Privacy Policy

Collegium Law office SIA, reg. No. 40103528319 (hereinafter – the Controller), processes personal data obtained from the data subject – the Website User (hereinafter – the User) on www.collegium.lv website (hereinafter – the Website). The Controller shall protect the privacy and personal data of the User and respects the right of the User to the legal treatment of personal data according to the valid legal regulations – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereafter – the Regulation) and other valid legal regulations in the area of privacy and data treatment. Based on the aforementioned, the Controller has drafted this Privacy Policy to provide the User with the information required by the Regulation.

The Privacy Policy applies to data processing regardless of the form and/or medium in which the User provides the personal data (on the Website, on paper, in person or by telephone). The Controller reserves the right to modify these Terms and Conditions at any time.

It is the responsibility of the visitor to the Website to check the content of the Website in order to learn about changes made to the Terms and Conditions.

I. Identity and contact details of the Controller

Controller: Collegium Law office SIA, reg. No.: 40103528319
Controller’s address: 33A-10A Krišjāņa Valdemāra Street, Riga, LV-1010
Website: www.collegium.lv
E-mail: collegium@collegium.lv
Telephone: +371 67278302

II.Purposes for which personal data is processed and legal basis for processing

If the User provides the Controller with personal data by telephone, via the Website’s contact forms, by e-mail or by any other means, we store and use such data for the performance or conclusion of the relevant service contract, including identification of the Customer; drafting up and conclusion of the contract; provision of services (fulfilment of contractual obligations); customer service; handling and processing of complaints; customer loyalty enhancement; administration of payments and invoicing; debt collection and recovery; proof of facts; website maintenance and upgrade; business planning and analytics; planning and record keeping. We will also process such data to provide information to public authorities and operational subjects in the cases and to the extent required by external laws and regulations. The legal grounds for processing the data is the conclusion and performance of a contract, compliance with laws and regulations, our legal (legitimate) interests with consent of the Client – data subject (for example, to verify the identity of the Client before entering into a contract; to ensure the fulfilment of contractual obligations; to analyse the performance of website applications, to ensure the effectiveness of services, etc.).

III. Categories of personal data

Categories of personal data: name, surname, personal identification number, e-mail or postal address, IP address, telephone number, content of the message or letter, etc.

IV. Categories of recipients of personal data

The data shall be disclosed to those employees of the Controller who need it for the performance of their direct duties to perform or conclude the relevant service contract. For the collection and use of personal data, we partially use the services of external service providers who, according to the contract, strictly follow our instructions and who are under our constant control before using the service and in the future.\

V. Categories of data subjects

Categories of data subjects: current, former and perspective clients of the Controller, as well as other persons wishing to contact the Controller.

VI. Transfer of data outside Latvia

We neither plan to transfer the received data outside Latvia, the European Union or the European Economic Area, nor shall it be transferred to an international organisation. At the same time, as the Website is linked to Google and Facebook services, the Controller cannot guarantee that these companies will not transfer the data outside the European Union or the European Economic Area.

VII. Duration of data storage

We process and store the Users’ personal data for as long as any of the Parties is legally obliged to do so.

When those circumstances no longer apply, and unless otherwise stated in the data protection instructions, we will delete the personal data no later than three months after the original reason for retaining the data no longer applies, except cases when we are under a legal obligation to continue to retain the data (for example, but not limited to, for accounting or litigation purposes).

VIII. Access to personal data by the data subject

Data subject has the right to access his/her personal data within one month from the date of the request.

The User may submit a written request to exercise his/her rights in person, at the registered office of the Controller (upon presentation of an identity document), by mail or by e-mail, signed with a secure electronic signature.

Upon receiving the User’s request to exercise his/her rights, the Controller shall verify the User’s identity, evaluate the request and execute it in accordance with laws and regulations.

The User has the right to obtain the information required by law regarding the processing of his/her personal data, the right to access his/her personal data, as well as the right to request the Controller to supplement, rectify, delete, restrict or object to the processing of his/her personal data, provided that these rights are not in contradiction with the purpose of the data processing (the conclusion or execution of contracts).

The data subject shall not have the right to obtain information if the disclosure of such information is prohibited by law concerning national security, national defence, public security, criminal law, or for the purpose of safeguarding the state financial interests in tax matters or the supervision of financial market players and macroeconomic analysis.

IX. Third party websites

We may work with third parties who are authorised to place third party cookies on our websites or services, applications and tools with your consent. These service providers help us provide a better, faster and safer website experience. Please note that third party cookies are subject to the privacy policies of those third parties and therefore we shall not be held liable for those privacy policies.

X. Rights to file a complaint with the supervisory authority

The data subject has the right to file a complaint with the supervisory authority (the State Data Protection Inspectorate). The State Data Protection Inspectorate accepts submissions by post, e-mail (documents signed with a secure electronic signature) or delivery to the post box on the 1^st floor at 11/13 Blaumaņa Street, Riga. The State Data Protection Inspectorate accepts e-mails sent to info@dvi.gov.lv.

XI. Validity of Privacy policy

We reserve the right to modify and supplement the content of this Privacy Policy from time to time in order to clarify the description of how we process your data. Given the above, we encourage you to periodically review this Privacy Policy to ensure that you are informed regarding the way in which we process your personal data on the Website.