Register to unlock your exclusive B2B prices and start shopping. Sign up now!

Privacy Policy

Updated: 20.08.2025

In short: we collect business contact data and portal usage data to perform contracts, support customers, issue invoices, deliver goods, and comply with the law. You may request access, rectification, or deletion of your data, as well as object to processing for direct marketing.

1. Who we are and contacts

  • Data Controller: SIA ATTA-1 (reg. no. 40003369889)
  • Address: Daugavgrivas street 77, LV-1007, Riga, Latvia
  • Trademark: Bank of Lamps
  • Data protection email: [email protected]

2. What data we collect

  • Company registration data: company name, registration or VAT number, legal address, corporate website.
  • User data: first name, last name, work e-mail, phone.
  • Account settings: company language, user role within the account (assigned by the company administrator).
  • Logistics information: delivery address (if different from legal), recipient contact, tail lift requirement (Yes/No).
  • Payment details: bank name, IBAN, SWIFT, bank account number.
  • Technical data: Cookie-ID, IP address, approximate geolocation (by IP), browser/device type and version, referrer/UTM tags, interface events (for analytics and security).

Why do we request payment details? We use this information solely for accurate and accelerated processing of payments and invoicing. We do not have access to your bank account, do not use the data for other purposes, and do not share it with third parties unless required by law.

We do not collect sensitive personal data. Most information relates to business contacts and company details.

3. Purposes and legal bases

PurposeExample operationsLegal basis (GDPR)
Account registration and administrationProfile creation, access rightsContract (Art. 6(1)(b)); Legitimate interest (Art. 6(1)(f))
Order and delivery processingQuotations, invoices, delivery, returnsContract; Legal obligation (VAT/accounting – Art. 6(1)(c))
Support and communicationCustomer support, shipment status, notificationsContract; Legitimate interest
Security and abuse preventionEvent logs, login monitoringLegitimate interest; Legal obligation
B2B marketingProduct updates, newslettersConsent (Art. 6(1)(a)); Legitimate interest; right to object
Product analyticsAnonymized usage statisticsLegitimate interest; for cookies – consent

You may withdraw consent to marketing at any time via account settings or the “Unsubscribe” link in emails.

4. Cookies and analytics

Our website bankoflamps.com uses cookies for proper functionality and (with your consent) for analytics and marketing. Upon your first visit, you will see a “Cookie Settings” banner where you can choose which categories of cookies to allow. You may change your choice later by clearing cookies in your browser settings and re-entering the site.

  • Strictly Necessary (always active): session, authentication, cart, basic interface settings. These cookies are essential for the site to function and do not require consent.
  • User Experience Analytics: Microsoft Clarity helps us understand user behavior and improve usability (without identifying individuals).
  • Analytics & Performance Monitoring: Google Analytics 4 (including via Cloudflare) is used to analyze traffic and performance.
  • Marketing & CRM: HubSpot is used for customer communications and engagement analysis.

Analytical and marketing cookies are used only with your consent. Cookies do not contain personal data and cannot directly identify or contact you.

5. Sharing and recipients

We share data only when necessary:

  • IT service providers (hosting, email, analytics, CRM, ERP, development).
  • Logistics partners and customs brokers.
  • Payment providers and banks.
  • Manufacturers/suppliers – in case of direct shipment.
  • Authorities – upon lawful request.

Data processing agreements (Art. 28 GDPR) are in place with all processors. We do not sell data.

6. International transfers

If data is transferred outside the EEA, we apply safeguards in accordance with GDPR Chapter V: Standard Contractual Clauses (SCCs), third-country law assessments, and additional security measures.

7. Data retention

Data categoryRetention periodBasis
Portal accountsAs long as the contract is valid; archived up to 3 years after deactivationContract / Legitimate interest
Financial documents10 yearsLegal obligation (tax/accounting)
Support correspondenceup to 2 yearsLegitimate interest
Marketing consentsas long as consent is active, plus 2 years for auditConsent / Legal obligation to retain proof
Analytical log data6–24 months (aggregation/anonimization)Legitimate interest

8. Security

We apply technical and organizational measures: encryption (TLS/SSL), access control, audit logs, backups, data minimization and need-to-know principles, staff training, confidentiality agreements with contractors.

9. Payment transaction security

Payment data is transmitted securely via encryption and secure communication channels. Bank of Lamps | SIA ATTA-1 does not have access to your bank accounts and does not store payment card data; the data is used solely for invoicing and payment processing.

10. Your rights (GDPR)

You have the right to request access, rectification, erasure, restriction of processing, portability, objection to processing (including marketing). To exercise your rights, write to [email protected]. You may also lodge a complaint with a supervisory authority: the Data State Inspectorate (Latvia) or your local EU authority.

11. Minors

The services are intended for B2B and are not directed at children. We do not knowingly process data of persons under 16 years old.

12. Changes to this policy

We may update this Policy. The version published on the website replaces all previous editions; we notify of significant changes in the account and/or by email.

13. How to contact us

For questions or rights requests, write to: [email protected]. Postal address: Daugavgrivas street 77, LV-1007, Riga, Latvia.

Version: 20.08.2025 • Applicable law: GDPR and Latvian law • Language: EN