Privacy Policy
Last Updated: January 22, 2026
Introduction
VaultSight Surveillance Labs SIA ("VaultSight," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.rigadatalab.com (the "Site") or use our services.
We adhere to the General Data Protection Regulation (GDPR) and the Personal Data Processing Law of the Republic of Latvia. By accessing or using our Site and services, you acknowledge that you have read and understood this Privacy Policy.
Data Controller Information
VaultSight Surveillance Labs SIA is the data controller for personal data collected through our website and services.
Contact Information:
- Address: Ausekļa iela 32, Valmiera, LV-4201, Latvia
- Phone: +371 2011 4066
- Email: info@rigadatalab.com
Data Protection Officer (DPO):
You can contact our Data Protection Officer directly for any privacy-related concerns:
- Email: dpo@rigadatalab.com
- Phone: +371 2011 4070
Personal Data We Collect
We may collect the following categories of personal data:
Information You Provide to Us
- Contact Information: Name, email address, phone number, company name, and job title when you fill out contact forms, request demonstrations, or register for our services.
- Account Information: Username, password, and profile details if you create an account with us.
- Communication Data: Information you provide when communicating with us via email, phone, or other channels.
- Service Data: Information related to your use of our services, including configuration preferences and user settings.
Information We Collect Automatically
- Technical Data: IP address, browser type and version, operating system, device information, time zone setting, and location data.
- Usage Data: Information about how you use our website and services, including pages visited, time spent on pages, navigation paths, and features used.
- Cookie Data: Information collected through cookies and similar tracking technologies. For more details, please see our Cookie Policy.
Information from Third Parties
- Business Partners: Information shared by our business partners or resellers if you purchase our services through them.
- Public Sources: Publicly available information such as business contact details from company websites or professional directories.
Purposes of Processing
We process your personal data for the following purposes:
| Purpose | Categories of Data | Legal Basis |
|---|---|---|
| Providing and managing our services | Contact information, account information, service data | Performance of a contract, legitimate interests |
| Responding to inquiries and providing customer support | Contact information, communication data | Performance of a contract, legitimate interests |
| Improving our website and services | Technical data, usage data, cookie data | Legitimate interests |
| Marketing and promotional communications | Contact information | Consent, legitimate interests |
| Compliance with legal obligations | All categories as required | Legal obligation |
| Security and fraud prevention | Technical data, account information | Legitimate interests, legal obligation |
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Different types of personal data may be kept for different periods:
- Account Information: Retained for the duration of your account with us, plus up to 12 months after account closure.
- Contact Form Submissions: Retained for up to 3 years from submission.
- Service Data: Retained according to contractual terms and applicable legal requirements, typically for the duration of service plus 7 years.
- Technical and Usage Data: Retained for up to 26 months.
- Marketing Preferences: Retained until you withdraw consent or request deletion.
In determining appropriate retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and applicable legal requirements.
Data Recipients
We may share your personal data with the following categories of recipients:
- Service Providers: Third-party vendors who perform services on our behalf, such as hosting providers, email service providers, analytics providers, and customer support tools.
- Professional Advisors: Lawyers, auditors, and insurers who provide consultancy, legal, insurance, and accounting services.
- Affiliates: Other companies in our corporate group, where applicable.
- Business Partners: Partners with whom we offer co-branded services or engage in joint marketing activities.
- Authorities: Government authorities, regulators, and other third parties where required by law or to protect our rights.
- Business Transferees: Third parties in connection with a business transaction such as a merger, acquisition, or sale of assets.
All third parties with whom we share your data are required to respect the security of your personal data and to treat it in accordance with applicable law. We do not allow our third-party service providers to use your personal data for their own purposes.
Cross-Border Transfers
We are based in Latvia, and your data is primarily stored and processed within the European Economic Area (EEA). However, some of our service providers may be located outside the EEA. Whenever we transfer your personal data outside the EEA, we ensure a similar degree of protection by implementing at least one of the following safeguards:
- Transferring data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Using Standard Contractual Clauses approved by the European Commission.
- Implementing binding corporate rules for transfers within our corporate group.
- Relying on derogations for specific situations as provided for under Article 49 of the GDPR.
You can request more information about the specific mechanism used by us when transferring your personal data outside the EEA by contacting our Data Protection Officer.
Your Rights
Under the GDPR and Latvian data protection laws, you have the following rights in relation to your personal data:
- Right of Access: You have the right to request a copy of the personal data we hold about you.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
- Right to Erasure: You have the right to request that we delete your personal data in certain circumstances.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
- Right to Data Portability: You have the right to request that we transfer your personal data to you or to a third party in a structured, commonly used, machine-readable format.
- Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or where we are relying on a legitimate interest.
- Rights Related to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing that produces legal effects concerning you or significantly affects you.
- Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
To exercise any of these rights, please contact our Data Protection Officer at dpo@rigadatalab.com. We will respond to your request within one month. In certain circumstances, we may need to extend this period or charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
You also have the right to lodge a complaint with the Data State Inspectorate of Latvia (www.dvi.gov.lv) or another EU supervisory authority if you believe that we have not complied with data protection laws.
Security
We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:
- Encryption of personal data where appropriate
- Regular security assessments and penetration testing
- Access controls and authentication procedures
- Regular backup procedures
- Staff training on data protection and security
- Incident response procedures
While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your data.
Children's Privacy
Our services are not intended for children under the age of 16, and we do not knowingly collect personal data from children. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us, and we will take steps to delete such information.
Third-Party Links
Our website may contain links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the privacy policy of every website you visit.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated version will be indicated by an updated "Last Updated" date at the top of this policy. We encourage you to review this Privacy Policy frequently to stay informed about how we are protecting your information.
Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer:
- Email: dpo@rigadatalab.com
- Phone: +371 2011 4070
- Mail: Data Protection Officer, VaultSight Surveillance Labs SIA, Ausekļa iela 32, Valmiera, LV-4201, Latvia