Effective since 20 September 2020
1. Terms used
1.1. Processing means any operation or complex of operations carried out with Personal Data, with or without automated means, including gathering, registration, structuring, systemizing, storage, configuration, transformation, specification, viewing, use, disclosure by sending, distribution or otherwise making available, anonymization, restriction, deletion, or destruction.
1.2. Data Subject means an identified or identifiable individual.
1.3. Personal Data means any information regarding the Data Subject.
1.4. Profiling means automated Personal Data Processing of any type used to assess particular personal aspects related to the Data Subject, especially to analyse or estimate aspects in relation to economic situation, personal desires, interests, loyalty, behaviour, location, or movement.
1.5. Company means Uprankd, SIA, unified registration No. 44103141201, legal address: Rīga, Brīvības iela 40 - 20B, LV-1050, Latvija.
1.6. Third country means a country that is not a member-state of the European Union or European Economic Area.
1.7. General Data Protection Regulation means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.
2. General Provisions
- The aim of the Privacy Policy is to explain how the Company processes Personal Data.
- Processing is carried out in accordance with GDPR requirements.
- The Company ensures lawful, fair, and transparent processing.
- Legal grounds may include consent, contracts, legal obligations, or legitimate interests.
- Data can be provided by Data Subjects, obtained during services, or from external sources.
- The Company may use processors, ensuring compliance with applicable law.
- The Privacy Policy is available at www.uprankd.com.
3. Personal Data Processing purposes
Data are processed for specific and legitimate purposes, including:
- Regulatory compliance and identification
- Concluding, executing, amending, or terminating contracts
- Rendering services
- Managing relationships with clients, partners, suppliers, service providers, agents, auditors, consultants, creditors, debtors, and shareholders
- Personnel management
- Protecting interests of clients and the Company
- Offering services and marketing
- Surveys and market analysis
- Preparing statistics
- Physical and information security
- Risk management
4. Personal Data categories
The Company mainly processes:
- Identification data, including name, surname, ID number, date of birth, and ID document details
- Contact information, including address, phone, email, Skype, and language
- Tax residency data, including citizenship, residence, and taxpayer numbers
- Financial and business information, including accounts, payments, contracts, bills, income, and loans
- Family data, including marital status and family members
- Education and occupation data
- Affiliated persons’ data
- Service-related data, including contracts, claims, and complaints
- Employment data, including salary, jobs, education, and health
- Client survey data
- Audio and visual data, including calls and CCTV
5. Categories of Data Subjects
Processed data subjects include:
- Clients, including potential, current, and former clients, and their affiliates
- Business partners, suppliers, service providers, agents, auditors, advisors, and their affiliates
- Creditors and debtors and their affiliates
- Shareholders and their affiliates
- Officials
- Employees and candidates
- Visitors of offices and territories
6. Personal Data Receivers and Place of Processing
Receivers include:
- State institutions, including the Financial Intelligence Service, tax authorities, courts, and law enforcement
- Financial institutions, including banks, insurers, and investment services
- Company members, employees, and representatives
- Business partners, suppliers, auditors, and advisors
- Data processors acting on behalf of the Company
- Other parties under contract
Processing usually takes place in Latvia, but may also occur in the European Union, European Economic Area, or Third Countries under GDPR conditions. More details on transfers are available upon request.
7. Rights of Data Subject
Data Subjects have rights to:
- Access their data and processing details
- Know if provision of data is a legal or contractual obligation
- Request corrections
- Limit processing
- Object to processing
- Request deletion
- Withdraw consent
- Avoid automated decision-making unless exceptions apply
- Request portability
- Submit complaints to the State Data Inspectorate at www.dvi.gov.lv
8. Profiling and automated decision-making
The Company may conduct automated decision-making, including profiling, when required by law, contract, or with explicit consent.
9. Data protection and storage
- The Company applies technical, administrative, and organisational measures to protect data.
- Data are stored only as long as necessary. After expiry, data are deleted unless legally restricted.
10. Contact information
For questions, requests, or complaints:
Email: info@uprankd.com
Post: Brivibas 40-20B, Riga, Latvia, LV1050
11. Amendments to the Privacy Policy
- The Company may amend this Privacy Policy, publishing updates on www.uprankd.com.
- Clients may also be informed individually by email, post, or other channels.
