Terms and Conditions

Distance Contract

The legislation of the Republic of Latvia requires online stores to define delivery and return conditions, as well as the right of withdrawal. These terms are referred to as a distance contract, which regulates the mutual obligations and responsibilities of the Seller and the Buyer (as per Cabinet of Ministers regulations).

This distance contract is concluded between the seller of goods offered in this online store, hereinafter referred to as the Seller, and the person placing the order, hereinafter referred to as the Buyer:

1. Seller's obligations: The Seller undertakes to sell and deliver the goods to the Buyer according to the order placed by the Buyer.
2. Buyer's obligations: The Buyer agrees to pay for the goods in a timely manner and accept delivery according to the specified terms.

Order, Payment, and Delivery Conditions

1. Placing an order: The Buyer places an order by selecting the desired goods and specifying the required quantity.
2. Payment method: The Buyer can pay for the goods using the payment options available in the online store or by paying an electronic invoice sent to the provided email address. The invoice is valid without a signature.
3. Delivery timeframe: The Seller ensures the delivery of goods within 20 calendar days from receiving payment, unless otherwise specified in the product description.

Right of Withdrawal

1. Right to withdraw: The Buyer has the right to withdraw from the order within 14 calendar days of receiving the goods. To exercise this right, the Buyer must send a withdrawal notice to the Seller.
2. Return of goods: The Buyer must return the goods to the Seller within 7 days of sending the withdrawal notice.
3. Return costs: The Buyer bears the return costs unless the goods are damaged or incorrect.

The Buyer cannot exercise the right of withdrawal if:

• The goods are made to the Buyer's specifications or are custom-made;
• The goods are perishable or have a short expiration date;
• The packaging of audio, video recordings, or computer software has been opened.

Responsibility for the Condition of Goods

According to the Consumer Rights Protection Law of the Republic of Latvia, Article 12, Section 6, "the consumer is responsible for maintaining the quality and safety of the goods during the withdrawal period." If the goods are damaged or the packaging is significantly damaged, the Seller reserves the right to reduce the refund amount or reject the return.

Data Processing

1. Use of personal data: By placing an order, the Buyer agrees that their data will be used for order processing and delivery in compliance with the applicable laws of the Republic of Latvia.
2. Notifications: The Buyer agrees to receive information related to their order at the provided email address.
3. Privacy policy: For more details on data processing, please refer to our Privacy Policy.

Other Terms

1. Force majeure: The Seller is not responsible for delivery delays or non-fulfillment caused by extraordinary or unforeseen circumstances beyond the Seller's control (e.g., natural disasters, strikes, or logistical issues).
2. Responsibility for errors: The Buyer is responsible for verifying the provided information to avoid delivery issues.
3. Dispute resolution: All disputes are resolved in accordance with the laws of the Republic of Latvia.

Privacy Policy — kidzkiosk.eu

Last updated: 15 October 2025

1) Controller and contacts

Controller: Luula Ltd.
Address: Ezeru laukuma 1, Talsi, LV-3201, Talsu novads, Latvia
VAT No.: LV41203064310
Phone: +371 29103187
Email (privacy & support): [email protected]
Contact person: Kalvis Sokolovs (all data-related matters)

Supervisory authority: Data State Inspectorate of Latvia (Datu valsts inspekcija) — dvi.gov.lv

2) Applicable laws

We process personal data in line with the EU General Data Protection Regulation (GDPR), the Latvian Personal Data Processing Law, and other applicable EU/Latvian legislation (including e-privacy, consumer protection, accounting and tax laws).

3) What data we process

• Order data: name, surname, delivery/billing address, email, phone, order history, invoice details, payment status (we do not see full card numbers).

• Customer support: the content of your messages and attachments, request history.

• Accounts & marketing (if used): email, password (hashed), preferences, consent logs, newsletter open/click statistics.

• Technical data: IP address, device/browser identifiers, server logs, cookies and similar technologies.

• Payment data: transaction IDs, payment method, acquirer/issuer authorisation responses.

4) Purposes and legal bases (GDPR Art. 6)

• Contract performance: accept, charge and deliver your order; returns and warranty.

• Legal obligations: invoicing, tax/accounting, responses to public authorities.

• Legitimate interests: IT and account security, fraud prevention, handling claims and legal defense, minimal direct marketing to existing customers.

• Consent: newsletters, marketing cookies/pixels, campaigns and giveaways. You may withdraw consent at any time.

5) Children’s data

Our products are for children, but we do not provide digital services directly to children without parental consent. In Latvia, a child’s valid digital-service consent applies from age 13. For users under 13, we require parent/guardian consent. If we learn data was collected without the required consent, we will delete it.

6) Cookies and similar technologies

We use cookies to run the website and improve your experience. Categories:

• Necessary: cart, checkout flow, authentication, security (includes technical cookies set by the Mozello platform).

• Statistics: Google Analytics 4 (with IP anonymisation) to understand site usage and performance.

• Marketing (with consent): e.g., Meta Pixel and Google Ads tags for remarketing.

You can manage your choices via our cookie banner and your browser settings. A detailed, always-up-to-date list of cookies and lifetimes is provided in our separate Cookie Policy.

7) Recipients and processors

We share data only as necessary for the purposes above and under appropriate safeguards:

Website & hosting

• Mozello — site platform/hosting and technical operation.

Payments

• Stripe Payments Europe — card payments (and Apple/Google Pay, where available).

• EveryPay — card payments and e-commerce payment gateway.

• Bank transfers — to Luula Ltd. accounts at commercial banks.

Delivery

• Eedex, DHL, Latvijas Pasts, DPD — for shipping your order (name, address, contact, parcel info).

Analytics & marketing

• Google Analytics 4 / Google Ads (statistics and ad measurement — based on consent).

• Meta (Facebook/Instagram) Pixel (remarketing — based on consent).

Other

• IT maintenance/service providers, debt collection/insolvency and legal advisors (only if needed for claims and legal defense).
  We have data processing agreements with processors as required by GDPR Art. 28.

8) How long we keep data

• Orders & invoices: up to 10 years (to meet accounting/tax and statutory requirements).

• Customer support: up to 3 years after the last interaction, or longer if related to warranty/claims.

• Marketing consents & logs: until withdrawal, plus up to 2 years for evidence purposes.

• Accounts (if any): until account deletion, plus up to 12 months in backups.

• Security logs: up to 12 months, unless needed longer for incident investigation.

9) International transfers

Some providers (e.g., Stripe, Google, Meta) may transfer data outside the EEA. Where this occurs, we rely on GDPR Art. 46 safeguards (e.g., Standard Contractual Clauses (SCCs)) and apply additional measures (encryption, minimisation). Detailed information is available on request at [email protected].

10) Security

We apply appropriate technical and organisational measures: TLS/HTTPS, role-based access control, password hashing, data minimisation, backups and incident response. In case of a personal data breach, we act in line with GDPR Arts. 33–34 (notifications to the authority and, where applicable, to individuals).

11) Your rights

Under GDPR Arts. 12–22, you have the right to:

• access your data and receive a copy;

• rectify inaccurate data;

• request erasure (“right to be forgotten”);

• restrict processing;

• object to processing, including direct marketing;

• receive your data in a portable format;

• withdraw consent at any time (does not affect prior processing);

• lodge a complaint with the Data State Inspectorate of Latvia.
  We normally respond within 30 days. We may need to verify your identity.

12) Automated decision-making

We do not make automated decisions or perform profiling that produces legal effects or similarly significant impacts on you. If we introduce such processing, we will provide clear prior information about the logic, significance and envisaged consequences.

13) Communications and marketing

With your consent, we will send newsletters and offers. You can unsubscribe at any time using the link at the end of each email or by writing to [email protected]. We may send minimal information about similar products to existing customers based on our legitimate interest; you can object at any time.

14) Third-party links

Our site may contain links to third-party websites (e.g., carriers, banks, social networks). Those sites are governed by their own privacy policies.

15) Changes to this policy

We may update this policy from time to time. For material changes, we will notify you on the website and/or by email. The last updated date is shown at the top of this document.

Quick notes tailored to kidzkiosk.eu

• Platform: Mozello (CMS/hosting). If Mozello sets additional technical cookies, list them in the Cookie Policy.

• Payment wording for your site: “We accept card payments (processed by Stripe and EveryPay) as well as bank transfers.”

• Recommendation: keep a separate Cookie Policy page with a cookie table (name, purpose, provider, lifetime).

• Consent banner: allow granular consent for Statistics and Marketing categories and the ability to change choices any time (“Manage cookies”).