1. General Provisions
1.1. This privacy policy regulates the principles of collection, processing, and storage of personal data. Personal data is processed and stored by SIA ZEN DESIGN, registration no. 40203458588, legal address Jūrmala, Lielais prospekts 9-2, LV-2010, Latvia (hereinafter – the controller).
1.2. For the purposes of this privacy policy, a data subject means the customer or another natural person whose personal data is processed by the controller.
1.3. A customer means anyone who purchases goods or services on the controller’s website www.solomestudio.com.
1.4. The controller observes the principles of personal data processing as provided by applicable legislation and processes personal data in a lawful, fair, and secure manner.
2. Collection, Processing, and Storage of Personal Data
2.1. Personal data are collected electronically via the website and by e-mail.
2.2. By providing their personal data, the data subject grants the controller the right to collect, use, and store such data for the purposes defined in this policy.
2.3. The data subject is responsible for the accuracy and completeness of the submitted data. The submission of knowingly false data is regarded as a breach of this privacy policy.
2.4. The controller is not liable for damage caused as a result of false or incomplete data submitted by the data subject.
3. Processing of Personal Data
3.1. The controller may process the following personal data of customers:
- First and last name
- E-mail address
- Telephone number
- Delivery address
- Payment information (processed securely via payment service providers; the controller does not store full payment card details)
3.2. The legal basis for processing personal data is Article 6(1) of the GDPR:
(a) consent;
(b) performance of a contract;
(c) compliance with legal obligations;
(f) legitimate interests of the controller.
3.3. Purposes of processing and data retention:
- Order processing – retained for 5 years in accordance with accounting law.
- Customer account management – retained while the account is active.
- Marketing communications – retained until consent is withdrawn or for a maximum of 3 years after the last interaction.
- Financial records and invoices – retained for 5 years in accordance with legal requirements.
- Security and fraud prevention – retained in accordance with legal obligations.
3.4. The controller may share personal data with third-party service providers (e.g., accountants, courier companies, payment processors such as MakeCommerce AS, PayPal, Stripe) only to the extent necessary for fulfilling the order and legal obligations. Payment processing is provided by the platform makecommerce.lv; therefore, for the execution of payments, the controller transfers the necessary personal data to the platform’s owner Maksekeskus AS.
3.5. The controller applies organizational and technical measures to protect personal data against accidental or unlawful destruction, alteration, disclosure, or unauthorized access.
4. Rights of the Data Subject
4.1. The data subject has the right to access, correct, or delete their personal data.
4.2. The data subject has the right to withdraw consent at any time.
4.3. The data subject may request restriction of processing or object to processing of their personal data.
4.4. Requests regarding personal data can be sent to info@solomestudio.com.
4.5. If the data subject considers that their rights have been violated, they may file a complaint with the Latvian Data State Inspectorate or the supervisory authority of their country of residence.
5. Final Provisions
5.1. This privacy policy is governed by Regulation (EU) 2016/679 (General Data Protection Regulation) and the laws of the Republic of Latvia.
5.2. The controller reserves the right to amend this privacy policy. The latest version will always be available at www.solomestudio.com.
