1.1. As one of the largest technological innovation leaders in Latvia, we, “Latvijas Mobilais Telefons” SIA, (hereinafter “LMT” and/or “we”), are constantly providing new services that meet modern standards. LMT takes great care not only of the convenience and functionality of our services, but also of the protection of privacy. In our everyday work, we invest resources and take care to ensure that personal data are protected.  

1.2. The purpose of this Policy is to inform and explain how LMT protects and cares for the personal data in its possession, namely, to help to understand how and for what purposes the data are processed, and to inform about the rights and obligations of data subjects.

1.3. When processing personal data, LMT complies with the law in force in the Republic of Latvia, the binding instructions and regulations issued by the responsible authorities, as well as keep track of good practice.

1.4. This Privacy Policy applies to any data subject – an identified or identifiable natural person, whose personal data are processed by LMT, including it applies to customers and potential customers, their representatives, users of services, cooperation partners and their representatives, interested parties and visitors. For matters relating to the employment relationship, we have developed separately binding information that can be consulted at relevant stages. 

1.5. This Privacy Policy does not apply to data processing measures carried out by other economic operators, including when visiting their websites or using their services via LMT network. In such cases, we recommend reading the personal data protection guarantees provided by the respective economic operators. 

1.6. During the collection of personal data, we may separately provide additional information about the processing of personal data, for example, in connection with a specific service.

1.7. We have created this Privacy Policy as simple as possible, however, we would like to draw attention to the following definitions:

   1.7.1. Personal data: any information relating to an identified or identifiable natural person.

   1.7.2. Anonymized data: information that can no longer be attributed to a natural person as all elements identifying the relevant person have been removed from the dataset.

   1.7.3. Profiling: any form of automated processing of personal data, namely, use of personal data in an aggregated or individualized form, for the purpose of evaluating certain personal aspects relating to a natural person.

   1.7.4. Services: any services or goods offered online, remotely or face-to-face by LMT.

2.1. Information that we obtain about a person depends on the content of a transaction, including the service requested or received. We also process information obtained within the framework of any form of cooperation, for example, from a client or cooperation partner. 

2.2. We can obtain personal data in several ways, for example:

   2.2.1. A data subject provided his/her personal data to LMT himself/herself, namely, the data subject or his/her authorized representative has contacted or cooperated with LMT, for example, by requesting a transaction, by signing a contract, using LMT services, signing up for newsletters, requesting information or submitting a specific question or request, visiting LMT Customer Centres, contacting us via LMT information channels, including LMT site My LMT, social networks, participating in events or activities organized or supported by LMT, participating in contests, lotteries or surveys.

   2.2.2. Data are generated using LMT services or network, for example, by making calls, sending e-mails or visiting or using LMT websites and apps. For example, the use of electronic communication services generates traffic data (electronic communications metadata), and we process it in accordance with the applicable law.   

   2.2.3. Data that we have generated based on the data subject's personal data, such as conclusions about possible interests or service usage habits that we have analyzed for the purpose of service offers.

   2.2.4. LMT may also obtain data from other sources, such as other service providers or cooperation partners, institutions or publicly available registers, such as credit institutions, credit information bureaus, debt history databases, the Enterprise Register of the Republic of Latvia, authentication service providers. Also, LMT can receive data from customers or cooperation partners about authorized persons or contact persons performing a specific task.

   2.2.5. When visiting LMT website, cookies may be used and we provide information on cookies at the time of visiting the website. See Clause 9 of this Policy for detailed information about cookies.

   2.2.6. Providing personal data to LMT is optional, however, if you choose not to provide it to us, we may not be able to provide you with services.

Categories of personal data may vary depending on services used or cooperation established. Generally, we categorize personal data as follow:

3.1. Basic personal data. This category of personal data includes data that does not correspond to other types of data, for example: 

Personal identification data (for example, first name, last name, personal identity number, personal identification document number, expiration date).

Contact details (for example, email address, residential address, contact phone number, contact person).

Customer data (for example, customer number, service segment, group).

Representation data (for example, representation data of legal entities, data of authorized persons, authorization data).

Communication data (for example, information about contacting LMT, submission, application, survey information, data of audio recordings made during customer service).

Consent data (for example, information on consents given, consent withdrawals).

Service data (for example, connection number, SIM card data, information about the services provided, service authorization data, service application data, service withdrawal data, service usage limits, service administration message data).

Device technical specification (for example, IMEI, device model, device series).

Billing data (for example, billing information, payment information, invoice delivery information).

Credit history and debt recovery data (for example, credit history data, debt data, debt recovery data).

Personal visual data (for example, video surveillance data, video recording data, photo).

Transaction data (for example, information about entered into contracts, transactions, applications). 

3.2. Children's data. This category includes data on minors. We process children's data only in certain circumstances, for example, when it is related to the provision of certain transactions, including a parent or the relevant legal representative, as well as in cases where it is necessary and permitted in accordance with the law. For example, we can grant a service discount if the customer has a child, in which case, we can process the child's personal identity number, date of birth and age. If such data processing is carried out, LMT pays particular attention to ensure that the processing is appropriate.

3.3. Traffic data (electronic communications metadata). Data that is processed in order to transmit information by an electronic communications network or to prepare invoices and account for payments, except the content of transmitted information, and which allows the identification of a specific natural person as a data subject. The traffic data category includes, for example, information about communication parties, connection number, connection time, information about the terminal equipment, the amount of transmitted data, the technology used. This data reflects your activities when you use electronic communication services and the network. For example, a number A communicates with a number B at a certain time. We process this data only for the purposes determined or permitted by the law.      

3.4. Location data (electronic communications metadata). Data that is processed in an electronic communications network or that is processed using electronic communications services, and which indicates the location of the terminal equipment of electronic communications services, including the location of the terminal equipment (for example, the territory of the base station), the address of the connection point. This category also includes location data whose purpose is, for example, the provision of additional services. We process this data only for the purposes determined or permitted by the law.

3.5. Systems access and usage data. Data that is used and generated in connection with registration, authentication and login of services, service channels and systems such as My LMT, LMT e-store or is generated when visiting LMT websites, and which characterizes the use of services. For example, this category includes various access parameters such as passwords, codes, login transactions and system usage data such as Internet Protocol address, audit logs, etc.

3.6. Other data that describes the use of services, including personal data collected by cookies or similar technologies, in connection with visiting the website and using services of LMT. For more information about cookies, see Clause 9 of this Policy.

4.1. LMT processes personal data to provide services, ensure effective customer service, cooperation, events and other social and business activities related to LMT operations. 

4.2. For security reasons, to avoid repeated identification, we prefer processing of anonymized data. However, due to the nature of the provided service, cooperation or event, quite often we need to process personal data of identifiable person.

4.3. LMT performs automated processing of personal data. It allows to review the received requests or issues faster, for example, inform a person individually about services available to him/her or the possibility to customize these services to specific interests and needs. In addition to the above, automated processing of data allows to provide an answer quickly, which otherwise should have been done manually and required much more time.

4.4. In providing services related to a credit limit (for example, when choosing a service, a device is given), increasing credit risk (for example, making relevant changes during the term of an existing contract), or providing financial support, it is important to evaluate credit information. It provides an opportunity to take care of a person's ability to fulfill their obligations and ensure adequate financial management.

4.5. When a person’s creditworthiness is checked for the purpose of the provision of some services, for example a chosen service includes the receiving of an equipment or down payment rules for the equipment or in case the customer has requested the extension or the payment date, automated individual processing of data may take place to verify the ability of a data subject to meet his/her payment obligations. LMT may request information from external third-party databases (including credit data and debt history databases). If LMT has doubts about the ability of a data subject to meet his/her payment obligations, some services may be refused fully or partially. However, the person concerned may always submit information to LMT in a different way to justify the person's ability to fulfil the obligations arising from the selected transaction.

4.6. We make automated individual decisions only if the data subject has given his/her consent or there is contractual ground (transaction provision). In some cases, we may do that on other legal basis, if that is allowed by the applicable law.

4.7. LMT also performs profiling. To better understand customer needs and develop services that meet customer expectations and interests, LMT may consider, for example, previous cooperation, including duration, value and content of contracts, payments made by the customer, information about the customer expectations and needs, etc. It allows to prepare customized solutions to each situation individually, including in cases, when the cooperation has been long-lasting, and it is necessary to reach a compromise to solve a non-standard situation. Profiling used for the purposes of direct marketing allows us to make the most suitable offers. However, we respect data subject’s right to request discontinuation of such processing of personal data by withdrawing his or her consent or to object to processing of personal data for the above purpose when it is done on the basis of the legitimate interest.

4.8. The profiling is carried out pursuant to the law. The legal basis for such data processing may be a consent given by a natural person or in some cases the legitimate interest of LMT, or other legal basis provided for in applicable law.

4.9. Any data subject may ask LMT to review automated individual decisions, including decisions based on profiling. The data subject may also ask to review such automated individual decision and to involve LMT experts in the said review, when the decision refusing access to service is made due to insufficient creditworthiness. Thus, if there is any information that may change such decision and is not available to LMT, we ask the person to provide such information to us by visiting LMT Customer Centre or by contacting us via any of LMT information channels.

4.10. To facilitate the development of services or perform other assessments, LMT compiles statistical data.

LMT processes personal data only for specific and legitimate purposes and only if it is necessary to fulfill the purpose. We basically process personal data based on four legal basis, including contract performance, legitimate interests, statutory legal obligation and consent. In certain cases, we can perform processing also on another legal basis.

5.1. Processing purposes based on the legal basis of contract performance.

   5.1.1. Provision of services and performance of contracts. We process basic personal data, such as personal identification data, customer data, contact data, service data and traffic data, to ensure the provision of electronic communication services and to transmit information by the electronic communication network, for example, when making a call, transmitting a text message or e-mail to the recipient. We process basic personal data, such as personal identification data, contact data and service data, also when providing services that are not electronic communication services. The purpose of providing services also includes the processing of basic personal data for managing the customer's contractual relationship, identifying the customer, authorized person or representative, processing and delivering orders, communicating with the customer in connection with the provision of the service and the performance of the contract, for example by sending an informational message to the customer via text message or e-mail, making a service call or printing a message on the invoice, etc., evaluating the most suitable form of communication in each case.

   5.1.2. Entry into contracts or amendments thereto. We process basic personal data, such as personal identification data, customer data, contact data, representation data, where applicable, service data, communication data and system usage and access data at the request of the data subject before entering into the contract, amending or terminating the contractual relationship, as well as examining the related submissions, applications and answering related questions. The purpose also applies to new applications for an existing or new transaction, including services such as in LMT e-store, LMT Customer Centres, in any form of application. 

   5.1.3. Quality control of services and customer surveys. We process basic personal data, such as personal identification data, contact data, service data, communication data, to perform various actions in order to ensure the quality of the service in accordance with the terms of the valid contract, to find out the opinion about the quality of the service, for example, by making a service call, etc. 

   5.1.4. Solving the reported issues. We process basic personal data, such as personal identification data, customer data, contact data, service data, communication data, within the framework of mutual communication between the data subject and LMT, including solving service incidents, examining applications, submissions, claims or any question submitted by a person (incl. by mail, e-mail, etc.) within the framework of an existing contractual relationship or a requested transaction. If the issue involves the quality of LMT electronic communication service, LMT may also process traffic data as part of this purpose.  

   5.1.5. Payment management. We process basic personal data, including personal identification data, customer data, billing data, service data, and, where appropriate, traffic data to ensure payment for services, including to prepare and issue invoices and to process payments.

   5.1.6. Credit risk assessment. Establishing a contractual relationship or considering a transaction application may require a decision related to credit risk assessment, including the decision may be made automatically. We process basic personal data, including billing data, credit history data, service data, established credit limits, credit information and credit rating information, including receiving it from external sources of credit information, including before closing a transaction and during its execution, for credit risk assessment, including performing automated personal data processing, including profiling, and automated individual decision-making. In addition, in certain cases, the processing of personal data from third-party credit history databases of the customer or the customer's representative, such as an authorized person or official, is based on consent. For more information, see Clause 4 of this Policy and the LMT website.

5.2. Processing purposes based on the legal basis of legitimate interest.

   5.2.1. Debt recovery. LMT has a legitimate interest in defending its rights and interests and ensuring the fulfillment of obligations by recovering the debt. Based on this legitimate interest, LMT performs activities related to debt recovery, including receiving, storing and processing basic personal data necessary for debt recovery, such as personal identification data, contact data, service data, billing  data, credit history and debt recovery data, and may to provide and post information about the debt and the person in the debt history databases and credit information bureau databases registered in the order specified in the law, as well as save and transfer to third parties the information submitted and sent to us, including personal data and information related to the transaction, in order to ensure execution of the transaction, as well as in cases where the person has not properly fulfilled the terms of the transaction.

   5.2.2. Fraud prevention. We process basic personal data, such as personal identification data, contact data and service data, to analyze transaction patterns and information about signs of potential fraud in order to detect or prevent fraud related to the use of our services, for example, if someone attempts to use or uses the services for free if a fee is applicable to the service. 

   5.2.3. Security of the economic operator's infrastructure, services, information, employees, customers and visitors, prevention of illegal or other threats, promotion of detection of criminal offenses in objects and the territory adjacent to them, including in the network and information systems. We process basic personal data, such as personal identification data, personal visual data, contact data, communication data, system access and usage data, for the performance of measures that are carried out with physical and logical means of protection, including for the performance of video surveillance, the provision of pass system and for the performance of other technical and organizational measures to ensure protection against threats caused by physical exposure and protection, which is implemented by means of logical protection.

   5.2.4. Organizational management of the economic operator (including record keeping, processes, services, information systems, records of persons, ensuring succession of the economic operator, realization of public relations and social responsibility). We process basic personal data, such as personal identification data, contact data, communication data, transaction data, for the purpose of ensuring integrated management of the company, in accordance with national and internationally recognized principles of corporate governance, ensuring traceability, control, improvement and risk management of internal processes. 

   5.2.5. Statistics and analytics of processes, services, information systems and network data to identify correlations and trends for development and improvement. We process basic personal data at the disposal of LMT, such as service data, billing data, consent data, credit history and debt data, system usage data, in order to collect statistics and perform analysis, for example, to evaluate the results of service sales, in order to develop and improve services, processes, systems and networks and determine the company's goals and development directions. 

   5.2.6. Offer management. We process personal data in order to provide useful information about services, including within the framework of direct marketing, including related profiling that does not have a significant impact on the person, for example, to provide information about significant news regarding customer service, customer centre service news, including working hours or address changes, to promote awareness of LMT news and services.  

   5.2.7. Providing customer service within the "life cycle", including improving satisfaction and loyalty. We process basic personal data, including service data and contact data, to improve cooperation, promote loyalty and maintain satisfaction, for example, we conduct surveys, loyalty calls, service calls or communication with a person in another service channel with the aim of improving the experience, clarifying wishes and needs, identifying persons satisfaction or inform about services. 

   5.2.8. Conducting video surveillance and video recording, including with audio recording. We conduct video surveillance and video recordings, including audio recordings, to monitor the order in the premises and territory subject to video surveillance, including LMT Customer Centres, to prevent or detect criminal offenses and other incidents related to the safety of persons and property protection, to perform service quality control, including handling related customer complaints, as well as to protect LMT rights and interests in the event of potential investigation or legal proceedings. Within the scope of this purpose, we process basic personal data, such as personal visual information, data related to video surveillance and video recordings, such as time and place of visit, communication data. 

   5.2.9. Making audio recordings of telephone conversations during customer service. We make audio recordings of telephone conversations during customer service calls in order to control the quality of customer services and confirm the questions submitted during the conversation, to ensure the protection of our rights and interests, by keeping evidence of the question, submission or application raised in the conversation, as well as to ensure its appropriate processing or execution. Within this purpose, we process basic personal data, such as personal identification data, customer contact data, communication data, data related to audio recording, such as conversation time.

   5.2.10.Processing of personal data for internal administrative purposes within the LMT group. We process basic personal data for internal administrative purposes of group companies, for example, to prevent conflicts of interest and prevent illegal transactions. 

5.3. Processing purposes based on a legal obligation as a legal basis.

   5.3.1. Enforcement of binding law. We process personal data in order to fulfill the obligations provided  in the Electronic Communications Law and other laws and regulations for such purposes as, for example, accounting, financial and tax management, electronic communications network management and security, quality assurance of electronic communications, prevention of fraud, including using numbering, fulfillment of requests from competent institutions, provision of information intended for end-users and examination of end-users' questions, storage of data to be retained and provision thereof to competent authorities, execution of the laws on regulations of sanctions, investigation and prevention of personal data protection violations, as well as for the fulfillment of other obligations stipulated in the law.

5.4. Processing purposes based on consent as a legal basis.

   5.4.1. Management of the offers of the economic operator and third parties (cooperation partners). We process personal data in order to provide customers and other persons who have given consent with direct marketing messages, such as information about offers, campaigns, news or other events, and to perform data selection for the preparation of personalized offers in accordance with the purpose of the given consent, including by processing traffic data or location data if provided by the purpose of consent. If the event is held in cooperation with a third party, we may transfer personal data to that party if the customer or another person has given their consent. For example, a message may be sent to a customer or other person who has given consent by e-mail or another channel, evaluating the most appropriate form of communication in each case. 

In order to send the customer e-mail offers for services or products that are similar to the services or products already used by the customer, we may base the processing of personal data on the legitimate interests of conducting direct marketing, if the customer has not previously opted out of receiving such offers. 

   5.4.2. We also process personal data for other purposes for which you have given your consent. Before receiving consent, we inform you about the purposes of personal data processing and the right to withdraw consent. For more information on the right to withdraw consent, see Clause 10.1.4.

6. 1. In order to protect the interests of natural persons, we continuously develop our security processes and measures. Such security measures include the protection of personnel, information and technical resources, IT infrastructure, internal and public networks, as well as LMT facilities. As part of these measures, we ensure an appropriate level of information protection to prevent unauthorized access to personal data and ensure the integrity of personal data. Among them, we can implement appropriate measures that increase the security level of services, for example by introducing additional service availability and authentication requirements.

6.2. We protect personal data using modern technologies, taking into account the risks posed by processing for natural persons, as well as the technical and organizational measures available to us, including closed rooms and denial of access to unauthorized persons, use of firewall programs, data encryption when transmitting data (SSL encryption), use of intrusion protection and detection programs. Regular trainings are organized for our employees on information security and personal data protection issues.

7.1. Exchange of personal data may be needed in some cases, when there is a specific purpose, for example, LMT may need to provide personal data to the following categories of data recipients:

   7.1.1. LMT group companies.  We provide personal data if it is necessary for the purposes of personal data processing defined in this Policy. Security of personal data is a priority for LMT group companies and therefore, when providing personal data, we take great care to ensure that the data processing take place according to the statutory requirements.

   7.1.2. Cooperation partners. Economic operators with whom the companies of the LMT group have entered into cooperation agreements and established mutual obligations (for example, for device insurance). Likewise, for the provision of services (including other electronic communications operators, including if the customer has chosen to keep the number, face-to-face and remote sales sellers, device set-up, device repair, etc.), for the provision of delivery (incl. printing of invoices, delivery of parcels and contracts, etc., including couriers, postal service providers, etc.), for verification of personal identification or authentication (providers of authentication services, including internet banks, providers of secure electronic identification means), for service quality control (i.e. survey provides, etc.), for security and protection (cooperation partners who provide support for the safety and protection of LMT group employees, customers, visitors, objects and infrastructure, as well as for the prevention of fraudulent, illegal or other threats and infringements to the interests of LMT group, including security, legal assistance providers, etc.) and for ensuring management (cooperation partners for managing and ensuring the organizational, financial management and accounting processes of the LMT group, including auditors, event organizers, etc.), within the scope of the authorisation issued to the authorized person.

Using his/her LMT connection number in the countries of the European Union, the European Economic Area or foreign countries, the LMT customer visits the networks of other electronic communications operators and uses the services provided by them. In such a case, electronic communications operators have the right to process and receive from LMT personal data that is objectively necessary for the provision of services.

In cases where LMT transfers personal data to another electronic communications operator, personal data processing takes place in accordance with the terms of the contract and privacy policy of the relevant electronic communications service operator. If necessary, we recommend that you contact the relevant operator of electronic communication services for more information.  

   7.1.3. Debt recovery institutions/companies. Including debt recovery companies, credit information bureaus and credit rating companies, bailiffs, administrators and other persons in the debt recovery process.

   7.1.4. Supervisory authorities. For example, market surveillance authorities, law enforcement institutions including LMT for the protection of legal rights, for example, to file a claim, and the rescue services as determined by the law. 

   7.1.5. Third parties. For example, natural or legal persons, public authorities, agencies or structures other than data subjects or processors.

7.2. In addition to the above, there may be cases when we transfer personal data to another person due to the transfer, merger, acquisition of companies, sale of LMT assets, transfer of service provision to another economic operator, etc. 

7.3. We also process anonymized data that is not attributed to a specific natural person and do not allow to identify a data subject. These data may be used for other purposes and transferred to other persons. 

7.4. LMT ensures the confidentiality of personal data by implementing security measures according to the law.

7.5. LMT processes personal data within the framework of the European Union and the European Economic Area, however, in certain cases, LMT may transfer them for processing in third countries. In such cases, the transfer of personal data may take place based on certain legal basis, only for specific and necessary purposes (for example, if it is necessary for the provision of a service and to ensure the performance of a contract) and by taking appropriate measures to ensure an adequate level of protection of natural persons. For example, the third country where the partner is located provides a sufficient level of protection in accordance with the decision of the EU Commission, the partner has provided adequate guarantees with binding corporate rules, corresponding standard data protection clauses or other approved regulations, codes of conduct, certification mechanisms or in other cases. The data subject can receive more detailed information about the transfer of personal data to third countries by contacting LMT.

8.1. We store personal data only as long as it is needed to achieve a specific purpose, or as long as it is determined by law. 

8.2. For example, the customer's personal data is stored during the contractual relationship or as long as it is necessary to provide the service. Even after the end of the contractual relationship, personal data is stored until the obligations of the parties are fully fulfilled, the accounting or other requirements specified in the law are fulfilled, as well as during the period until the customer or LMT can implement the protection of their legal interests in accordance with the procedures specified in the law (including to submit objections and complaints or raise legal action until the statute of limitations has expired). The retention time of individual data sets may also be shorter. 

8.3. If personal data is stored on the basis of consent, then we store it until withdrawal of consent, unless another legal basis for its storage is applicable.    

8.4. Several laws and regulations impose a legal obligation on us to store personal data for a certain period of time. For example, the storage period for service invoices is 5 years, as determined by the Accounting Law. The duration of the data to be saved is 18 months in accordance with the requirements of the Electronic Communications Law.

8.5. In order to protect LMT legitimate interests in the event of a civil claim, LMT may store personal data for up to 10 years after termination of the contract. In case of legal proceedings or investigation, in order to protect LMT legitimate interests, LMT may store personal data until the end of the legal proceedings or investigation.

8.6. Data obtained as a result of video surveillance (with or without audio recording) needed to achieve a specific purpose and to protect the legitimate interests of LMT, depending on the object where video surveillance takes place, are stored for up to 3 months.

8.7. Audio recordings of the telephone conversation, which are necessary to achieve a specific purpose and to protect the legitimate interests of LMT, are stored for up to 3 months.

8.8. At the end of the storage period (on expiry), the customer's personal data is permanently deleted if it is stored electronically, or destroyed if it is stored in paper form, or anonymized.

8.9. Restrictions do not apply directly to the storage of anonymized data, but we also store them only to the necessary extent and duration. 

9.1. Similar to other websites, the LMT website may also use cookie technology. 

9.2. Cookies make it possible to adapt the LMT website to the needs and convenience of the visitor (including based on statistical data collected in an aggregated form, without directly identifying the user of the end device). Also, cookies allow you to individually address the visitor of the LMT website, if the visitor has given his/her optional consent. Find out more about cookies in the LMT Cookies Policy available on the LMT website https://www.lmt.lv.

9.3. Unless otherwise provided by law, a person has the right to refuse further processing of their data at any time, but in this case, especially if the said data is technically essential, there is a possibility that we will not be able to provide this service to the same extent as before.

10.1. A data subject has the following rights:

   10.1.1. Familiarize him/herself with the information stored about him/her by LMT, insofar it does not contravene the law and does not adversely affect the rights of other persons. Information can be received through any channel supported by LMT that allows identification of a person, including, for example, visiting a LMT Customer Centres, or contacting LMT in the scope offered by My LMT.

   10.1.2. Request access to his/her personal data, obtain rectification or, if necessary, supplementing, or erasure (right to be forgotten); restrict the processing of personal data or object to such processing pursuant to the law; as well as enjoy the right to data portability. Please note that in case of rectification, erasure, restriction, termination or portability, services/processes can be partially or fully suspended, and it can be irreversible. When choosing to receive information about himself/herself remotely, such as by mail, e-mail, other addressee, etc., the requester is responsible for the security of the chosen method of receipt and for the conduct of persons acting on behalf of the requester.

   10.1.3. Request a copy of the personal data being processed, if it does not adversely affect the rights and freedoms of other persons. Please note that LMT has the right to ask for a reasonable fee (based on administrative costs) for all additional copies of such personal data.

   10.1.4. Withdraw any previous consent at any time in an easy manner. Giving or withdrawing consent is a person's free choice and does not impose any additional obligations. However, if a person decides to withdraw any previous consent, it should be considered that the processing of personal data related to the respective consent will be suspended and the previous functionality may not be fully available. For example, the unsubscribing from newsletters means that news or other information on offers will no longer be sent to the person. It is important to remember that such withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. 

There are several ways to withdraw consent. Consent can be revoked on the LMT website My LMT, where information about the given consents, withdrawal and further management options is available. There is also the possibility of withdrawing the given consent in the app where it is provided (for example, in the LMT Viedtelevīzija app). Additional information on withdrawal of consent is also provided on the LMT website. We also provide the opportunity to refuse receiving offers by sending an offer through the relevant communication channel. If consent is given in relation to a particular service, it may be possible to withdraw consent on the website or app of the particular service. 

To withdraw consent or ask related questions, you can contact us at any time by calling the phone number specified in this Policy, visiting the LMT Customer Centre or contacting us through any other communication channel using the contact information below.

   10.1.5. Object at any time and free of charge to processing of his/her data for direct marketing purposes, including profiling, to the extent such processing is related to direct marketing (irrespective if such processing is initial or further processing).

   10.1.6. Contact LMT and market supervisory authorities on data processing issues. If assistance is required to receive more information about this Privacy Policy, aspects of personal data processing or the applicable data protection law, please contact LMT. LMT carefully examines any request and provides answers. In any case, any natural person always has the right to submit a complaint to the Data State Inspectorate (data protection supervisory authority of Latvia).

10.2. LMT examines data subjects’ requests related to the above-mentioned rights free of charge. Examination of a request may be refused, or a reasonable fee may be charged, if the request is manifestly unfounded or excessive, or in other cases provided for by the law. A request may be submitted at any LMT Customer Centre or remotely, providing the possibility to identify the requester as the data subject and to verify the nature and the ground of the submitted request.

10.3. A data subject has the following obligations:

   10.3.1. Provide LMT with information about changes in the provided data within a reasonable period. It is important for LMT to hold true and up to date information.

   10.3.2. Provide additional information, if needed. Within the framework of communication or cooperation we may ask for additional information to verify that we communicate or cooperate with a particular natural person. This is needed to protect the personal data of the relevant natural person and other persons for ensuring that the said person is the data subject and that any information disclosed during such communication and/or cooperation is made available only to this specific person and does not interfere with the rights of other persons. For example, when a person wants to find out information about him/her by sending a request to LMT. In this case it is important for LMT to make sure that this person has signed and submitted the request. Accordingly, we may ask to provide additional identifying information. However, if the person has not provided additional information and/or LMT has any doubts about the identity of the requester, in order to protect personal data (not to disclose data to any third parties) we may stop the consideration of the request until we are sure that it is this person who requested the mentioned information.

   10.3.3. Read this Privacy Policy before our cooperation and provide it to any person who associate with the data subject and whose interests may be consequently affected by the processing of personal data of the data subject. This Privacy Policy is an integral part of services provided by LMT. LMT expects that data provided to LMT does not adversely affect the interests of other persons. In cases where, under appropriate terms and conditions, a person can access or share his/her services with another person, the person is responsible for informing such other person about the processing of data during such processes and the obligations arising therefrom. In cases where data directly relate to another person (in cases where the data subject is another person), the relevant natural person is obliged to inform us without delay. Until the full identification of the persons, the data are attributed to the relevant natural person as the data subject.

As we continue to improve and develop our activities, we may periodically amend and supplement this Privacy Policy. Therefore, we encourage data subjects to keep up to date with this Privacy Policy. It is available via LMT communication channels, including at LMT Customer Centres and on LMT website www.lmt.lv. In case of significant changes, information may be provided via additional channels, for example, on the self-service portal.

12.1. In case of any questions or concerns regarding this Privacy Policy or the processing of personal data, please contact LMT using the contact information below or contacting LMT Data Protection Officer.

12.2. “Latvijas Mobilais Telefons” SIA, Ropazu 6, Riga, LV-1039 

12.3. LMT 24-hour toll-free Infoline:  8076 8076

12.4. LMT 24-hour Infoline for calls from abroad: +371 2931 9911 (free of charge from the European Economic Area) 

12.5. e-mail:  info@lmt.lv

12.6. Fax:  6777 3707

12.7. Text messages to LMT Contact Centre: 8076 8076

12.8. Data Protection Officer: personasdati@lmt.lv  

12.9. If this Privacy Policy is translated into other languages, in case of divergence, the Latvian text prevails.

13.1. LMT ensures the fulfillment of data processing and protection requirements in accordance with the highest standards of law, and in case of any objection, LMT will take all appropriate actions to find a solution. However, if this fails in the opinion of the data subject, the data subject has the right to contact the Data State Inspectorate at Elijas street 17, Riga, LV-1050. More information and contact details are available on the website: www.dvi.gov.lv.