Privacy Policy

Please be informed that since 25 May 2018, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, which Directive 95/46 / EC, hereinafter referred to as the Regulation laying down the procedures for the processing of personal data of natural persons, is repealed.

SIA "Ezoterika" has taken the necessary actions to comply with the requirements of the Regulation and to ensure that the customer, hereinafter - the Customer who uses the online store website www.ezoterikabio.lv, hereinafter - the Internet Store, and purchases the goods sold in the said Internet Store (in case of purchase), hereinafter - the Goods, personal data are stored securely, processed legally and only in accordance with the specified purposes of personal data processing.
In order for the Clients to be informed about what personal data SIA "Ezoterika" collects and processes about them, the Client "Ezoterika" Clients' personal data processing policy, hereinafter - the Policy, was developed and approved in the following wording:

1. Processor of personal data and his contact details
1.1. The controller of personal data processing is SIA "Ezoterika", registration No. 40003666372, legal address: Riga, Pavasara gatve 2-93 LV-1082hereinafter referred to as the Company.
1.2.  In matters related to the processing of personal data, it is possible to contact the Company by sending an e-mail to info@ezoterika.lv or by contacting the Company's office at the following address: Stabu 73-9, Riga LV-1009, Latvia, hereinafter referred to as the Office, whose working hours are every working day from 10:00 to 18:00

2. Collection and categories of personal data
2.1. Personal data may be obtained from the Customer and / or, if necessary, also from other sources, such as publicly available information. The categories of personal data that the Company may collect and process are listed in Appendix No. 1.
2.2. For the avoidance of doubt, it should be explained that only such personal data is collected and processed about the Customer as is necessary to achieve the purposes specified in Section 3 of the Policy. Only in rare cases will all the appendices no. 1 personal data.

3. Purposes of personal data processing
The Company processes the Customer's personal data for the following purposes:
3.1. For the purpose of concluding and performing a distance contract (purchase contract). In order for the Company to be able to sell the Goods available in the Online Store to the Customer, the Company needs to process in Appendix No. 1 mentioned:
-  Purchase details below – Purchase details.
In the event that the Customer does not want the Policy 3.1. In order to achieve the purpose specified in paragraph 1, his Purchase Data is processed, then the Company refuses to sell the Goods to the Customer. The processing of such Customers' personal data is essential for the conclusion and full performance of a distance contract (purchase agreement), and in accordance with the applicable laws and regulations governing online payments and accounting, the processing of the Customer's Purchase Data is a legal obligation of the Company.
3.2. In order for the Customer to be able to receive and use the more extensive services provided in the Online Store, the Company needs to process in Appendix No. 1 mentioned:
-  Registration data;
-  Online store usage data.
3.3. In order to receive an individual approach (the Company would be able to provide individual offers), in order to save time and to determine the Customer's most favorite and up-to-date Goods as a result of automated processing, as well as to provide the Customer with individual offers, the Company needs to process in Appendix no. 1 mentioned:
-  Customer personalized data
For the purpose of general and individualized offers, the Company sends newsletters to the Customer via e-mail correspondence.
The customer has the right to refuse to receive the above notifications at any time without prior notice. The Customer may opt out of receiving notifications by sending an e-mail to info@ezoterika.lv or in case the Customer has registered in the Online Store, in his personal profile.
3.4. In order to make the use of the Internet store as simple and convenient as possible, in order to improve the services, the Company performs an independent analysis of its operations, during which The company needs to process in Appendix no. 1 mentioned:
-  Cookies;
-  Analytical data.
3.5. For the protection of the interests of the Company and / or the Customer. To protect the interests of the Client and / or the Company; to provide evidence of commercial transactions and other commercial communications (storage of e-mails, storage of submitted documents, etc.); based on the performance of the contract; for the Company to prevent, restrict and investigate in the legitimate interests of the Company the unfair or illegal use of the brand, services, Goods, or intentional interference; in-house training or service quality assurance, The company needs to process in Appendix no. 1 mentioned:
-  Purchase details;
-  Online store usage data.
3.6. Establishment, exercise and defense of the right of claim. To establish, exercise, defend and assign the right of claim on the basis of performance of a distance contract (purchase agreement) or to take measures at the request of the Customer before concluding a distance contract (purchase agreement) or to fulfill a legal obligation, or to exercise the right of claim in the Company's legitimate interests, The company needs to process in Appendix no. 1 mentioned:
-  Purchase details;
-  Online store usage data.
3.7. To fulfill legal obligations. To comply with applicable laws and international agreements, as well as to verify identity based on the performance of a distance (purchase) contract, or to take action at the Customer's request prior to entering into a distance (purchase) contract or to fulfill a legal obligation, or to protect the Company's legitimate interests. Company's legal interests The company needs to process in Appendix no. 1 mentioned:
-  Purchase details;
-  Online store usage data.
3.8. Provision of information to public institutions: in order to provide information to public administration institutions and subjects of operational activities in the cases and to the extent specified in legal acts, any of the Client's personal data available to the Company (depending on the respective request and its legal basis).
3.9. In case the Customer makes any request to the Company or asks a question, then any personal data of the Customer specified in Appendix No. 1 (depending on the nature and purpose of the request and / or question).
3.10.  For other specific purposes, about which the Client will be informed at the moment he provides the relevant data to the Company.
3.11.  The Company does not collect or store the browsing history of the Customer's Internet browser on third party websites.
The Company does not send to third parties any personal data about the browsing history of the Customer's Internet browser in the Internet Store, which could be used to identify the Customer.

4. Legal basis for the processing of personal data
The Company processes the Customer's personal data on the following legal bases:
4.1. On the basis of a distance contract (purchase contract) to which the Customer and the Company are parties: in the process of concluding the contract, executing it and at the Customer's request also before concluding the contract.
4.2. on the basis of regulatory enactments: to comply with national and international regulatory enactments binding on the Company.
4.3. Based on the Customer's consent.
4.4. In the legitimate interests of society.

5. Procedures for processing personal data
5.1. The Company processes the Customer's data using modern technologies, taking into account the existing risks regarding the privacy of individuals, and the Company understandsavailable technical, organizational and financial resources.
5.2. In order to ensure the quality and operative fulfillment of the obligations of the agreement concluded with the Customer, the Company may authorize its cooperation partners to perform certain activities of delivery of Goods or provision of services, such as delivery of the Company's goods, return of the Company's Goods and the like. If the Company's business partners process the Customer's personal data held by the Company during the performance of these activities, the respective Company's business partners are considered to be processors (persons who process the Customer's data on behalf of the Company) and the Company has the right to transfer to the Company's partners the necessary personal data to the extent necessary for the performance of those activities.
5.3. The Company's cooperation partners (as a processor) will ensure the fulfillment of personal data processing and protection requirements in accordance with the Company's requirements and legal acts.
5.4. The Company's cooperation partners will not use personal data for purposes other than fulfilling the obligations of the agreement concluded with the Customer on behalf of the Company. 

6. Protection of personal data
6.1. The Company protects the personal data of the Clients by using modern technologies, taking into account the existing risks in relation to the privacy of natural persons, as well as the technical, organizational and financial resources reasonably available to the Company, including the following personal data protection security measures:
1)  Locked rooms and denying access to unauthorized persons;
2)  Use of firewall programs;
3)  Data encryption for data transmission (SSL encryption);
4)  Use of intrusion protection and detection programs;
5)  Implementation of other safeguards.

7.  Recipients of personal data
7.1. Customers' personal data processed by the Company is not disclosed to third parties (including, but not limited to, information about the Goods purchased, services received in the Online Store) unless:
1)     the relevant third party must transfer the data within the framework of the agreement concluded with the Customer in order to perform any function necessary for the performance of the agreement or delegated by law (for example, to a credit institution within the settlement or to provide services, such as delivery of the Company's Goods);
2) Kthe client has given explicit and unambiguous consent;
3)  personal data must be transferred to the persons provided for in regulatory enactments upon their justified request, in accordance with the procedures and to the extent specified in legal acts;
4)  personal data must be transferred in cases specified by law for the protection of the Company's legitimate interests, for example, by applying to legal service providers, debt collection companies, mediators, courts or other state institutions against a person who has violated the Company's legitimate interests.

8. Duration of storage of personal data
8.1. The Company stores and processes the Customer's personal data as long as at least one of the following criteria exists:
1)  as long as the agreement concluded with the Customer is valid;
2)  as long as the Company has a legal obligation to store the data;
3)  while the Company or the Client may realize its legitimate interests in accordance with the procedures specified in regulatory enactments (for example, to submit objections or to bring or bring a claim to court);
4)  as long as the Customer's consent to the relevant processing of personal data is valid, unless there is another legal basis for the processing of data.
8.2. After all Policies 8.1. The terms of processing the Customer's personal data referred to in paragraph shall expire, the Customer's personal data shall be permanently deleted.

9.  Access to personal data and other rights of the Customer
9.1. The customer has the right to receive the information specified in regulatory enactments in connection with the processing of his personal data. Most of the Customer's information is already placed in the Customer's private account in the Online Store and on the Company's Internet Store website, which the Customer uses to receive the Company's services and Goods and where the Customer can personally verify and, if necessary, correct their personal data. delete, change.
9.2. In accordance with regulatory enactments, the Customer also has the right to request access to the Company's personal data, as well as to request the Company to supplement, correct or delete them or restrict processing in relation to the Customer, or the right to object to processing, processors). These rights of the Customer shall be exercised insofar as the processing of personal data does not arise from the legal obligations of the Company and which are performed in the public interest.
9.3. The client may submit a request for the exercise of his rights:
1)  in writing in person at the Company's Office, presenting a personal identification document (passport or ID card);
2)  by e-mail, sending to the Company's e-mail address: info@ezoterika.lv. The respective request must be signed with a secure electronic signature, but such a requirement is not mandatory for the Customer if the Company has sufficient information to verify that the received e-mail with the request is from the Customer (for example, the e-mail is mentioned as contact information on the Customer's Internet site). in the store account, in the Order form).  
9.4. Upon receipt of the Customer's request for the exercise of its rights, the Company verifies the Customer's identity, evaluates the request and executes it in accordance with regulatory enactments.
9.5. The Company sends the response to the request to the Customer by post to the contact address indicated by him in a registered letter or signed with a secure electronic signature and sends it to the Customer's e-mail (mainly taking into account the type of response indicated by the Customer).
9.6. The Company ensures the fulfillment of data processing and protection requirements in accordance with regulatory enactments. In the event that the Customer has raised objections against the Company, the Company shall take the necessary actions to resolve the Customer's objections. However, if this fails, the Customer has the right to apply to the relevant supervisory authority (in the Republic of Latvia, this is the Data State Inspectorate).

10.  Customer's consent to the processing of personal data and the right to withdraw it
10.1. The customer can consent to the processing of personal data (for example, but not limited to receiving individually prepared advertisements and offers) by logging in to the Online Store, Online Store (for example, newsletter registration forms), in person at the Company's Office or by sending an e-mail to info@ezoterika.lv
10.2. The Customer has the right to revoke his consent to the processing of his personal data at any time in the same way as it was given, respectively in person at the Office, by logging in to the Online Store or by sending to the Company's e-mail address: info@ezoterika.lv. When sending a revocation of consent to the Company's e-mail address specified above, the revocation of consent must be signed with a secure electronic signature, but such a requirement is not mandatory for the Client if the Company has sufficient information to verify that the revoked e-mail is (for example, e-mail is mentioned as contact information in the Customer's online store account, in the Order form).
10.3. Upon receipt of the said withdrawal of the Customer's consent, the Company will no longer perform further processing of the Customer's personal data based on such consent for the specific purpose.
10.4. Withdrawal of consent does not affect the lawfulness of the processing of the Customer's personal data carried out in the period before the Customer submitted the respective withdrawal of consent (during the validity of the consent).
10.5. For the avoidance of doubt, it should be explained to the Customer that the processing of the Customer's personal data performed by the Company on the basis of other legal bases (for example, on the basis of a concluded distance contract (purchase agreement)) may not be terminated by revoking the consent of personal data processing. 

11.  Commercial communications
11.1. The Company communicates regarding commercial announcements about the Company's Goods and / or services and other announcements not related to the Goods sold directly to the Customer (for example, advertisements, customer surveys) in accordance with external regulatory enactments or in accordance with the Customer's consent.
11.2. The Customer may consent to the receipt of commercial communications from the Company by logging in to the Online Store, the Online Store website (for example, newsletter sign-up forms) or by sending an e-mail to info@ezoterika.lv
11.3. The customer's consent to receive commercial communications is valid until revoked (also after the termination of the distance contract (purchase contract)). The Customer may at any time opt out of further receipt of commercial communications in any of the provisions of Article 10.2. types specified in paragraph.
11.4. The Company will stop sending commercial communications as soon as the Customer's request is processed. The processing of the request depends on the technological possibilities, which can take up to seven working days.
11.5. By expressing his opinion in surveys and leaving his contact information (e-mail, telephone), the Client agrees that the Company may contact him in connection with the assessment provided by the Client, using the contact information provided by the Client.

12. Communication with the Customer
12.1. The Company communicates with the Customer using the contact information provided by the Customer (basically - telephone number, e-mail).
12.2. The Company communicates on the performance of the concluded distance contract (purchase contract) on the basis of the said contract (for example, on the coordination of the type and time of delivery of the Goods, coordination of information on payments, changes in the Order, etc.).

13. Online store visits and cookie handling
13.1. The online store may use cookies. For more information on the use of cookies, see the Cookie Processing Policy.

14. Validity and modification of the policy
14.1.  These Policies are available at the Company's Office and Online Store ezoterikabio.lv. Upon the Client's separate request, the Policy may be issued in a separate copy to the Office's address or sent to the Client's e-mail address.
14.2. The Company is entitled to unilaterally amend this Policy at any time by notifying the Clients of the relevant amendments in the Company's Online Store, by e-mail or in any other manner at the Company's discretion.
14.3. The Company retains previous versions of the Policy and they are available in the Company's Online Store.
14.4. This version of the Policy is effective May 2, 2019 and supersedes the previously approved version of the Privacy Policy.