Privacy policy

1. Introduction 'X-Dental', SIA, Clinic (hereinafter - the Controller), on the website www.xdental.lv (hereinafter - the Website) processes personal data obtained from the data subject - the User of the Website (hereinafter - the User).

The Controller cares about the privacy and personal data protection of the User, observes the rights of Users to the lawfulness of personal data processing in accordance with applicable laws - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the Regulation) and other applicable laws in the field of privacy and data processing.

Taking this into account, the Controller has developed this Privacy Policy in order to provide the User with the information required by the Regulation.

The Privacy Policy applies to data processing regardless of the form and/or environment in which the User provides personal data (on the Website, in paper format, in person, or by telephone).

The Controller reserves the right to change these terms at any time. It is the duty of the Website visitor to independently check the content of the Website in order to get acquainted with the changes in the terms.

​

2. Identity and contact details of the Controller
 

The Controller is 'X-Dental', SIA, Clinic Reg. No. 40003791879. The Controller's address is Riga, Hospitalu iela 23 - 201, LV-1013, website - www.xdental.lv, email - info@xdental.lv, phone - 67 288 394

​

3. Purposes of personal data processing, as well as the legal basis for processing
 

If the User submits their personal data to the Controller by phone, using the Website's contact forms, e-mail or other mail, we store and use this information to fulfill or conclude the relevant service agreement, including client identification; preparation and conclusion of the contract; provision of services (fulfillment of contractual obligations); customer service; handling and processing of objections; increasing customer loyalty; administration of payments and settlements; debt recovery and collection; proof of facts, website maintenance and performance improvement; business planning and analytics; planning and accounting. We will also process this data to provide information to public administration bodies and operational entities in the cases and to the extent prescribed by external regulations.

The legal bases for data processing are for the conclusion and performance of a contract, compliance with regulations, in accordance with the consent of the Client - the data subject, our legitimate interests (e.g. to verify the Client's identity before concluding the contract; to ensure the fulfillment of contractual obligations; to analyze the usage of the website, to ensure the efficiency of service provision, etc.
 

4. Categories of personal data
 

Categories of personal data - name, surname, personal code, e-mail or postal address, IP address, phone number, content of message or letter, etc.

​

5. Categories of recipients of personal data
 

Data is disclosed to those employees of the Controller who need it to carry out their direct duties in order to fulfill or conclude the relevant service agreement.

When obtaining and using personal data, we partially use the services of external service providers who strictly follow our instructions under contract and whom we continuously monitor before using the service and also thereafter.

​

6. Categories of data subjects
 

Categories of data subjects - the Controller's current, former and potential clients, as well as other persons who express a desire to contact the Controller.

​

7. Data transfer outside Latvia
 

It is not planned to transfer the received data outside Latvia, the European Union or the European Economic Area, nor will it be transferred to any international organization. At the same time, given that the Website is connected to Google and Facebook services, the Controller cannot guarantee that these companies will not transfer data outside the European Union or the European Economic Area.

​

8. Duration of data storage
 

We process and store the User's personal data as long as either party has a legal obligation to store the data.

After these circumstances cease, and unless otherwise specified in the data protection instructions, we will delete the personal data no later than three months after the original reason for data retention is no longer valid, except in cases where our legal obligation is to continue storing this data (for example, but not limited to, accounting or litigation purposes).

​

9. Data subject's access to personal data
 

The data subject has the right to access the data subject's personal data within one month from the date of submission of the relevant request.

The User can submit a request for the exercise of their rights in writing in person, at the Controller's legal address (presenting an identity document), by mail, or by e-mail, signed with a secure electronic signature;

Upon receiving the User's request for the exercise of their rights, the Controller verifies the User's identity, evaluates the request and fulfills it in accordance with the regulations.

The User has the right to receive the information prescribed by the regulations regarding the processing of their data, the right to request access to their personal data, as well as to request the Controller to supplement, correct or delete it, restrict processing or the right to object to processing, insofar as these rights are not contrary to the purpose of data processing (conclusion or performance of a contract).

The data subject has no right to receive information if this information is prohibited from being disclosed by law in the field of national security, state defense, public security, criminal law, as well as in order to ensure the financial interests of the state in tax matters or the supervision and macroeconomic analysis of financial market participants.

​

10. Cookie processing
 

The Website collects data about Website visitors, thus enabling the Website maintainer to evaluate how useful the Website is and how it could be improved.

The Controller is continuously improving the Website in order to improve its use, so the Controller needs to know what information is important to Website visitors, how often they visit this Website, what devices and browsers they use, what region visitors come from, and what content they prefer to read.

The Controller uses the Google Analytics system, which allows the Controller to analyze how visitors use the Website. Information on how the Google Analytics principles work can be found on the Google website at https://support.google.com/analytics/answer/1012034?hl=en&ref_topic=6157800. The Controller uses the collected data in its legitimate interests to improve understanding of the needs of Website visitors and improve access to information published by the Controller. The visitor can stop data collection by Google Analytics at any time, as described here: https://tools.google.com/dlpage/gaoptout/.

The server on which the Website is hosted may record requests sent by the visitor (device used, browser, IP address, date and time of access). The data mentioned in this point is used for technical purposes: to ensure the proper functioning and security of the Website and to investigate possible security incidents. The basis for collecting the data mentioned in this point is the Controller's legitimate interest in ensuring the technical accessibility and integrity of the Website.

Cookies are small files that, each time a visitor visits the Website, the browser saves on the visitor's computer to the extent specified in the visitor's computer's browser settings. Some cookies are used to select and tailor the information and advertisements offered to the visitor based on content the visitor has previously viewed, and thus make the use of the Website simple, convenient and individually tailored for visitors. Additional information about cookies, as well as their deletion and management, can be found at www.aboutcookies.org.

The Website uses cookies to collect the user's IP address and browsing information and allow the Website to remember the visitor's choice. Cookies allow the Controller to track Website traffic and user interaction with the Website - the Controller uses this data to analyze visitor behavior and improve the Website. The legal basis for the use of cookies is the Controller's legitimate interest in ensuring the functionality, accessibility and integrity of the Website.

The visitor can control and/or delete cookies at their discretion. More information about this process is available at www.aboutcookies.org. The visitor can delete all cookies that are on their computer, and most browsers can be set to block cookies from being placed on the computer. The visitor can opt out of cookies in the browser menu or at https://tools.google.com/dlpage/gaoptout. To make the necessary settings, the visitor needs to familiarize themselves with the rules of their browser. In case of blocking cookies, the visitor will have to manually adjust the settings each time the Website is visited, and there is a possibility that some services and functions will not work.

Only those employees of the Controller who are responsible for analyzing such data have access to statistics on Website visitors.

Unless otherwise specified, cookies are stored until the action for which they were collected is performed, and then they are deleted.

If a forum or commenting feature is provided on the Controller's Website, the Website will save the IP address, as well as the data provided by the visitor themselves. Cookies containing this data may, for your convenience (so you don't have to write it again), be stored for one year.

 

11. Third party websites 
 

Please note that third-party cookies are subject to third-party privacy policies, so we do not assume any responsibility for these privacy policies.
 

The Website has the "Facebook pixel" tool installed. The purpose of using this tool is to tailor content and ads for Facebook users. To learn more about Facebook's privacy policy, click here https://www.facebook.com/about/privacy/. You can also change your ad settings in your Facebook profile.
 

12. Right to lodge a complaint with a supervisory authority
 

The data subject has the right to lodge a complaint with the supervisory authority (Data State Inspectorate). Documents are accepted by the Data State Inspectorate using mail, e-mail (with documents signed with a secure electronic signature), as well as they can be left in the mailbox on the 1st floor at Blaumana iela 11/13, Riga. The Data State Inspectorate accepts e-mail submissions received at the e-mail address info@dvi.gov.lv.
 

13. Validity of the Privacy Policy
 

We reserve the right to change and supplement the content of this Privacy Policy from time to time to clarify the description of how we process your data.

Given the above, we encourage you to regularly review this Privacy Policy to keep abreast of the processing of your personal data on the Website.