Box offices

Dear customers of BIĻEŠU PARADĪZE! We process your personal Data in accordance with the requirements of the GDPR and privacy policy. This notification describes how we process the data of our customers and visitors to our websites, whose data may become available to us within our business activities.

The following data may become available to us:

When purchasing tickets at BIĻEŠU PARADĪZE website, we require the following data from the customer:

name, surname;
e-mail address;
payment requisites.

When reserving tickets, we require the following data from the customer:

name, surname;
e-mail address;
phone number.

When registering at BIĻEŠU PARADĪZE website, to ease the process of purchasing tickets, and in case of acceptance to receive the newest information and special offers about events, we require the following data:

name, surname;
e-mail address.

When purchasing tickets or receiving transferred payments:

name, surname;
e-mail address;
phone number;
mail delivery address;
payment requisites.


1. General description of the data processing that we implement.

We assume that before using our website or by becoming our client you have read this notification and have accepted the regulations stated in it. This is the updated version of the notification. We retain the right to amend and update this notification as necessary.

We inform you that the personal data processing provisions contained in this notification apply to the processing of personal data of individuals only.

In addition to these regulations you can get acquainted to the following additional notifications of using the website and personal data processing:

-The rules for using the website are available in the section Terms of use

-The rules and settings of using cookies are available in the section Cookie policy

We are aware that personal data is your value and we will process it in accordance with the requirements of confidentiality and taking care of the security of your personal data that we hold.

2. For what purposes do we process your personal data and what is the legal basis for the processing of personal data?

We will process your personal data for legitimate purposes only that are previously defined, including:

a) For initiation and provision of services, and for the performance and provision of the provided obligations

The main legal bases to be used for this purpose are:

-signing and performance of an agreement with data subjects (Article 6, paragraph one, point (b) of the General Data Protection Regulation);

-compliance with a legal obligation (Article 6, paragraph one, point (c) of the General Data Protection Regulation);

-the legitimate interests pursued by the controller (Article 6, paragraph one, point (f) of the General Data Protection Regulation), identification of you as the customer, identification of customer’s and/or cooperation partner’s contact person, means of communication with you.

b) Execution of requirements established in the regulatory enactments regarding the provision of services or execution of the requirements specified in other regulatory enactments

For this purpose, we are required to comply with both the requirements of the regulatory enactments and the requirements of the Accounting Law, as well as the requirements of the Archive Law and the requirements specified in other regulatory enactments.

The main legal bases to be used for this purpose are:

-compliance with a legal obligation (Article 6, paragraph one, point (c) of the General Data Protection Regulation).

c) Provision of marketing activities

For this purpose we would be able to send to customers who have signed up in the system and confirmed their consent to receive commercial announcements about events organised by our customers.

The main legal bases to be used for this purpose are:

-consent of the data subject (Article 6, paragraph one, point (a) of the General Data Protection Regulation);

-signing and performance of an agreement with data subjects (Article 6, paragraph one, point (b) of the General Data Protection Regulation);

-the legitimate interests pursued by the controller (Article 6, paragraph one, point (f) of the General Data Protection Regulation) for the provision of communication.

d) To ensure proper provision of the service

For this purpose we require to maintain and improve the technical system and IT infrastructure, to use technical and organizational solutions that can also use your personal data (for example, using cookies) to ensure proper provision of services

The main legal bases to be used for this purpose are:

-the legitimate interests pursued by the controller (Article 6, paragraph one, point (f) of the General Data Protection Regulation).

3. Who can access your personal data?

We take appropriate measures to process your personal data in accordance with the applicable law and to ensure that your personal data is not accessed by third parties that do not have the appropriate legal basis for processing your personal data.

According to necessity your personal data can be accessed by:

a) a limited number of our employees with authorization rights or directly authorized persons, who require it for the performance of their duties;

b) personal data processors in accordance with their provided services and only to the extent required, such as auditors, financial management and legal advisers, the developer/maintainer of the database, other persons involved in the provision of the controller’s services;

c) state and local government bodies in cases specified by the regulatory enactments, such as law enforcement agencies, local governments, tax administrations and sworn bailiffs.

4. What cooperation partners or personal data processors do we choose for personal data processing?

We take appropriate measures to ensure the processing, protection and transfer of your personal data to data processors in accordance with the applicable regulatory enactments. We carefully select personal data processors and, when making data transfer, we evaluate the necessity of it and the amount of the data to be transferred. Data transfer to the processors is executed subject to the requirements of the confidentiality and safe processing of personal data.

Currently we can cooperate with the following categories of personal data processors:

a) persons involved in the provision of our services;

b) outsourced accountants, auditors, financial management and legal advisers;

c) event producers; administrators of theatres and concert halls, cashiers

5. Is your personal data sent outside the European Union (EU) or European Economic Area (EEA) countries?

We do not transfer data to countries outside the European Union or the European Economic Area

6. How long will we store your personal data?

Your personal data is stored for as long as the storage of it is necessary for the purposes of personal data processing and in accordance with the requirements of the applicable regulatory enactments.

When assessing the duration of the storage of personal data, we take into account the applicable regulatory requirements, the aspects of performance of contractual liabilities, your instructions (for example, in the case of consent), as well as our legitimate interests. If your personal data is no longer required for the purposes specified, we will delete or destroy it.

The most common terms for storing personal data are listed below:

a) we will store personal data necessary for the performance of contractual liabilities until the agreement has been executed and until other storage deadlines are fulfilled (see below);

b) we will store personal data that must be stored in order to comply with the requirements of the regulatory enactments till the deadlines set forth by relevant regulatory enactments, for example, the law “On Accounting” states that the supporting documents must be stored until the date, when they are required to establish the beginning of each economic transaction and to keep track of it, but not less than for 5 years;

c) we will store data to prove the execution of our obligations for the general limitation period of the claim, in accordance with the time limits for the limitation periods set forth by the regulatory enactments – 10 years in the Civil Law, 3 years in the Commercial Law and other time periods, also taking into account the deadlines for bringing claims as provided by the Civil Procedure Law.

7. What are your rights as data subject regarding the processing of your personal data?

Updating of personal data

If there have been any changes to personal data that you have provided to us, such as changes in your personal identity number, contact address, telephone or e-mail, we kindly ask you to contact us and to provide us with the updated information so that we can achieve the relevant personal data processing purposes.

Your right to access and correct your personal data

In accordance with the provisions of the General Data Protection Regulation you are entitled to request access to your personal data that we hold, to request correction, deletion, processing limitation, to object to the processing of your data, as well as the right to data portability in the cases and as provided by the General Data Protection Regulation.

The company respects your right to access and to control your personal data, therefore, upon receipt of your request, we will respond to it within the time limits specified in the regulatory enactments (usually within no more than one month, if there is no specific request that requires a longer period to prepare the reply), and if possible, we will correct it accordingly, or we will delete your personal data.

You can obtain information about your personal data that we hold or implement your other rights as a data subject in one of the following ways:

a) by submitting a respective application in person and by identifying yourself at our office at the following address: 49-25 Ropažu iela, Riga, LV-1006, every working day from 10:00 a.m. to 4:00 p.m.;

b) by submitting a relevant application that is sent to us by mail to the following address: Ropažu iela 49-25, Rīga, LV-1006;

c) by submitting a relevant application that is e-mailed to us at: [email protected], and it is advised to sign it with a secure electronic signature.

Upon receipt of your application, we will evaluate its content and the possibility of identifying you, and depending on the situation, retain the opportunity of asking you to identify yourself additionally in order to ensure the security and disclosure of your data to the relevant person.

Withdrawal of consent

If the processing of your personal data is based on your provided consent, you are entitled to withdraw it at any time and we will not process your personal data in the future on the basis of a consent for the relevant purpose. However, we inform that withdrawal of consent cannot affect the processing of such personal data that is required for the execution of the requirements of the regulatory enactments or that is based on the agreement, our legitimate interests or other bases specified in the regulatory enactments for the lawful processing of the data.

You may also object to the processing of your personal data, when the processing of personal data is based on legitimate interests or is used for marketing purposes (for example, for sending commercial communications or for participation in lotteries).

8. Where can you file a complaint regarding issues related to the processing of personal data?

If you have any inquiries or concerns about the processing of your personal data that we implement, we encourage you to contact us first.

However, if you still consider that we have not been able to resolve the issue mutually and you still consider that we are violating your rights to the protection of personal data, you are entitled to file a complaint with the State Data Inspectorate. Sample applications for the State Data Inspectorate and other related information can be found on the State Data Inspectorate website (http://www.dvi.gov.lv/lv/datu-aizsardzība/privatepersona/projekta-paraugi/).

9. Why should you provide us your personal data?

Mainly we collect your information in order to execute the undertaken contractual obligations, to execute our binding legal obligations and to execute our legitimate interests. In these cases the obtaining of certain information is necessary for us to achieve the relevant purposes, therefore failure to provide such information may endanger commencement of the business relationship or performance of the agreement. If the data is not mandatory, but the submission of it might help improve the service or provide you favourable agreement terms and/or offers, upon data collection we will indicate that the provision of data is voluntary.

10. How do we collect your personal data?

We can collect your personal data in one of the following ways:

a) by a mutually signed agreement, obtaining data from you yourself;

b) by signing an agreement with a third party that has indicated you as the contact person;

c) from you, if you submit any application, send us any e-mail or call us;

d) from you, if you subscribe to our online services;

e) from you, by signing in on the website www.bilesuparadize.lv;

f) by making purchases at the points of sale and on the website www.bilesuparadize.lv;

g) by reserving tickets;

h) at the website www.bilesuparadize.lv, using cookies.

11. Is your personal data used for automated decision making?

We do not use your data for automated decision making.