Privacy Policy

🔒 Privacy Protection Policy

1. General Information on Data Processing

1.1. This Privacy Protection Policy establishes the principles by which Aiva Bundze, Reg. No. 05058411383, Peldu iela 6, Valmiera, LV-4201 (hereinafter – the "Controller"), processes and stores personal data received from visitors and customers (hereinafter – the "Client" or "You") of the online store www.marredeco.lv.

1.2. Personal data is any information relating to an identified or identifiable natural person. Data processing encompasses all operations performed on personal data, including collection, recording, storage, use, transmission, and deletion.

1.3. The Controller ensures that personal data is processed in accordance with the applicable regulatory acts, including the requirements of the European Parliament and Council General Data Protection Regulation (EU) 2016/679 (GDPR).

2. Collection, Processing, and Storage of Personal Data

2.1. Client data is primarily obtained when making purchases in the online store, via email, or, in specific cases (e.g., for marketing or corporate orders), in paper format.

2.2. By using the website and providing the Controller with your personal data, You confirm your consent to the processing of this data in accordance with this Policy.

2.3. The Client is responsible for the accuracy and truthfulness of the provided information and is obliged to promptly inform the Controller about any data changes.

2.4. The Controller is not responsible for any losses incurred by the Client as a result of providing untrue or inaccurate information.

3. Purposes and Terms of Client Data Processing

3.1. The Controller may process the following categories of Client data: 3.1.1. Identification Information (name, surname) 3.1.2. Individual Data (date of birth) 3.1.3. Contact Information (email and/or telephone number) 3.1.4. Transaction Details (purchased goods, delivery address, fee, payment method, etc.) 3.1.5. Any other information provided when purchasing goods or contacting the Controller.

3.2. The Controller has the right to verify the submitted data using public national registries.

3.3. The legal basis for data processing is Article 6(1)(a), (b), (c), and (f) of the GDPR, which includes Client consent, contract performance, compliance with legal obligations, and the Controller's legitimate interests.

3.4. Data Storage Period: The Controller stores and processes data as long as at least one of the following conditions exists: 3.4.1. The data is necessary to achieve the initially defined purpose; 3.4.2. The Controller or the Client can exercise their rights and legitimate interests (e.g., dispute resolution in court); 3.4.3. The Controller is subject to a statutory obligation to store the data (e.g., under the Accounting Law); 3.4.4. The Client's consent for data processing remains in effect, provided there is no other legal basis.

Upon the expiration of these conditions, all relevant data is permanently deleted or anonymized.

3.5. Data Transfer to Third Parties: To fulfil obligations towards You, the Controller may transfer your personal data to its data processors and cooperation partners (e.g., accountants, courier services). Payment processing is provided by the makecommerce.lv platform, therefore the necessary data is transferred to Maksekeskus AS. Data may also be transferred to state and law enforcement authorities if necessary for the protection of legal interests.

3.6. The Controller takes all necessary organizational and technical measures to ensure data protection.

4. Client Rights

4.1. According to the GDPR and Latvian legislation, You have the following rights: 4.1.1. The right to access and information about the processing, as well as the right to data portability (to receive a copy of the data electronically and transfer it to another controller). 4.1.2. The right to request data rectification. 4.1.3. The right to data erasure ("right to be forgotten"), unless regulatory acts require data retention. 4.1.4. The right to withdraw the given consent. 4.1.5. The right to restrict data processing. 4.1.6. The right to file a complaint with the Data State Inspectorate.

4.2. To exercise your rights, please send a written request:

In person: Peldu iela 6, Valmiera, LV-4201,

Or electronically: info@marredeco.lv

5. Concluding Provisions

5.1. This Policy has been developed in compliance with the GDPR and the legislation of the Republic of Latvia.

5.2. The Controller has the right to change this Policy at any time without prior notice. The latest version of the Policy is always available on the website: https://www.marredeco.lv