Privacy policy

Privacy Policy

1. General Provisions

1.1. This Privacy Policy describes how SIA Kech Kids, Reg. No. 40103424689, Elizabetes iela 22-27, Rīga, LV-1050, Latvia (hereinafter referred to as the “Data Controller”) collects, processes, and stores personal data obtained from its clients and visitors of the Kech Kids online store at www.kechkids.com (hereinafter referred to as the “Data Subject” or “You”).

1.2. Personal data means any information relating to an identified or identifiable natural person – the Data Subject. Processing means any activity related to personal data, such as collection, recording, modification, use, viewing, deletion, or destruction.

1.3. The Data Controller complies with the data processing principles established by law and can confirm that personal data is processed in accordance with the applicable legal framework.

2. Collection, Processing, and Storage of Personal Data

2.1. Personally identifiable information is primarily collected, processed, and stored by the Data Controller through the online store website and email. 

2.2. By visiting and using the services of the online store, you agree that any provided information will be used and managed for the purposes outlined in this Privacy Policy.

2.3. The Data Subject is responsible for ensuring that the submitted personal data is accurate, complete, and up to date. Knowingly submitting false information is considered a violation of our Privacy Policy. The Data Subject must promptly inform the Data Controller of any changes to the submitted personal data.

2.4. The Data Controller is not responsible for any damages resulting from the submission of false data by the Data Subject or third parties.

3. Processing of Client Personal Data

3.1. The Data Controller may process the following personal data:

  • First name and last name

  • Date of birth

  • Contact information (email address and/or phone number)

  • Transaction data (purchased products, delivery address, price, payment information, etc.)

  • Any other information provided during the use of the website’s services or when contacting us

3.2. In addition to the above, the Data Controller has the right to verify the accuracy of submitted data using publicly available registers.

3.3. The legal basis for processing personal data is Article 6(1)(a), (b), (c), and (f) of the General Data Protection Regulation (GDPR):

  • (a) the Data Subject has given consent to the processing of their personal data for one or more specific purposes;

  • (b) processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps prior to entering into a contract;

  • (c) processing is necessary for compliance with a legal obligation to which the Data Controller is subject;

  • (f) processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject.

3.4. The Data Controller retains and processes the Data Subject’s personal data as long as at least one of the following conditions applies:

  • The personal data is necessary for the purposes for which it was collected;

  • As long as the Data Controller and/or Data Subject may pursue legitimate interests in accordance with the law (e.g., file objections, initiate or defend legal claims);

  • There is a legal obligation to retain data (e.g., under the Accounting Law);

  • The Data Subject’s consent for specific data processing is valid, and there is no other legal basis for processing.

Once these conditions no longer apply, the data is permanently deleted or anonymized in both electronic systems and physical records.

3.5. To fulfill its obligations to you, the Data Controller may transfer your personal data to cooperation partners and data processors acting on our behalf, such as:

  • Accountants

  • Courier services

  • Payment platform Maksekeskus AS (makecommerce.lv)

Your data may also be disclosed to public and law enforcement authorities if required to defend our legal interests, submit claims, or respond to legal proceedings.

3.6. When processing and storing personal data, the Data Controller implements appropriate organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, or other unauthorized processing.

4. Data Subject Rights

4.1. In accordance with the GDPR and applicable Latvian laws, you have the right to:

  • Access your personal data and receive information about its processing, including a copy in electronic format and the right to transfer it to another controller (data portability);

  • Request correction of inaccurate, incorrect, or incomplete personal data;

  • Request deletion of your data (“right to be forgotten”), except when retention is required by law;

  • Withdraw your consent for data processing at any time;

  • Request restriction of data processing;

  • Submit a complaint to the Data State Inspectorate of Latvia.

Requests to exercise your rights may be submitted:

5. Final Provisions

5.1. This Privacy Policy is developed in accordance with:

  • Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR)

  • Applicable laws of the Republic of Latvia and the European Union

5.2. The Data Controller has the right to amend or update this Privacy Policy at any time without prior notice. Changes take effect upon publication on the website:
www.kechkids.com