Web site Privacy Policy


  • GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
  • Personal data any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as the person’s name, surname, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Personal data processing – any operation or set of operations which is performed on Personal data or on sets of Personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Controller – a natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of Personal data.
  • Processor – a natural or legal person which processes Personal data on behalf of the Controller.
  • Data subject – indirectly or indirectly identified or identifiable natural person – SIA “RL2A” web site www.citadelebusinesscenter.lv visitors.


This web site Privacy Policy (henceforth – Privacy Policy) are a set of rules set by SIA “RL2A” designed to provide information about SIA “RL2A” Personal data processing purposes, legal basis on processing data from the Web site www.citadelebusinesscenter.lv, scope, protection, processing and storage periods, Personal data recipients, and Data subject’s rights during data acquisition and processing.

The full SIA “RL2A” Privacy Policy on processing of Personal data can be accessed by request, by sending a request to the SIA “RL2A” e-mail address.


Registration No: 40203257330
Legal address: Republikas laukums 2A, Rīga, LV-1010
Contacts: diana.bogrova@lordslb.lv


In case of any questions concerning the processing of Personal data carried out by SIA “RL2A”, we kindly ask to contact us by sending a message to the e-mail address: diana.bogrova@lordslb.lv.


The ASIA “RL2A” web site www.citadelebusinesscenter.lv (hereinafter – Web site) processes Personal Data, providing customers with the opportunity to familiarise themselves with the Citadele Business Center, its offer, as well as ensures convenient and rapid communication, using the contacts available on the Web site. SIA “RL2A” processes the following categories of Personal Data for the specific following purposes:

Purpose of processing Personal data

Personal data category

Receiving and administering applications or messages obtained from the Web site contact form.

Identification data – name, surname;

Contact details – telephone number, e-mail;

Other information — Name and content of the message or request

For the ensuring of functioning and analytics of the Web site

Cookies and their stored information (see Table 1.1)

To send offers, commercial messages or reminders

Identification data – name

Contact details – e-mail, telephone number;

Other information — Information about the services requested or the message left



SIA “RL2A” processes Personal data on the basis of the following legal grounds contained in Article 6 of GDPR:

The conclusion and performance of a contract – in order to ensure the processing of applications or messages received, the conclusion of a contract and the further provision of services.

Legitimate interest – in order to ensure that the rights and interests of the Data subjects or SIA “RL2A” are defended, to execute the legitimate interest of SIA “RL2A” to carry out direct marketing activities, provide answers to information requests from Data subjects and complaints.

Consent– in certain cases, the processing of Data subject’s Personal may be carried out on the basis of freely made and unambiguous consent. Such consent may be requested by the SIA “RL2A” to provide other data processing activities where this is necessary for legitimate purposes and does not endanger the rights and freedoms of the client, such as the deployment of cookies and the analysis of visits related to the Internet site..


The main source of the Personal data acquired from the Web site is the Data subject itself, for example, a message from the Web site’s contact form is filled by the Data subject. Personal data may also be obtained by SIA “RL2A” if the Data subject has voluntarily contacted the Controller, as well as in the process of concluding contracts.


In order to ensure the functioning of the Web site and the fulfilment of obligations against the Data subject, SIA “RL2A” is entitled to attract and authorise external service providers to carry out separate activities on behalf of SIA “RL2A”, for example, through the involvement of IT service providers or other partners. If, in the performance of these tasks, entities authorised by SIA “RL2A” process the Data subject’s data held by SIA “RL2A”, the authorised party of the relevant task shall be deemed to be the Processors of Personal Data held by SIA “RL2A”, and SIA “RL2A” shall have the right to transmit the necessary Personal data of the Data Subject to the Processors in the extent it is necessary to perform the allocated activities.

Information on the Personal Data held by the Processors and sub-processors SIA “RL2A” provides at the request of the Data Subject.


Personal data held by SIA “RL2A” shall not be transferred to third parties except in cases where:

  • the third party concerned must transfer the data within the framework of the contract in order to carry out any function necessary for the performance of the contract or delegated by law;
  • for the transfer of Personal data, the Data subject has given clear, unambiguous consent;
  • the disclosure of Personal data to the persons provided for in external regulatory enactments, upon a reasonable request is an obligation imposed on SIA “RL2A” by law, and in accordance with the procedures and to the extent specified in the external regulatory enactments;
  • the protection of the legitimate interests of SIA “RL2A” must be ensured, e.g. by turning to a court or other State authorities against a person who has infringed the legitimate interests of SIA “RL2A”.

When transferring personal data to third parties, SIA “RL2A” assesses the level of protection provided by third parties in accordance with regulatory enactments in order to ensure the greatest protection possible of the Data subject’s information.


SIA “RL2A” protects Personal data of the Data Subject by using opportunities provided by modern technologies, taking into account existing privacy risks and the reasonably available organizational, financial and technical resources of SIA “RL2A”, including, by ensuring the following security measures:

  • provides protection against unauthorized access to SIA “RL2A” internal IT systems, maintained databases and Personal data stored in electronic mail;
  • SIA “RL2A” uses an SSL-security certificate in operation of the www.citadelebusinesscenter.lv Web site, providing encrypted data transmission between the Data subject and the server on which the Data subject’s Data, which has been received through the Web site, is stored;
  • grants rights of access to the internal IT systems and databases of SIA “RL2A” only to a limited number of persons employed by SIA “RL2A”;
  • SIA “RL2A” Web site application forms are protected from malicious attacks by Google reCAPTCHA v 3.


SIA “RL2A” Web site may place links to other web sites. SIA “RL2A” does not control and shall not be held responsible for the content provided by a third-party web site or Personal Data collected by a third-party web site.

We inform that when any of the aforementioned web sites or any other third-party web site is visited, a privacy policy of the third-party web site holder applies to the processing of Personal data of the Data subject. We strongly advise to get acquainted with the policies provided by third parties under the privacy section of the respective web site.


Personal data for the purpose of sending commercial materials, as well as for the purpose of providing a response to incoming Data subject’s messages, shall be stored until the Data subject withdraws his Consent or objects to the Processing of Personal data or for a period of three years after the provision of services.


SIA “RL2A” informs that cookies are used to ensure the functioning of the www.citadelebusinesscenter.lv Web site as well to improve user experience and to obtain user statistics.

Small files stored on Web site visitor (hereinafter – User) devices. At the time the User accesses SIA “RL2A” Web site, our system reads these cookies and adjusts the settings accordingly. Cookies are like a key that your browser requests for customized information. Cookies are also used for other functions such as for obtaining statistics.

The Web site may use the following cookies:

  • Necessary cookies – provides customized Web site operation according to the choices made by the user, for instance, by saving the cookie policy approval. Cookies are required to enable the User to take full advantage of the features of the Web site and to navigate the site. Without these cookies, it is impossible to provide the services offered by the site to the User, they are essential for the functioning of the site.
  • Functionality cookies – Cookies that provide personalized and better user experience – collect information about the User’s habits on the Web site (frequently visited pages, remembers language selection or log-in data), and provide the ability to watch a video or perform different activities on the site. Cookies can be anonymized and do not store information about other site visits.
  • Preference and Statistics cookies – Cookies do not collect Personal data, the information is anonymous. Remembers User habits, such as the most visited pages and improves site performance, as well as analyzes usage and other activities.
  • Third party cookies – Any third party cookies, such as Google Analytics etc. cookies resulting from the use of third party provider services, which are needed to enable a third party full service to the Web site owner.


Each cookie is given an expiry for the length of time it stores Personal data and processes it. The cookie may also not have a specific running time, such cookie categories can be further subdivided into session and persistent cookies, which describe the nature and time of the cookie:

  • Session – session cookies are placed for the duration of the site visit and the information obtained is not stored longer than the site visit session.
  • Persistent – the information is placed and stored on the user’s computer even after the site visit. The expiry time of storing the information may vary for each cookie.

WHAT TYPE OF COOKIES ARE USED IN THE WEB SITE www.citadelebusinesscenter.lv?

Table 1.1.

Cookie name









Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website


1 year




Used to detect if the visitor has accepted the statistics category in the cookie banner. This cookie is

necessary for GDPR-compliance of the website.


1 year




Determines whether the user has accepted the cookie consent box


1 year




Determines whether the user has accepted the cookie consent box


1 year




Stores the user’s cookie consent state for the current domain


1 year




This cookie is used to determine the preferred language of the visitor and sets the language accordingly on the website, if possible


1 year




Stores the user’s cookie consent state for the current domain


1 year



In order to help SIA “RL2A”” better understand its visitors, SIA “RL2A” uses the services of Google Analytics web analytics platform, which stores a Google Analytics cookie, which, in combination with the code embedded in SIA “RL2A” Web site, collects information about User visits and sends it to Google servers. In turn, SIA “RL2A” accesses and analyzes the obtained statistics and uses it to customize the Web site accordingly to create a better user experience for Users. The information collected is anonymised before Google stores it on its’ servers.

If the User does not wish Google Analytics to process their Personal data in question, the User may deny the placement and analysis of such cookies by installing an Google Analytics Opt-out Program on the Users’ device. (Google Chrome Opt-out Tool available at: https://tools.google.com/dlpage/gaoptout?hl=en)


All cookies, except cookies that are required to ensure the functioning of the Web site, can be controlled or deleted. Most Internet browsers can be set up to block the storage of cookies on your device. Note that you will then need to adjust individual settings every time you visit the site, and some services and features on the site may not work. For more information on disabling cookies, visit: https://www.aboutcookies.org/.


The Data subject has the right to be informed about what Personal data is at SIA “RL2A” disposal in relation to the processing of Data subject’s Personal data, and to request access to, correction, replenishment or deletion of their Personal data, to limit the processing, and to object to the processing of Personal data, including the processing based on the legitimate interests of SIA “RL2A”, as well as to exercise the right to data portability, to the extent which SIA “RL2A” is able to provide technically. The rights of the Data subject shall be exercised to the extent that they do not conflict with SIA “RL2A” obligations under the regulatory enactments.

The Data subject may submit a request for the exercise of his rights by submitting a form for the implementation of Data subject’s rights to the SIA “RL2A” e-mail address: diana.bogrova@lordslb.lv.

SIA “RL2A” shall send a reply to the Data subject’s electronic mail address within 30 days of the receipt of the Data Subject’s request by the person responsible for the processing of Personal data, or through postal services by signed-for mail. If there is a need to clarify the information or carry out a more detailed investigation before answering, the response may take longer than 30 days, depending on the content of the request, but not more than 60 days.

Disputes related to the processing of Personal data shall be resolved through negotiations between the Data subject and SIA “RL2A”. If the Data subject considers that the processing of Personal data violates the person’s rights and interests in accordance with the applicable laws and regulations, the Data subject has the right to file a complaint to SIA “RL2A” responsible person for processing Personal data by submitting a complaint, or by turning straight to the Data State Inspectorate of the Republic of Latvia, address: Blaumaņa Street 11/13-11, Riga, LV-1011, Latvia, e-mail address: info@dvi.gov.lv.