• Latviešu valoda
  • English

Privacy Policy

The purpose of the privacy policy is to provide the individual - the data subject - with information about the purpose, legal basis, scope, protection, and processing period of personal data processing at the time of data acquisition and processing of the data subject's personal data.

  1. Controller and its contact information
  1. The controller of personal data processing concerning seminar/event attendees, clients, website visitors, as well as candidates for vacancies who have applied, is SIA “Kreiss”, unified registration No. 40103116320, legal address: “Bērzlapas 5”, Mārupe, Mārupes novads, LV-2167 (hereinafter – the Company).
  2. The Company's contact information for questions related to personal data processing, including reporting possible data protection violations, is datuaizsardziba@kreiss.lv.
  3. Using this contact information or contacting the Company's legal address, questions about personal data processing can be asked. Requests to exercise one's rights can be submitted in accordance with point 24.
  1. General provisions
  1. Personal data is any information about an identified or identifiable natural person.
  2. The privacy policy applies to the provision of privacy and personal data protection concerning the following groups (hereinafter collectively – Clients):
    • natural persons – candidates (applicants);
    • seminar/event attendees;
    • the Company's clients (including potential, former, and current);
    • visitors to the Company's maintained websites.
  3. The Company cares about the privacy and personal data protection of Clients, respects Clients' rights to the legality of personal data processing in accordance with applicable laws - the Personal Data Processing Law, the European Parliament and Council Regulation 2016/679 of April 27, 2016, on the protection of natural persons concerning the processing of personal data and on the free movement of such data (hereinafter - the Regulation) and other applicable laws in the field of privacy and data processing.
  4. The privacy policy applies to data processing regardless of the form and/or environment in which the Client provides personal data (in person, on the Company's website, in paper format, or by phone).

III. Purpose of personal data processing

  1. The Company processes personal data for the following purposes:
    • Providing services:
      • Identifying the Client's (legal entity's) representative;
      • Preparing and concluding a contract;
      • Delivering services (fulfilling contractual obligations);
      • Developing new services;
      • Reviewing objections or complaints;
      • Administering payments;
      • Recovering and collecting debts;
      • Maintaining and improving website operations.
    • Business planning and analytics;
    • Client security, protection of the Company's property;
    • Ensuring the conduct of personnel selection competitions and securing its legal interests, insofar as they are related to personnel selection:
      • Evaluating the candidate's compliance with the Company's requirements for the specified vacancy;
      • Concluding a contract with the candidate who meets the Company's requirements;
      • Raising, exercising, and defending the Company's legal claims.
    • The Company's legitimate purposes:
      • Conducting commercial activities;
      • Verifying the identity of the Client (legal entity's representative or authorized person, natural person) before purchasing services;
      • Ensuring the fulfillment of contractual obligations;
      • Retaining Client applications and submissions for service provision;
      • Segmenting the client database for more efficient service provision;
      • Developing and improving services;
      • Sending other messages about the progress of contract execution and significant events for contract execution, as well as conducting Client surveys about services;
      • Preventing fraudulent activities against the Company;
      • Ensuring corporate governance, financial and business accounting, and analytics;
      • Ensuring effective company management processes;
      • Ensuring and improving service quality;
      • Administering payments;
      • Conducting video surveillance for business security;
      • Informing the public about its activities.
  2. The Company may process candidate personal data for personnel selection purposes for the specific vacancy to which the candidate applies or for future personnel selection if the candidate has consented to it.
  1. Legal Basis for Personal Data Processing
  1. The legal basis for the Company's personal data processing for the following purposes:
  • Providing services:
    • Regulation Article 6(1):
      • b) processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract,
      • c) processing is necessary for compliance with a legal obligation to which the controller is subject, and
      • f) processing is necessary for the purposes of the legitimate interests pursued by the controller.
  • Business planning and analytics: Regulation Article 6(1)(f) (processing is necessary for the purposes of the legitimate interests pursued by the controller).
  • Client security, protection of the Company's property: Regulation Article 6(1)(f) (processing is necessary for the purposes of the legitimate interests pursued by the controller).
  • Conducting personnel selection competitions:
    • Regulation Article 6(1):
      • a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes,
      • c) processing is necessary for compliance with a legal obligation to which the controller is subject, and
      • f) processing is necessary for the purposes of the legitimate interests pursued by the controller; Labor Law Articles 33, 35, 38.
  • The Company's legitimate interests: General Data Protection Regulation Article 6(1)(f) (processing is necessary for the purposes of the legitimate interests pursued by the controller).
  1. Personal Data Processing
  1. The Company processes Client data using modern technology, taking into account existing privacy risks and the Company's available organizational, financial, and technical resources.
  2. The Company may make automated decisions regarding the Client. The Client is informed about such Company activities separately in accordance with regulatory acts.
  3. Automated decision-making that has legal consequences for the Client (e.g., approval or rejection of the Client's application) can only be carried out during the conclusion or execution of a contract between the Company and the Client, or based on the Client's explicit consent.
  1. Personal Data Protection
  1. The Company protects Client data using modern technology, taking into account existing privacy risks and the Company's reasonably available organizational, financial, and technical resources, including the following security measures:
    • Firewalls;
    • Intrusion protection and detection programs;
    • Other protective measures in accordance with current technological developments.

VII. Categories of Personal Data Recipients

  1. The Company does not disclose Client personal data or any information obtained during the provision of services and the operation of the contract to third parties, including information about received services, except:
    • with the Client's clear and unambiguous consent;
    • to persons specified in external regulatory acts upon their justified request, in the manner and extent specified in external regulatory acts;
    • in cases specified in external regulatory acts for the protection of the Company's legitimate interests, for example, by applying to a court or other state institutions against a person who has infringed the Company's legitimate interests.

VIII. Transfer of Personal Data

  1. The Company does not transfer personal data to third parties, except to the extent necessary for reasonable commercial activities, ensuring that the respective third parties maintain the confidentiality of personal data and provide appropriate protection.
  2. The Company is entitled to transfer personal data to the Company's suppliers, subcontractors, strategic partners, and others who assist the Company in conducting its commercial activities to implement the respective cooperation. However, in such cases, the Company requires the data recipients to commit to using the received information only for the purposes for which the data was transferred and in accordance with applicable regulatory requirements.
  1. Access to Personal Data by Third Country Subjects
  1. The Company does not transfer personal data to third countries (outside the European Union and the European Economic Area).
  1. Personal Data Retention Period
  1. The Company retains and processes Client personal data as long as at least one of the following criteria exists:
    • only as long as the contract concluded with the Client is in force or the Client is provided with the service;
    • the data is necessary for the purpose for which it was collected;
    • until the Client's application is fully reviewed and/or fulfilled;
    • as long as the Company or the Client can exercise their legitimate interests in accordance with external regulatory acts (e.g., submitting objections or filing a lawsuit);
    • as long as the Company has a legal obligation to retain the data;
    • as long as the Client's consent for the respective personal data processing is valid, if there is no other legal basis for data processing.
  2. After the circumstances mentioned in point 19 cease to exist, the Client's personal data is deleted. Audit records are retained for at least one year from the date of their creation.
  3. The Company retains and processes the personal data submitted by the candidate for 6 (six) calendar months after the end of the selection process or as long as the candidate's consent for the respective personal data processing is valid, if there is no other legal basis for data processing, and after this period, the personal data is deleted.
  1. Access to Personal Data and Other Client Rights
  1. The Client has the right to receive information specified in regulatory acts regarding the processing of their data.
  2. The Client also has the right, in accordance with regulatory acts, to request access to their personal data from the Company, as well as to request the Company to supplement, correct, or delete it, or to restrict processing concerning the Client, or the right to object to processing (including processing based on the Company's legitimate interests), as well as the right to data portability. These rights are exercisable to the extent that data processing does not arise from the Company's obligations imposed by applicable regulatory acts and which are performed in the public interest.
  3. The Client can submit a request to exercise their rights in the following ways:
  • in written form at the Company's office in Mārupe (address: “Bērzlapas 5”, Mārupe, Mārupes novads, LV-2167) or by using postal services;
  • in electronic form, signed with a secure electronic signature and sent to the email address: datuaizsardziba@kreiss.lv.
  1. Upon receiving the Client's request to exercise their rights, the Company verifies the Client's identity, evaluates the request, and fulfills it in accordance with regulatory acts.
  2. The Company's response to the Client is sent by mail to the address provided by the Client in a registered letter or to the email with a secure electronic signature (if the application is submitted with a secure electronic signature), taking into account the Client's indicated method of receiving the response as much as possible.
  3. The Company ensures the fulfillment of data processing and protection requirements in accordance with regulatory acts and takes reasonable actions to resolve objections in case of the Client's objections. However, if this is not possible, the Client has the right to contact the Data State Inspectorate.
  4. The Client has the right to receive one copy of their personal data processed by the Company free of charge.
  5. The receipt and/or use of the information mentioned in point 28 of this document may be restricted to prevent adverse effects on the rights and freedoms of other persons (including the Company's employees).
  6. The Company undertakes to ensure the accuracy of personal data and relies on its clients, suppliers, and other third parties who provide personal data to ensure the completeness and accuracy of the provided personal data.

XII. Client's Consent to Data Processing and the Right to Withdraw It

  1. The Client gives consent to the processing of personal data, the legal basis of which is consent (e.g., receiving commercial communications, analyzing personal data, receiving loyalty cards) in writing at the Company's office, on the Company's website, and in mobile applications or other places where marketing activities are organized.
  2. The Client has the right to withdraw consent to data processing at any time in the same way it was given and/or in the manner specified in point 24. In such a case, further data processing based on the previously given consent for the specific purpose will no longer be carried out.
  3. Withdrawal of consent does not affect data processing carried out at the time when the Client's consent was valid.
  4. Withdrawal of consent cannot stop data processing carried out based on other legal grounds.

XIII. Commercial Communications

  1. Communication about commercial communications regarding the Company's and/or third-party services and other notifications not directly related to the provision of agreed services (e.g., client surveys) is carried out by the Company in accordance with external regulatory acts or with the Client's consent.
  2. The Client gives consent to receive commercial communications from the Company and/or its partners in writing at the Company's office, on the Company's website, and in mobile applications or other places where the Company organizes marketing activities.
  3. The Client's given consent to receive commercial communications is valid until its withdrawal (even after the termination of the service agreement). The Client can opt-out of receiving further commercial communications at any time in one of the following ways:
  • by sending an email to: datuaizsardziba@kreiss.lv;
  • by submitting a written application at the Company's office;
  • by using the automated option provided in the commercial communication to opt-out of receiving further communications by clicking on the opt-out link at the end of the respective commercial communication (email).
  1. The Company stops sending commercial communications as soon as the Client's request is processed. The processing of the request depends on technological capabilities, which can take up to three days.
  2. By expressing their opinion in surveys and leaving their contact information (email, phone), the Client agrees that the Company may contact them using the provided contact information regarding the Client's provided evaluation.

XIV. Photography and Filming

  1. Clients (seminar and event attendees) are informed that in certain cases, when the Company's work is reflected in the media or the Company's information channels (the Company's website), photos or video recordings of the Company's event attendees may be processed, and the legal basis for such data processing is the observance of legitimate interests, except where the data subject's interests or fundamental rights and freedoms, which require the protection of personal data, are more important than such interests, especially if the data subject is a child.
  2. The Company informs event participants about the planned personal data processing in accordance with the requirements of Article 13 of the Regulation before the respective event by placing information about personal data processing in invitations and before entering the venue.
  1. Website Visits and Cookie Processing
  1. The Company's website may use cookies:
  • Cookies are files that websites place on users' computers to recognize the user and facilitate the use of the site. Internet browsers can be configured to warn the client about the use of cookies and allow the client to choose whether to accept them. Refusing cookies will not prevent the client from using the website, but it may limit the client's ability to use the website.
  • The Company's websites may contain links to third-party websites, which have their own usage and personal data protection rules, for the completeness of which the Company is not responsible.

XVI. Other Provisions

  1. The Company has the right to make changes and additions to the Privacy Policy, as well as to make it available to the Client by placing it on the Company's website.
  2. The Company retains previous versions of the Privacy Policy, and they are available on the website.
About us
Logistics services Sustainability ISO certificates Code of Ethics Kreiss supplier Code of Conduct Contact us
Other services
Transportation of oversized cargo Bulk cargo transportation Truck & Trailer sale
Jobs
Driver jobs
(+371) 67409300
info@kreiss.lv
© Kreiss 1994 - 2025. All rights reserved
Cookies policy Privacy policy