This document is valid from 14 June 2021.

This is Joint Undertaking UNICO Limited Liability Company“, hereinafter referred to as “Society”Privacy Policy applicable to the Company and to natural persons with whom the Company does business or interacts.

This Privacy Policy may be available in several languages; all versions are legally binding, but in the event of a conflict between the English version and the translated version, Latvian the version that prevails.

This Privacy Policy describes how the Company will receive, use and share individuals' personal data (identifiable information), including information received on its website www.deglavarezidence.lv. This Privacy Policy also sets out the choices and rights of individuals regarding the use, access, correction or deletion of their personal data.

SATURS

Section headings are for reference only and do not affect the content or interpretation.

1. Definitions
2. About the Company
3. Subject of this Privacy Policy
4. Persons data collection
5. Purpose and legal basis for processing personal data
6. Personal data that the Company may process and groups of personal data
7. Disclosure of personal data collected
8. Transfer of personal data to other countries
9. Storage of personal data collected
10. Your rights
11. Your consent and how to obtain it Retrieved from
12. If you choose not to provide personal data
13. These Privacy policy amendments
14. Communication with the Public. Rectification of your personal data
15. Personal data breaches
16. Legal basis

1. Definitions

“EEA“ - European Economic Area.

“Society“ - Joint Venture limited liability company “UNICO”, a limited liability company registered in the Commercial Register of the Republic of Latvia with the single registration number 50003419791 and registered office at 12 - 123 Ropažu Street, Riga, LV-1039, Latvia.

“non-personal data“ - information on the basis of which a natural person is indistinguishable from other natural persons, including anonymised personal data.

“personal data“ means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as that person's name, identification number, location data, online identifier or to one or more factors specific to that natural person's physical, physiological, genetic, mental, economic, cultural or social identity.

“process“ or “processing” means the collection, recording, storage, use, adaptation, disclosure, transfer or erasure of personal data and/or non-personal data.

“Privacy Policy” - this Privacy Policy, which applies to the Company and to individuals with whom the Company does business or interacts, as it may be amended from time to time.

“sensitive personal data“ - personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership, and genetic data, biometric data, health data or data concerning a natural person's sex life or sexual orientation.

“You are“, “Yours“ or “Sev“ - a natural person who is asked or chooses to provide the Company with his/her non-personal data or personal data, such as a purchaser of the Company's property, a prospective or existing employee or a representative of a service provider.

2. About the Company

2.1 Personal Data is processed by the Company - SIA Kopuzņēmums sabiedrība ar ierobežotu atbildību “UNICO”, a limited liability company registered in the Republic of Latvia, single registration number 50003419791 and registered office at 12 - 123 Ropažu Street, Riga, LV-1039, Latvia.

2.2 The Company is the data controller responsible for your personal data. The Company shall process your personal data in accordance with applicable data and privacy laws and regulations. Your personal data will only be used for the purposes and in the manner set out in this Privacy Policy.

3. Subject of this Privacy Policy

3.1 This Privacy Policy provides you with information about how the Company will monitor and manage your personal data. In particular, this Privacy Policy:

• Contains information about the personal data that the Company collects about you.
• Explains how the Company processes your personal data.
• Inform you of the persons to whom your personal data may be transferred.
• Informs you about your rights and how to exercise them.

3.2 This Privacy Policy does not affect any rights that the Company has under applicable law in relation to the collection, use and/or disclosure of your personal data.

3.3 If you have entered into any contract with the Company, this Privacy Policy shall form an integral part of that contract. If there is any conflict or inconsistency between the terms of this Privacy Policy and the terms of any contract you have with the Company, the terms of this Privacy Policy shall prevail.

3.4 If you have any questions about the Company's personal data protection practices that are not addressed in this Privacy Policy, please contact the Company by sending an email to: sales@deglavarezidence.lv or by written application to the Joint Venture Limited Liability Company “UNICO”, 12 - 123 Ropažu Street, Riga, LV-1039, Latvia.

3.5 By submitting personal data to the Company, you consent to its transfer, storage and processing as set out in this Privacy Policy.

4. Collection of personal data

The Company may collect information about you from the following sources:

4.1 You provide the Company with personal data:

• When you submit or send letters, emails, submissions or consents to the Company.
• When you and the Company enter into any contract.
• When you respond to requests from the Company to provide additional personal data.
• When you ask to be added to the list of recipients of emails or other notifications.
• By communication between you and the Company by telephone, email, text messages or other forms of communication.
• When you provide the Company with your personal data for any other reason.
• When you provide your personal data to a third party to share with the Company.

4.2 The Company may receive your personal data from:

• State Revenue Service, Social Insurance Agency, courts, prosecutor's office, police, State Probation Service, Orphan's Courts and other state and local government institutions, and law enforcement institutions in accordance with the competence of the respective institutions and authorities established by the regulatory enactments.
• Social networks.
• Third parties who recommend or introduce you as a potential employee, service provider, vendor, business partner or purchaser of the Company's property.

4.3 The Company may also obtain your personal data from:

CCTV cameras of the Company installed in the territory or premises owned by the Company for security reasons - to prevent or detect criminal offences and to protect the vital interests of you and others.

5. Purpose and legal basis for processing personal data

5.1 The Company processes your personal data for the following purposes:

• Concluding and signing any contract with you.
• the performance of any contract that the Company has with you.
• Building relationships with potential employees, service providers, vendors, business partners or buyers of the Company's properties.
• Building relationships with potential buyers of the Company's properties and analysing such relationships in the context of advertising and marketing activities.
• Provision of advertising and marketing activities: information, communication, sending of notices related to products, services and property sold by the Company.
• Processing of transaction data in accordance with the Law on Accounting and the Law on Prevention of Money Laundering, Terrorism and Proliferation Financing.
• To improve customer service.
• When the Company is legally obliged to do so (the processing of your personal data is necessary for the Company to comply with applicable law).
• When it is in the legitimate interests of the Company. This is when the Company has a commercial reason to use your personal data. However, when the Company processes your personal data for its legitimate interests, such processing must not unfairly go against what is right for you or what is in your interests.
• When you agree.

5.2 The Company may use your personal data in the following ways:

• For feedback.
• To communicate with you and carry out your instructions.
• published on the Company's websites, social media profiles and for other purposes related to its marketing and promotional activities (subject to your explicit written consent).
• Answer your questions and requests.
• Manage the Company's business and comply with internal policies and procedures.
• Facilitate transactions in business assets (this may include any reorganisation, acquisition or transfer, purchase or sale of assets) involving the Company.
• Use any of your personal data for analytical and statistical research on the Company's business processes.
• Prevent, detect, report and investigate any breach of any contract that the Company has with you.
• Protect and enforce the Company's contractual and legal rights and obligations.
• Assist in any investigation by a law enforcement agency suspecting that a crime has been committed.
• Comply with legal obligations and regulations and provide information to the State Revenue Service, Social Insurance Agency, courts, prosecutor's office, police, State Probation Service, Orphans' Court and other state and local authorities and law enforcement bodies in accordance with the competence of the relevant authorities and bodies as defined by the applicable legal provisions.
• Any other use as set out in this Privacy Policy or applicable law.
• Any other use that the Company considers necessary for the protection of the Company's legitimate interests.

5.3 You must ensure that any personal data you provide to the Company is complete, accurate, true and correct. Any errors made by you may result in a delay or inability to deal with your letter, email, application or request or for the Company to enter into or perform any contract it has with you.

6. Personal data that the Company may process and groups of personal data

6.1 The Company may carry out different types of processing of personal data. It collects personal data in the following groups:

Group and types of personal data that may be included in the group

Financial data

• Information about your current accounts and related details.

Contact

• First name, last name, other names.
• Date of birth.
• Citizenship.
• Country of tax residence.
• Email address.
• Residential and postal addresses.
• Phone numbers.
• Any other contact details you provide.

Contractual

• Information about the performance of any contract the Company has with you.

Contact

• Information provided in your communications and your comments and opinions, such as complaints or questions submitted to the Company.

Social relations

• First name, last name, other names.
• Personal ID.
• Place of birth.
• Date of birth.
• Passport or other identification document details.
• Citizenship.
• Email address.

Available data and public records

• Publicly available data and information.

Documentary data

• Passport or ID card.

Types of special data

• Your criminal convictions and offences (If you disclose this to the Company or it is publicly available information or if such information has been provided to the Company by third parties on a lawful basis).
• Proof of a negative Covid-19 test or vaccination or similar, as required by applicable law.

Consent

• Any permissions, consents or choices you provide to the Company.

6.2 The Company may use Sensitive Personal Data only when necessary:

• To detect and prevent crime, including fraud.

To prepare, pursue or defend legal claims.

7. Disclosure of personal data collected

7.1 Personal data will be protected and kept confidential, but in order for the Company to perform its contractual obligations, exercise its rights or comply with applicable law, your personal data may be disclosed or transferred to the following parties (as applicable):

• Companies within the same group of companies as the Company and other companies related to the Company.
• the Company's suppliers, business partners, sales agents, distributors or service providers who provide the Company with services such as telecommunications, information technology, payment processing, storage and archiving services, and others.
• Companies providing insurance and/or reinsurance services to the Company.
• Banks and other payment service providers providing financial services to the Company;
• the Company's clients and the clients of the Company's clients to whom the Company provides services directly or indirectly to the extent necessary for the performance of the Company's obligations;
• To anyone to whom the Company assigns or may assign its rights or obligations.
• The Company's professional advisers, such as sales agents, valuers, accountants, auditors, lawyers, etc.
• the Company's business partners, subcontractors and other persons providing services to it or its clients.
• the Company's business partners, investors, transferees or assignees and/or their advisers (actual or potential) to facilitate transactions involving the Company's business assets, which may include any reorganisation, acquisition or transfer, purchase or sale of assets. If a transaction is carried out, the buyer, seller, successor or reorganisation partner may process your personal data in the same way as the Company in accordance with this Privacy Policy.
• The persons to whom you request the transfer of your personal data.
• on the Company's websites, social media profiles and other marketing and promotional material (subject to your express written consent).
• Any judicial, executive or law enforcement authority or any other authority or body having jurisdiction over the Company.
• Any other person in connection with the purposes set out in this Privacy Policy or applicable law.

7.2 If any third party processes your personal data on behalf of the Company, it is subject to strict security and confidentiality rules in accordance with this Privacy Policy and applicable law. The Company will take all steps reasonably necessary to ensure that such third party processes your personal data securely and in accordance with this Privacy Policy and applicable law.

7.3 Third parties to whom the Company discloses your personal data are bound by the terms of the agreements and applicable law and may not use your personal data for secondary purposes (i.e. other than as provided for in this Privacy Policy). The processing of personal data by such third parties for their own purposes is subject to their respective privacy policies and applicable law.

7.4 The Company will not sell or rent your personal data to third parties. It will not share your personal data with third parties for their marketing purposes without your consent.

8. Transfer of personal data to other countries

8.1 The Company may transfer your personal data outside the European Economic Area („EEA”) only for:

• Follow your instructions.
• Meet the Company's obligations.
• Work with the Company's clients.
• Work with the Company's suppliers, subcontractors, sales agents, distributors, service providers and professional advisors.
• To report to the members of the Company on its activities.

8.2 If the Company transfers your personal data outside the EEA, it will make sure that the personal data is protected in the same way as if it were used in the EEA. The Company will take all necessary steps to ensure that your personal data is processed securely and in accordance with this Privacy Policy. If the Company transfers your personal data outside the EEA, it will ensure that one of the following safeguards is in place:

• The personal data is transferred to the recipient in a country outside the EEA but which has privacy laws that offer the same protection as in the EEA.
• The recipient has a contract with the recipient under which the recipient is obliged to protect personal data to the same standards as in the EEA, or you have provided your consent.

9. Storage of personal data collected

9.1 The Company will keep your personal data for 5 (five) years after the end of the legal relationship that the Company has with you, or in the event that no legal relationship has been established - then for 5 (five) years after receipt of your personal data or for a longer period if it is necessary for the performance of the Company's legal obligations or compliance with applicable legal provisions.

9.2 The Company has the right to continue to store your personal data for up to 10 (ten) years for the following purposes:

• To respond to an application, question or complaint.
• To demonstrate that the Company is acting fairly towards you.
• To establish, exercise or defend legal claims.
• To maintain records in accordance with applicable law.
• For reasons of legitimate public interest.
• To comply with applicable law.

9.3 The Company may keep your personal data for longer than 10 (ten) years for legitimate interest, research or statistical purposes or if required by applicable law. If the Company does so, it will ensure that the privacy of your personal data is protected and that your personal data will only be used for the purposes set out above.

10. Your rights

10.1 You have certain rights that may be exercised in relation to the processing of your personal data. To exercise the rights set out below, please contact the Company by sending an email to: sales@deglavarezidence.lv or by written application to the Joint Venture Limited Liability Company “UNICO”, 12 - 123 Ropažu Street, Riga, LV-1039, Latvia.

10.2. Access to your personal data. You have the right to access the personal data that the Company holds about you and to request that the Company provide specific information about the processing of your personal data. The Company may require you to prove your identity before disclosing data to you. These are known as “the right to access”.

10.3. Informing the public about incorrect personal data. You have the right to question any information that the Company holds about you if you consider it to be incorrect or incomplete. If you do so, the Company will take appropriate steps to check the accuracy of the information and correct it if necessary. These are known as “right to rectification”.

10.4. Requesting non-processing of your personal data. You have the right to ask the Company to delete, remove or stop using your personal data if the Company does not need to keep it. Even if you object to the use of your personal data, the Company may still process it for lawful or other official reasons, such as legal claims, or to exercise its legal rights. However, please inform the Company if you believe that it should not use any of your personal data. These are known as “right to erasure” or “the right to be forgotten”.

10.5. Restriction of processing of your personal data. You have the right to restrict the processing of your personal data. In this situation, the Company will not use or disclose your personal data while it is restricted, unless the Company needs to use it for specific purposes, such as for legal claims or to exercise its rights. These are known as “right to restriction of processing”.

10.6 You may ask the Company to restrict the use of your personal data if:

• They are not precise.
• They were used illegally; however, you do not want the Company to delete them.
• They are no longer relevant, but you want the Company to keep them for use in legal claims or for other purposes.
• You have already asked the Company to stop using your personal data, but you are waiting for it to tell you whether or not it is allowed to continue using it.

10.7. Obtaining your personal data. You have the right to receive your personal data processed by the Company by automated means on the basis of your written request. In this situation, the Company will provide you with your personal data in a format that can be easily reused. You may also request that your personal data be transferred to other parties in this format and, where technically feasible, the Company will do so. These are known as “the ”right to data portability".

10.8. Opposing the processing of your personal data. You have the right to object to the processing of your personal data by the Company. Even if you object to the processing of your personal data by the Company, it may still process your personal data for lawful or other legitimate reasons, such as legal claims, its legitimate interests or the exercise of its rights. However, please let the Company know if you believe that it should not process your personal data. These are known as “right to object”.

11. Your consent and how to withdraw it

11.1 The Company may require you to provide consent in a separate written or electronic format for the processing of your personal data for purposes for which the Company is required to obtain your consent under this Privacy Policy or applicable law. You will decide at your discretion whether or not to provide such consent by making appropriate notations on the document prepared by the Company.

11.2 You may withdraw your consent to the processing of your personal data for a particular purpose at any time. If you wish to do so, please contact the Company by sending an email to: sales@deglavarezidence.lv or by written application to the Joint Venture Limited Liability Company “UNICO”, 12 - 123 Ropažu Street, Riga, LV-1039, Latvia.

12. If you choose not to provide personal data

12.1 If you choose not to provide the Company with your personal data, the Company may not be able to enter into a contract or other legal relationship with you.

13. Privacy policy amendments

13.1 The Company may update this Privacy Policy from time to time to ensure that it is in line with future developments in the Company's business, improvements in technology and/or any changes in legal or regulatory requirements.

13.2 If there is an existing contract between you and the Company, any amendments to this Privacy Policy will be notified to you via your contact details or in person. Otherwise, an updated version of this Privacy Policy will be posted on the Company's website.

14. Communication with the Public. Rectification of your personal data

14.1 If you have any questions or complaints regarding the processing of your personal data or if you wish to make corrections or obtain a copy of your personal data record, please contact the Company by calling +371 24778822 or sending an e-mail to: sales@deglavarezidence.lv, or by sending the document to the address: Joint Venture Limited Liability Company “UNICO”, 12 - 123 Ropažu Street, Riga, LV-1039, Latvia.

15. Personal data breaches

15.1 In the event of a personal data breach, the Company shall notify the personal data breach to the supervisory authority without undue delay and, if possible, not later than 72 hours from the time the breach became known, except in cases where the personal data breach is unlikely to result in a high risk to your rights and freedoms.

15.2 In the event that a personal data breach could result in a high risk to your rights and freedoms, the Company will notify you of the personal data breach without undue delay, unless:

15.2.1. the Company has implemented appropriate technical and organisational protection measures, in particular measures to render personal data unintelligible to persons who do not have the power to access the data, such as encryption or

15.2.2. the Company has taken further measures to ensure that the high risk to your data rights and freedoms is no longer likely to materialise.

15.3 A third party processing your data on behalf of the Company shall notify the Company without undue delay as soon as it becomes aware of a personal data breach.

15.4 The Company shall document all personal data breaches, indicating the facts related to the personal data breach, its consequences and the corrective actions taken.

16. Legal basis

16.1 This Privacy Policy is based on Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) and provides adequate protection with regard to the processing of your personal data in accordance with the General Data Protection Regulation and other laws and regulations applicable in the Republic of Latvia.