Home
About us
Products
Cannelle Bakery products
Rye bread
Rye bread with long shelf life
Traditional rye bread
Crisps
Bread
Bagels
Burgers and sandwiches
Other breads
Deep-fried products
Curd balls
Ponchiks
Sweet pastry
Shortcrust products
Buns
Cupcakes
Special products
Savory pastry
Patties
Pies
Vegan friendly products
Chickpea crackers
Open products
Cookies
Open products
Seasonal production
Open products
For retail
Open products
Krippu - chickpea products
Find out more
Download catalogs
Cannelle Bakery - all products
The American Bagel
Doughnuts
For in-store freezers
Deep fried ponchiks
Rye bread and snacks
Sandwiches and other frozen breads
Krippu - Turkish pea products
Articles
Recipes
Vacancies
Shop
Contacts
Search
EN
lvLatviešuenEnglish
Cart
0
Cannelle Bakery Privacy Policy
"Cannelle Bakery" SIA privacy policy of the website

The purpose of the privacy policy is to provide the natural person with information about the purpose, scope, protection, processing term and rights of the data subject at the time of data acquisition, as well as when processing the client's personal data.
The privacy policy has been developed in compliance with Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data (Regulation) and other applicable legislation in the field of privacy and data processing..

Manager and its contact information

1. The controller of personal data processing is SIA "Cannelle Bakery" (hereinafter - Controller), registration number 40003146530, legal address Satiksmes iela 3, Saldus, LV-3801.
2. The manager's contact information in matters related to the processing of personal data is: tel. +371 63350084, e-mail: toms.blumbergs@cannelle.lv

Scope of application of privacy policy

3. Personal data is any information about an identified or identifiable natural person.
4. The privacy policy is applied to ensure the protection of privacy and personal data regarding personal data that may be processed in connection with the Manager's activities.
5. The privacy policy applies to data processing, regardless of the form and/or environment in which personal data is provided (on the Manager's website, in paper format or by telephone) and in which company systems or paper format it is processed.

Purposes of personal data processing

6. The manager processes personal data for the following purposes:

  • To administer personnel-related matters;
  • Manager for the fulfillment of legal obligations;
  • Manager for ensuring economic activity, including - conclusion and execution of Contracts;
  • Manager for ensuring the conformity of the manufactured products with the standards established by law;
  • To protect the company's property;
  • For product quality assurance.

Legal basis for personal data processing

7. The controller processes personal data of data subjects based on the following legal bases:

  • Consent of the data subject;
  • Fulfillment of contractual obligations;
  • Fulfillment of a legal obligation;
  • Vital interests of the data subject or other person;
  • Tasks performed in the public interest or in the exercise of official authority;
  • The legitimate interests of the manager or a third party, balanced with the interests of the data subject.

Protection of personal data

8. The manager protects personal data using modern technological capabilities, taking into account existing privacy risks and reasonably available organizational, financial and technical resources, including using the following security measures, if necessary:

  • encryption;
  • pseudonymization;
  • firewalls;
  • other safety measures in accordance with current technical development possibilities.

Categories of data recipients

9. The manager does not disclose personal data or any information obtained during the provision of services and during the term of the contract to third parties, except for:

  • if data must be transferred to the relevant third party within the framework of the concluded contract in order to perform a function necessary for the performance of the contract or delegated by law (for example, to a bank within the framework of settlements or to provide a service);
  • in accordance with the clear and unequivocal consent of the data subject;
  • to persons provided for in external regulatory acts upon their justified request, in accordance with the procedure and to the extent specified in external regulatory acts;
  • in cases determined by external regulatory acts, for the protection of the Controller's legitimate interests, for example, by applying to the court or other state institutions against a person who has violated the Controller's legitimate interests. 

Duration of storage of personal data

10. The controller stores personal data as long as it is necessary to fulfill the purpose of its processing.

Access to personal data and other data subject right

11. The data subject has the right to receive the information specified in the regulatory acts in connection with the processing of his data.
12. The data subject has, in accordance with the laws and regulations, the right to request access to his/her personal data from the Controller, as well as request the Controller to supplement, correct or delete it, or limit processing in relation to himself, or the right to object to processing (including the processing of personal data, performed on the basis of the Manager's legitimate interests), as well as the right to data portability.
13. The data subject can submit a request for the exercise of his rights:

  • in written form at a legal address of the Manager, presenting a personal identification document;
  • in the form of electronic mail, signing with a secure electronic signature.

14. Upon receiving a data subject's request for the exercise of their rights, the Controller verifies the identity of the data subject, evaluates the request and fulfills it in accordance with the laws and regulations.
15. The manager sends the answer to the data subject by mail to the contact address indicated by him in a registered letter or taking into account the method of receiving the answer indicated by the Customer.
16. The controller ensures the fulfillment of data processing and protection requirements in accordance with regulatory enactments and, in the event of objections from the data subject, takes appropriate actions to resolve the objection. However, if this fails, the data subject has the right to appeal to the supervisory authority - the Data State Inspectorate.

Communication

17. If necessary, the controller communicates with the data subject using the contact information provided by the data subject (phone number, e-mail address, postal address).
18. Communication on the fulfillment of contractual obligations of services is carried out by the Manager on the basis of the concluded contract.

Different rules

19. The Manager has the right to make additions to the Privacy Policy, making its current version available to the data subject by posting it on the Manager's website.

This website uses cookies to ensure you get the best experience on our website.

Privacy Policy