Privacy Policy
Updated: 08.11.2023
1. Who are we?
We, SPH Engineering, are the company registered in the Republic of Latvia (European Union) and we provide a variety of services to you. For purposes of providing services to you, we have to process your personal data. This Privacy Policy (hereinafter – the "Policy") explains how we process (collect, store, disclose) your personal data.
2. Why do we process your data?
We process your personal data in compliance with the General Data Protection Regulation (GDPR) in order to ensure lawfulness, fairness, and transparency of processing. The main goal of your personal data processing is to perform a contract in order to provide a Product or Service to you. For this purpose, we request your consent to process your personal data.
3. What categories of data are processed and what are purposes of a processing?
We process the following categories of personal data:
- Your first name (name);
- Your last name (surname);
- Your country of residence;
- Your address;
- Your phone number;
- Your email address.
We have to process your name and surname in order to identify you. We cannot accept any payment from you without such identification. We process your address to ensure compliance with the bookkeeping regulations on invoices.
We process your email address and phone number as the way of distributing information and contacting you. We provide answers to your requests or product inquiries, we send activation codes for our products and we announce important information via these communication channels. We can contact you to receive your feedback on Product or Service of your choice.
We need to process your country of residence to make sure our services are not limited or restricted in your country. We will inform you if any limitation is in place.
Sometimes if a purchase is made with a Discount Coupon provided to the customer by our Official Reseller, who signed a reseller agreement with us (hereinafter referred to as the "Resellers"), then we might share the following information to ensure that the Reseller can provide technical support and/or training for products you purchased from us:
- Your first name (name);
- Your last name (surname);
- Your email address;
- Company name.
We share your data only with those Resellers that have signed relevant reseller agreements with us and only if you received a discount coupon from the Resellers.
Our websites ("Websites", "Website") are integrated with Google Analytics service for web analytics. These services process the information collected from cookies and IP address.
Your data that we collect is not shared with any third parties not specified in this Privacy Policy. Your data is processed in accordance with the rule of law, fairness, and full transparency, as well as for the purpose specified in Clause 2 hereof.
4. Who can access your personal data?
Officials (police, tax officers, etc.) will be given access to your personal data only if so required by law. Our lawyers will examine any official request very closely beforehand. We will not disclose your personal data before we are 100% sure that officials have firm legal grounds to receive your personal data.
5. How long your personal data will be stored?
We will keep your personal data until you stop using our Product or Service or revoke your consent. Please keep in mind that the storage term depends on the Product or Service of your choice. To know exactly for how long we are going to keep your personal data, based on Products and Services of your choice, feel free to ask any question you may have via email.
However, we will not keep your personal data longer than required by law or the purpose specified in Clause 2 of this Policy.
6. What are your rights in regards to your personal data?
The GDPR stands tall since May 25, 2018 and, starting from this date, you, as our client, have rights in regards to your personal data:
- You have theright to access. You can request from us whether or not your personal data are being processed by us. You can ask for detailed information, which categories (such as name, surname, email address etc.) of your personal data are processed, who can access your personal data, for how long we are going to store your personal data. You can request us to provide a copy of your personal data.
- You have the right to rectification. In case you have seen a mistake in your personal data (for instance, your name is misspelled in our email), you can request for a correction of inaccurate personal data.
- You have the right to erasure of your personal data. You can request erasure of your personal data, when you withdraw your consent to the processing or when you stop using our Products or Services. However, please keep in mind that we cannot erase data required to be kept by law.
- You have the right to restrict processing of your personal data. You can restrict to process your personal data when you think we process your personal data without any ground.
- You have the right to withdraw your consent for the processing of your personal data at any time. However, please keep in mind that such revoke that such revoke will not retrospectively affect the lawfulness of processing conducted before.
- You have the right to portability. You have the right to receive your personal data from us in a structured form in order to transfer these data to another company. If technically possible, you can request us to transfer your personal data directly to another company.
- You have the right to complain. In case, you think we are violating your rights, you can complain to supervisory authority (like Data State Inspectorate (Datu Valsts Inspekcija)).
7. What will we do when you are performing your rights regarding rectification or erasure of personal data, as well as restrict processing of your personal data?
When you are requesting to perform the access, editing or erasure of your personal data, we will comply with your request and we will perform the requested action. If you ask for editing, erasure or restrict to process your personal data, we will notify of your request any third party to which we provided your personal data.
8. What if you don’t want to provide personal data to us?
In case the processing of personal data (such as name, surname, and email) is required for concluding a contract and you are not willing to share these personal data with us, we won't be able to identify you as a contracting party and thus comply with the accounting and anti-money laundering legislation. Therefore, we won't be able to sign a contract with you and provide you a Service or Product.
We strive to protect the integrity of your personal data, apply standard information security procedures, and ensure observance of your rights to and lawful interests in data we provide to our partners.
9. Do we transfer your personal data to third countries?
Yes, we transfer your data to third countries (outside of the European Union). However, we ensure of recipient's compliance with the GDPR prior to any such transfer. You can take a glance at our partners' statements on compliance with GDPR here:
To learn information confidentiality terms applicable to our Resellers, please visit their websites. List of all official SPH Engineering's Resellers with website links is published on https://www.ugcs.com/resellers.
10. At what age you can use our Products and Services?
You may use our Products and Services if you reached the age of 13. You have to testify you are eligible to use our Products and Services, by expressing your consent with this Privacy Policy.
We do not store personal data of minors and children under the age of 13. If you are a parent or a legal guardian of children or minors and you are aware that your ward has provided us with Personal Data, please contact us immediately via email: [email protected]. If we become aware that Personal Data from a person under the age of 13 are in our possession without verification of parental consent, we will take immediate steps to erase the data from our servers.
11. What will we do in case of a data breach?
In the case of a personal data breach, we will notify supervisory authority of the breach not later than 72 hours. We will notify you via email immediately if we see a high risk of your rights and freedoms (due to the breach) violation.
12. How can you protect your rights?
If a dispute arises, we will do our best to settle it by negotiations. We are always ready to hear from you and look for the best solution for all of us. In any case, you may complain to the Data State Inspectorate (Datu Valsts Inspekcija) or look for a help of a court to protect your rights.
Data State Inspectorate web-page: http://www.dvi.gov.lv/en/In case of a personal data breach, we shall notify you so that you can get a full understanding of the problem and the measures taken to solve it.
If a personal data breach puts the rights and freedoms of our users at risk, we shall also notify the state authorities responsible for supervision of GDPR within 72 hours. Our notification will include the following information:
(a) description of the nature of the personal data breach, including, if possible, the category and approximate number of data subjects, category and approximate number of personal data records
(b) surname and contact details of the personal data protection inspector or other coordination center to receive more detailed information from
(c) description of the possible consequences of a personal data breach
(d) description of the measures taken or planned by the controller to cure the breach, including, where appropriate, measures to mitigate a possible negative impact
13. References to other internet-resources
Our Services may contain links to other websites not administered or operated by us. If you proceed with a third party link, you will be directed to a third-party website. We strongly advise you to review a Privacy Policy of every website you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party websites or services.
We use PayPal, Stripe and Nuvei as payment services. The data is collected and processed by these services according to their Privacy Policy and SPH Engineering has no power or control over this process, nor SPH Engineering has access to this data.
To learn more about your data processing by these services, please visit:
PayPal: https://www.paypal.com/lv/webapps/mpp/ua/legalhub-full?locale.x=en_LV
Stripe https://stripe.com/en-gb-lv/privacy-center/legal
Nuvei: https://nuvei.com/en-emea/privacy-notice/ and https://nuvei.com/en-emea/cookies-policy/
14. Legal and Contact Information
Company Name: SPH Engineering, registration number 50103629321, official (legal) address: Dzirnavu iela 62-9, Riga, Latvia, LV-1050. Contact details of our representative: Janis Kuze, Director of Special Projects, +371 25453422, [email protected].