1. General Provisions

  • 1.1. SIA “SmartFinance” (hereinafter – the Company) processes data in accordance with the applicable laws of the Republic of Latvia, including the European Union General Data Protection Regulation (GDPR);
  • 1.2. These rules apply to all personal data obtained by the Company through the website www.posfinance.lv hereinafter – the Website) and other services provided by the Company;
  • 1.3. The Company’s goal is to ensure the legality, transparency, and security of personal data processing, as well as to protect the rights and freedoms of the data subject (hereinafter – the Client).

2. Types of Data Processed
2.1. The Company processes the following personal data of Clients:

  • Name, surname
  • Personal identification number
  • Contact information (phone number, email address, address)
  • Financial information (bank account information, credit history, income and expense information)
  • IP address and other Website visit data (cookie policy)
  • Information about the Client’s debt obligations and payment discipline.

3. Purposes of Personal Data Processing
3.1. The Company processes Client data for the following purposes:

  • Reviewing credit applications and making decisions through the Website
  • Contract conclusion and execution
  • Credit management and debt collection
  • Compliance with legal obligations (including anti-money laundering and counter-terrorism financing requirements)
  • Maintaining customer relationships and conducting marketing activities (if the Client has consented through the Website)

4. Data Retention Periods
4.1. Client data is processed and stored as long as necessary to achieve the purposes of data processing or to fulfill legal obligations.
4.2. After achieving the purpose of data processing, data is deleted or anonymized unless legal acts specify different retention periods.

5. Protection of Personal Data
5.1. The Company ensures appropriate technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or deletion.
5.2. Only authorized persons have access to personal data, and these persons are trained to comply with personal data protection requirements.

6. Data Subject Rights
6.1. Clients have the right to:

  • Request access to their personal data, as well as receive copies of data processed by the Company.
  • Request correction of inaccurate or incomplete personal data.
  • Restrict the processing of their personal data in accordance with applicable legal provisions.
  • Object to the processing of their personal data, including for direct marketing purposes.
  • Withdraw consent for processing, if the processing is based on the Client’s consent.
    6.2. File a complaint with the Data State Inspectorate if they believe their rights regarding personal data processing have been violated.
    6.3. Request deletion of personal data if it is no longer needed for the purposes for which it was collected or processed, or if processing was based on consent that has been withdrawn.

7. Data Disclosure to Third Parties
7.1. The Company may disclose Client personal data to: Supervisory and law enforcement institutions, if required by law and third parties involved in providing services to the Company (e.g., IT service providers, debt collectors, auditors), ensuring that data processors comply with data protection regulations.
7.2. Credit bureaus and other credit institutions, for the purposes of evaluating creditworthiness and payment discipline.

8. Submitting Complaints
8.1. If the Client believes that their rights have been violated, they have the right to file a complaint with the Data State Inspectorate or to take the matter to court.

9. Changes to the Privacy Policy
9.1. To receive additional information about the processing of personal data or to exercise their rights, the Client may contact the Company by writing to the email: [email protected] or by sending a letter to the address: Skanstes iela 50a, Rīga, LV-1013.

The Company reserves the right to make changes to this Privacy Policy at any time, and such changes will be published on the Website. It is recommended to periodically review the Privacy Policy to stay informed about how the Company protects personal data.