🔒 Privacy Policy
Last updated: March 2026
At FitShop, we take your privacy seriously. This Privacy Policy explains what personal data we collect, how we use it, and what rights you have. We comply with the EU General Data Protection Regulation (GDPR) and applicable Latvian data protection law.
1. What Data We Collect
When you place an order
- Full name
- Email address
- Delivery address
- Phone number
- Payment information (processed securely — we do not store card details)
- Order history
When you create an account
- Name and email address
- Password (stored encrypted)
- Saved delivery addresses
When you visit our website
- IP address and browser type (via server logs)
- Pages visited, time spent, clicks (via Google Analytics — anonymised)
- Cookie data (see our Cookie Policy)
When you contact us
- Name, email address, and the content of your message
2. How We Use Your Data
| Purpose | Legal basis |
|---|---|
| Processing and fulfilling your order | Contract performance (Art. 6(1)(b) GDPR) |
| Sending order confirmations and delivery updates | Contract performance (Art. 6(1)(b) GDPR) |
| Responding to your enquiries | Legitimate interest (Art. 6(1)(f) GDPR) |
| Improving our website and user experience | Legitimate interest (Art. 6(1)(f) GDPR) |
| Complying with legal obligations (e.g. tax records) | Legal obligation (Art. 6(1)(c) GDPR) |
| Sending marketing emails (if you opted in) | Consent (Art. 6(1)(a) GDPR) |
3. Who We Share Your Data With
We do not sell your personal data. We share it only with trusted third parties who help us run our business:
- Delivery partners — Omniva (name and address for delivery)
- Payment processors — Swedbank (handled under their own privacy policies)
- Google Analytics — anonymised website usage data
- Email service provider — for sending order confirmations
- Hosting provider — website server (data stored within the EU)
4. How Long We Keep Your Data
| Data type | Retention period |
|---|---|
| Order and transaction records | 10 years (legal requirement in Latvia) |
| Customer account data | Until account deleted or 3 years inactive |
| Marketing consent | Until you unsubscribe |
| Contact form messages | 2 years |
| Analytics data | 26 months (Google Analytics default) |
5. Your Rights Under GDPR
- Right of access — request a copy of the data we hold about you
- Right to rectification — ask us to correct inaccurate data
- Right to erasure — ask us to delete your data
- Right to restriction — ask us to limit how we process your data
- Right to data portability — receive your data in a machine-readable format
- Right to object — object to processing based on legitimate interest
- Right to withdraw consent — withdraw marketing consent at any time
To exercise any of these rights, contact us at info@fitshop.lv. We will respond within 30 days.
6. Cookies
We use cookies to improve your experience. For full details, see our Cookie Policy.
7. Data Security
We take appropriate technical and organisational measures to protect your personal data, including SSL encryption, secure servers, and access controls.
8. Children’s Privacy
Our website is not intended for children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date.
10. Contact & Complaints
- Email: info@fitshop.lv
- Address: Dalbes iela 8 – 50, OLAINE, LATVIA
Website: www.dvi.gov.lv | Email: info@dvi.gov.lv | Phone: +371 67223131