to know what information is important to visitors to the Website, how often they visit the Website, what devices and browsers they use, what region visitors come from, and what content they prefer to read. The Controller uses Google Analytics, which allows the Controller to analyse how visitors use the Website. You can learn about the basic principles of how Google Analytics works on Google's website at https://support.google.com/analytics/answer/1012034?hl=lten&ref_topic=6157800. The Controller uses the collected data in its legitimate interests to improve its understanding of the needs of Website visitors and to improve the accessibility of the information published by the Controller. Visitors can opt out of Google Analytics data collection at any time, as described here: https://tools.google.com/dlpage/gaoptout/.

The server hosting the Website may record requests sent by visitors (device used, browser, IP address, date and time of access). The data mentioned in this section is used for technical purposes: to ensure the proper functioning and security of the Website and to investigate possible security incidents. The basis for the collection of the data mentioned in this section is the Controller's legitimate interest in ensuring the technical availability and integrity of the Website.

Cookies are small files that are stored on the visitor's computer by the browser each time the visitor visits the Website, to the extent specified in the visitor's browser settings. Certain cookies are used to select and tailor the information and advertisements offered to the visitor based on the content that the visitor has viewed previously, thereby making the use of the Website simple, convenient and individually tailored to visitors. Additional information about cookies, as well as their deletion and management, can be found at www.aboutcookies.org.

The Website uses cookies to collect user IP addresses and browsing information and to allow the Website to remember the visitor's choices. Cookies allow the Controller to track the Website's data flow and user interaction with the Website – the Controller uses this data to analyse visitor behaviour and improve the Website. The legal basis for the use of cookies is the Controller's legitimate interest in ensuring the functionality, availability and integrity of the Website.

Visitors can control and/or delete cookies at their discretion. More information about this process is available here www.aboutcookies.org. Visitors can delete all cookies on their computer, and most browsers can be set to block cookies from being placed on their computer. Visitors can opt out of cookies in their browser menu or at https://tools.google.com/dlpage/gaoptout. To make the necessary settings, visitors need to familiarise themselves with the terms and conditions of their browser. If cookies are blocked, visitors will have to manually adjust the settings each time they visit the Website, and some services and features may not work.

Statistical data about visitors to the Website can only be accessed by those employees of the Controller who are responsible for analysing such data.

Unless otherwise specified, cookies are stored until the action for which they were collected has been completed, after which they are deleted.

If the Controller's Website has a forum or comment feature, the IP address and data provided by the visitor will be stored on the Website. Cookies containing this data may be stored for one year for your convenience (so that you do not have to re-enter it next time).

11. Third-party websites

We may work with third parties who are authorised to place third-party cookies on our websites or our services, apps and tools with your consent. These service providers enable us to provide you with a better, faster and safer website experience. Please note that third-party cookies are subject to third-party privacy policies, and we are not responsible for these privacy policies.

The website has a Facebook pixel tool installed. The purpose of this tool is to tailor content and advertising to Facebook users. To learn more about Facebook's privacy policy, click here https://www.facebook.com/about/privacy/. You can also change your advertising settings in your Facebook profile.

12. Right to lodge a complaint with a supervisory authority

The data subject has the right to lodge a complaint with a supervisory authority (the Data State Inspectorate). Documents are accepted by the Data State Inspectorate by post, e-mail (documents signed with a secure electronic signature), and can also be left in the mailbox on the 1st floor at Blaumaņa iela 11/13, Riga. The Data State Inspectorate accepts e-mail messages sent to the e-mail address info@dvi.gov.lv.

13. Validity of the privacy policy

We reserve the right to change and supplement the content of this privacy policy from time to time in order to clarify how we process your data. In view of this, we invite you to review this privacy policy regularly so that you are aware of how your personal data is processed on the Website.