Privacy Policy

1. Introduction

SovereignRack SIA ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or communicate with us.

We operate in accordance with the General Data Protection Regulation (GDPR) of the European Union and the data protection laws of Latvia. As a company providing data hosting services with a focus on EU data residency and compliance, we hold ourselves to the highest standards of data protection.

2. Data Controller Information

SovereignRack SIA is the Data Controller for the personal data processed under this Privacy Policy.

Contact Information:

• Address: Spilves iela 18, Kurzemes rajons, Rīga, LV-1055, Latvia
• Email: privacy@ambermetricsolutions.com
• Phone: +37167467919

Our Data Protection Officer can be contacted at dpo@ambermetricsolutions.com.

3. Personal Data We Collect

We may collect the following categories of personal data:

• Identification and Contact Information: Name, email address, phone number, company name, job title, and postal address.
• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform.
• Usage Data: Information about how you use our website and services, including page views, navigation paths, and features used.
• Communication Data: Information you provide when contacting us, including the content of messages, emails, and phone calls.
• Marketing Preferences: Your preferences in receiving marketing communications from us.

4. How We Collect Your Data

We collect personal data through the following methods:

• Direct Interactions: When you contact us, fill out forms on our website, subscribe to our newsletters, or request information about our services.
• Automated Technologies: As you navigate through our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns through cookies and similar technologies. Please see our Cookie Policy for more details.
• Third Parties: We may receive personal data about you from various third parties, such as analytics providers or business partners.

5. Legal Basis for Processing

We process your personal data on the following legal grounds:

• Consent: When you have given us explicit consent to process your personal data for specific purposes, such as sending you marketing communications.
• Contract Performance: When processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
• Legitimate Interests: When processing is necessary for our legitimate interests, provided these interests do not override your fundamental rights and freedoms.
• Legal Obligation: When processing is necessary for compliance with legal obligations to which we are subject.

6. Purposes of Processing

We process your personal data for the following purposes:

• To provide and maintain our services
• To communicate with you regarding our services
• To respond to your inquiries and requests
• To provide you with information about our services that may interest you
• To improve our website and services
• To ensure the security and proper functioning of our website
• To comply with legal obligations
• To prevent and detect fraud and abuse

7. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The specific retention periods depend on the nature and purpose of the data.

For example:

• Contact information from inquiries: 2 years after the last interaction
• Customer account information: Duration of the business relationship plus 5 years
• Technical and usage data: Up to 2 years

8. Data Sharing and Transfers

We may share your personal data with the following categories of recipients:

• Service Providers: Third-party vendors who perform services on our behalf, such as IT service providers, email delivery services, and customer support platforms.
• Professional Advisors: Lawyers, accountants, and insurers who provide professional services to us.
• Regulatory Authorities: Government bodies, regulators, and other authorities when required by law.
• Business Partners: In connection with certain services, we may share your information with our business partners, but only as necessary to provide those services.

We ensure that all third-party processors provide appropriate safeguards for your personal data. We maintain a list of all subprocessors, which is available to customers upon request.

9. International Transfers

We are committed to keeping your data within the European Union. We do not transfer your personal data outside the European Economic Area (EEA) unless such transfer is necessary for the provision of our services and appropriate safeguards are in place.

When transfers outside the EEA are necessary, we ensure that adequate protection is provided through:

• EU Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (BCRs)
• Other appropriate safeguards as required by GDPR

10. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

• Encryption of sensitive data
• Regular security assessments
• Access controls and authentication mechanisms
• Regular data backup procedures
• Staff training on data protection
• Physical security measures at our facilities

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We encourage you to take precautions to protect your personal data when online.

11. Your Data Protection Rights

Under GDPR and applicable data protection laws, you have the following rights:

• Right to Access: You have the right to request information about the personal data we hold about you.
• Right to Rectification: You have the right to request that we correct inaccurate or incomplete personal data.
• Right to Erasure: You have the right to request that we delete your personal data in certain circumstances.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
• Right to Withdraw Consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the contact information provided in Section 2. We will respond to your request within one month, as required by applicable law. This period may be extended by up to two additional months if necessary, taking into account the complexity and number of requests.

12. Cookies and Similar Technologies

Our website uses cookies and similar tracking technologies to distinguish you from other users and to enhance your experience. A cookie is a small file placed on your device when you visit a website.

We use the following types of cookies:

• Necessary Cookies: Required for the operation of our website.
• Analytical/Performance Cookies: Allow us to recognize and count visitors and see how visitors move around our website.
• Functionality Cookies: Enable our website to provide enhanced functionality and personalization.
• Targeting Cookies: Record your visit to our website, the pages you visit, and the links you follow.

For more detailed information about the cookies we use, please see our Cookie Policy.

13. Children's Privacy

Our website and services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated policy will be posted on this page with a revised "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

Significant changes to this Privacy Policy will be communicated to you through appropriate channels, such as email notifications or prominent notices on our website.

15. Complaints

If you have concerns about our processing of your personal data, please contact us first so that we can address your concerns. You also have the right to lodge a complaint with the data protection authority in Latvia or in the EU member state where you reside, work, or where an alleged infringement has occurred.

The Latvian data protection authority is the Data State Inspectorate (Datu valsts inspekcija):

• Address: Blaumaņa iela 11/13-15, Rīga, LV-1011, Latvia
• Email: info@dvi.gov.lv
• Website: https://www.dvi.gov.lv/en

16. Contact Us

If you have any questions or concerns about this Privacy Policy or our data protection practices, please contact our Data Protection Officer:

• Email: dpo@ambermetricsolutions.com
• Address: Spilves iela 18, Kurzemes rajons, Rīga, LV-1055, Latvia
• Phone: +37167467919