Privacy policy

1. General Provisions

1.1. This Privacy Policy explains how SIA MV Health, Reg. No. 40203555296, Legal address: Braslas iela 22B, Rīga, LV-1035 (hereinafter – the “Data Controller”), collects, processes, and stores personal data obtained from its customers and website visitors (hereinafter – the “Data Subject” or “You”) through the mvhealth.eu website.

1.2. Personal data means any information relating to an identified or identifiable natural person. Processing refers to any operation performed on personal data, such as collection, recording, transformation, use, viewing, deletion, or destruction.

1.3. The Data Controller complies with all legal principles of data processing and confirms that the processing of personal data is carried out in accordance with applicable legislation.

2. Collection, Processing, and Storage of Personal Data

2.1. Personally identifiable information is primarily collected, processed, and stored through the e-commerce website and via email.

2.2. By using the website and its services, you agree that any provided information may be used and managed for the purposes set out in this Privacy Policy.

2.3. The Data Subject is responsible for ensuring that the submitted personal data is accurate, complete, and up to date. Providing knowingly false information is a violation of this Privacy Policy. The Data Subject is required to promptly inform the Data Controller of any changes to the submitted personal data.

2.4. The Data Controller is not liable for any damages incurred by the Data Subject or third parties resulting from the provision of false information.

3. Customer Personal Data Processing

3.1. The Data Controller may process the following personal data:

• First name and surname

• Date of birth

• Contact details (email address and/or phone number)

• Transaction data (purchased products, delivery address, price, payment information, etc.)

• Any other information provided during the purchase of products/services or communication with us

3.2. The Data Controller has the right to verify the accuracy of submitted data using publicly available registers.

3.3. The legal basis for data processing is Article 6(1)(a), (b), (c), and (f) of the General Data Protection Regulation (GDPR):

• a) The data subject has given consent for one or more specific purposes

• b) Processing is necessary for the performance of a contract or for pre-contractual measures

• c) Processing is necessary to comply with a legal obligation

• f) Processing is necessary for the legitimate interests of the controller or a third party, except where such interests are overridden by the rights and freedoms of the data subject (especially when the data subject is a child)

3.4. The Data Controller stores and processes personal data while at least one of the following conditions applies:

• The data is necessary for the purpose for which it was collected

• The Data Controller or Data Subject may assert legal interests (e.g., file a claim)

• Data storage is required by law (e.g., accounting regulations)

• The data subject’s consent is valid and there is no other legal basis for processing

After the above conditions expire, the personal data is irreversibly deleted from all systems or anonymized.

3.5. To fulfill obligations, the Data Controller may share personal data with partners and data processors (e.g., accountants, courier services).
Payment processing is provided by makecommerce.lv, and the necessary data is shared with Maksekeskus AS.

Personal data may also be disclosed to public authorities or law enforcement if required to protect legal interests.

3.6. The Data Controller applies appropriate organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, or any other form of unauthorized processing.

4. Data Subject Rights

According to the General Data Protection Regulation (GDPR) and Latvian law, you have the right to:

• Access your personal data and obtain a copy in electronic format

• Request the correction of inaccurate or incomplete data

• Request deletion of your personal data (“right to be forgotten”), unless storage is required by law

• Withdraw previously given consent

• Restrict the processing of your data

• Submit a complaint to the Data State Inspectorate

To exercise your rights, you may submit a request in person at Braslas iela 22B, Rīga, or email [email protected].

5. Final Provisions

5.1. This Privacy Policy is developed in accordance with Regulation (EU) 2016/679 of the European Parliament and Council (General Data Protection Regulation – GDPR), as well as applicable laws of the Republic of Latvia and the European Union.

5.2. The Data Controller reserves the right to modify or update this Privacy Policy at any time without prior notice. Changes become effective upon their publication on mvhealth.eu.


BEZMAKSAS PIEGĀDE / БЕСПЛАТНАЯ ДОСТАВКА x