The limited liability company "Meimelin" undertakes to ensure the protection and privacy of your personal data in accordance with:
• the requirements of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation);
• other regulatory enactments in force in the Republic of Latvia in the field of personal data processing and privacy;
1.1. Personal data - any information relating to an identified or identifiable natural person.
1.2. Data subject - an identified or identifiable natural person (hereinafter - customer).
1.3. Profiling - automated processing of personal data, which takes the form of the use of personal data for the purpose of assessing specific personal aspects related to a natural person.
1.4. Manager - Meimelin LTD (hereinafter - Meimelin).
1.5. Processor - a natural or legal person who processes personal data on behalf of the controller (Meimelin).
1.6. Third party - a natural or legal person, public authority, agency or body, which is not a data subject, controller, processor and persons whose controller or processor is authorized to process personal data.
1.7. Consent of the data subject (client) - a freely provided, specific, deliberate and unambiguous indication of the Client in the form of a statement or a clearly confirmatory action that the Client agrees to the processing of his / her personal data.
1.8. Cookies - text files stored on the device used by the user to personalize the usability of the Meimelin website for each specific website user.
2. Personal data controller and processor
2.1. The controller of personal data is the Meimelin LTD, reg. No. 50103964211, legal address: Gertrudes 57-12, Riga, Latvia, LV-1011.
2.2. Processors of personal data are legal entities that process personal data on behalf of Meimelin and in accordance with Meimelin's instructions and who are committed to complying with the requirements of regulatory enactments in the field of data processing.
3. Categories of personal data of customers and types of data being processed
3.1. The categories of customer personal data processed by Meimelin differ depending on which Meimelin services the customer wishes to use.
3.2. The categories of personal data of customers processed by Meimelin are divided as follows:
3.2.1. processing of customer's personal data for issuing Meimelin customer cards and other related activities;
3.2.2. processing of customer's personal data for registration in the Meimelin e-store and other related activities;
3.2.3. processing of customer's personal data for sending Meimelin news by e-mail or SMS;
3.2.4. processing of customer personal data for security purposes;
3.2.5. processing of customer personal data for other marketing purposes (publicity measures).
3.3. In order to ensure the issuance of the customer's cards and the provision of related marketing offers, Meimelin may process the following personal data of the customer according to the amount of information provided by the customer at his / her choice: name, surname or username; gender; birth data (date of birth, month and year of choice); address; Mobile phone number; e-mail.
3.4. The following personal data of the customer can be processed for the customer's registration in the Meimelin e-store according to the amount of information provided by the customer: name, surname or username; gender; birth data (date of birth, month, year); address; Mobile phone number; e-mail, address.
3.5. For the execution of transactions performed in the Meimelin e-store - delivery of goods - Meimelin may process the following personal data of the customer depending on the type of delivery of goods selected by the customer: e-mail, name, surname; address; Mobile phone number.
3.5. To send Meimelin news by e-mail or SMS, Meimelin may process the following personal data of the customer according to the amount and purpose of the information provided by the customer: e-mail, telephone number, address.
3.6. For the protection of Meimelin's property, the following personal data of the customer is processed: video image obtained from camcorder recordings in the Meimelin store.
3.7. Meimelin to promote publicity During publicity events organized by Meimelin (presentations, store openings, etc.) Meimelin may process the following personal data of the customer: photo.
4. Purposes of personal data processing
4.1. Personal data of customers obtained by Meimelin are processed only in accordance with the following purposes (purposes), in compliance with the requirements of the legislation governing the processing of personal data and depending on the amount of personal data provided by the customer and consent for specific processing purposes.
4.2. Meimelin processes customer personal data obtained for the following specific purposes:
4.2.1. name, surname or username - to identify the customer in the Meimelin store, providing the customer with the opportunity to use the customer's card without presenting it; as well as customer registration in the Meimelin e-store and providing access to the Meimelin e-store;
4.2.2. birth data (date of birth, month, year) - for granting discounts in the month of the customer's birthday;
4.2.3. address - for sending informative materials and invitations by post to the customer, as well as for delivery of goods ordered in the Meimelin e-store, if the customer's chosen type of delivery requires an address to deliver the goods to the customer;
4.2.4. mobile phone number - for SMS transmissions about current share offers and invitations to events; as well as, if the customer has indicated a telephone number during the execution of the order of goods in the Meimelin e-store - for communication regarding the delivery of the goods ordered in the Meimelin e-store;
4.2.5. e-mail - for sending Meimelin newsletter in electronic form; providing access to the Meimelin e-store for the customer; a statement required for the provision of order, payment and delivery information to the customer in the Meimelin e-store, if the customer will place an order for the goods in the Meimelin e-store;
4.2.6. video image - video surveillance in Meimelin store premises to protect Meimelin property, prevent theft in Meimelin store, open Meimelin store
the thefts committed, identify the persons committing the thefts, as well as ensure the protection of the vital interests of the persons, including life and health;
4.2.7. Photo - Meimelin to promote its publicity during its publicity events.
4.3. Meimelin informs that part of 4.2. may be implemented in an automated manner, including customer profiling, for the purpose of providing new, specific, individual Meimelin offers to a specific customer, taking into account information obtained from Meimelin and automatically collected from customer personal data and previous purchases in a Meimelin store, if the customer has agreed to it.
5. Basis and term of personal data processing
5.1. The processing of personal data by Meimelin may only be carried out on one of the following grounds:
5.1.1. Client's consent - the client's personal, freely provided specific and deliberate indication that the client agrees to the processing of his / her personal data. For each type of personal data to be provided, Meimelin has indicated one of the 4.2. for the purposes for which the customer may, at his option, give Meimelin consent to the processing of his personal data. By providing his personal data in person, the customer confirms his consent to the processing of his personal data.
When sending invitations to publicity events organized by Meimelin, where photography is planned to promote Meimelin in order to promote publicity, Meimelin shall include an indication of photography at the event. Upon arrival at the event, the customer expresses his or her active, informed consent that the customer's personal data - the photo - may be processed.
5.1.2. Fulfillment of a legal obligation - if it arises from legal acts or administrative acts issued by state institutions or lawful requests, Meimelin is entitled to process the data received from the customer to the extent necessary to comply with the relevant legal or administrative requirements, or, to respond to official legitimate requests from public authorities.
5.1.3. Respect for legitimate interests - Meimelin has the right to process customers' personal data in order to ensure that its legitimate interests are respected, in particular, but not limited to, the protection and security of property in the Meimelin store and to protect vital interests, including life and health (video surveillance), and for the purposes of investigation or legal proceedings (reporting crimes in the Meimelin store; bringing claims, defending against claims in court, etc.).
In the case of video surveillance, Meimelin always clearly informs the customer about the video surveillance performed in the store by placing a special sticker at the entrance to the store. If the customer does not want to get into the video surveillance area, the customer can use the opportunity to shop in the e-shop of Meimelin LTD www.meimelin.com.
5.2. Meimelin processes personal data provided by customers as long as the customer's consent to the processing is valid, or as long as Meimelin needs to protect its legitimate interests or fulfill its legal obligations, and until the purpose of the personal data processing has been achieved. Video surveillance material is stored for a maximum of four weeks. If the specific video surveillance material is necessary for the detection, investigation, punishment of the person who committed the theft or for the protection of Meimelin's legitimate interests, it is kept until these purposes are achieved.
6. Recipients of personal data
6.1. Meimelin observes strict confidentiality when processing customers' personal data and provides protection against unauthorized access to personal data by third parties, accidental loss or destruction of personal data. On a legal basis, Meimelin may exceptionally transfer customers' personal data to the following persons:
6.1.1. public administration institutions, law enforcement institutions, at the lawful request of these institutions;
6.1.2. persons who provided Meimelin services, such as lawyers, if there is a legal basis for the transfer of personal data to the service providers.
8. Customer's rights in connection with the processing of personal data by Meimelin
8.1. The customer has the right to choose to what extent and what data to provide to Meimelin, as well as to withdraw consent to the processing of all or part of his personal data by asking Meimelin to stop processing all or part of the customer's data. Withdrawal of consent does not affect the lawfulness of the processing of the customer's personal data prior to the withdrawal.
8.2. By choosing not to provide personal data in part or by withdrawing consent in whole or in part (in relation to specific, provided data), Meimelin will not be able to provide the customer with the services for which the relevant personal data is required.
8.3. Given that Meimelin needs to clearly identify the customer who withdraws, in whole or in part, his consent to the processing of personal data, the customer may send the refusal to Meimelin in the following ways:
8.3.1. If the customer has been granted a customer card - by sending a reference to Meimelin e-mail firstname.lastname@example.org from the e-mail specified by the customer in the customer questionnaire issued at the Meimelin point of sale to receive the customer card or specified when registering in the Meimelin e-store. In this case, the customer must indicate in the revocation e-mail the name, surname or username (if the customer has chosen to do so) and the customer's card number (if the customer has been granted such a card), as well as the extent to which consent is revoked.
8.3.2. By sending a reference to Meimelin e-mail email@example.com, signed with a secure electronic signature, indicating the customer's name, surname or username (if the customer has chosen to do so) and customer card number (if the customer has been granted a customer card), as well as the amount of consent is revoked.
8.3.3. By sending a revocation by post to Meimelin's legal address: Ģertrūdes 57A-12, Rīga, LV-1011, indicating the customer's name, surname or username (if the customer has chosen one) and the customer's card number (if the customer has been granted a customer card), as well as the amount consent is revoked. The customer can also submit a handwritten withdrawal of consent in the Meimelin store.
8.4. The Customer has the right to object to the processing of personal data by Meimelin at any time, as well as to request Meimelin to take certain actions in relation to the Customer's personal data by sending a request to Meimelin in one of the ways specified in 8.3.1.-8.3.3. point. The customer is entitled to request Meimelin:
8.4.1. to issue Meimelin's personal data about the customer;
8.4.2. to correct, delete or supplement personal data in accordance with the client's instructions, substantiating his / her request;
8.4.3. restrict (temporarily suspend) the processing of a certain type or all of the customer's data;
8.4.4. stop automated processing of customer data (automated individual decision-making regarding the customer), including profiling;
8.4.5. transfer personal data to another controller - to the extent and in the form in which the data is held by Meimelin.
8.5 The customer has the right to obtain from Meimemlin information on the fact of transfer of personal data to third parties and on persons (natural or legal) and / or public authorities to whom Meimelin has provided any information related to the customer's personal data, unless such information is provided, on the basis of a request from the subject of operational activities or another competent institution in the framework of criminal proceedings or in other cases where the legislation directly prohibits the disclosure of the relevant information.
8.7. In case of disagreement regarding the processing of personal data by Meimelin, the customer has the right to submit a complaint to the supervisory authority - the State Data Inspectorate.