Privacy Policy

Contact Information

For inquiries related to personal data processing, please contact Capital at:

Email: or Address: Ganību dambis 23c, Rīga, Latvia, LV-1005

Phone: +371 67517822

Data Controller

The controller of your personal data is AS “Capital”, registration No. 40003088497, legal address: Ganību dambis 23c, Rīga, Latvia, LV-1005.

AS “Capital” independently determines the purposes and means of processing personal data, including for branding, marketing, financial, HR, administrative, business, product and service management, as well as customer, supplier, and partner relationship management.

Capital is solely responsible for processing personal data for its own purposes, such as fulfilling contractual obligations, retail activities, and other business-related purposes.

Purposes of Data Processing

Capital processes personal data for the following purposes:

1. Provision of Services and Sale of Goods

   • For customer identification, order fulfillment, delivery, payment administration, and communication regarding services and service quality.

   • Legal basis: GDPR Art. 6(1)(b) (contract performance), Art. 6(1)(f) (legitimate interests – service improvement), Art. 6(1)(c) (legal obligations – accounting, reporting, civil procedure).

   • Retention: Accounting data stored for 5 years, or up to 10 years in case of non-fulfillment of obligations.

2. Capital Service (Warranty & Post-Warranty)

   • To provide warranty and after-sales service, repairs, IT support, preventive maintenance, network solutions, and service contracts.

   • Legal basis: GDPR Art. 6(1)(b) (contract performance), Art. 6(1)(c) (legal obligations – Consumer Rights Protection Law).

   • Retention: Service records 2–5 years depending on device type; contracts up to 10 years.

3. Finance, Accounting, and HR Records

   • For accounting, payroll, tax obligations, and HR administration.

   • Legal basis: GDPR Art. 6(1)(c) (legal obligations – national accounting, tax, and labor laws).

   • Retention: Generally 5 years, or up to 10 years in case of disputes.

4. Administrative and Legal Matters

   • For correspondence management, contract execution, and compliance with legal obligations.

   • Legal basis: GDPR Art. 6(1)(c) (legal obligations – commercial law, civil law, IT services law).

   • Retention: Up to 10 years.

5. Human Resources Management

   • For employee development, motivation, payroll, recruitment, whistleblowing, and workplace culture.

   • Legal basis: GDPR Art. 6(1)(c) (employment and labor laws), Art. 6(1)(a) (consent where applicable).

   • Retention: 1–75 years depending on legal requirements. Recruitment documents retained 4 months unless explicit consent is given for 1 year.

6. Marketing, Branding, and Customer Engagement

   • For service promotion, loyalty programs, customer retention, satisfaction surveys, and public representation of corporate events and projects.

   • Legal basis: GDPR Art. 6(1)(a) (consent), Art. 6(1)(f) (legitimate interests – brand management, customer engagement).

   • Retention: Published materials stored indefinitely for marketing purposes; survey data up to 1 year.

7. Video Surveillance

   • For security, fraud prevention, and property protection.

   • Legal basis: GDPR Art. 6(1)(f) (legitimate interests – safety and security).

   • Retention: Up to 30 days unless required longer by authorities or security incidents.

8. Website Functionality and Cookies

   • For improving website performance, analytics, and personalization.

   • Legal basis: GDPR Art. 6(1)(a) (consent), Art. 6(1)(f) (legitimate interests – service improvement).

9. Commercial Communications

   • To inform about services, products, and promotions.

   • Legal basis: GDPR Art. 6(1)(a) (consent).

   • Retention: Until consent is withdrawn.

   • Opt-out available via email (info@capital.lv , unsubscribe links, or account settings.

10. Other Specific Purposes

• Clients will be informed when providing relevant data.

How We Collect Data

We collect personal data directly from you when purchasing goods/services, visiting our store or service center (including video surveillance), using our website and applications (cookies), or through correspondence.

Providing personal data is necessary for service delivery and compliance with legal obligations. Failure to provide data may prevent service provision.

Data Recipients

Capital does not disclose personal data to third parties, except:

• When required for contract performance (e.g., banks, auditors, delivery or insurance companies).

• When mandated by law or authorities.

• To protect Capital’s legitimate interests (e.g., legal proceedings).

• To processors (service providers) under data processing agreements.

Capital does not transfer personal data to third countries outside the EU/EEA unless necessary for service provision. In such cases, Capital ensures legal safeguards for data transfers.

Data Subject Rights

You have the following rights under GDPR:

• Right of access

• Right to rectification

• Right to erasure (“right to be forgotten”)

• Right to restriction of processing

• Right to object (including processing based on legitimate interests)

• Right to data portability

Requests can be submitted:

• In writing at Capital’s legal address (with ID verification)

• Electronically via email with a secure electronic signature

Consent and Withdrawal

Consent may be given in writing, verbally, or through clear affirmative action. Attendance at Capital corporate events is deemed consent to the event’s public format (as communicated in invitations or notices) and to photo/video publication in Capital’s communication channels.

You may withdraw consent at any time by notifying Capital via email. Withdrawal does not affect processing carried out before withdrawal.

Other Provisions

• Capital’s website may contain links to third-party websites with their own privacy policies. Capital is not responsible for third-party practices.

• This Privacy Policy may be updated periodically. The latest version is always available on the Capital website.