The purpose of this privacy policy is to provide the user (hereinafter the “User”) with information about the purpose, scope, duration of the personal data processing which will be processed in accordance with the applicable law – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“the Regulation”), as well as in compliance with other legislation governing privacy and data processing issues.

The Controller keeps the right to review and change this Policy at any time, particularly as a result of changes in services or applicable laws and regulations, and it is the User’s responsibility to regularly check this Policy.

  1. Data Controller and Contact Details
    • The Controller of the personal data is the Biedrība “Latvijas Kempingu asociācija” (hereinafter the “Controller”), unified registration No 40008090939, legal address: “Apaļkalns”, Raiskuma pagasts, Pārgaujas novads, LV-4146, telephone: +371-29196534, website:
    • The Controler’s Data Protection Officer is Nelda Sniedze. The contact details related to the processing of personal data issues:
  2. Applicable Law:
    • Regulation No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”);
    • Law on Personal Data Processing (promulgated on 4 July 2018);
    • Cabinet Regulation No. 442 of 28 July 2015 “Procedures for Ensuring Compliance of Information and Communication Technology Systems with Minimum Safety Requirements”.
  3. Purpose of processing personal data:
    • For establishing and maintaining internal processes, management of the document circulation, including:
      • Determination of the application user’s location.
      • Ensuring users can have their own favourite deals stored
  4. Categories of personal data processed by the controller:
    • The following personal data is processed for the security of the Controller’s customers, visitors, and employees and for the protection of the Controller’s property: 
      • Location of the data subject.;
      • Device IMEI code;
  1. Grounds for the collection and processing of personal data:
    • The consent of the data subject– the data subject has given his/her consent to the collection and processing of data;
    • For ensuring the best  user expierence within the mobile app. 
  2. Sources of obtaining personal data of the data subject:
    • Location of the data subject when using the mobile application.
  3. Data procession of data subject:
    • Identification of the data subject;
    • Determination of the location of the data subject.
    • Ensuring saved deals within application per device
  4. Processing of data subject cookies:
    • Cookies are small text files that are created and stored on the data subject’s device (computer, tablet, or mobile phone) when visiting the Controller’s Web sites. Cookies “remember” the User’s experience and basic information, thereby improving the user-friendliness of the Web site;
    • Cookies are used to process overall User habits and Web site usage history, to diagnose problems and gaps in Web site performance, to collect statistics on the User habits, and to ensure full and convenient use of Web site functionality;
    • If the data subject does not wish to use cookies, he or she may delete them in the settings of his or her browser, although this may cause significant disruption and difficulty in using the Web site. It is possible to delete the stored cookies by deleting the stored cookie history in the browser’s settings section of the device.
  5. Data Retention:
    • Data subject location data from the moment of connection to the service until the moment of disconnection of the service in the mobile application.
    • Data subject device IMEI code from the moment of mobile app installation till uninstallation. 
  6. Sharing and disclosure of personal data of the data subject:
    • The data transfer to third countries is not intended.
    • The Controller may, in order to comply with regulatory enactments, share data of the data subject with State and Local Government Authorities, Law Enforcement Authorities, Court or other authorities.
    • The Data Controller will only release data to the extent required by applicable laws and regulations, including the GDPR and the Law on the Processing of Personal Data.
  7. Protection of personal data of the data subject:
    • The Controller shall protect the data subject’s data against unauthorized access, accidental loss, disclosure, or destruction. To ensure this, the Controller shall use modern technological opportunities, taking into account existing privacy risks and organizational requirements, including the use of firewalls, intrusion, detection and analytical software, as well as SSL encryption and anonymization;
    • The Controller shall scrutinize all Processors and Sub-processors that process the personal data of data subject on the Controller’s behalf; the Controller shall assess whether appropriate security measures are implemented, whether data processing is carried out as delegated by the Controller, whether it is carried out in accordance with applicable laws and regulations and data protection requirements and standards.
    • Processors and Sub-processors do not have the right to process the Controller’s data for their purposes;
    • The Controller shall not be liable for any unauthorized access to personal data of data subject or their loss if they are not within the competence of the Controller, for example, due to the fault or negligence of the data subject.
  8. The logic of profiling:
    • The Controller shall not take any automated decisions, nor shall it carry out any profiling of personal data.

 Data subject’s rights:

In accordance with the applicable laws and regulations, the data subject has the following rights in the processing of his/her personal data: 

  • Right of access – the data subject has the right to request confirmation from the Controller as to whether the personal data of the data subject are being processed, as well as to request information on all personal data processed;
  • Right to rectification – if the data subject considers that information about him or her is incorrect or incomplete, he or she has the right to require that they are rectified by the Controller;
  • Objection to processing based on legitimate interests – the data subject has the right to object to the processing of personal data, processed on the basis of the legitimate interests of the Controller, except where the processing of such data is required by law;
  • Erasure – under certain circumstances, the data subject has the right to have his or her personal data erased, except where the law provides for a time limit for the retention of such data;
  • Restriction of processing – in certain circumstances, the data subject has the right to restrict the processing of his or her personal data, except where the scope of the processing is determined by law;
  • Data transfer – the data subject has the right to receive or transfer his or her personal data to another Personal Data Controller. This right includes only personal data provided to the Data Controller with the data subject’s consent, on a contractual basis, or where the processing is carried out by automated means. The data subject may not exercise the right if the Controller is carrying out the processing task in the public interest or when exercising the official powers legally conferred on the Controller.

In order to exercise the above-mentioned rights, please submit a written application to the Controller or the Data Protection Officer – Nelda Sniedze ( 

  1. Communication

In case of questions or concerns, the data subject may contact the Controller at the address:

“Apaļkalns”, Raiskuma pagasts, Pārgaujas novads, LV-4146 or the Data Protection Officer: Nelda Sniedze by e-mail:

If the data subject is not satisfied with the response, he or she has the right to lodge a complaint with the Data State Inspectorate of Latvia (

The Controller shall be entitled to improve or update the Privacy Policy from time to time. The Controller will inform the data subject of any changes by publishing the current version of the privacy policy on the website .