Privicy policy

I. CONTROLLER OF PERSONAL DATA PROCESSING AND CONTACT INFORMATION

  1. The controller of personal data processing is the association "TEPAT un KOPĀ", hereinafter - TEPAT un KOPĀ, reg. No. 50008301901, address: Ogres nov., Ikškile, Daugavas prospekts 34, LV-5052.
  2. For questions or uncertainties related to the processing of personal data, please contact TEPAT un KOPĀ data protection specialist by sending questions to the e-mail address: info@tepatunkopa.lv.

II. GENERAL TERMS

  1. The purpose of the personal data protection policy is to provide the data subject, hereinafter - the person, with information about the purposes and legal basis of personal data processing, in which cases the data is disclosed, about data storage terms and data protection, as well as to inform the person about his or her rights.
  2. The processing of personal data may concern both former and current employees of TEPAT un KOPĀ, former, current and potential donors of TEPAT un KOPĀ, members, volunteers, service providers and other people who cooperate and communicate with TEPAT un KOPĀ.

III. PURPOSES OF PERSONAL DATA PROCESSING

  1. Processing of personal data is necessary in order for TEPAT un KOPĀ to perform their functions and tasks, for example:

5.1. to support the development of TEPAT un KOPĀ;

5.2. to provide consultation and support services for children and young people, as well as their parents;

5.3. to provide lectures and trainings;

5.4. to organize trainings for staff and exchange of experience;

5.5. to ensure cooperation with partners, state and local government institutions, public organizations, including ensuring the exchange of information necessary for cooperation;

5.6. for the contracts, as well as for the fulfillment and obligations specified in the contract;

5.7. for incoming and outgoing correspondence;

5.8. for accounting purposes;

  1. Sometimes it is necessary to process personal data for TEPAT un KOPĀ to protect the interests of the individual, to ensure compliance with the law, and to provide information in accordance with the rights of individuals.

IV. LEGAL BASIS FOR PERSONAL DATA PROCESSING

  1. Before processing personal data TEPAT un KOPĀ assesses the legality of data processing. Such legal basis can be:

7.1. to fulfill all the juridical responsibilities of TEPAT un KOPĀ;

7.2. to gather information before signing a contract with a person (for instance, getting data for the contract);

7.3. to sign and fullfil the contract (data in the contract, correspondence in e-mails, contract and invoices);

7.4. to obey personal interests of TEPAT un KOPĀ  or other third parties;

7.5. to provide any services for health or social situation related issues;

7.6. to ask for permission in certain cases.

  1. If TEPAT un KOPĀ requires a person's consent to process personal data, TEPAT un KOPĀ will ask the person to provide it. If a person wishes to withdraw their given consent, it can be withdrawn at any time by sending an application.

V. CATEGORIES OF PERSONAL DATA

  1. The categories of personal data that TEPAT un KOPĀ mostly, but not exclusively, process are:

9.1. identification data – name, surname, personal number;

9.2. contact information - declared address, phone number, e-mail address;

9.3. financial data – bank account;

9.4. data about health;

9.5. data, that the person or his / her legal representative submitted to TEPAT un KOPĀ;

9.6. as well as other data depending on the legal relations between TEPAT un KOPĀ and the person.

VI. PERSONAL DATA PROCESSING PRINCIPLES

  1. TEPAT and KOPĀ follow such data processing principles when working with personal data:

10.1. to process personal data legally, in good faith and in a manner transparent to the person;

10.2. to process personal data adequately, appropriately and only those necessary to achieve the processing purposes;

10.3. to process personal data in such a secure way, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures;

10.4. personal data is stored no longer than is necessary for the purposes for which the relevant personal data is processed;

10.5. the person will be informed why personal data is needed and what TEPAT un KOPĀ will do with the personal data;

10.6. to process only accurate personal data and update it if necessary;

10.7. to collect personal data only for specific, clear and legitimate purposes, and their further processing will not be carried out in a manner incompatible with other unspecified purposes. Except if it will be necessary to fulfill the functions and obligations defined in the regulatory acts.

VII. PERSONAL DATA SECURITY AND PROTECTION

  1. The association processes personal data and ensures its protection using the capabilities of modern technologies, taking into account the privacy risks and the organizational, financial and technical resources available at TEPAT un KOPĀ.
  2. In the event of a breach of personal data protection, TEPAT and KOPĀ shall notify the Data State Inspectorate without undue delay and, if possible, no later than 72 hours after the breach became known, except in cases where it is unlikely that a breach of personal data protection could pose a risk to individual rights and freedoms.

VIII. CATEGORIES OF RECIPIENTS OF PERSONAL DATA

  1. TEPAT and KOPĀ do not disclose personal data to third parties, except if the data is to be transferred to the relevant third party:

13.1. within the concluded contract, to perform functionS necessary for the performance of the contract;

13.2. with the individual's written consent;

13.3. upon a justified request in the cases specified in the regulatory acts;

13.4. in cases specified in regulatory acts, for the protection of the legitimate interests of TEPAT un KOPĀ, for example, by appealing to the court or other state institutions against a person who has violated the legitimate interests of TEPAT un KOPĀ.

IX. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES AND AUTOMATED DECISION MAKING

  1. Personal data is processed in the European Union/European Economic Area (EU/EEA). Data is not transferred outside the EU/EEA.
  2. Automated decision-making is not done at TEPAT un KOPĀ.

X. STORAGE PERIOD

  1. TEPAT and KOPĀ store personal data only as long as necessary for the purpose of data processing, unless longer storage is stipulated in regulatory acts. The following criteria are used to determine the period of storage of personal data:

16.1. while the contract concluded with the person is valid;

16.2. as long as TEPAT un KOPĀ or a person can realize their legitimate interests in accordance with the procedures set forth in external regulatory acts;

16.3. while TEPAT un KOPĀ have a legal obligation to store data;

16.4. while the person's consent to the relevant personal data processing is valid, if there is no other legal basis for data processing.

XI. PERSONAL RIGHTS

  1. A person has the following rights:

17.1. to be informed about why TEPAT un KOPĀ processes and uses his / her personal data;

17.2. to receive information as to whether TEPAT un KOPĀ process personal data and, if processed, receive information about what personal data TEPAT un KOPĀ store about the person;

17.3. to correct your personal data if it is inaccurate or incomplete;

17.4. to ask to delete his personal data or to stop processing them (the right to be forgotten), except in cases where personal data is processed on the basis of another legal basis, such as a contract or obligations arising from relevant regulatory enactments;

17.5. to restrict the processing of personal data in certain cases, for example, if the information is not accurate. If the processing of personal data is restricted, TEPAT un KOPĀ may store relevant information in order to ensure compliance with these rights in the future;

17.6. to data portability, if TEPAT nu KOPĀ process personal data in accordance with the consent of individuals, or on the basis of a contract, and if they are stored in a structured, widely used and machine-readable format, the person has the right to request the transfer of personal data directly from one controller to another controller, if technically possible. This right does not apply to personal data that is processed to fulfill a task carried out in the public interest or in the exercise of official powers legally granted to TEPAT un KOPĀ;

17.7. to object to the use of his /her personal data for profiling, direct marketing purposes or for scientific or historical research purposes or for statistical purposes, except when the processing is necessary to fulfill a task carried out in the public interest;

17.8. not be the subject of a decision based solely on automated processing, including profiling, which creates legal consequences for the individual or similarly significantly affects the individual;

17.9. in case of claims, to submit a complaint about the processing of personal data to the Data State Inspectorate (www.dvi.gov.lv) Blaumaņa Street 11/13-15, Riga, LV-1011.

  1. In matters related to the processing of personal data, a person can contact TEPAT un KOPĀ by sending their question by mail to the legal address of TEPAT un KOPĀ: Ogres nov., Ikšķile, Daugavas prospekts 34, LV-5052 or to e-mail: info@tepatunkopa.lv.
  2. A person's requests related to the exercise of his rights are evaluated and fulfilled by TEPAT un KOPĀ within a month, counting from the moment of receipt of the request, accordingly informing the person about the actions taken by TEPAT un KOPĀ.

XII. OTHER RULES

  1. TEPAT un KOPĀ are entitled to make changes and additions to this personal data protection policy by publishing the current version of the personal data protection policy on this website.

Confirmed 03.06.2022.

Daugavas prospekts 34
Ogres nov., Ikšķile, LV-5052
+371 20121129
info@tepatunkopa.lv
The development of the website is financed by Iceland, Liechtenstein and Norway through the EEA and Norwegian grant program "Active Citizens Fund".