Liked products
0
My Cart 0
 

“MOTOFAVORĪTS”

Privacy policy

  1. Purpose and scope of the privacy policy

    The Privacy Policy (hereinafter - the Policy) describes and provides information to identifiable natural persons (hereinafter - the Data Subject) how the Controller processes the Data Subject's personal data, if they have decided to visit the Controller's website motoveikals.lv, contact the Controller using the specified telephone numbers or have decided to attend one of the events organized by the Manager or its group company, including visiting the premises of the Manager or its group company in order to familiarize themselves with current offers or receive services/purchased goods.

    In this Policy, the Controller has described measures to ensure that the interests and freedoms of the data subject are protected, while ensuring that their data is processed in good faith, lawfully and in a transparent manner for the data subject.

    The policy applies to the processing of personal data, regardless of the form and/or medium in which the natural person provides personal data (entering the territory and/or premises, by telephone, verbally, etc.) and in which Controller's systems (video, audio, web etc.) they are processed.
    If this Policy is updated (updated), all changes will be published on the Manager's website in the Privacy Policy section. If you are interested in the historical editions of the Policy, please contact the Administrator using the contact information below. In any event, amendments to this Policy shall become effective on the date specified in the notices of changes to this Policy.

    2. Manager

    The Controller of personal data processing is the limited liability company "MOTOFAVORĪTS" (unified reg. No. 40003588773, contact information: K.Ulmaņa gatve 21, Riga LV-1004, telephone: 67606062, e-mail address: motoveikals@motofavorits.lv, home page www.motoveikals.lv ) (in this Policy - Controller).

    3. Governing Law

    Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) ( hereinafter – the Regulation).
    Other applicable legal acts in the field of data processing and protection of natural persons, including laws and regulations regulating information society services.

    4. Purposes of personal data processing

    The manager has implemented:
    video surveillance with the aim of preventing or detecting criminal offenses related to the protection of persons and property, the protection of the legal interests of the Manager or a third party and the protection of vital interests of persons, including life and health;
    making audio recordings of telephone conversations with the aim of ensuring and improving the quality of the services provided by the Controller and the protection of the legal interests of the Controller;
    preservation and accounting of incoming and outgoing communication (e-mails, postal letters and other types) in order to ensure compliance with the legitimate interests of the Controller.
    Representation of events organized by the manager or its group of companies in mass media and social networks to ensure recognition of the company, its group, as well as the brands of the represented manufacturers.
    The controller analyzes the visit history for the purpose of market research and analysis of the opinions of data subjects, as well as for statistics and the use of certain website functions and the display of website content according to the user.
    The purposes of data processing of the person mentioned in this policy are not to process data of special categories, for example, related to race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or data related to health or sexual orientation.


    When processing personal data for other purposes that are not specified in this Policy, the Controller informs the data subject separately about the individual conditions of their processing, observing the conditions of Article 13 of the Regulation. In this Policy, the controller has allocated data processing to fulfill, in particular, the conditions of Article 14 of the Regulation, that is, personal data is not obtained intentionally from the data subject.

5. What personal data does the Controller process?

The categories of personal data processed by the Controller depend on the services of the Controller used by natural persons. For instance,
when the data subject enters/reaches the Controller's service center, premises or its territory where video surveillance is carried out, its video image and the time when it visited the premises may be processed. Environmental monitoring is not carried out in areas where data subjects expect increased privacy, in rest areas, dressing rooms, etc. Video surveillance camera recording areas are focused on corridors, entrances/exits, cars and their flow in the Manager's territory;
when calling the phone numbers specified by the Manager, the content of the communication will be recorded, as well as the caller's phone number will be fixed. no., unless the caller has taken steps to prevent it from being disclosed;
when communicating in writing with the Controller, the content and time of the communication may be saved, as well as information about the communication tool used (e-mail address, phone no., WhatsApp, Skype username, etc., address);
when attending events organized by the Manager or its group, event visitors may be photographed, captured in video footage, and may also be asked to give interviews or give an opinion about the course of the event, recording your name and, if necessary, additional information that you would like to provide. The relevant materials can be used to create the Manager's archive and ensure brand recognition by publishing video recordings, photographs on the social networks of the Manager, its group companies or represented manufacturers, as well as in any mass media. Also, especially if you have received an invitation to one of the events organized by the Controller or its group, then in order to ensure the safe conduct of the event, additional information may be requested from you that identifies you (name, surname, personal identification number, etc. )
The Manager analyzes the history of visits using online identifiers, as well as the information intentionally left by the data subject (for example, evaluation of the service provided, experience of visiting the website, movement, information about the desire to attend one of the events organized by the Manager, etc.) in order to carry out market research and opinion analysis.

6. What is the legal basis for processing personal data?

video surveillance with the aim of preventing or detecting criminal offenses related to the protection of persons and property, the protection of the legal interests of the Manager or a third party and the protection of vital interests of persons, including life and health. Video surveillance is carried out on the basis of Article of the Regulation

Subsections d) and f) of paragraph 1, i.e.

The processing of personal data is necessary to protect the vital interests of the data subject or another natural person (for example, in video surveillance, if the processing of personal data is necessary to protect the life and health of a person, which are related to the prevention and/or detection of criminal offenses);
To ensure the legitimate interests of the administrator and third parties (for example, to prevent or detect criminal offenses related to property protection, provide evidence, ensure the highest standards of customer service quality).
Making audio recordings of telephone conversations with the aim of ensuring and improving the quality of services provided by the Manager and protecting the legal interests of the Manager. Audio recording of telephone conversations is made (if made) based on Article 6, Clause 1, subparagraph f) of the Regulation, i.e. To ensure the legitimate interests of the controller and third parties (for example, to investigate cases where complaints have been received about the quality of customer service, as well as to provide evidence against possible claims).
the preservation and accounting of incoming and outgoing communication (e-mails, postal letters and other types) is carried out on the basis of Article 6, Clause 1, subparagraphs c) and f) of the Regulation.
in order to ensure the fulfillment of the obligations of the Controller defined in the regulatory acts, that is, to list correspondence, in accordance with the nomenclature of the Controller and the requirements arising from the "Archives Law";
to ensure compliance with the Controller's legitimate interests, for example (for example, to investigate cases where complaints have been received about the quality of customer service and also to provide evidence against possible claims).


Representation of events organized by the manager or its group of companies in mass media and social networks to ensure recognition of the company, its group, as well as the brands of the represented manufacturers. In corporate events, processing of personal data is carried out on the basis of Article 1 a) and
subsection i.
The Controller is entitled to process personal data if the Data Subject himself has given his consent to the processing of his personal data for one or more specific purposes. The consent of a person is his free will and independent decision, which is given voluntarily, thus allowing the Controller to process personal data for the purposes specified in this Policy. The person's consent is binding if it is given orally (for example, before the event and in this Policy, the person is provided with information that personal data will be processed and the person, by attending the event, giving interviews, deliberately taking photos and filming, agrees that his personal data will be used to achieve the goals specified in this Policy). A person has the right to withdraw theirs at any time

consent provided above using the contact information provided in this Policy. Withdrawal of consent does not affect the legality of data processing carried out at the time when the person's consent was valid. By withdrawing the consent, the processing of data, which is carried out on the basis of other legal bases, for example, on the basis of the legitimate interests of the Controller and third parties (group companies, car manufacturers), cannot be stopped.

The controller has a legitimate interest in reflecting the events it organizes or events in which it takes part in the mass media and social networks, thus ensuring the recognition of its brands or the brands it represents. When choosing which information to publish, the controller always applies the highest ethical standards, thus, trying to ensure that the rights and freedoms of data subjects will not be violated by publications. At the same time, the Controller is aware that it may not be aware of all the facts and circumstances, therefore, in order to ensure fair data processing, it does not prevent any of the data subjects from contacting the Controller at any time using the above information in order to object to the data processing.
The controller conducts the analysis of the history of visits to the website, social networks, in order to conduct market research and analysis of the opinions of data subjects, based on Article 1, subparagraph f) of the Regulation, i.e. The controller has a legitimate interest in conducting an analysis that indicates or can testify to the brand's , or the recognition of the brands it represents.

7. What is the period of personal data processing?

When choosing the criteria for storing personal data, the controller takes into account the following conditions:
whether the period of storage of personal data is determined or follows from the regulatory enactments of the Republic of Latvia and the European Union;
for what period is it necessary to store the relevant personal data in order to ensure the realization and protection of the legitimate interests of the Controller or a third party;
until the consent given by the person to the processing of personal data has not been withdrawn and there is no other legal basis for data processing, for example, to fulfill obligations binding on the Manager;
The Manager needs to protect the vital interests of the Data Subject or other natural person, including life and health.
video surveillance recordings with the aim of preventing or detecting criminal offenses related to the protection of persons and property, the protection of the legal interests of the Manager or a third party and the protection of vital interests of persons, including life and health, will be stored for a period not exceeding 30 days, unless the relevant video recording possibly illegal behavior or behavior that will possibly help the Manager or third parties to secure their legal interests will not be reflected. In this case, the relevant video recording may be retrieved and stored until the legal interest is satisfied.
audio recordings of telephone conversations with the aim of ensuring and improving the quality of the services provided by the Controller and protecting the legal interests of the Controller will be stored for a period not exceeding sixty days, unless the corresponding audio recording does not reflect potentially illegal behavior or behavior that may help the Controller or third parties to ensure their legal rights interests. In this case, the relevant audio recording may be retrieved and stored until the legal interest is satisfied.
the preservation and recording of incoming and outgoing communications (e-mails, postal letters and other types) in order to ensure that the Controller's legitimate interests are respected, will be kept for a period not exceeding five years, unless the relevant communication reflects potentially illegal behavior or behavior that, possible, will help the Controller or third parties to secure their legal interests.


Representation of events organized by the manager or its group of companies in mass media and social networks to ensure recognition of the company, its group, as well as the brands of the represented manufacturers. In order to ensure the historical development of the company, the Manager plans to store the obtained information independently. Also, in order to fulfill the principle of honest data processing, the Controller explains that, subject to the fact that the purpose of the data processing referred to in this paragraph is to publicize information about the activities of the Controller, its group or represented producers, then the obtained materials will be publicly available and any third party will be able to access them .
The controller analyzes the visit history for market research and analysis of the opinions of data subjects.
After the end of the storage period, the personal data will be permanently deleted.

8.  Who accesses the information and to whom is it disclosed?

  • The controller is obliged to provide information about the processed personal data:
    law enforcement authorities, a court or other state and local government institutions, if it follows from the regulatory enactments and the relevant institutions have the right to the requested information, if it had to be specifically requested;
    if personal data must be transferred to the relevant third party within the framework of the concluded contract, in order to perform some function necessary for the performance of the contract (for example, in the case of an insurance contract, for the realization of the legitimate interests of the Manager; when the photographer performs photo work) or if it is necessary to improve better service and quality services to the client;
    in accordance with the clear and unambiguous request of the Data Subject;
    for the protection of legal interests, for example, by applying to the court or other state institutions against a person who has violated these legal interests of the Manager.
    Recipients of personal data can be authorized employees of the Controller, Processors, law enforcement and supervisory institutions.
    The manager will provide the personal data of natural persons only to the necessary and sufficient extent, in accordance with the requirements of regulatory acts and the justified objective circumstances of the specific situation.

    Personal data specified in this Policy is not intended to be sent to a third country (a country that is not a member of the European Union or the European Economic Area), except for data processed in the electronic environment. In this case, the Processors selected by the Manager (google.com (google analytics), facebook.com, twitter.com, snapchat, etc.) are recognized as companies operating outside the European Union and European Economic Area member states, so the Manager invites you to familiarize yourself with the privacy policies of these companies or contact the Manager separately with a request to provide additional information on the conditions of cooperation.

9.  How is the Data Subject informed about the processing of personal data?

  • The data subject is informed about the processing of personal data specified in this Policy using a multi-level approach, which includes the following methods:
    notices are posted at video surveillance locations, which warn Data Subjects (pedestrians, drivers, visitors, employees, etc.) that video surveillance is taking place on the Controller's territory, providing basic information related to video surveillance, as well as informing them of the possibilities to receive more detailed information;
    when calling the contact numbers specified by the Manager, the data subject is informed about the audio recording (if it is made), inviting them to familiarize themselves with additional information in this policy or to ask the Manager's employee who is being called;
    when announcing information about the Manager's events, the Manager provides basic information, inviting you to familiarize yourself with this Policy or ask the Manager before or during the event;
    when visiting the website, the Data Subject can get acquainted with the notification about which cookies are used, and is also invited to get acquainted with this Policy;
    This Owner's Policy is publicly available on the Internet on the Owner's website motoveikals.lv and in the Owner's customer service locations;

10.   Data subject rights

10.1 The data subject has the right to request access to his personal data from the Controller and to receive detailed information about what personal data about him is at the disposal of the Controller, for what purposes the Controller processes these personal data, categories of recipients of personal data (persons to whom personal data has been disclosed or to whom intended to disclose

unless the laws and regulations in a specific case allow the Controller to provide such information (for example, the Controller cannot provide the Data Subject with information about relevant state institutions that are the promoters of criminal proceedings, subjects of operative activities or other institutions for which the law prohibits the disclosure of such information)), information about the period for which personal data will be stored or the criteria used to determine said period.

If the Data Subject believes that the information held by the Controller is outdated, inaccurate or incorrect, the Data Subject has the right to request correction of his/her personal data.
The data subject has the right to request the deletion of his personal data or to object to the processing if the person believes that the personal data have been processed unlawfully or are no longer necessary in relation to the purposes for which they were collected and/or processed (implementing the principle of the right to be forgotten ").
The Manager informs that the personal data of the Data Subject cannot be deleted if the processing of personal data is necessary:
for the Controller to protect the vital interests of the Data Subject or other natural person, including life and health;
to protect the Controller's property;
for the Manager or a third party to raise, implement or defend legal (legal) interests;
for archiving purposes in accordance with the laws and regulations in force in Latvia, which regulate the creation of archives.
The data subject has the right to request that the Controller restricts the processing of the data subject's personal data if one of the following circumstances exists:
The data subject disputes the accuracy of the personal data - for the period during which the Controller can verify the accuracy of the personal data;
the processing is illegal and the Data Subject objects to the deletion of the personal data and instead requests the restriction of the use of the data;
The Controller no longer needs the personal data for processing, but it is needed by the Data Subject to bring, exercise or defend legal claims;
The data subject has objected to the processing until it has been verified that the legitimate reasons of the controller do not outweigh the legitimate reasons of the data subject.
If the processing of personal data of the Data Subject is limited in accordance with 10.5. paragraph, such personal data, with the exception of storage, are processed only with the consent of the Data Subject or for the purpose of raising, implementing or defending legal claims, or to protect the rights of other natural or legal persons, or important public
Before canceling the limitation of personal data processing of the Data subject, the Manager informs the Data
The data subject has the right to submit a complaint to the Data State Inspectorate if he believes that the Controller has processed his personal data illegally.
The data subject can submit a request for the exercise of his rights in the following way:
in written form in person at the Controller's premises, presenting a personal identification document (e.g. passport or ID card, etc.), as the Data Subject is obliged to identify himself;
in the form of electronic mail, signing it with a secure electronic signature. in this case, it is presumed that the data subject has identified himself, by submitting a request signed with a secure electronic signature. At the same time, the Controller reserves the right to request additional information from the data subject in case of doubt, if it deems it necessary.
by mail. in this case, the reply will be prepared and sent by registered mail, thus ensuring that unauthorized persons cannot receive this shipment. At the same time, the Controller reserves the right to request additional information from the data subject in case of doubt, if it deems it necessary.
In addition, the Data Subject is obliged to specify the date, time, place and other circumstances in his request as much as possible, which would help to fulfill his request.
After receiving a written request from the Data Subject to exercise his rights, the Manager:
verifies the identity of the person;
evaluate the request if:
can provide a request, for example viewing video footage or listening to an audio recording, then the Data Subject as the requester can receive a copy of the video footage or audio recording or other data.
additional information is needed to identify the Data Subject who requests the information, then the Controller may ask the Data Subject for additional information in order to be able to correctly select information (for example, video surveillance or conversation recordings, photos) in which the Data Subject can be identified.
information has been deleted or the person requesting the information is not a Data Subject or the person is not identifiable, then the Controller may reject the request in accordance with this Policy and/or regulatory enactments.

11.   How is personal data protected?

  • The manager provides, constantly reviews and improves personal data protection measures to protect the personal data of natural persons from unauthorized access, accidental loss, disclosure or destruction. To ensure this, the Manager uses appropriate technical and organizational requirements, including using firewalls, intrusion detection, analysis software and data encryption.

    The Manager carefully checks all service providers who process personal data of natural persons on behalf and on behalf of the Manager, as well as evaluates whether cooperation partners (personal data processors) apply appropriate security measures so that the processing of personal data of natural persons takes place in accordance with the Manager's delegation and the requirements of regulatory acts.

    In the event of a personal data security incident, if it will create a possible risk to the rights and freedoms of the data subject, the Controller will notify the respective Data Subject, if possible, or the information will be made public on the Controller's website or in another possible way, such as through the media (TV, radio, newspaper, social networks, etc.).
© Motofavorīts, 2024. All rights reserved