Privacy Policy

Last updated: January 29, 2026

Introduction

LumenFjord Consulting ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us.

We adhere to the General Data Protection Regulation (GDPR) and Latvia's Personal Data Processing Law. We encourage you to read this Privacy Policy carefully to understand our practices regarding your personal data.

Information We Collect

We collect personal information that you voluntarily provide to us when you:

  • Fill out forms on our website
  • Register for consulting services
  • Subscribe to our newsletter
  • Request information about our services
  • Participate in surveys or promotions
  • Contact us via email, phone, or other means

The personal information we may collect includes:

  • Contact Information: Name, email address, phone number, business address
  • Business Information: Company name, job title, industry
  • Communications: Emails, letters, calls, and messages between you and us
  • Technical Information: IP address, browser type, device information, pages visited on our website
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy for more details)

How We Use Your Information

We use your personal information for the following purposes and legal bases:

Purpose Legal Basis Retention Period
Providing our services
To deliver consulting services, manage our relationship with you, and fulfill our contractual obligations 		Performance of a contract Duration of the contract plus 5 years for legal claims
Responding to inquiries
To answer questions, provide information, and respond to requests 		Legitimate interests and pre-contractual measures 3 years from last communication
Marketing communications
To send newsletters, updates, and promotional materials about our services 		Consent (which can be withdrawn at any time) Until consent is withdrawn or 3 years from last interaction
Improving our services
To analyze usage patterns, enhance website functionality, and develop new offerings 		Legitimate interests 3 years from collection
Legal compliance
To comply with legal obligations, resolve disputes, and enforce agreements 		Legal obligation As required by applicable law (typically 5-10 years)

Disclosure of Your Information

We may share your personal information with the following categories of recipients:

  • Service Providers: Third-party vendors who perform services on our behalf, such as website hosting, IT services, and email delivery
  • Professional Advisors: Lawyers, accountants, auditors, and insurers who provide legal, financial, and compliance services
  • Business Partners: Strategic partners with whom we jointly offer services or engage in marketing activities (only with your prior consent)
  • Legal Authorities: Government bodies, regulators, and law enforcement agencies when required by law

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes.

International Transfers

We primarily process personal data within the European Economic Area (EEA). However, some of our service providers may be located outside the EEA. Whenever we transfer your personal data outside the EEA, we ensure a similar degree of protection by implementing at least one of the following safeguards:

  • Transferring data to countries that have been deemed to provide an adequate level of protection by the European Commission
  • Using specific contracts approved by the European Commission (Standard Contractual Clauses)
  • For US-based providers, working with those who are certified under the EU-US Privacy Shield Framework

Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These measures include:

  • Encryption of sensitive data
  • Secure access controls and authentication procedures
  • Regular security assessments and vulnerability testing
  • Staff training on data protection and security practices
  • Data breach response procedures

Your Data Protection Rights

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:

Right of Access

You can request a copy of the personal data we hold about you and check we are lawfully processing it.

Right to Rectification

You can request correction of incomplete or inaccurate personal data we hold about you.

Right to Erasure

You can request deletion of your personal data in certain circumstances, such as when the data is no longer necessary.

Right to Restriction

You can request restriction of processing of your personal data in certain circumstances.

Right to Data Portability

You can request transfer of your personal data to you or a third party in a structured, machine-readable format.

Right to Object

You can object to processing of your personal data where we rely on legitimate interest or for direct marketing.

To exercise any of these rights, please contact us at privacy@amberltsystems.com. We may need to request specific information from you to confirm your identity and ensure your right to access your personal data. We aim to respond to all legitimate requests within one month.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities on our website. Cookies help us analyze website traffic, customize our services, and deliver targeted advertisements.

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. Please note that if you disable or refuse cookies, some parts of our website may become inaccessible or not function properly.

For detailed information about the cookies we use and how you can manage them, please see our Cookie Policy.

Children's Privacy

Our website and services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe we may have collected information about a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

LumenFjord Consulting
Sporta iela 11
Vidzemes priekšpilsēta
Rīga, LV-1013
Latvia

Email: privacy@amberltsystems.com
Phone: +371 6778 3333

Complaints

You have the right to make a complaint at any time to the Data State Inspectorate (DSI), Latvia's supervisory authority for data protection issues (www.dvi.gov.lv). However, we would appreciate the chance to deal with your concerns before you approach the DSI, so please contact us in the first instance.