Privacy Policy

Personal data is any information that may be used to identify an individual. Steps are being taken to:

ensure that customer personal data is always secure with controllers and that customer personal data is processed

in accordance with applicable data protection laws, internal policies, guidelines and procedures.

The purpose of this Privacy Policy is to provide the natural person – data subject – with information about the processing of personal data

the purpose, scope, protection and duration of the processing at the time of the data acquisition and the processing of the personal data of the data subject.

  1. Personal Data Processing Manager: SIA “OTTO & LEO”, Reg. 40103302587, jur.adrese. Marupes county, Marupe,

Kurmales Street 39, LV-2167 (hereinafter – OTTO & LEO)

  1. Applicable law: Personal Data Protection Law, 27 June 2016, European Parliament and Council

Regulation 2016/679 of the European Parliament and of the Council of April 2009 on the protection of individuals with regard to the processing of personal data and on the free movement of such data

(The Regulation) and other applicable laws on privacy and data processing.

  1. What is the Privacy Policy?

The Privacy Policy is the relationship between OTTO & LEO and the natural person (hereinafter referred to as the “User”) who communicates with OTTO &

LEO and / or use the OTTO & LEO website and / or services provided.

OTTO & LEO is committed to protecting the User’s personal data. The Privacy Policy allows the User to understand what

information is obtained when the User sends OTTO & LEO his data or OTTO & LEO obtains it in his ownership in other

ways OTTO & LEO collects this data and how it will be used.

The Privacy Policy also provides information on how OTTO & LEO collects, processes, stores, deletes and protects User

personal data, thereby ensuring that User’s personal data is processed lawfully, in good faith and to the User

in a transparent way. The Policy applies to the User ‘s personal data, any personal data processing and

The service provided to the User.

If OTTO & LEO updates this policy, any changes will be posted on the OTTO & LEO website.

To provide the User with better and more appropriate services, and to provide, maintain, protect and improve

existing services, OTTO & LEO processes data collected from the provision of services.

  1. What are the purposes for which User Data is collected?

User personal data and other information is collected to: • Provide and provide appropriate services, monitoring

and protect Users against illegal or harmful personal, direct or indirect, intentional or

unintentional acts involving the processing of information and data made available to the persons concerned; • to process any

User information requests; • to fulfill the obligations specified in OTTO & LEO regulatory documents; • wide

provide support services to the User; • conducting customer research, surveys and analysis; • to provide to the User

information about OTTO & LEO’s offers, products and services, subject to User’s consent.

  1. What User Data is processed by OTTO & LEO?

Name, surname, personal identification number / date of birth, correspondence address, telephone number and e-mail address;

Bank details, if any;

Data provided by Customer to OTTO & LEO;

User IP address information;

Cookies (web browsing data);

U.c. personal data, depending on the type of service provided to the Customer.

This information is stored on OTTO & LEO servers, which are located on a secure infrastructure.

When the User encounters OTTO & LEO services, the OTTO & LEO server maintains a unique log of the User

security, which stores certain administrative and traffic information, including: • IP addresses; • access times; •

access dates; • Previously visited pages • the language used; • Software bug report after

The browser programs you use. This information is important for quality of service.

Personal information is not collected without the User’s consent.

User data will not be transferred to countries outside the European Union or the European Economic Area, but if so

should the need arise, User Data may only be transferred to countries that provide the same natural person data

the level of protection afforded by the European Union.

  1. What tools does OTTO & LEO use to collect and process data?

OTTO & LEO may automatically collect the above data and receive personal data provided by the User through

services, or otherwise communicating and interacting with the Website. OTTO & LEO may also receive personal information

from other online service providers. OTTO & LEO may also engage third party service

providers to provide technical support for the service. OTTO & LEO has access to information provided by the User

provided to these service providers and third party e-commerce service providers, subject to all

privacy policy rules.

  1. What is the basis for the processing of Users’ personal data?

Personal consent of the User – The User, as the subject of personal data, filling in the application and / or contact forms himself

gives consent to the collection and processing of personal data for specified purposes. The User also agrees to the processing of data directly

for marketing purposes to make new and individual offers (this consent may of course be withdrawn by the User).

User consent is his or her free will and discretion, which may be given at any time, thereby allowing OTTO &

LEO to process personal data for specified purposes. The User’s consent is binding if it is provided directly and

clearly. The User has the right to revoke his / her prior consent at any time through the specified communications

channels with OTTO & LEO. The requested changes will take effect within three business days. Revocation of consent does not affect

the lawfulness of the processing based on consent before withdrawal.

Service Provision – In order for OTTO & LEO to provide the User with quality service, OTTO & LEO must collect

and process certain personal data collected from the User on the OTTO & LEO website.

Legitimate interests – in the interest of OTTO & LEO, based on quality service and timely support

OTTO & LEO shall have the right to process User’s personal data to the extent that it is objectively

necessary and sufficient for the purposes set out in this Privacy Policy. The legitimate interests of OTTO & LEO are

processing of personal data through direct marketing resulting in new and / or individual user submissions

OTTO & LEO Service Offers.

Legal Obligation – OTTO & LEO has the right to process personal data to meet regulatory requirements as

would also respond to legitimate requests from the state and local government.

  1. Exceptions to the disclosure of user data

OTTO & LEO has the right to disclose personal data only in cases provided by law.

  1. What are cookies?

Cookies are small text files that a website stores on your computer or mobile device when you visit our

home page. Each subsequent visit, the cookies are sent back to the origin or third-party site,

which recognizes the cookie in question. Cookies, among other things, allow the site to remember user-selected settings in the following

visits to avoid having to re-enter them each time. Cookies are not used for you personally


OTTO & LEO may use cookies as a means of obtaining information from the web server for the above purposes,

following your use of the Site. If you continue to use the website, you agree to the OTTO & LEO cookies

for use. Cookies contain information that is transmitted to the hard disk of the User’s computer. They help OTTO & LEO

improve the website and provide a better and more personalized service.

The resulting data is used by OTTO & LEO’s webmaster and Google, which obtains anonymous data and does not link it

either with a specific person or with a specific IP address. Google Analytics data security is certified by ISO 27001 and US

and the EU Privacy Shield Framework. You can read more about it here:

If the User wishes to delete all cookies already stored on the computer or to terminate cookies that follow the User’s activity

types of homepage, the User may do so by deleting existing cookies and / or changing browser privacy

settings to block cookies (the process of doing this differs from browser to browser).

For more information on how to do this, visit

  1. Duration of storage of users’ personal data

OTTO & LEO will process the User’s personal data as long as at least one of the following conditions exists: a) while the User

use the service; b) the period of retention of personal data is determined or derived from the Republic of Latvia and Europe

Union legislation; (c) to the extent necessary for the realization and protection of the legitimate interests of OTTO & LEO;

  1. d) until the User’s consent to the processing of personal data has been withdrawn.
  2. What are the security conditions?

By using the OTTO & LEO Services or by contacting OTTO & LEO, the User agrees to the OTTO & LEO Service

terms and conditions.

OTTO & LEO provides, continually reviews and improves safeguards to protect User Personal Data from

unauthorized access, accidental loss, disclosure, or destruction. To ensure this, OTTO & LEO

uses modern technology, technical and organizational requirements, including firewalls, intrusion

detection, analysis software and data encryption.

OTTO & LEO carefully scrutinizes all service providers that process User Services on behalf of and on behalf of OTTO & LEO

personal data, as well as assessing whether appropriate safeguards are in place by cooperation partners (data controllers),

to process User’s personal data in accordance with OTTO & LEO’s delegation and regulatory requirements.

Collaborators are not allowed to process personal data held by OTTO & LEO for their own purposes.

OTTO & LEO shall not be liable for any unauthorized access to and / or loss of personal data,

unless it is dependent on OTTO & LEO, for example, the User has disclosed his / her personal data to third parties.

OTTO & LEO will notify the User if the User’s personal data is compromised.

Similarly, OTTO & LEO for information / data security incidents or potential incidents without any grounds

a delay of 72 hours from the time the breach becomes known, the data / information breach is reported

institutions and natural persons involved as required by applicable law and / or European Union

unless OTTO & LEO is able to demonstrate, in accordance with the principle of accountability, that

the breach of protection is unlikely to endanger the rights and freedoms of natural persons.

OTTO & LEO shall store all personal information received from the User in a protected database by encrypting some of the data,

whose connection is protected.

  1. What are the User Rights?

Contact OTTO & LEO for a copy of the personal data held by OTTO & LEO.

To correct any personal data held by OTTO & LEO about you,

The User has the right to obtain information about those natural or legal persons from OTTO within a specified period of time

& LEO has received information about this User. OTTO & LEO will not provide the User with information about government agencies,

who are the directors of criminal proceedings, subjects of investigative activities or other institutions for which such information is prohibited by law

to disclose.

Request the deletion or restriction of the processing of personal data that are no longer required for the purposes for which they are provided

they were collected and processed (the right to be forgotten).

The User is entitled to the portability of his / her personal data.

Contact OTTO & LEO or your personal data processing authority (Data State Inspectorate,

in connection with questions concerning the processing of personal data.

Contact OTTO & LEO by e-mail

With all information security system issues and information / data security issues not covered by this

For policy, contact OTTO & LEO (27720011 and