Prinvent Marketplace

Privacy policy

Welcome to Prinvent Marketplace (“Prinvent”, “we”, “us”, or “our”).

This Privacy Policy explains how we collect, use, store, disclose, and protect personal data when you visit or use the Prinvent Marketplace website, create an account, place an order, sell products through the platform, contact us, or otherwise interact with our services.

We are committed to handling personal data in a transparent and lawful way, in accordance with the General Data Protection Regulation (GDPR) and other applicable laws. The GDPR requires transparency around how personal data is processed and gives individuals a number of rights over their data.

1. Who we are

Data Controller:
SIA ROICAVE
40203530697
Rīga, Ormaņu iela 15 – 6, LV-1002
info@prinvent.com

For general privacy questions, you can contact us at:
info@prinvent.com

Where marketplace sellers process customer data for their own sales, fulfillment, customer support, or legal obligations, those sellers may also act as independent data controllers for their own processing activities. Under GDPR, the controller is the party that determines the purposes and means of processing.

2. Scope of this Privacy Policy

This Privacy Policy applies to personal data processed through:

  • the Prinvent Marketplace website
  • customer accounts
  • seller accounts
  • orders and transactions
  • downloadable product delivery
  • communications with support
  • newsletters or marketing communications, if enabled
  • technical website usage, analytics, and security tools

This Privacy Policy does not necessarily cover third-party websites, payment providers, shipping companies, or independent seller websites/services that may be linked from the platform. Those third parties may have their own privacy policies.

3. What personal data we collect

Depending on how you use the platform, we may collect the following categories of personal data:

3.1 Information you provide directly

  • full name
  • email address
  • phone number
  • billing address
  • delivery address
  • company name, registration data, and VAT details if applicable
  • account login details
  • messages sent to us or through the platform
  • order details
  • bank details where needed for refunds or seller payouts
  • seller profile information and business details
  • uploaded content, product listings, images, descriptions, and files submitted by sellers

3.2 Transaction and order information

  • products purchased
  • seller information
  • payment-related metadata
  • order value
  • order status
  • refund and return information
  • shipping and delivery information

3.3 Technical and usage data

  • IP address
  • browser type and version
  • device type
  • operating system
  • referral source
  • pages viewed
  • time spent on pages
  • click and navigation activity
  • log data
  • cookie and similar technology data

3.4 Data from third parties

We may receive personal data from:

  • payment service providers
  • delivery service providers
  • marketplace sellers
  • identity or fraud prevention service providers
  • analytics and security providers
  • social media or login integrations, if used

Under the GDPR, personal data includes a broad range of information relating to an identified or identifiable person, and the regulation requires organisations to process only what is necessary for a specific purpose.

4. How we use personal data

We use personal data for the following purposes:

4.1 To provide the marketplace services

  • create and manage user accounts
  • allow customers to browse, buy, and download products
  • allow sellers to create profiles and manage listings
  • process orders, returns, and refunds
  • communicate about orders and account activity

4.2 To operate and improve the platform

  • maintain website functionality
  • monitor performance and troubleshoot issues
  • improve user experience
  • develop new features
  • manage platform administration

4.3 To provide customer and seller support

  • respond to questions and requests
  • investigate disputes, complaints, damaged items, or incorrect orders
  • manage marketplace trust and safety

4.4 For security and fraud prevention

  • detect suspicious activity
  • protect accounts and transactions
  • prevent abuse, fraud, or misuse of the platform

4.5 For legal and compliance purposes

  • comply with accounting, tax, consumer protection, and legal obligations
  • maintain records required by law
  • respond to lawful requests from public authorities

4.6 For marketing communications

Where permitted by law or where you have consented, we may send updates, promotional content, or newsletters. You can opt out at any time.

The GDPR is based on principles including lawfulness, fairness, transparency, purpose limitation, data minimisation, storage limitation, integrity/confidentiality, and accountability.

5. Legal bases for processing

Under the GDPR, we rely on one or more of the following legal bases to process personal data:

  • Contract – where processing is necessary to provide our services, manage your account, or fulfill an order
  • Legal obligation – where processing is necessary to comply with legal requirements
  • Legitimate interests – where processing is necessary for running, securing, and improving the platform, provided your rights do not override those interests
  • Consent – where required, for example for certain marketing activities or optional cookies

6. Marketplace sellers and data responsibility

Prinvent Marketplace is a multi-vendor platform. This means that certain personal data may be shared with marketplace sellers where necessary to complete and manage an order.

For example, sellers may receive relevant customer data such as:

  • customer name
  • delivery details
  • order details
  • contact information where needed for fulfillment or support

Where a seller decides how customer data is used for order fulfillment, customer communication, legal compliance, or internal business records, that seller may act as a separate data controller for those activities. GDPR guidance makes clear that controller/processor roles depend on who decides the purposes and means of processing.

Prinvent is not responsible for privacy practices adopted independently by third-party sellers outside the scope of the platform’s own operations. Sellers are expected to comply with applicable data protection law.

7. Payments

Payments may be processed through third-party payment providers. Prinvent does not necessarily store full payment card details on its own systems if secure external payment processors are used.

We may receive limited payment-related information such as:

  • transaction status
  • payment reference
  • partial payment metadata
  • refund status

Payment providers process personal data under their own privacy and compliance frameworks.

8. Shipping and delivery partners

Where necessary to deliver orders, personal data may be shared with shipping and delivery providers, such as:

  • Omniva
  • DPD
  • Venipak
  • Latvijas Pasts
  • other logistics partners used by sellers or Prinvent

Shared data may include:

  • customer name
  • delivery address
  • phone number
  • shipment details

This is done only where necessary for order fulfillment.

9. Digital products and downloads

If you purchase downloadable products, we may process personal data to:

  • confirm your purchase
  • provide access to the digital content
  • prevent unauthorized access or abuse
  • maintain transaction records
  • provide support

Customers should understand that digital delivery may create logs relating to access, downloads, and account activity for security and operational reasons.

10. Cookies and similar technologies

We may use cookies and similar technologies for:

  • essential site functionality
  • remembering preferences
  • analytics and performance measurement
  • security
  • marketing, where applicable and permitted

Where required by law, non-essential cookies should only be used with your consent. You may also be able to manage cookie settings through your browser or cookie preferences tool.

It is usually best practice to publish a separate Cookie Policy or cookie notice alongside the Privacy Policy.

11. How long we keep personal data

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods may depend on:

  • whether you have an active account
  • the length of the customer or seller relationship
  • legal, tax, and accounting obligations
  • dispute resolution needs
  • fraud prevention and security needs

When data is no longer needed, we will delete it, anonymize it, or securely store it only where legally required.

The GDPR’s storage limitation principle requires personal data not to be kept longer than necessary for the purposes for which it is processed.

12. Sharing personal data

We may share personal data with:

  • marketplace sellers
  • payment service providers
  • hosting and cloud service providers
  • website and IT service providers
  • analytics providers
  • delivery and logistics providers
  • professional advisers such as lawyers or accountants
  • public authorities where legally required
  • fraud prevention or security partners

Where third parties act as processors on our behalf, GDPR requires appropriate contractual arrangements and instructions governing that processing.

13. International data transfers

If personal data is transferred outside the European Economic Area (EEA), we will take steps to ensure appropriate safeguards are in place, as required by applicable law. These may include:

  • adequacy decisions
  • standard contractual clauses
  • other lawful transfer mechanisms

If your service providers are all EU/EEA-based, this section can stay short. If you use non-EU tools like some analytics, email, or hosting services, it becomes more important.

14. Data security

We use appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, misuse, alteration, or disclosure.

These measures may include:

  • secure hosting
  • access controls
  • password protection
  • encryption where appropriate
  • internal access limitations
  • monitoring and security logging

No method of transmission or storage is completely risk-free, but we take reasonable steps to protect personal data.

15. Your rights

Under the GDPR, individuals may have the following rights, subject to legal limits and exceptions:

  • the right to be informed
  • the right of access
  • the right to rectification
  • the right to erasure
  • the right to restriction of processing
  • the right to data portability
  • the right to object
  • rights related to automated decision-making and profiling, where applicable

The European Commission’s GDPR guidance lists these rights as core rights of individuals under the regulation.

To exercise your rights, please contact us at:
info@prinvent.com

We may need to verify your identity before responding to your request.

16. Complaints

If you believe your personal data has been processed unlawfully, you have the right to lodge a complaint with the relevant supervisory authority.

In Latvia, the supervisory authority is the Data State Inspectorate (Datu valsts inspekcija).

You may also contact us first and we will try to resolve your concern.

17. Children’s privacy

Prinvent Marketplace is not intended for children who are too young to legally use ecommerce services without appropriate consent or supervision under applicable law. We do not knowingly collect personal data from children in violation of applicable legal requirements.

If you believe a child has provided personal data unlawfully, please contact us so we can investigate and take appropriate action.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • changes in law
  • changes in the platform
  • changes in how we process personal data
  • security or operational updates

The latest version will always be posted on the website with the updated effective date.

19. Contact

If you have questions about this Privacy Policy or about how personal data is handled on Prinvent Marketplace, please contact:

Prinvent Marketplace
SIA ROICAVE

40203530697
Rīga, Ormaņu iela 15 – 6, LV-1002
Email: info@prinvent.com