We use cookies on our Website to process technical data, including web server address used by the Customer, its domain name, web browser used, IP address, selected settings, activities performed on the Website or the Application for the purpose of provision of services and maintenance of the Website and the Application.

Cookies are small text files that a web browser (such as Internet Explorer, Google Chrome, Firefox, or Safari) saves on your computer or mobile phone. A cookie does not directly contain any personal information about you and cannot be used to directly identify individual users, but it can provide information about your habits and preferences. Cookies can be seen as a way for a website to gain memory that allows it to recognize a user and react appropriately.

For most browsers, you can indicate that you do not want to receive cookies at all or only from a specific website. All modern browsers allow you to change the settings for receiving cookies. These settings are usually available in the browser options or preferences menu.

We use Google Analytics services. You can opt out of using them by downloading and installing the add-on Google Analytics Opt-out Browser Add-on.

For more general information about cookies and how to manage them, please read the information at



NORTHMED GROUP mostly processes data necessary for performance of the Contract. We process such Personal Data that you have provided to us via different online or offline sources, including when you use the Website, contact us through social networks, participate in loyalty programmes and in other ways.

Personal Data that is necessary for execution and performance of the Contract is Personal Data that is included in the Contract and the Invoice and may be, for example, full name of the Customer, his/her contact information, payment information, Contract data (Products purchased, their quantity, price and time of purchase) as well as communication between the Client and NORTHMED GROUP regarding the Order.



In order to provide the Service under which the Contract with the Customer is concluded and performed, we process such Personal Data that is necessary for conclusion and performance of the Contract, including information necessary for resolution of any issues that may arise during the performance of the Contract.

Processing of Personal Data is based on the conclusion and performance of the Contract and compliance with protection of interests and rights of both parties in case of a dispute as well as to ensure fulfilment of business and accounting obligations.

If you fail to provide your Personal Data though its processing is necessary for the conclusion and performance of the Contract or pursuant to the laws and regulations, we cannot provide the Service.



We may email you marketing materials containing information on our actions, novelties and other information not related to the performance of the Contract and provision of Services, based on your consent that you may withdraw at any time.

When preparing marketing materials, we use profiling to ensure that the offer we make is custom-made based on the Service data, namely, our Services you have used previously and/or Products you have purchased.

We process your Personal Data until you withdraw the consent to receive marketing materials or when the necessity to keep evidence that consent has been received is no longer in force. If you withdraw your consent, we no longer send you any notices, but we may keep evidence that you have given such consent.

Withdrawing consent for receiving marketing materials does not affect the consent given to process information obtained through cookies.



All information provided to us by the Customer is not available to any Third Party unless such disclosure of Personal Data has legal base. We may transfer your Personal Data to the Third Parties providing, for example, postal, delivery, accounting, and IT services, for the provision of such services. In certain cases, we may be obligated to disclose Personal Data of the Customer to the Competent Authorities based on a justified request regulated by the legislation of Republic of Latvia.

For all purposes of processing of Personal Data of the Customer, such data is obtained and processed by NORTHMED GROUP and our cooperation partners that provide, in addition to the foregoing, communication, banking, legal and other services. As specified above, in the cases specified by law, NORTHMED GROUP is obligated to disclose the Customer’s Personal Data to the Competent Authorities.



All Customer related information is maintained as evidence confirming the identity of the Customer, conclusion of the Contract and provision of Services and is kept until the fulfilment of the Contract, the Personal Data is no longer necessary to provide Services, or the Personal Data storage timeframe applicable to NORTHMED GROUP expires.

For the purpose of evidence of the conclusion and performance of the Contract, Customer’s Personal Data is stored for at least 3 (three) years of the date of performance or termination of the Contract. Certain Personal Data can be stored for a longer period to fulfil other legal obligations we have as established by the Competent Authorities or to exercise our rights.

For accounting purposes, we store the Customer’s Personal Data related to the concluded and fulfilled Contract or provision of Services for no less than 5 (five) years of the date of fulfilment of the Contract or provision of Services.

We store information regarding Customer’s consent to processing of his/ her Personal Data as evidence for at least 5 (five) years of the date when such consent is revoked, as per the Personal Data Processing Law.



Personal Data we have collected is stored inside the European Economic Area (EEA), which is considered a safe place and ensures such security level that conforms to our standards. All information the Customer has provided to us is stored securely on our servers or on servers we control. The information is encrypted and protected by technical means thus raising data security.

We ensure that only those persons that are directly connected with the performance of the Contract or provision of Services have the access to Customer’s personal information and scope of information available is only to the extent this is necessary for performance of job obligations by such person. This is achieved through technical solutions and physical access rights, as well as proper training and education of our employees who take appropriate safeguards.



We respect your rights to access, manage and control your Personal Data that NORTHMED GROUP processes. NORTHMED GROUP provides you with an option to rectify certain Personal Data through NORTHMED GROUP Website.

Once we receive the Customer’s request to exercise any of the rights listed below, we will review the Customer’s request and provide a response without undue delay and in any event within 1 (one) month of receipt of the request.

Should you wish to exercise any of the rights listed below, you can do so by submitting a request in one of the following ways:

·    by sending request signed by safe electronic signature to

We reserve the right to request additional information from the Customer to verify the identity of the person and to protect your Personal Data from being disclosed to unauthorised persons. The Customer has the right to access his/ her Personal Data free of charge.

The Customer is entitled to receive information on whether or not we process his/ her Personal Data, and, if we process said Personal Data, request a copy of the Customer’s Personal Data undergoing processing and information on the manner of processing of data.

The Customer is entitled to request that we rectify his/ her inaccurate or incorrect Personal Data. We also provide the Customer with the option to rectify his/ her Personal Data on our Website; however, not all Personal Data may be rectified through this channel. We will verify that the amended Personal Data is true and accurate.

The Customer is entitled to request that we erase the his/ her Personal Data, but we reserve the right to reject the request to erase the Customer’s s Personal Data if there is a legitimate or legal ground for doing so, for example, to comply with a legal obligation which requires processing, to establish, exercise or defend legal claims, or for statistical purposes, providing appropriate technical and organisational security measures.

The Customer is entitled to request that we restrict the processing if there are legitimate grounds for that. Upon restricting the processing of the Customer’s Personal Data, NORTHMED GROUP will only process the Customer’s Personal Data after receiving consent from the Customer, or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important interest of NORTHMED GROUP. This does not apply to storing of Personal Data.

The Customer is entitled to object to the processing of his/ her Personal Data if related to direct marketing or which is based on NORTHMED GROUP legitimate interests but given the particular situation or overriding reasons, the Customer wants to object to processing on this ground.

The Customer is entitled to request that we receive and transfer his/ her Personal Data to the Customer or another data controller. The Customer can exercise this right insofar as the data has been provided by the Customer based on consent or the Contract and the processing is carried out by automated means. Such right also applies to, for example, activity logs, history of website usage.

The Customer is entitled to withdraw previously given consent at any time. However, this will not affect the lawfulness of any processing carried out before the Customer withdraws his/ her consent. This right applies to receiving marketing notices from us.

In case of any uncertainty related to processing of your Personal Data, you are welcome to contact us and we will seek to provide you with an answer or find a solution to your issue. However, if you believe we cannot find the solution, the Customer is entitled to submit a complaint to the national personal data protection authority regarding data processing activities conducted by NORTHMED GROUP.

Contact information of the national personal data protection authority of the Republic of Latvia:

Data State Inspectorate, Blaumaņa street 11/13-15, Riga LV-1011, Latvia, phone: +371 67223131, email:

You may contact us any time and obtain additional information on processing activities.

Our contact information:

·    address: Dzukstes Str.3,  Riga,  LV 1004, Latvia

·    email address:



We have the right to make changes to the Privacy Policy at any time by posting them on the Website. Any version of the Privacy Policy that is published on the Website replaces all previous versions of the Privacy Policy and takes effect immediately upon its posting on the Website.

Current version: 26.01.2024.