PRIVACY POLICY

SIA LENIS J · homefrontguides.com · Last Updated: May 20, 2026

At a Glance

This Privacy Policy explains how SIA LENIS J collects, uses, stores, shares, and protects your personal data when you visit our website, purchase our digital products, or interact with us.

Who we are: SIA LENIS J, registered in the Republic of Latvia, EU. Data Controller.

What we collect: Name, email, billing address, payment reference, IP address, browser/device data, usage data.

Why we collect it: To deliver products, process payments, send service communications, improve our website, and comply with legal obligations.

Legal bases: Contract performance, legal obligation, legitimate interests, and consent, GDPR Article 6.

Who we share with: Payment processors, email platform, analytics providers — never sold or rented to third parties.

Retention: Financial records: 7 years. Marketing email: until you withdraw consent. Analytics: up to 26 months.

Your rights: Access, rectification, erasure, portability, restriction, objection, and supervisory authority complaint.

Supervisory authority: Datu valsts inspekcija (DVI), dvi.gov.lv

Contact: support@homefrontguides.com

1. Who We Are and How to Contact Us

SIA LENIS J is a company registered in the Republic of Latvia ("Company", "we", "us", "our") and is the data controller for personal data collected through this website.

Registered address: Jaunceltnes iela 45 - 5, Aizkraukle, Aizkraukles nov., LV-5101, Latvia. Company registration number: 45403049429.

Contact for data protection matters: support@homefrontguides.com. We respond to all data subject requests within 30 days.

Supervisory Authority: If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Latvian Data State Inspectorate, Datu valsts inspekcija, DVI: dvi.gov.lv, Elijas iela 17, Riga, LV-1050, Latvia.

2. Personal Data We Collect

2.1 Data You Provide Directly

We collect data you provide when you: purchase digital products; sign up to our mailing list; contact us via email or any form.

Categories collected: first name, last name, email address, billing address, country of residence, payment transaction reference. We do not store your full payment card number, CVV, or bank account details — these are handled entirely by our payment processor.

2.2 Data Collected Automatically

When you visit our website, we automatically collect: IP address; browser type, version, and language; operating system; pages visited, time and date, session duration; referring website; cookie and session identifiers.

If we use session recording tools such as Microsoft Clarity, we will also collect interaction data including mouse movements, clicks, scrolls, and page navigation patterns. This data is processed in anonymised or pseudonymised form where possible.

2.3 Payment Data

Payments are processed by our third-party payment processor. We receive only a transaction confirmation reference and your billing address for record-keeping. We do not receive, process, or store your full card details.

We use Stripe, Inc. to process all payments. Stripe’s privacy policy: stripe.com/privacy. Stripe acts as an independent data controller for fraud prevention purposes.

3. Why We Process Your Data — Purposes and Legal Bases

Under GDPR Article 6, we must have a lawful basis for each processing purpose:

Delivering purchased digital products: Contract performance, Art. 6(1)(b)
Processing payments and issuing purchase records: Contract performance and legal obligation, Art. 6(1)(b) and (c)
Order confirmations and customer support: Contract performance, Art. 6(1)(b)
Sending marketing emails to opted-in subscribers: Consent, Art. 6(1)(a). Consent can be withdrawn at any time by clicking unsubscribe or contacting us.
Website analytics and product improvement: Legitimate interests, Art. 6(1)(f): our interest in understanding how our website is used to improve it. This processing does not override your rights.
Fraud detection and account security: Legitimate interests, Art. 6(1)(f)
Financial record-keeping and tax compliance: Legal obligation, Art. 6(1)(c), including 7-year retention under Latvian accounting law
Compliance with legal orders, court processes, or regulatory requests: Legal obligation, Art. 6(1)(c)

4. Who We Share Your Data With

We do not sell, rent, or trade your personal data. We share data only where necessary, with the following categories of recipients, each bound by confidentiality obligations and, where required by GDPR Article 28, a Data Processing Agreement (DPA):

4.1 Payment Processors

We share your billing information with our payment processor to complete your transaction securely. Our payment processor acts as a data processor on our behalf and as an independent controller for fraud prevention. They are bound by their own privacy policy and PCI-DSS security standards.

Stripe, Inc. (USA): stripe.com/privacy. Transfers to the USA are made under Standard Contractual Clauses.

4.2 Email and Marketing Platform

We share your name and email address with our email platform to send order confirmations, product delivery emails, and, where you have consented, marketing communications. Data shared: name, email address, purchase history for segmentation. Data is processed under a DPA. If the provider is US-based, transfers are made under Standard Contractual Clauses.

4.3 Analytics Providers

Microsoft Corporation (USA): We use Microsoft Clarity for session analysis. Microsoft processes interaction data including anonymised session recordings. Transfers to the USA are made under Standard Contractual Clauses. Privacy policy: privacy.microsoft.com.

4.4 Advertising Platforms

Meta Platforms, Inc. (USA): Where we run Facebook or Instagram advertising, Meta may process data via the Meta Pixel for campaign measurement and retargeting. Transfers to the USA are made under Standard Contractual Clauses. Privacy policy: facebook.com/policy. Opt out: facebook.com/settings?tab=ads.

4.5 Legal, Professional, and Government Recipients

We may share your data with legal or accounting advisors where necessary for business operations or compliance. We may disclose data to government agencies, courts, regulators, or law enforcement where required by applicable law, legally binding court order, or regulatory process, or where necessary to establish, exercise, or defend our legal rights.

4.6 Business Transfers

If SIA LENIS J is acquired, merged, or restructured, your personal data may be transferred as part of that transaction. We will notify you in advance where required by applicable law.

5. International Data Transfers

Our primary operations are based in Latvia, EU. Some of our third-party processors are located in the United States or other countries outside the EU/EEA. Where we transfer personal data outside the EU/EEA, we ensure one of the following safeguards applies:

Standard Contractual Clauses (SCCs) approved by the European Commission, used with Meta, Stripe, and most US-based SaaS providers
EU adequacy decision for the recipient country
Other appropriate safeguards under GDPR Article 46

You may request a copy of the relevant transfer safeguards by contacting us at support@homefrontguides.com.

6. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law:

Purchase and financial records: name, address, transaction reference: 7 years from transaction date, as required by Latvian accounting law, Grāmatvedības likums.
Email address for marketing: until you withdraw consent or request deletion, whichever is earlier.
Website analytics data: as set by the analytics provider.
Customer support correspondence: 3 years from the date of last interaction.
Legal hold: where data is subject to a legal dispute, regulatory inquiry, or court order, it will be retained for the duration of that process regardless of the above periods.

On expiry of the applicable retention period, data is securely deleted or irreversibly anonymised.

7. Cookies

We use cookies and similar technologies on our website. For full details including the specific tools we use, how consent is obtained, and how to manage your preferences, please refer to our Cookie Policy at homefrontguides.com/cookies.

8. Your Rights Under GDPR

If you are in the EU or EEA, you have the following rights. These rights are not absolute and may be subject to limitations under applicable law, which we will explain if relevant to your request:

Right of access (Article 15): request confirmation of whether we process your data, and a copy of the data we hold.
Right to rectification (Article 16): request correction of inaccurate or incomplete data.
Right to erasure (Article 17): request deletion of your data where it is no longer necessary, where consent is withdrawn, or where processing is unlawful.
Right to restriction of processing (Article 18): request that we limit how we use your data in certain circumstances.
Right to data portability (Article 20): receive your data in a structured, commonly used, machine-readable format and transfer it to another controller.
Right to object (Article 21): object to processing based on legitimate interests, including for direct marketing purposes.
Right to withdraw consent: where processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of prior processing.
Right not to be subject to automated decision-making: we do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.

To exercise any right: email support@homefrontguides.com with your request and enough information to verify your identity. We respond within 30 days. Complex requests may take up to 90 days; we will notify you if this applies.

If you are not satisfied with our response, you have the right to lodge a complaint with the Latvian Data State Inspectorate, Datu valsts inspekcija, DVI: dvi.gov.lv, Elijas iela 17, Riga, LV-1050, Latvia. You may also lodge a complaint with the supervisory authority in your country of residence if you are outside Latvia.

9. Children’s Privacy

Our website and products are intended for adults aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected data from a minor, we will delete it promptly. If you believe we hold data about a minor, contact us at support@homefrontguides.com.

10. Security

We implement appropriate technical and organisational security measures to protect your personal data, including: HTTPS encryption for all data in transit; access controls limiting data access to authorised personnel; regular security reviews of our systems and processors.

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we will notify you without undue delay if a personal data breach occurs that is likely to result in a high risk to your rights and freedoms, as required by GDPR Article 34.

11. Limitation of Liability for Third-Party Processing

To the maximum extent permitted by applicable law, SIA LENIS J accepts no liability for the data processing activities of third-party processors beyond the safeguards described in this policy. Your interactions with third-party services are governed by their own terms and privacy policies. You are encouraged to review the privacy policies of any third-party service before submitting personal data to them.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email to registered customers or by a prominent notice on our website. The "Last Updated" date reflects the current version. Continued use of the website after material changes are posted constitutes acceptance.

```