SIA CowCare
I General provisions
- SIA CowCare (hereinafter– the Controller) is a company registered in Latvia in 2007, which specializes in the sale of cattle hoof trimming equipment and materials and carries out its business worldwide.
- When processing personal data, the Controller complies with the laws and regulations in force in the Republic of Latvia, the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter– the Regulation), as well as other laws and regulations in the field of privacy and personal data processing.
- The Controller, carrying out its business, respects the privacy of the data subject [1], thus the Controller has developed this Privacy Policy (hereinafter–the Privacy Policy) for the purpose of implementing respectful and fair processing of personal data and undertakes to comply with it in its activities.
- The purpose of the Privacy Policy is to provide the data subject with the information about the purposes for which the Controller obtains personal data, the amounts of data and the period of data processing, data protection, as well as to inform the data subject about the rights and obligations of the data subject.
- This Privacy Policy applies to any natural person whose personal data is processed by the Controller and it applies to the processing of personal data, regardless of the form in which the data subject or any other natural person has provided personal data to the Controller.
II Identity and contact details of the Controller
6. Identity and contact details of the Controller: SIA CowCare, Reg. No. 54103043561, address: Aveņu street 3-8, Kocēni, Kocēni parish, Valmiera Municipality, LV-4220, e-mail: info@cowcare.eu, website address: www.cowcare.eu/.
III Types of data processed, purposes of processing, legal basis, duration
7. The Controller processes the following personal data of the potential employees, for the specified purposes, with the specified basis and for the specified duration:
7.1. Basic data (name, surname, sex, birth data/personal identity number), contact details, work experience, education (including courses and certificates), knowledge of languages, information on driving skills, other information, which a potential employee provides to the Controller when applying for a vacancy.
7.2. The purpose of personal data processing–employee recruitment.
7.3. Legal basis for the processing of personal data–Article 6 paragraph 1 point (a) of the Regulation (receiving, evaluating), Article 6 paragraph 1 point (f) of the Regulation (duration of storage), in accordance with Section 34 paragraph one of the Labour Law.
7.4. Duration of storage of personal data–until the end of the competition and three months after the end of the competition, in accordance with Section 34, Paragraph one of the Labour Law. If the Controller receives information about the complaint submitted by the data subject regarding the competition procedure or about bringing an action in court, the processed information (specific personal data) will be stored for as long as necessary for the specific process.
8. The Controller processes the following personal data of the employees, for the specified purposes, with the specified legal basis and for the specified duration:
8.1. Basic data (name, surname, sex, birth data/personal identity number), contact details, data of personal identification document, work experience, education (including courses and certificated), knowledge of languages, information on driving skills, bank account no., information on the calculated work remuneration, payment for the granted leave and reimbursement of unused annual paid leave, compensation for the time of compulsory absence from work, etc., information on business travel, mandatory health examination, data on the employee’s compliance with the epidemiological requirements in the country set out in the regulatory enactments, photo, voice record, other information necessary for the implementation of employment legal relationship.
8.2. The purpose of personal data processing–conclusion of an employment contract, implementation of employment legal relationship, performance of work functions, marketing purposes, provision of epidemiological requirements at the workplace.
8.3. Legal basis for the processing of personal data–Article 6 paragraph 1 point (b) of the Regulation, Article 6 paragraph 1 point (c) of the Regulation, Article 6 paragraph 1 point (e) of the Regulation, Article 6 paragraph 1 point (a) of the Regulation.
8.4. Duration of storage of personal data–in accordance with the regulatory enactments regulating employment until the expiration of the period for bringing an action regarding the legal employment relationship in court. In case the Controller receives information about bringing an action in court, the processed information (specific personal data) will be stored for as long as is necessary for the specific process.
Documentation of labour protection requirements in accordance with the regulatory framework. Accounting data, in accordance with the requirements specified in the law “On Accounting”. Data obtained for marketing purposes–until the end of the marketing activity, withdrawal of consent or termination of employment relationship. Data on the implementation of epidemiological requirements–until their validity–until the data is considered correct or as long as the regulatory enactments in force in the state provide for the obligation of the employer to process such data.
9. The Controller processes the following personal data of the customers or potential customers, for the specified purposes, with the specified legal basis and for the specified duration:
9.1. Basic data (name, surname, sex, birth data/personal identity number), photo, voice record, position held, phone number, contact details (email address, address), delivery address, bank account no., order information, order history, as well as, possibly, other data required to execute the transaction.
9.2. The purpose of personal data processing–execution of a legal transaction, legal protection of the transaction. Conclusion and performance of the contract (delivery). Transaction confirmation/invoice payment. Creation of a personal profile for the execution of legal transactions on the website; profile storage; person’s transaction history. Marketing purposes–advertising of goods/services, sending commercial communications.
9.3. Legal basis for the processing of personal data–Article 6 paragraph 1 point (b) of the Regulation, Article 6 paragraph 1 point (c) of the Regulation, Article 6 paragraph 1 point (a) of the Regulation.
9.4. Duration of storage of personal data–in accordance with the regulatory enactments regulating the execution of legal transactions until the expiration of the term for bringing an action in court regarding the legal transaction, as well as in accordance with the Accounting Law/law “On Accounting”, and other regulatory enactments that regulate the financial certification of legal transactions. Regarding personal data processed for marketing purposes, until the end of the marketing activity/relevance, or until the data subject withdraws his or her consent to the processing of data, or in cases when the employee has entered into a transaction as an employee of the company, until the person has terminated the employment legal relationship with the particular employer and the Controller has become aware of it. Regarding personal data in the maintenance of a person’s profile, until the person withdraws his or her consent to the processing of personal data.
IV Transfer of personal data
10. In its activities, the Controller transfers the said personal data to the specified persons:
10.1. Transfer of basic data and other mandatory data of the employee to third parties to ensure the implementation of a business travel or other activities related to the performance of work duties (for example, reservation of air tickets, reservation of accommodation, application for participation in a conference, etc.).
10.2. Transfer of basic data and other mandatory data of the employee to third parties in accordance with the Accounting Law/law “On Accounting” and other regulatory enactments applicable to the Controller, which regulate the fiscal and monetary policy in the state.
10.3. Transfer of basic data and other mandatory data of the employee to third parties, if such data are requested by the law enforcement authorities within the limits of their competence.
10.4. Transfer of basic data and contact information of the customer for the implementation of the delivery (performance of the contract).
10.5. Transfer of basic data and other mandatory data of the customer to third parties in accordance with the Accounting Law/law “On Accounting” and other regulatory enactments applicable to the Controller, which regulate the fiscal and monetary policy in the state.
10.6. Transfer of basic data and other mandatory data of the customer to third parties, if such data are requested by the law enforcement authorities within the limits of their competence.
10.7. Transfer of basic data and other mandatory data of the customer to third parties, in accordance with the provisions of the Law on Extrajudicial Recovery of Debt, to protect the legitimate interests–recovery of debt.
10.8. The Controller does not transfer the personal data of the customer or the employee outside the European Union or the European Economic Area.
V Protection and storage of personal data
11. The Controller applies various technical and organizational security measures to protect personal data of natural persons. Personal data are stored securely and are accessible to a limited number of persons–only authorized persons.
VI Rights of the data subject
12. To receive the information specified in the regulatory enactments regarding the processing of personal data or restriction of processing, or the right to object to the processing. This right is exercised in accordance with Articles 12–22 of the Regulation.
13. To submit a written request for the exercise of his or her rights using the Controller’s e-mail address: info@cowcare.eu. Upon receipt of the request from the data subject, the Controller is entitled to verify the identity of the data subject in accordance with Article 12 paragraph 6 of the Regulation. The Controller replies to the request of the data subject within the period specified in Article 12 paragraph 3 of the Regulation.
14. To receive his or her personal data, which are at the disposal of the Controller.
15. To refuse the receipt of commercial communications, processing of personal data for marketing purposes or any other processing of personal data of the data subject at any time based on the consent of the data subject. Withdrawal of consent shall be sent to the Controller’s e-mail address: info@cowcare.eu.Upon receipt of the request from the data subject, the Controller is entitled to verify the identity of the data subject in accordance with Article 12 paragraph 6 of the Regulation.
VII Final provisions
16. The Controller is entitled to make changes or additions to this Privacy Policy. The updated Privacy Policy will be published immediately on the Controller website www.cowcare.eu.
17. In order to ask questions or obtain additional information about the processing of personal data by the Controller, please use the specified contact information: info@cowcare.eu.
18. The data subject is entitled to submit a complaint to the supervisory authority (Data State Inspectorate). Contact information of the Data State Inspectorate: Elijas street 17, Riga, LV-1050. The State Data Inspectorate accepts electronic documents (signed with a secure electronic signature) that are sent to the electronic mail address info@dvi.gov.lv.
[1] Identified or identifiable natural person (Article 4 paragraph 1 of the Regulation)