Privacy Policy
Last updated: March 28, 2026
This Privacy Policy explains how SIA Alejas investićijas processes personal data in connection with the website https://alejasinvesticijas.lv/, communication with customers and requests for apartment rental, commercial premises, event spaces and related services.
1. Controller
The personal data controller is:
If you have any questions about this Privacy Policy or the processing of your data, please contact us using the email or phone number provided above.
2. What personal data may we process?
Depending on how you use our website and services, we may process the following categories of data:Depending on how you use our website and services, we may process the following categories of data:
- identification and contact information: name, surname, email address, telephone number, company name, position;
- request and communication information: message content, selected topic or category, property, room or service of interest, correspondence history;
- transactional and pre-contractual information: data necessary to prepare an offer, reservation, terms of cooperation or contract;
- billing and accounting information: billing data, payment information and other information required by applicable laws and regulations;
- technical information about website usage: IP address, device type, browser, operating system, access time, pages visited, cookie preferences and server log data;
- information about consents: consent to cookies, withdrawal of consent or preferences.
3. Purposes and legal bases of data processing
We process personal data only for specified, explicit and legitimate purposes.
3.1 To respond to your requests and communications
We process your contact information and message content to:
- answer questions;
- provide information about apartments, commercial premises, event spaces or other services;
- to arrange further communication or viewing.
Legal basis:
- Article 6(1)(b) GDPR, if processing is necessary for actions taken at your request prior to entering into a contract;
- Article 6(1)(f) GDPR, if processing is necessary for the purposes of our legitimate interests, such as effective communication and administration of requests.
3.2. To conclude and execute contracts
If we work with you as a customer, tenant, partner, supplier or service recipient, we process the necessary data to:
- prepare a proposal or contract;
- ensure the provision of the service;
- administer reservations, payments, invoices and collaboration documents.
Legal basis:
3.3. To comply with legal obligations
We may process personal data to comply with accounting, tax, law enforcement or other regulatory requirements.
Legal basis:
3.4. To protect our legitimate interests
We may process data to:
- maintain the security and operability of the website;
- prevent fraud, misuse of the website or other security risks;
- defend their legal interests in the event of disputes, claims or complaints;
- improve customer service and internal processes.
Legal basis:
3.5. Cookies, analytics and marketing tools
Strictly necessary cookies are used to ensure the basic functionalities of the website. We use functional, analytical and advertising cookies only if you have given your consent.
Legal basis:
- Article 6(1)(a) GDPR;
- Article 5(3) of Directive 2002/58/EC on the storage of or access to information on the end-user's device.
4. From what sources is the data obtained?
We usually obtain personal data:
- directly from you when you fill out a form, send an email, call or otherwise contact us;
- automatically when you use our website and agree to the relevant cookies;
- from cooperation partners or representatives, if necessary for the conclusion or performance of a contract;
- from publicly available sources, if necessary for a legitimate and legal assessment of the transaction.
5. Recipients of personal data
Access to data may be provided only to those recipients who need it to achieve the specific purpose, for example:
- IT, hosting, website maintenance and email service providers;
- accounting, auditing, legal or other professional service providers;
- payment, settlement or document flow service providers, if applicable;
- to state or local government institutions, law enforcement agencies or courts, if required by regulatory enactments or a legal request.
If third parties process data on our behalf, they act as processors and process the data only in accordance with our instructions and the requirements of applicable law.
6. Data retention periods
We retain personal data for no longer than is necessary for the purpose for which it was collected or as required by applicable laws and regulations.
Usually:
- communication and request data is stored for as long as necessary to process the request and for a reasonable period thereafter to manage further communication or potential claims;
- contract and transaction data are stored for the duration of the contract and thereafter for as long as required by accounting, tax, statute of limitations or other binding regulatory enactments;
- technical logs and security data are kept for a limited period of time as necessary for security, incident investigation and system maintenance;
- Data based on consent is stored until the consent is withdrawn or the relevant consent expires.
7. Data transfer outside the EEA
We aim to process personal data within the European Union or the European Economic Area. Where individual service providers process data outside the EEA, we ensure that transfers only take place with appropriate legal bases and safeguards, such as:
- the European Commission's decision on the adequacy of the level of protection;
- standard contractual clauses approved by the European Commission;
- other applicable protection mechanisms provided for by the GDPR.
8. Your rights
Under the GDPR, you have the right to:
- request access to your personal data;
- request the correction of inaccurate or incomplete data;
- request deletion of data in certain cases;
- request restriction of data processing in certain cases;
- object to data processing based on our legitimate interests;
- receive your data in a structured, commonly used and machine-readable format, where applicable;
- withdraw consent at any time if the processing is based on consent;
- submit a complaint to the supervisory authority.
In Latvia, the supervisory authority is the Data State Inspectorate: https://www.dvi.gov.lv/.
9. Cookies
Our website uses cookies and similar technologies.
9.1. Necessary cookies
These cookies are necessary for the website to function properly and securely. They cannot be disabled if you want to use the basic functions of the website.
9.2. Functional, analytical and advertising cookies
We only use these cookies if you have given your consent. They help:
- save your preferences;
- understand how the website is used;
- improve user experience;
- evaluate marketing activities, if any are used.
You can change your cookie preferences at any time using the cookie settings tool available on the website.
10. Data security
We apply reasonable technical and organizational security measures to protect personal data against unauthorized access, loss, disclosure, alteration or other unlawful processing.
However, no data transmission over the Internet or storage in an electronic environment is completely risk-free, so we cannot guarantee absolute security.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in the operation of the Site, services, applicable laws, or our data processing practices. The most current version will always be posted on this Site.
12. Communication about personal data
If you have any questions, requests or would like to exercise your rights, please write to info@alejasinvesticijas.lv or call +371 25 766 139.
