Contact us

Privacy Policy

Controller and its contact information

Limited liability company "Greenpower”, registration number: 40003992236, registered office: Mārupes iela 4, Rīga, LV-1002, Latvija (“GP”).

This privacy policy applies to personal data processing performed by GP regarding:

  • individuals – customers of GP (including current, potential and former customers);
  • visitors to websites maintained by GP;
  • persons whose data are processed on social networks in relation to marketing activities organised by GP.

The Privacy Policy applies to personal data processing regardless of the format in which a person has provided their data – be it in person, on an GP website, on paper, or electronically.

What personal data are processed

Personal data are deemed to include any information on an identified or identifiable individual. GP processes the following personal data:

  • Name, surname
  • Identity code
  • Address
  • E-mail address
  • Phone number
  • Bank account number and other information relevant to a payment
  • Information voluntarily provided via a contact, application or registration form provided on an GP website

Personal data protection

GP values the safety and protection of your data. GP is bound by personal data protection regulations that follow from Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), and from the Personal Data Processing Law of the Republic of Latvia. GP complies with personal data protection legislation, which includes the observance and protection of your rights as the data subject. In implementing personal data protection requirements, GP considers the ensuing risks as well as the organizational, financial and technical resources available to GP. For data protection, GP applies the available technological capabilities, considering existing risks to privacy and organizational, financial and technical resources reasonably available to GP, including the application of the following security measures:

  • firewalls
  • intrusion protection and detection software;
  • other protective measures consistent with the state of the art in hardware development.

Purpose of personal data processing

GP processes personal data for the following purposes:

  • to support services involving the placement and execution of an order, and related consultations, as well as settlement administration;
  • buyer identification;
  • development of new goods and services;
  • advertising of goods and services and other commercial purposes;
  • review of objections or claims;
  • customer retention, loyalty facilitation, satisfaction measurements;
  • debt recovery and collection;
  • property protection and the safety of other persons;
  • pother specific purposes for which an individual’s consent has been received, including, but not limited to the maintenance and enhancement of websites and mobile applications, business planning and analytics.

Legal basis for personal data processing

Agreement conclusion and execution
GP services are provided on the basis of a written or verbal agreement between the customer and GP.GP performs personal data processing to the extent necessary for concluding and executing an agreement.
Regulatory compliance
In certain cases, GP may process personal data to ensure compliance with regulatory enactments. For instance, data on received payments are processed for tax administration purposes.
Consent
In some cases, GP may request consent to personal data processing. In such cases, consent is requested prior to commencing personal data processing, having acquainted the data subject with the planned data processing.
Consent may be requested for the receipt of commercial notifications or e.g. surveys. By expressing one’s opinion in a survey and leaving one’s contact information (e-mail, phone number, a person consents to GP contacting them using the provided contact information, with regard to the assessment provided.
Consent is not mandatory, and one may also withhold consent to the processing of their personal data. An individual is further entitled to, at any time, revoke consent previously provided, either in the manner in which it was provided or by contacting GP. The revocation of consent does not process data processing performed prior to the revocation. Revocation of consent cannot disrupt the processing of data performed on any other legitimate basis.
Legitimate interest
It is in the interest of GP to maintain successful business operations and provide services while protecting its assets and fulfilling its financial obligations. Thus, GP may perform personal data processing only to the extent necessary for safeguarding its legitimate interests:

  • verifying the identity of an individual prior to the purchase of certain goods or services;
  • ensuring debt collection;
  • contact in matters addressed by an individual;
  • conducting customer attraction and/or retention activities;
  • segmenting the customer base for more effective provision of services;
  • developing and enhancing its goods and services;
  • advertising its goods and services by sending commercial notifications;
  • sending other messages on the progress of agreement execution and events substantial to execution, and performing polls regarding goods and services and the experience of using them;
  • preventing fraudulent activities against GP;
  • maintaining corporate governance, financial and business records and analytics;
  • maintaining effective corporate governance processes;
  • maintaining and improving service quality;
  • administrating payments;
  • informing the public about its activities.

Automated decision-making

GP may perform automated decision-making. With regard to such activities, GP provides separate notification in accordance with the applicable legislation. Automated decision-making which produces legal consequences (e.g. the adoption or rejection of a decision) may be performed only in the course of concluding or executing an agreement between GP and the relevant person, or on the basis of consent.

Categories of personal data recipients

GP may forward personal data to service providers that enable the company’s company activities and perform processing of personal data on behalf of and upon the assignment of GP (data processors). For instance, GP may involve IT service providers to maintain an GP website. Other data processors include:

  • marketing activities;
  • accounting service providers, lawyers, tax advisors;
  • other parties ensuring the core activities of GP and provision of related services.

GP ensures that data processors involved in processing personal data on behalf of and upon the assignment of GP maintain confidentiality and provide adequate protection. Personal data may also be forwarded to other parties not engaged in processing personal data on behalf of and upon the assignment of GP (data administrators). These include:

  • aw enforcement authorities;
  • banks and other payment service providers;
  • other parties, given a substantiated request on their part, in accordance with the procedure and to the extent specified in external regulations.

Data processing by data administrators is regulated by the terms of use and privacy policies of relevant data administrators. GP shall not be liable for the processing of data by such parties (data administrators).

Transfer of personal data outside the EU

GP does not transfer personal data outside the European Union or the European Economic Area.

Duration of personal data retention

GP stores and processes personal data while at least one of the following criteria applies:

  • for as long as a service agreement is in force, or a service is being provided;
  • while the data are necessary for some purpose for which they have been collected;
  • while an application made by an individual is fully reviewed and/or executed;
  • while, in accordance with the procedure specified in external regulations, GP or the customer may pursue their legitimate interests (e.g. submit objections or raise a claim in a court of law);
  • while GP has the legal obligation to retain the data;
  • while consent to the relevant personal data processing is in force, unless some other legal basis for data processing exists.

Once the circumstances listed herein cease to apply, personal data are deleted or destroyed.

Access to personal data and other rights

Any individual (data subject) is entitled to receive information as specified in the applicable legislation pertaining to the processing of their data, and to receive a copy of their personal data, to request that GP supplement, rectify or delete the data, or restrict processing of their data. A data subject is entitled to object to processing (including the processing of personal data performed on the basis of the legitimate interests of GP), and the right to data portability. Contact information for matters of personal data processing or protection:

  • Address: Mārupes iela 4, Rīga, LV-1002, Latvija
  • E-mail address: info@gplatvia.eu

To verify the identity of an applicant, questions and requests addressed to GP should be made in writing and signed either by hand or using a digital signature. GP ensures the fulfilment of data processing and protection requirements in accordance with the applicable legislation and, in the event of objections, takes reasonable action to resolve an objection. However, if this is not possible, the data subject is entitled to contact a supervisory body – the Data State Inspectorate. The data subject is entitled to receive one copy of their personal data being processed by GP, free of charge.

Commercial messages

GP may send commercial messages to customers regarding similar goods or services. Other commercial messages may be sent only with prior consent from the relevant individual. An individual may at any time refuse the receipt of further commercial messages:

  • by sending an e-mail to the address: info@gplatvia.eu
  • by calling +371 29478865;
  • by submitting a written application to the office of GP;
  • by using the automated option of refusing further messages provided in a commercial message, i.e. by clicking the unsubscribe link at the bottom of the relevant commercial message (e-mail).

GP suspends the sending of commercial messages as soon as the relevant request is processed. Request processing may take up to 3 business days.

Website visits and cookie processing

GP websites may use cookies. Cookies are files placed by websites on user computers to recognize the users and simplify use of a website. For more information on cookies and how to manage or delete them, please visit www.aboutcookies.org. Purposes of cookie placement:

  • improving the website usage experience;
  • gathering and analyzing statistical information about visits to a website.

Web browsers may be configured in such a way as to warn a customer about the use of cookies and allow the choice to either accept or reject them. Failure to accept cookies will not prevent the use of a website but may limit its usefulness. GP websites may place links to third party websites with their respective usage and personal data processing policies, for the comprehensiveness of which GP is not responsible.

Miscellaneous

GP is entitled to modify and update the Privacy Policy by publishing the updated version on an GP website.