The purpose of this Privacy Policy is to provide the individual - SIA" Sertifikācijas un testēšanas centrs"
information to the customer, who is the data subject, on the purpose, scope, protection of the processing of personal data,
the duration of the processing and the rights of the data subject at the time of obtaining the data, as well as when processing the customer's personal data
Data.
The Controller of personal data processing is SIA "Sertifikācijas un testēšanas centrs" (hereinafter - STC),
registration number 40003025542, legal address: Dārza iela 12, Priekuļi, Priekuļu pagasts, Cesis
region, LV-4126, contact phone number for data processing and protection issues: +371 64130013.
STC processes personal data in accordance with Regulation of the European Parliament and of the Council of 27 April 2016
2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data
(Regulation) and other applicable privacy and data processing legislation. Processing
personal data are kept confidential and appropriate technical and organisational
measures to protect personal data against unauthorised access, unlawful processing or
disclosure, accidental loss, alteration or destruction.
The data subject shall have the right to lodge a complaint with the Data Protection State
Inspection.
STC processes personal data for one or more of the following purposes:
For training, certification and other services provided by STC:
- to identify the client;
for the preparation and conclusion of the contract
for service delivery
improving the quality of services, developing new services
- customer relationship management and marketing
- to examine and process objections;
to administer the settlements;
to ensure and monitor compliance with organised learning processes
- for education documents, certificates
- video surveillance to prevent crime and protect customer property;
- in the cases provided for by law.
For other specific purposes, which are notified to the Customer at the time the Customer provides the relevant data
STC.
These categories of personal data may be provided by the data subjects themselves, may be obtained through the customer's STC
services, as well as from third parties (e.g. public or private registers):
- personal identification data (name, surname, personal identification number, date and place of birth, identification
document details);
- contact details (postal address, telephone, email address)
- visual data (recordings from CCTV cameras installed in STC-owned adjacent
territory);
- details of related parties (e.g. the client's agents and attorneys and other related parties);
- personal financial and transactional information (e.g. account information, transactions made
copies of contracts and invoices)
- other data related to the receipt of services (e.g. herd number, laboratory
examination data, certification data, technical file preparation data, education data, etc.)
- for the conclusion and performance of a contract - to conclude a contract (written or oral) at the Client's request
and ensure its enforcement;
- Regulatory Compliance - to comply with an obligation imposed on STC by binding external legislation;
- Subject to the consent of the Customer - data subject;
- Legitimate interests - to enforce an obligation between STC and the Customer or
the STC's legitimate (lawful) interests arising from the concluded contract or from the law.
Conduct business;
- Provide training, certification and other services;
- Ensure and improve the quality of services;
- Administer payments;
- Ensuring compliance with contractual obligations;
- Public order and the prevention or detection of crime in connection with
protection of property..;
- Maintain a customer database for more efficient service delivery;
- Advertise your services by sending commercial communications;
- To send other reports on the progress of the Contract and on developments relevant to the performance of the Contract;
- Apply to public administration and law enforcement authorities and to the courts to protect your legal interests;
- Inform the public about your activities.
STC shall not disclose to any third party the Client's personal data or any part of the provision of the Services and the Contract
information about the Data Subject obtained in the course of the activity, except where the third party concerned
to be transferred:
- within the framework of a contract, to perform a function necessary for the performance of the contract or delegated by law;
(e.g. for updating data with the Rural Support Service, the State Technical Supervision Agency);
- subject to the Client's express and unambiguous consent;
- to persons provided for in external laws and regulations upon their reasoned request, in external laws and regulations
in the manner and to the extent provided for by law;
- in cases provided for in external laws and regulations for the protection of STC's legitimate interests, such as,
taking legal action in court or before other public authorities against a person who has infringed your legitimate interests.
The transfer and processing of personal data outside the EU/EEA may take place where there is a legal basis for doing so, namely to
to perform a legal obligation, enter into or perform a contract, or in accordance with the Client's consent, and is
adequate safety measures, such as:
- an agreement, including standard EU treaty clauses or other agreed rules, to act
code, certifications, etc. that are approved under the General Data Protection Regulation;
- In the non-EU/EEA country where the beneficiary is located, in accordance with the decision of the EU Commission
an adequate level of data protection.
STC shall retain and process the Data Subject's personal data until at least one of the following criteria is met:
- the contract between STC and the Data Subject is in force;
- STC or the Data Subject may exercise its legitimate interests in accordance with the procedures set out in external laws and regulations
interests;
- STC has a legal obligation to keep personal data;
- the Data Subject's consent to the processing of the personal data concerned is valid, unless there is another
lawful basis for processing.
- personal data (video recordings) obtained by means of video surveillance are stored for a maximum period of 5 days from
the date on which;
After none of the criteria referred to in paragraph 9 are fulfilled, the personal data of the Data Subject shall
are deleted.
The Customer has the right to receive information relating to the processing of his/her data held by STC, to request it
rectification, erasure, restriction of processing, object to the processing of personal data, as well as the right to
the portability of your data in the cases and according to the procedures set out in the Regulation.
The customer may submit a request for the exercise of their rights:
- in writing in person at the STC registered office, on presentation of an identity document;
- by electronic mail, signed with a secure electronic signature.
- by submitting a request to that effect to STC by post. In this case, the STC reserves the option of requesting
the data subject to further identify himself/herself in order to ensure the security of the data subject's personal data; and
disclosure to the person concerned.
Upon receipt of a Client's request to exercise its rights, STC shall verify the identity of the Client, assess
and shall comply with the request within one month of receipt of the request, informing the Data Subject accordingly
the purpose of the data processed, the legal basis for the processing, the category of data, the recipient, the storage
the time limit, information on other data sources if the personal data have been obtained from a third party, guarantees if
the data is transferred to a third party or outside the EU/EEA. Given the complexity of the request, the time taken to execute it
may be extended for a further two months. In this case, STC shall inform the Data Subject of the request
the extension and the reasons for the delay within one month of receipt of the request. If, on assessment
the Data Subject's request, the STC concludes that the Data Subject's request is manifestly unfounded or
excessive, STC may, after providing the Data Subject with an appropriate explanation, require a reasonable fee, taking into account
take into account the administrative costs involved in carrying out the requested action, or - refuse to comply
Demand.
STC shall send its reply to the Customer by post to the contact address provided by the Customer by registered letter or electronically
to the e-mail address, taking into account, as far as possible, the method of receipt of the reply indicated by the Client.
The Customer consents to the processing of personal data for which consent is the legal basis (e.g. information
the maintenance of the certificate, the training process) can be given to STC by e-mail, as well as in writing in person
at the registered office of the STC.
The Customer's consent to receive commercial communications shall remain valid until revoked (including after
termination of the service contract) The Customer may at any time withdraw from further commercial
notifications received in one of the following ways:
- by sending an email to noreply@stc.lv;
- by calling the STC contact number +371 64130013;
- in person at the registered office of STC.
Withdrawal of consent shall not affect the processing of data carried out at the time when the Customer's consent was
valid. Withdrawal of consent may not interrupt the processing of data carried out on the basis of other
legal bases
STC shall communicate with the Client using the contact details provided by the Client (telephone number, email
address, postal address). STC shall communicate the performance of the contractual service obligations on the basis of the contract concluded
(verbal, written) basis (e.g. coordination of service times, information on
invoices, planned works, changes to services, etc.)
www.stc.lv website may use cookies. www.stc.lv website may contain links to third
personal websites, which have their own terms of use and personal data protection rules
STC accepts no liability.
The website of the data controller may include social media features, (for example, Facebook,
Instagram "Like" and "Share" buttons. )
The Data Controller may receive a comment or link shared by the user from the social pages of the Data Controller's website
on media websites
Interaction with these Features is governed by the privacy policy of the company that provides these Features,
(e.g. Facebook's privacy policy).
The document shall remain in force after approval until new rules are adopted. Previous
versions and the current version is available to the Customer on the STC website.
Dārza iela 12, Priekuli, Priekuli parish, Cesis district, LV-4126
Reg.No 40003025542
VAT EN 40003025542
AS Citadele Banka
Code PARXLV22
Account LV53 PARX 001 362 829 0004
Copyright © 2021 - 2025 SIA "Sertifikācijas un testēšanas centrs"
