Your Cart

Privacy Policy

Privacy Policy SIA " GBakery "

The purpose of the privacy policy is to provide the individual - the data subject - with information on the purpose of personal data processing, the legal basis, scope of processing, protection and term of processing when collecting data and processing the data subject's personal data.

Data manager and his/her contact details

The administrator of personal data processing with regard to its customers-buyers, employees, persons hired on the basis of civil law contracts, trainees and applicants for vacancies who have applied is Gbakery SIA, reg. no. No. 41503086016, legal address: Riga, Prusu street 1 k-2 - 70, LV-1063 (hereinafter referred to as the Company).

The company's contact details for questions related to the processing of personal data - telephone number : +371 29470752 , email : . You can use this contact information to ask questions about the processing of personal data. A request to exercise your rights can be made in accordance with paragraphs 21 and 22.

Company contact details for reporting possible data leaks:

General conditions

Personal data is any information about an identified or identifiable natural person.

The Privacy Policy covers the protection of the privacy and personal data of the following groups ("Customers"):

for natural persons - candidates (applicants);

Corporate clients (including potential, past and present clients)

Visitors to the company website, customer-buyers;

Under each of the groups of data subjects listed in paragraph 5 herein, the Company receives and processes the following categories of Customer Data: Customer name, e-mail address, telephone number, delivery address, payment information, technical browsing data (IP address , technical connection and browsing information), any other information provided on the website maintained by the Company and during the use of the services offered, or when contacting the Company.

The Company cares about the confidentiality and protection of Customers' personal data and respects Customers' right to lawful processing of personal data in accordance with applicable law - the Personal Data Processing Act, Regulation 2016/679 of the European Parliament and of the Council 27. April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data (hereinafter the Regulation) and other applicable privacy and data processing legislation.

The Privacy Policy applies to the processing of personal data regardless of the form and/or medium in which the Customer provides personal data (in person, on the Company's website, in paper format or by telephone).

Purpose of processing personal data

The company processes personal data for the following purposes:

To provide services:

To identify the Client's representative (a legal person);

To identify the Customer (natural person);

preparation and conclusion of a contract;

provision of services (fulfilment of contractual obligations);

developing new services;

consideration of objections or claims;

administration of invoices and delivery notes;

recovery and collection of debts;

maintenance and improvement of websites.

Business planning and analytics;

Customer safety, protection of company property;

In order to ensure a competitive recruitment process and to protect their legitimate interests with regard to recruitment:

assessment of the candidate's suitability for the vacancy as specified by the Company;

to conclude a contract with a candidate who meets the company's strictest requirements;

to initiate, enforce and defend legal action by the Company.

For legitimate company purposes:

conduct business activities;

to verify the identity of the customer (representative of the legal or authorised person, natural person) before purchasing the services;

ensure that contractual obligations are fulfilled;

retain the Customer's applications and applications for services;

carry out activities to attract and/or retain clients;

segment the client base to deliver services more efficiently;

design and develop services;

advertise your services by sending commercial messages;

send other reports on contract progress and events important to contract performance, and conduct customer surveys about services;

to prevent fraud against the company;

Ensure effective company management processes;

to ensure and improve the quality of services;

manage payments;

to carry out video surveillance for business security;

inform the public about its activities.

The company may process the candidate's personal data for recruitment purposes for a specific vacancy for which the candidate is applying or for prospective recruitment, if the candidate has agreed.

Legal basis for processing personal data

The legal basis for processing personal data by the company for the following personal data processing purposes:

Provision of services: Article 1 (1) (a), (b), (c) and (f) of the General Data Protection Regulation.

Business planning and analytics: Article 6 (1) (f) of the General Data Protection Regulation.

For customer security, protection of company property: Article 6 (1) (f) of the General Data Protection Regulation.

For staff selection: Article 6 (1) (a), (b), (c) and (f) of the General Data Protection Regulation; Articles 33, 35, 38 of the Labour Act.

Legitimate (legitimate) company interests: Article 6(1)(f) of the General Data Protection Regulation.

Categories of recipients of personal data

The company shall not disclose to third parties the Customer's personal data or any information obtained during the provision of the services and the term of the contract, including information on the services received, with the exception of

in accordance with the Client's explicit and unambiguous consent;

to persons covered by external regulations, at their reasonable request, in the manner and to the extent set out in the external regulations;

in cases stipulated by external regulations, to protect the legitimate interests of the Company, for example, by bringing an action in court or other public institutions against a person who has infringed the Company's legitimate interests.

Transmission of personal data

The Company will not disclose Personal Data to third parties, except as necessary for the reasonable conduct of business, ensuring that the relevant third parties maintain the confidentiality of Personal Data and provide adequate protection.

The Company may share Personal Data with suppliers, sub-contractors, strategic partners and others who assist the Company in its business for the purposes of appropriate co-operation. In such cases, however, the Company requires that the recipients of the data undertake to use the information received only for the purposes for which the data was transferred and in accordance with the requirements of applicable laws and regulations.

Access to personal data of third country organisations

We do not transfer personal data to third countries (outside the European Union and the European Economic Area).

Protection of personal data and retention period

The Company shall protect Customer Data using state-of-the-art technology, taking into account the existing privacy risks and the organisational, financial and technical resources of the Company reasonably available.

The Company shall store and process the Customer's personal data as long as at least one of the following criteria exists:

only as long as the contract concluded with the customer is in force or the service is provided to the customer;

data is necessary for the purpose for which it was collected;

until the Customer's application has been fully processed and/or executed;

while in the manner prescribed by external regulations, the Company or the Client may pursue their legitimate interests (e.g. by filing objections or taking legal action);

as long as the Company has a legal obligation to retain the data;

as long as the Customer's consent to the relevant processing of personal data is valid, unless there is no other legal basis for processing the data.

Upon completion of the circumstances referred to in clause 17, the Customer's personal data shall be deleted. Audit records shall be kept for at least one year from the date of the audit.

The company shall keep and process the personal data provided by the candidates for six (6) calendar months after the end of the selection or until the candidate's consent to the relevant personal data processing takes effect, if there is no other legal basis for data processing, and after that period the personal data shall be deleted or destroyed.

Access to personal data and other rights of the customer

The customer has the right to receive the information specified in the regulations in connection with the processing of their data.

In accordance with the regulations the Customer also has the right to request access to the Company's personal data and to request the Company to supplement, correct or delete or limit the processing in respect of the Customer, or the right to object to the processing. (including the processing of personal data by legitimate interests of the Company), as well as the right to data portability. This right shall be exercised insofar as the data processing does not arise from the Company's obligations under the applicable laws and regulations and carried out in the public interest.

A client may request the exercise of his or her rights in the following ways

in writing to the registered office;

by email, signed with a secure electronic signature and sent to the email address -

A candidate may apply to exercise his or her rights:

in writing in person by submitting an application to the Company;

in the form of electronic mail, signing it securely with an electronic signature;

by sending a signed application by post to the Company's registered office.

The company sends the response to the candidate's personal e-mail address (if the request is signed with a secure electronic signature) or by post to the contact address specified by the candidate by registered mail, or in writing personally, taking into account the person's response.

Upon receipt of a Client's request to exercise their rights, the Company shall verify the Client's identity, assess the request and execute it in accordance with the regulations.

The Company's response will be sent to the Customer by post to the contact address provided by the Customer in the registered letter or by e-mail with a secure electronic signature (if the application is submitted with a secure electronic signature), subject to the Customer's response.

The Company ensures that data processing and data protection requirements are met in accordance with the regulations and, in the event of the Customer's objection, performs useful actions to resolve the objection. However, if this fails, the Customer has the right to contact the supervisory authority - the Data State Inspectorate.

The customer has the right to receive one copy free of charge of his personal data processed by the Company.

The receipt and/or use of the information referred to in paragraph 28 herein may be restricted so as to prevent adverse impact on the rights and freedoms of others (including Company employees).

The Company undertakes to ensure the accuracy of Personal Data and relies on its customers, suppliers and other third parties who transmit Personal Data to ensure the completeness and accuracy of the Personal Data transmitted.

Customer consent to data processing and the right to withdraw it

The customer consents to the processing of personal data, the legal basis of which is consent, in writing in person at the company office or on the company website.

The Customer shall have the right to withdraw this consent to data processing at any time in the same manner as it was given and/or in accordance with the procedure set out in clause 22. In such a case, further processing based on prior consent for a specific purpose will no longer take place.

The withdrawal of consent does not affect the data processing carried out at the time when the Customer's consent was valid.

Withdrawal of consent cannot suspend data processing on other legitimate grounds.

Candidate's consent to data processing and the right to withdraw it

By submitting CVs and documents for staff selection, the candidate consents to the processing of the personal data contained therein for this purpose and is responsible for the suitability of the data submitted for the selection process. The processing of personal data of a candidate for other purposes requires the consent of the candidate, which may be provided in person in writing or electronically, thus ensuring the identification of the candidate.

The candidate has the right to withdraw his or her consent to the processing at any time in the same way as in this case, in which case further processing based on his or her prior consent for a specific purpose will no longer take place.

Withdrawal of consent does not affect the processing operations carried out during the validity period of the consent. Withdrawal of consent cannot suspend data processing for other legitimate reasons.

Visiting websites and processing cookies

Cookies can be used on the company website -

Cookies are files that websites place on users' computers to identify the user and make it easier for them to use the website. Internet browsers can be set up to alert the client to the use of cookies and allow the client to choose whether or not to accept them. Refusing to accept cookies will not prevent the client from using the website, but may limit the client's ability to use the website;

The Company's websites may contain links to third party websites that have their own terms of use and personal data protection, for the completeness of which the Company is not responsible.

Communication with the client and the candidate

The company contacts the client, candidate using their landline or mobile phone number, work email address, postal address given in the application, or other contact information provided.

Different rules

The Company may make changes and additions to the Privacy Policy and make it available to the Customer and posted on the Company's website.

The Company retains previous versions of the Privacy Policy. An up-to-date version of the Privacy Policy is available on the Company's website.

RigaJurmalaKekavaBuy online

Āģenskalna tirgus: stendi 'Vaniļas debesis" un "Bujums

Agenskalns Market: 'Vaniļas debesis' and 'Bujums' booths

Nometņu iela 64, Zemgales priekšpilsēta, Rīga, LV-1002

Stockmann supermarket & delicatessen

13. janvāra iela 8, Latgales priekšpilsēta, Rīga, LV-1050


Barona Centrs, Krišjāņa Barona iela 46, Centra rajons, Rīga, LV-1011


Brīvības iela 432, Vidzemes priekšpilsēta, Rīga, LV-1030

Garšu Osta

Garšu Osta, store-bistro, Meldru iela 3, Ziemeļu rajons, Rīga, LV-1015


Major Market

Tirgoņu iela 23, Jurmala, LV-2015



Shopping centre Liiba, Rigas str 22A, Kekava, Ķekava district, LV-2123

Our website uses cookies. By continuing to use it, you consent to the processing of your personal data in accordance with privacy policy .