Help in LV app privacy notice
(this is unofficial translation, official text is in latvian)
Pursuant to the provisions 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the Regulation) we hereby inform you about the processing of personal data when downloading and using the Controller's mobile application (hereinafter referred to as the Privacy Notice).
NGO Association for Digital Integration of People with Special Needs and Disabilities (hereafter also referred to as NGO, Controller or We)
Registration No. 40008263472 (hereinafter referred to as NGO, Data Controller or We)
Controller’s contact information
Legal address: Legal address: Kuršu Street 25, Riga, LV-1006
Purpose of data processing
Providing and administering the functionality of the mobile application ADIPSD (hereinafter referred to as the Application) maintained by the Controller.
Personal data processed by us
* To be able to use the services available in the app you will need to download the app, when you do so we will get your assigned user number, which may include your email address.
* After downloading the app, you will need to register in the app and indicate your given name, surname, telephone No.
* Depending on your individual situation and the need to use the services offered by the app, we will ask you to separately fill in information about your age, gender, personal identity number, home address, country of residence and health: blood type, type of functional impairment, disease diagnoses, medication used, allergies and intolerances, as well as information about your general practitioner doctor and his/her contacts, contacts of trusted persons and any other significant information you think is important to know, such as the representatives of the ambulance service or any other service.
* Additionally, you can register a trusted person in the app with their full name and contact details, who will receive information about your activities with the app and be able to participate in the app, for example, by providing additional information in the app chat. Please note that the trusted person will only be added to your profile after they approve your request.
* When you use the app, we process GPS or geolocation data, for example, to provide accurate information to the service called about your location, as well as information which calls were made to which services and when, and information from the correspondence (chat).
We encourage you to provide correct personal data as it will be used when using the app. Inaccurate or erroneous data or disabling a function may result in the app not working as intended and, consequently, service representatives may draw erroneous conclusions when providing their services.
Legal basis for data processing
When using the functionality provided in the application, the Data Controller processes personal data on the basis of the Section 6(1)(b) of the Regulation, i. e. an agreement is concluded between the parties when you download the application and express your wish to use the functionality of the application offered by us. In order to ensure that you are not exposed to risks to your rights and freedoms when using the downloaded application, the Data Controller, pursuant to Section 6(1)(f) of the Regulation, shall regularly improve the functionality and security solutions of the application and independently monitor for signs that an unauthorised person has gained access through the downloaded application, including to your device. Upon noticing suspicious behaviour, the Data Controller can use all the information at its disposal to investigate the security incident, including information reflecting the history of the app use. By providing improvements to the functionality and security solutions of the app, the Data Controller may use personal information reflected in your app to ensure that the improvements made are not faulty and do not contain other risks that could harm the Data Controller’s or your legal interests.
Please note that you can decide how much you want to use the app, e. g. whether to process geolocation data and for how long, whether to enable or disable this function, whether to enable or disable app notifications (push-up), whether or not to include contact information or personal health data. Please also note that as the purpose of the app is to help you contact services in charge, including in emergencies, only partial use of the app functions (e. g. disabling GPS processing, incomplete or incorrect personal data, etc.) may prevent you from using certain functions.
Persons to whom we pass your personal data
Your personal data will be processed by authorised employees of the Data Controller in accordance with the scope of their work duties, in compliance with the requirements established in the field of personal data protection and other regulations, and the requirements for processing of personal data established by internal regulations of the Data Controller.
Personal data may be transferred to:
to the service you choose when you initiate contact with it, for example, by calling it or initiating contact in writing and/or using the video call function.
Personal data are not intended to be transmitted to recipients outside the European Union or the European Economic Area.
How long we keep your data
Information about the login details you have entered will be stored in the application for the duration of the application operation. When you delete your application user profile, the Data Controller ensures that identifiable information about your use of the application is deleted. All information related to the call (call time, type, chat, content, trusted people involved or others such as sign language interpreter information, etc.) as well as GPS location data, which are recorded at the start of the call and for the last 30 minutes from the end of the active call, are stored for six months.
If your personal data has been involved in an alleged personal data breach or information system security incident, the information may be stored for at least five years.
If a complaint is received or a legal interest of the Data Controller is affected, e. g. a dispute about actions carried out in the app, the relevant information may be retained until the end of the matter, e. g., until a final court judgement enters into effect. In any case, the Data Controller, following the principle of minimisation, will retain certain information (e. g. the fact of registration in the app, information on removal, information on the fact of the call, its load and auditation data) for a maximum of two years (limitation period in consumer law).
Data subject’s (your) rights
Right of access. You have the right to access your personal data and to receive information from the Data Controller about the processing of your personal data. Using the contact details of the Data Controller, you can request information about the processing of your personal data if you do not consider the information provided in this Privacy Notice to be sufficiently complete. In addition, please note and read the notifications that appear in the application and provide additional explanations for the consequences of activating or deactivating certain functions of the application.
Right to correction. If you notice inaccuracies in your personal data, you have the right to request that the Data Controller correct the inaccurate personal data. We also encourage you to take advantage of the functionality of the application and do it on your own.
Right to erasure. You have the right to request that the Data Controller delete your personal data, but please note that your request may be complied with if:
the personal data is no longer required in connection with the purpose for which it was processed, as stipulated in the Privacy Notice;
the personal data has been processed unlawfully;
the personal data must be deleted in accordance with the requirements of the regulatory acts.
Please note that the right to erasure does not apply in cases where the Data Controller is required by the regulatory acts to process personal data or the processing is necessary for archiving, public interest, statistical purposes or in connection with the filing, realisation or defence of a legal claim.
Right to restrict the processing of personal data. You have the right to request that the Data Controller restrict the processing of your personal data if:
- you believe that the data is processed unlawfully or that it is inaccurate (the restriction will remain in force while the challenge process is in progress);
you believe that there are no grounds for processing, but at the same time you object to the deletion of the data.
The Data Controller no longer needs your data for a specific purpose, but you need it to protect your legal interests and rights.
Right to object to processing. You have the right to object to the processing of personal data at any time on the basis of the legal interests stipulated in the privacy notice. The Data Controller has the right to continue processing your personal data if the Data Controller indicates compelling legal grounds for the processing that are more important than your interests, rights and freedoms or to establish, exercise or defend legitimate claims.
Right to transfer. You have the right to receive your personal data that you have provided to the Data Controller in an orderly, generally accepted and machine-readable format and you have the right to request that this data be transferred to another Data Controller if this personal data is processed on a contractual basis pursuant to Section 6(1)(b).
Right to file a complaint. You have the right to file a complaint to the Data Collector and to the National Data Inspectorate if you believe that the Data Collector has violated your rights or failed to adequately protect your personal data. However, please contact us to resolve any issues that arise promptly before you contact the National Data Inspectorate.
Procedure for submitting requests
You may exercise all of your rights as set out above by using the contact information mentioned in this Privacy Notice by indicating the following personal details in your request: given name, surname, personal identity number, postal address (if you wish to receive your response by registered mail) or e-mail address (if you wish to receive a response at the e-mail address from which you have sent your request).
This privacy notice is valid from 15.06.2023.