Skip to content
  1. Contact Us, and we will personalize your order based on your needs! Call - + (371) 20122255 or + (371) 67702280Learn More

Privacy Policy

APPROVED
SIA "RGJ"
Registration No. 40003688115
Chairman of the Board: Jānis Leitāns
May 25, 2018

PERSONAL DATA PROCESSING PRIVACY POLICY

1. Definitions

This Personal Data Processing Privacy Policy, hereinafter referred to as the Privacy Policy, describes the procedure by which SIA "RGJ", hereinafter referred to as the Company, processes personal data.

A Client is any natural person who:

  1. uses, has used, or has expressed a desire to use any services provided by the Company or is in any other way related to them, as well as third parties who, in connection with the provision of services to a natural person (Client), receive or provide any information to the Company (including contact persons, payers, etc.);
  2. visits the Company's office;
  3. visits the Company's property, yard and adjacent areas for property protection purposes, where video surveillance is carried out;
  4. visits the Company's website.

Personal Data is any information relating to an identified or identifiable natural person (Client), either directly or indirectly.

Processing is any operation performed with Personal Data (including collection, recording, storage, modification, access provision, retrieval, transmission, etc.).

The Company cares about Client privacy and personal data protection, respecting Clients' rights to lawful personal data processing in accordance with applicable legislation - Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the Regulation) and other applicable legislation in the field of privacy and data processing.

The Privacy Policy applies to data processing regardless of the form and/or medium in which the Client provides personal data (on the Company's websites, in paper format, or by telephone) and in which Company systems or paper format they are processed.

With regard to specific types of data processing (for example, cookie processing, etc.), environment, and purposes, additional specific provisions may be established, about which the Client is informed at the time when they provide the relevant data to the Company.

2. General Provisions

2.1 The purpose of the Privacy Policy is to provide the natural person (data subject) with information about the purpose, scope, protection, and period of personal data processing at the time of data acquisition and when processing the data subject's personal data.

2.2. This Privacy Policy describes how the Company generally performs Personal Data Processing. More detailed information about Personal Data Processing may also be described in contracts and other documents related to services.

2.3. This Privacy Policy is applicable if the Client uses, has used, or has expressed a desire to use the services provided by the Company, or is otherwise related to the services provided by the Company, including in relationships with the Client established before this Privacy Policy came into force.

2.4 Within the framework of applicable regulations, the Company ensures the confidentiality of Personal Data and has implemented appropriate technical and organizational measures to protect Personal Data from unauthorized access, unlawful Processing or disclosure, accidental loss, alteration, or destruction.

2.5 The Company may use approved Personal Data processors for Personal Data Processing. In such cases, the Company takes necessary measures to ensure that such Personal Data processors perform Personal Data Processing in accordance with the Company's instructions and in compliance with applicable regulations and requires the implementation of appropriate security measures.

3. Categories of Personal Data

3.1. Personal data may be collected from the Client, from the Client's use of services, and from external sources, such as public and private registers or third parties. The categories of Personal Data that the Company mostly, but not exclusively, collects and processes are:

Identification data, for example, name, surname, personal identification number, date of birth, identity document data (for example, passport copy, ID card).

Contact information, for example, address, telephone number, email address, communication language.

Family data, for example, information about the Client's family, heirs, and other related persons.

Insurance service-related data, for example, family data, beneficiaries, insured persons, third parties who have suffered damage.

Data on relationships with legal entities, for example, data that the Client has submitted or received from public registers or when conducting third-party transactions on behalf of the respective legal entity.

Professional data, for example, education or professional career.

Financial data, for example, accounts, property rights, transactions, income, liabilities, Client's financial experience and investment objectives, including data collected during the selection and provision of investment services, insurance services, and other products related to investment risk awareness.

Reliability and investigation data, for example, data on payment habits, damages or losses caused to the Company or third parties.

Data obtained and/or generated in fulfillment of statutory obligations, for example, data resulting from information requests received from investigative authorities, notaries, tax administration authorities, courts and bailiffs, information about income, credit obligations, owned properties, marks and historical marks in databases, as well as outstanding debt balances.

Data on the Client's tax residency, for example, information about country of residence, taxpayer number, citizenship.

Communication data collected when the Client visits the Company and other places where the Company provides services, or communicates with the Company by telephone, visual and/or audio recordings, email, messages and other means of communication, for example, social media, data obtained when the Client visits the Company's website or communicates through other Company channels.

Service-related data, for example, contract performance or non-performance, transactions made, concluded and expired contracts, submitted applications, requests and complaints, interests, service fees.

Data on habits, preferences and satisfaction, for example, service usage activity, services used, personal settings, responses to survey questions, Client satisfaction.

4. Purposes and Legal Basis for Personal Data Processing

The Company primarily performs Personal Data Processing for:

4.1 General customer relationship management and provision and administration of access to products and services

To conclude and execute a contract, for example, a transaction, with the Client; to ensure data is current and accurate by verifying and supplementing data using external or internal sources, based on: contract performance or to take steps at the Client's request before entering into a contract, or to fulfill a legal obligation.

4.2 Creditworthiness and risk assessment

To perform internal creditworthiness and risk assessments in order to determine which services and products and on what terms can be offered to the Client, based on: contract performance or - to take steps at the Client's request before entering into a contract, or - to fulfill a legal obligation, or in the Company's legitimate interests to ensure Personal Data is current and accurate.

4.3 Protection of Client and/or Company interests

To protect the Client's and/or Company's interests and to monitor the quality of services provided by the Company and to provide evidence for commercial transactions and other commercial communication (conversation recordings), based on: contract performance or - to take steps at the Client's request before entering into a contract, or to fulfill a legal obligation, or the Client's consent, or in the Company's legitimate interests to prevent, limit and investigate fraudulent or unlawful use of the Company's services and products or disruption thereof; for internal training or service quality assurance.

To guarantee the security of the Company and/or Client, to protect the life and health of the Client and/or their representatives and other rights of the Company and Client (visual and/or audio recordings), based on: the Company's legitimate interests to protect its Clients, employees, visitors and Company assets.

4.4 Provision of additional services, conducting customer surveys, market analysis, statistics

To offer the Client services from the Company or carefully selected partners, including providing personalized offers, based on: the Client's consent or the Company's legitimate interests to offer additional services.

To conduct Client surveys, market analysis, compile statistics; to organize games and promotions for Clients, based on: the Company's legitimate interests to improve Company services, enhance Client service usage experience and develop new products and services, or the Client's consent.

4.5 Fulfillment of legal obligations and identity verification

To comply with applicable laws and international agreements, customer due diligence, customer activity monitoring, publication of details of investment-related transactions to fulfill market transparency requirements and report them to competent authorities, to prevent, detect, investigate and report potential money laundering, terrorist financing, if the Client is subject to financial sanctions or is a politically exposed person, as well as to verify identity, based on: contract performance or to take steps at the Client's request before entering into a contract, or to fulfill a legal obligation, or in the Company's legitimate interests to ensure prudent risk management and corporate governance.

4.6 Prevention of fraudulent use of services and proper provision of services

To authorize and control access to digital channels and their operation, prevent unauthorized access and their fraudulent use, and to ensure information security, based on: contract performance or to take steps at the Client's request before entering into a contract, or to fulfill a legal obligation, or in accordance with the Client's consent, or in the Company's legitimate interests to control authorization, access and operation of the Company's digital services.

To improve technical systems, IT infrastructure, adapt service display on devices and develop Company services, for example, by testing and improving technical systems and IT infrastructure, based on the Company's legitimate interests to improve technical systems and IT infrastructure.

4.7 Establishment, exercise and defense of legal claims

To establish, exercise, defend and assign legal claims, based on: contract performance or - to take steps at the Client's request before entering into a contract, or - to fulfill a legal obligation, or in the Company's legitimate interests to exercise legal claims.

5. Profiling, Personalized Offers and Automated Decision-Making

5.1 Profiling is automatic Processing of Personal Data used to evaluate certain personal characteristics of the Client, especially to analyze or predict, for example, that natural person's economic situation, personal preferences, interests, place of residence. Profiling is used for analysis in Client consultation, for direct marketing purposes, for example, creditworthiness assessment, risk management, transaction monitoring to prevent fraud, and is justified by the Company's legitimate interests, fulfillment of legal obligations, contract performance or the Client's consent.

5.2 The Company may process Personal Data to improve the Client's digital service usage experience, for example, by adapting service display on the device used and to prepare suitable offers for the Client.

Unless the Client has restricted direct marketing in relation to themselves, the Company may perform Personal Data Processing to prepare general and personalized offers of Company services. Such marketing may be based on the services used by the Client and how the Client uses services and how the Client operates in the Company's digital channels.

5.3 For profiling based on personalized offers and marketing, which is performed in accordance with the Company's legitimate interests, the Company ensures that Clients can make choices and use a convenient tool to manage their privacy settings.

5.4 The Company may also collect statistical data about the Client, including characteristic behavior and lifestyle habits, based on demographic household data. Statistical data for creating segments/profiles may be obtained from external sources and may be combined with the Company's internal data.

6. Video Surveillance

6.1. The Company has the right to conduct video surveillance in its company (and their structural units) administrative buildings (facilities) and their territories, with the aim of ensuring security and public order, as well as protecting the life and health of employees, visitors and other persons. Video recordings are information of limited access and are used only to achieve the stated purposes.

6.2. To protect the rights and legally justified interests of the Company as an Employer and clients (protection of trade secrets, for example, client data, data to be preserved, etc.), preservation of property and financial resources, ensuring consumer rights), there is a right to conduct video surveillance also in Employee workplaces, respecting Employee rights and privacy. When deciding on video surveillance in workplaces, the Employer evaluates the proportionality of Employee video surveillance as a restriction of personal rights with the importance of protected interests and possible threat risks. Video recordings are information of limited access and are used solely to ensure the Company's legally justified rights and interests under Regulations.

6.3. The Company respects personal privacy and promises not to transfer video surveillance recordings or disclose the persons visible in them and their actions to third parties, except in exceptional cases provided for in current laws and regulations (for example: Law enforcement agency request).

6.4. The Company will store video recordings for up to one month. The exact data storage period depends on the recording quality and available memory capacity, and may differ slightly. In cases where the recording is necessary as evidence in civil proceedings, administrative proceedings, criminal proceedings or within the framework of other legal procedures, the Company reserves the right to retain the recording for as long as necessary.

7. Personal Data Recipients

Personal data is transferred to other recipients, for example:

7.1 Institutions (for example, law enforcement agencies, bailiffs, notary offices, tax administrations, supervisory authorities and financial investigation institutions)

7.2 Credit institutions and financial institutions, insurance service providers and financial service intermediaries, third parties involved in the execution of trade transactions, settlements and the reporting cycle (for example, execution venues, including regulated markets, multilateral trading systems, organized trading systems, systematic internalizers; transaction registers, approved publication structures, approved reporting systems; local and foreign brokers).

7.4 Auditors, legal advisors, financial consultants or other Personal Data processors approved by the Company.

7.5 Third parties that maintain registers (for example, debtor registers, population registers, commercial registers, securities registers and other registers that contain or through which Personal Data is transferred).

7.6 Debt collectors in accordance with assigned claims, courts, out-of-court dispute resolution institutions, bankruptcy or insolvency process administrators.

7.8 Other persons who guarantee the proper fulfillment of the Client's obligations to the Company, for example, guarantors, guarantee providers, pledgors.

7.9 Other persons related to the provision of Company services, including archiving, postal service providers, service providers of services provided to the Client for whose services the Client has registered e-invoices, healthcare institutions in case of life insurance, as well as companies that administer fees and fines related to such facilities.

8. Geographic Territory of Processing

8.1 Usually Personal Data is processed in the European Union/European Economic Area (EU/EEA), however, in certain cases it may be transferred and processed in countries that are not part of the EU/EEA.

8.2 Transfer and processing of Personal Data outside the EU/EEA may occur if there is a legal basis for it, namely, to fulfill a legal obligation, conclude or execute a contract, or in accordance with the Client's consent, and appropriate security measures have been taken. Appropriate security measures are, for example:

  • An agreement has been concluded, including EU contract standard clauses or other approved provisions, code of conduct, certifications, etc., approved in accordance with the General Data Protection Regulation;
  • In the country outside the EU/EEA where the recipient is located, an adequate level of data protection is ensured in accordance with the EU Commission decision;
  • The recipient is certified in accordance with the Privacy Shield (applies to recipients located in the United States of America).

7.3 Upon request, the Client can receive more detailed information about the transfer of Personal Data to countries outside the EU/EEA.

9. Personal Data Protection

9.1. The Company protects Client data using modern technology capabilities, taking into account existing privacy risks and organizational, financial and technical resources reasonably available to the Company, including using the following security measures:

  • Data encryption when transmitting data (SSL encryption);
  • Firewalls;
  • Intrusion protection and detection programs;
  • Other protection measures in accordance with current technical development capabilities.

10. Retention Period

10.1 Personal data will be processed only as long as necessary. The retention period may be justified by a contract with the Client, the Company's legitimate interests, or applicable regulations (for example, laws on accounting, prevention of money laundering, limitation periods, civil law, etc.) or as long as the Client's consent for the relevant personal data processing is valid, if there is no other lawful basis for data processing.

10.2. After the circumstances specified in point 10.1 cease, the Client's personal data is deleted.

11. Client Rights as Data Subject

The Client (data subject) has rights regarding their data Processing, which according to applicable regulations is classified as Personal Data. These rights are generally as follows:

11.1 Request correction of their Personal Data if it is inconsistent, incomplete or incorrect.

11.2 Object to the Processing of their Personal Data if the use of Personal Data is based on legitimate interests, including profiling for direct marketing purposes (for example, receiving marketing offers or participating in surveys).

11.3 Request deletion of their Personal Data, for example, if Personal Data is processed based on consent and the Client has withdrawn their consent. This right is not valid if the Personal Data whose deletion is requested is also processed based on another legal basis, for example, a contract or obligations arising from relevant regulations.

11.4 Restrict Processing of their Personal Data in accordance with applicable regulations, for example, during the time when the Company evaluates whether the Client has the right to deletion of their data.

11.5 Receive information about whether the Company processes their Personal Data and, if so, also access them.

11.6 Receive their Personal Data that they have provided and which is processed on the basis of consent and contract performance in written form or in one of the more commonly used electronic formats and, if possible, transfer such data to another service provider (data portability).

11.7 Withdraw their consent to the processing of their Personal Data.

11.8 Not be subject to fully automated decision-making, including profiling, if such decision-making has legal consequences or similarly significantly affects the Client. This right is not valid if decision-making is necessary to conclude or execute a contract with the Client, if decision-making is permitted in accordance with applicable regulations, or if the Client has given their explicit consent.

11.9 Submit complaints about the use of Personal Data to the Data State Inspectorate (www.dvi.gov.lv) if the Client believes that the Processing of their Personal Data violates their rights and interests in accordance with applicable regulations.

12. Contact Information

12.1 The Client can contact the Company regarding questions, withdrawal of consent, requests, exercise of data subject rights and complaints about the use of Personal Data.

12.2 SIA "RGJ" contact information is available on the website: www.rgj.lv.

12.3 Contact information of the appointed Data Protection Specialist: gundars@rgj.lv or Krustpils iela 141, Riga, LV-1057, marked "Data Protection Specialist".

13. Validity and Amendments of the Privacy Policy

13.1 This Privacy Policy is available to Clients at the Company's office and on the website www.rgj.lv.

13.2 The Company has the right to unilaterally amend this Privacy Policy at any time in accordance with applicable regulations by publishing it on the Company's website.

Production of flue connection from stainless steel to RGJ production equipment

Production of flue curve for production equipment of SIA RGJ

Production of the straight section of the flue for the production facilities of SIA RGJ

Reach out to us and get a personalized consulation based on your needs!

Or call us, and we will personalize your order based on your needs! Call - + (371) 20122255 or + (371) 67702280