3.3. If you have indicated your consent to receive news from the Company, information about current events and/or new or modified services provided by the Company may be sent to your e-mail address. This consent can be withdrawn at any time by sending a notification to firstname.lastname@example.org
3.4. Legal background and purposes of processing personal data
3.4.1. The Company processes the natural persons' data on the following legal grounds:
- to provide consultations and services with or without a contract, to enter into a contract and to ensure its fulfilment;
- to ensure the fulfilment of obligations imposed by regulatory acts (e.g., the obligation to identify the person to whom the service is provided before providing the service);
- In the legitimate interests of the Company (e.g., to reduce the risks of the Company's activities, to analyze the statistics on use of the Company's website in order to improve its performance, to manage customers' files and inform customers about important terms in due time, to ensure and improve service quality, to manage payments, to manage unpaid payments, to protect our legitimate interests).
The Company processes personal data to achieve the following objectives:
- to identify a Customer;
- to register a Customer in the internal accounting systems;
- to prepare and conclude a service contract;
- to ensure and/or maintain the operation of services;
- to improve services, develop new services;
- to promote use of the service;
- to consider and process claims and suggestions;
- to fulfil obligations imposed by regulatory acts;
- to administer taxes;
- to receive and collect debts;
- to maintain the website and improve its operation;
- for statistics and performance analysis;
- for planning and accounting;
- to measure performance;
- to ensure the quality of data (relevant information);
- to prepare reports;
- to promote the services provided;
- to attract customers.
The data on visitors of the Company's website can be obtained indirectly by obtaining information and using cookies. Cookies are files that are stored by the Internet browser on a computer or in a user's mobile device. This is how the website can save individual settings of a user. Cookies can be considered as the way a website obtains information to identify a user and respond accordingly. The information related to cookies is anonymous and is not used to identify www.coralfinance.lv
visitors. You can forbid Internet browsers from using cookies, which will not prevent you from using the website, however, this may limit the use of www.coralfinance.lv
More information on how, why, and what specific cookies the website uses can be found here
5. Data safety
5.1. The Company protects the natural persons' data using the possibilities ensured by modern technologies, taking into account the existing risks for privacy and the Company's reasonably available organizational, financial and technical resources, including the following means of protection:
Means of intellectual protection:
- antivirus and anti-phishing software;
- data storage in the Company's servers to which third parties have no access;
- protection of the technologies used with unique access codes and two-stage security systems.
Means of physical protection:
- limited and controlled access of natural persons to physical data media and technologies that may contain data;
- ensuring fire safety;
- storage of documents, which may contain personal data, in closed premises, to which only a limited and controlled group of persons have access.
5.2. The Company stores personal data no longer than is necessary to achieve the objectives described in section 3 and to fulfil the obligations imposed by the regulatory acts.
5.3. All personal data that has become known to the Company about users of the Company's website www.coralfinance.lv
5.4. The Company does not disclose the data of natural persons obtained from third parties, or any information obtained during provision of the service and during the term of the contract, including the information about the services provided, except for the following cases:
- if data needs to be provided to the relevant third party within the framework of the concluded agreement to perform a function required by the contract or delegated by law (e.g., as a part of bank payments or to provide a service);
- based on explicit and unambiguous consent of the Data Subject;
- to persons specified in regulatory acts, upon their motivated request, according to the procedure and to the extent established by regulatory acts;
- in cases set by regulatory acts to protect the Company's legitimate interests.
6. Term of Personal Data Storage
- As long as the contract with the client is in effect;
- while the Company or its customer can implement their legitimate interests according to the procedure set by regulatory acts (e.g., file objections or file a lawsuit in court);
- while the Company is obliged to store data in accordance with the requirements of regulatory acts;
- while the person's consent to personal data processing is valid, if there is no other legal basis for processing the data.
Upon termination of all the aforesaid circumstances, personal data will be deleted in such a way that the data could not be restored by reasonable effort. The Company does not separately inform the data subject about deleting such data.
7. Access to Personal Data and Other Rights of the Data Subject
7.1. The Company ensures the correctness of personal data in accordance with the information obtained by the Company when the person uses the Company's website www.coralfinance.lv
as a data subject, when using the Company's services by a data subject or when sending independently a request to supplement or update their personal data by presenting documents justifying changes. If the data subject ceases to use the services provided by the Company, and the mutual contract is dissolved or otherwise terminated, the Company starts tracking the time after which the data will be destroyed and does not ask the data subject to provide information for data update.
7.2. Data subjects have the right to access their personal data by sending a request for information to the Company by e-mail: email@example.com. The data subject has the right to request the following information: 1. whether personal data is processed, and if so, what data; 2. the purpose and legal basis for personal data processing; 3. date of last data update; 4. source of personal data; 5. information on whether personal data is processed automatically; 6. other information, if this is stipulated by regulatory acts.
7.3. The data subject has the right to ask the Company to provide access to their personal data and to request the data to be supplemented and corrected (updated), and to require limiting the personal data processing, to object to processing of their personal data and to ask to delete their personal data.
These rights are implemented if data processing does not result from the obligations imposed on the Company by regulatory acts, and if the requested action with personal data does not limit fulfilment of the contract and the obligations arising from it, and it does not restrict the Company's right to protection their legitimate interests.
7.4. Data subjects have the right to require that their personal data at the Company's disposal be supplemented, corrected and/or that the data processing is discontinued or that the data is deleted if they are outdated, incomplete, incorrect, processed illegally or no longer correspond to the purpose of data processing for which they were obtained. If you want to delete your data or make changes to them, or you have questions about the use of your personal data, please contact Coral Finance SIA by e-mail: firstname.lastname@example.org or telephone +371 25 462 263
7.5. The data subject may submit a request for implementation of their rights in writing, by filing an application in person – by presenting an identification document or filing an application electronically with a secure electronic signature.
7.5.1. Before the Company provides information about the personal data of a natural person at the disposal of the Company, it should ensure that the person requesting information or applying for implementation of their rights is the true subject of personal data to which the request or application is related.
7.5.2. Having received the request from the data subject and verified their identity, the Company provides the data subject with a response within one month upon receipt of the application and sends the response to the data subject by mail to the indicated contact address, by registered letter or e-mail, taking into consideration the preferred method of communication indicated by the data subject.
7.6. The Company carries out all necessary actions to ensure the implementation of the data subject's rights pursuant to the applicable regulatory acts of the Republic of Latvia. If a data subject has objections in relation to implementation of their rights, the data subject has the right to address the Data State Inspectorate.