Enjoy free domestic shipping on orders over 50 EUR

Enjoy free domestic shipping on orders over 50 EUR

I. POLICY FOR PROCESSING PERSONAL DATA

1.1. The personal data processing policy applied in Blackflower Retail Latvia SIA, single registration number 40203546471, VAT number LV40203546471 (hereinafter referred to as the Company) (hereinafter referred to as the Privacy Policy) provides an individual – the “data subject” of this “Site” (hereinafter referred to as the “Site”) – information about the purpose , legal basis, scope, protection of the processing of personal data, as well as the period of processing at the time of receipt of the data, processing the personal data of the data subject.

1.2. Please read the Policy carefully before ordering. From time to time we may make changes to the Policy, please re-read it before making repeated purchases.

1.3. Under the General Data Protection Regulation, Personal Data is any information that can be used to identify a person, just like any information about a person who has already been identified. By using the services of our Site, you provide us with your personal data, the right to process and use them in accordance with the rules set forth in the Privacy Policy and the “Terms of Use” (hereinafter referred to as the “Terms”).

1.4. We are committed to protecting the privacy and security of our customers and Site visitors, including you.

1.5. By using the services of our Site, you have placed your trust in us. We fully appreciate this and respect the importance of the privacy and confidentiality of your data.

1.6. We comply with the principle of personal data minimization – we do not ask, collect or process personal data that is not required to achieve the goal – the purchase of goods, services or information.

1.7. We respect your privacy and make every effort to keep your personal information secure. We do not allow unsolicited mailings and under no circumstances will we sell, rent or transfer any of your data (name, address, email address, etc.) to third parties.

1.8. Disclosure of information to third parties can only be carried out on the basis of a legitimate request, an agreement or with your consent, for example, when making a purchase on lease.

1.9. You are responsible for the accuracy of the information when placing an order or contacting customer support. You confirm that you are at least 18 years of age, and also undertake not to take any action against the security of the Site.

1.10. We are not responsible for inaccurate, incomplete or erroneous data that you provide.

1.11. By using our Site and/or making a purchase of goods and/or services, you confirm that you understand the Policy and you agree to follow its changes.

1.12. If you do not agree with this Policy or with certain definitions, please do not use the services of our Site.

II. THE COMPANY AND ITS CONTACT INFORMATION

2.1. The company for the processing of personal data is the Company, legal address: Rīga, Maltas iela 22 - 52, LV-1063, Latvia.

2.2. Contact information (e-mail) of the Company for questions related to the processing of personal data, as well as for submitting requests from data subjects and reporting possible data protection violations: info@scandaltoys.lv.

III. GENERAL PROVISIONS

3.1. Personal data is any information about an identified or identifiable natural person.

3.2. The privacy policy applies to ensure the protection of confidentiality and personal data in relation to all data subjects, including such groups (hereinafter collectively referred to as “clients”):

  • individuals – customers of the Company (including potential, former and existing), their representatives, owners of real estate and other involved persons;
  • individuals – representatives of clients (legal entities) of the Company, contact persons;
  • visitors to the Company’s premises, including those who are subject to video surveillance;
  • visitors to websites managed by the Company;
  • persons whose personal data is subject to processing in social networks in connection with the activities carried out by the Company.

3.3. The Company monitors the protection of confidentiality and personal data of customers, respects the rights of customers to the legality of the processing of personal data in accordance with applicable legal acts – the Law on the processing of personal data, Regulation 2016/679 of the European Parliament and the Council of the EU of April 27, 2016 on protection individuals regarding the processing of personal data and on the free circulation of such data (General Data Protection Regulation) (hereinafter referred to as the Regulation) and other applicable legal acts in the field of privacy and data processing.

3.4. The privacy policy applies to the processing of data, regardless of the form and / or medium in which the client provides personal data (in person, on the Company’s web pages, electronically, on paper or by phone).

3.5. When processing data, the Company observes the following basic principles of data processing:

  • law and justice;
  • transparency;
  • target limitation;
  • adequacy (reducing data to a minimum);
  • accuracy;
  • storage limit;
  • integrity and confidentiality;
  • accountability.

IV. PURPOSE OF PROCESSING PERSONAL DATA

4.1. The Company processes personal data for the following purposes:

  • to provide and sell services;
  • to identify the client;
  • to draw up and conclude a contract;
  • to fulfill contractual obligations;
  • to develop new services;
  • for commercial purposes – for advertising and distribution of services;
  • for customer service;
  • to consider objections or claims (complaints);
  • to manage payments;
  • for the return and collection of debts;
  • for technical support and improvement of Internet sites and mobile applications;
  • for business planning and business analysis;
  • for the safety of customers, protection of the Company’s property;
  • for other specific purposes.

4.2. The Company may also process data for other purposes compatible with the initial purpose, ensuring the relevant rights of the data subject.

V. LEGAL BASIS FOR PROCESSING PERSONAL DATA

5.1. The company processes the personal data of the client, relying primarily on the following legal grounds:

  • for the conclusion and execution of a contract – in order to conclude a contract at the request of the client and ensure its execution (a contract also means an oral agreement on the purchase of a service);
  • to comply with legal acts – in order to fulfill a certain obligation of the Company in accordance with a binding external legal act;
  • with the consent of the data subject;
  • in legitimate (legitimate) interests – to realize legitimate interests arising from the obligations existing between the Company and the client or the concluded agreement, or other legitimate (legitimate) interests of the Company or a third party.

5.2. The legitimate (legitimate) interests of the Company are:

  • implementation of commercial activities;
  • verifying the identification of the client’s identity before providing individual services;
  • fulfillment of contractual obligations;
  • preservation of applications and applications for the provision of services received from customers;
  • development and development of services;
  • advertising their services by sending commercial messages;
  • sending other messages about the progress of the contract and significant events affecting the performance of the contract, as well as conducting customer surveys about the services and their experience in using them;
  • prevention of fraudulent actions against the Company;
  • ensuring corporate governance, financial and business accounting and analysis;
  • ensuring effective enterprise management processes;
  • providing and improving the quality of services;
  • payment management;
  • implementation of video surveillance for the security of commercial activities;
  • informing the public about their activities;
  • other legitimate interests established by the Company.

VI. PROTECTION OF PERSONAL INFORMATION

6.1. The Company protects the client’s data using the capabilities of modern technologies, taking into account the existing confidentiality risks and the Company’s reasonably available organizational, financial and technical resources, including the following security measures:

  • firewall;
  • intrusion prevention and detection software;
  • other methods of protection in accordance with the current possibilities of technological development.

6.2. Technological and organizational measures for the protection of information (including personal data) are provided for in internal regulations governing information security and the use of information systems of the Company.

VII. CATEGORIES OF RECIPIENTS OF PERSONAL DATA

7.1. The Company does not disclose to third parties the personal data of the client or any information obtained during the provision of services and the validity of the contract, including information about the goods and services received, except for the following cases:

  • in accordance with the clear and unequivocal consent of the client;
  • for the processing of personal data, involving the processor (processor) of personal data in accordance with the concluded agreement;
  • in accordance with the legitimate interests of the Company or a third party (to whom the data will be transferred), ensuring proportionality to maintain a balance between the rights and interests of the data subject, at the reasonable request of officials provided for in external legal acts, in the manner and to the extent established by external legal acts;
  • provided for in external legal acts – to protect the legitimate interests of the Company, for example, by applying to the court or other state bodies against a person who has infringed on the legitimate interests of the Company.

VIII. TRANSFER OF PERSONAL DATA

8.1. The Company does not transfer personal data to third parties, except as far as is reasonably necessary for the implementation of commercial activities, ensuring that the relevant third parties maintain the confidentiality of personal data and provide appropriate protection.

8.2. The Company has the right to transfer personal data to suppliers, subcontractors, strategic partners of the Company and other persons who help the Company and its clients in carrying out commercial activities – in order to ensure appropriate cooperation. However, in such cases, the Company requires the recipients of the data to certify their intention to use the information received only for the purposes for which the data was transferred, and in accordance with the requirements of applicable legal acts.

IX. TERRITORY OF PERSONAL DATA PROCESSING

9.1. The Company processes personal data in the European Union/European Economic Area (EU/EEA), however, in some cases, data may be transferred and processed in countries outside the EU/EEA.

9.2. The transfer and processing of personal data may be carried out outside the EU/EEA, if there is a legal basis for this, namely to fulfill a legal obligation, to enter into or fulfill a contract, or with the consent of the data subject, and in compliance with the necessary security measures. The latter include, for example:

  • the concluded agreement, including standard contractual clauses approved by the decision of the European Commission or other rules, code of conduct, certifications, etc. acts approved in accordance with the Regulation;
  • the recipient is located in a country outside the EU/EEA, but which, according to the decision of the European Commission, provides the necessary level of data protection.

X. PERIOD OF RETENTION OF PERSONAL DATA

10.1. The Company sets the terms for storing personal data, taking into account the following criteria:

  • personal data shall be stored for at least the period necessary to achieve the purpose of their processing;
  • personal data shall be stored for at least the period specified in legal acts;
  • personal data shall be stored for at least the period during which a certain person may present legal claims to the Company and / or initiate legal proceedings – in order to ensure the safety of evidence.

10.2. After the aforementioned circumstances cease to exist, the Company deletes or anonymizes the client’s personal data.

XI. RIGHTS OF THE DATA SUBJECT

11.1. The client has the right to receive the specified information in legal acts, which is related to the processing of his data.

11.2. In accordance with legal acts, the client has the right to demand from the Company access to his personal data, to supplement, correct, delete or limit processing in relation to the client, to object to processing (including the processing of personal data carried out on the basis of the legitimate interests of the Company ) and also has the right to data portability. These rights are exercisable, subject to the restrictions established in legal acts.

11.3. The client can submit a request to exercise his rights in the following ways:

  • in writing – using postal delivery to the address of the Company:
    Rīga, Maltas iela 22 - 52, LV-1063, Latvia;
  • in electronic form – by sending a document signed with a secure electronic signature to the email address (e-mail): info@scandaltoys.lv.

11.4. Upon receipt of the client’s request to exercise their rights, the Company compares personal data with the client’s identification, considers and fulfills the request in accordance with legal acts.

11.5. The company issues a response to the client in a reliable way that ensures identification of the person.

11.6. The volume of information provided to the data subject may be limited in order to prevent adverse impact on the rights and freedoms of other persons (including employees of the Company, other data subjects).

11.7. The Company intends to ensure the accuracy of personal data and relies on its customers, suppliers and other third parties who transmit personal data regarding the completeness and correctness of the transmitted personal data.

XII. CLIENT’S CONSENT TO DATA PROCESSING AND THE RIGHT TO WITHDRAW CONSENT

12.1. The client has the right to revoke his consent to data processing at any time in the same way that the consent was given and / or by submitting a separate application. In this case, the processing of data, which is based on the previously given consent for a specific purpose, is no longer carried out.

12.2. The withdrawal of consent does not affect the processing of data that was carried out at the time when the consent of the client was in force.

12.3. By withdrawing consent, the client cannot interrupt the processing of data that the Company carries out in accordance with other legal grounds.

12.4. The use of photographs of students in information materials, on the website, the public use of such photographs on the premises of the Society or in any other way is permitted after, in accordance with article 13 of the Regulations, the representative of the student is informed and no objections are received against the use of photographs for the stated purpose.

XIII. COMMERCIAL MESSAGES

13.1. Communication regarding commercial messages about the services of the Company and / or third parties and others, directly with the provision of received services of non-related messages (for example, customer surveys) is carried out by the Company in accordance with external legal acts or with the consent of the client.

13.2. Communication, including with regard to commercial messages, the Company may carry out by means of automatic devices for calling a telephone number or electronic communication.

13.3. The client gives consent to receive commercial messages from the Company and / or its partners in person – in writing at the address of the Company’s location, remotely – on the Company’s website and in mobile applications, or in another place where the Company organizes marketing activities.

13.4. The consent given by the client to receive commercial communications remains valid until the consent is withdrawn (also after the termination of the service agreement). The Client may, at any time, opt out of receiving further commercial communications in any of the following ways:

  • by notifying the email address (e-mail) contact@scandal.sex;
  • by submitting a written application to the Company;
  • by taking advantage of the automatic option provided in a commercial message to opt out of further receipt of such messages by clicking on the opt-out hyperlink at the bottom of the relevant e-mail.

13.5. The Company stops sending out commercial messages as soon as the respective request of the client is processed.

13.6. By expressing his opinion in surveys and providing his contact information (e-mail address, phone number), the client agrees that the Company can contact him using the provided contact information regarding the assessment given by the client.

XIV. WEBSITE VISITS AND COOKIE HANDLING

14.1. The Internet pages of the Company may use special Internet markers (cookies), about which an informational message is posted on the home page.

14.2. Special Internet markers are small files that Internet pages transmit to the browser (Internet browser) in order to identify the user and make it easier for him to use the Internet page. Browsers can be configured to warn the customer about the use of cookies and allow them to choose whether the customer agrees to accept them. Refusal to accept cookies does not prevent the client from using the website, however, it may limit his ability to use the website.

14.3. The website of the Company may contain hyperlinks to websites of third parties (partners of the Company), which establish their own rules for the use and protection of personal data, for the completeness and correctness of which the Company is not responsible.

XV. FINAL CONDITIONS

15.1. This Privacy Policy may be revised and amended, about which the Company intends to inform data subjects in an understandable and accessible form, if possible.