Documents and fees

  • Personal Data Protection Policy

      NOTE: the present text is the translation from Latvian. In case of a discrepancy between the Latvian and the English version, the Latvian version of the Policy shall prevail.

      This document describes how SIA "Transact Pro" (hereinafter also referred to as the 'Company' or 'we') processes the personal data of its customers - natural persons, as well as third parties involved in the provision of the Company's Services, for instance, representatives, shareholders or beneficial owners (hereinafter also referred to as 'you') of customers that are legal entities.

      This our Personal Data Privacy Policy is effective as of 25 May 2018.


      Controller is SIA "Transact Pro" (unified registration number: 41503033127, legal and postal address: Gustava Zemgala gatve 76, Riga, LV-1039) - an electronic money institution in the meaning of the Law on Payment Services and Electronic Money, with the right to provide payment services.

      Customer is a natural person who uses or has expressed the intention of using the Service.

      Service is any service provided by the Company.

      Personal Data is any information related to an identified or identifiable natural person. An identifiable natural person is a person who can be identified either directly or indirectly in particular by reference to an identifier such as a name, surname, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

      Processing of Personal Data is any operation or set of operations performed with Personal Data, for example, collection, registration, organisation, structuring, storage, adjustment or modification, recovery, viewing, use, disclosure by transferring, distributing or otherwise making the data available, coordination or combination, restriction, deletion or destruction thereof.

      GDPR is the General Data Protection Regulation No 2016/679 of the European Parliament and of the Council (EU).


      This Personal Data Privacy Policy has been developed in order to help you learn what information we collect in case you use, have used or have expressed the intention of using or interest in using the Services, why we collect such Personal Data from you and how you can update, manage and delete your Data.

      When processing Personal Data, the Company undertakes to protect the privacy of the Personal Data.

      The Company processes Personal Data in order to provide financial services.

      When using our Services or expressing the intention to use our Services, you agree to the conditions of this Personal Data Privacy Policy. If you disagree with the conditions of this Personal Data Privacy Policy, we will not be able to provide our Services to you.

      The Company processes Personal Data in Riga, Latvia. Data processing and storage (including backup) takes place within the European Union.

      The Company's processing of Personal Data is registered with the Data State Inspectorate (certificate No 002160, processing registration No 001912).

      This Personal Data Privacy Policy is not a legally binding agreement between the Company and the Customer; it provides our guidelines for Personal Data processing and protection.

      The Company's processing of Personal Data is subject to the GDPR, as well as other Personal Data protection laws and regulations in force in Latvia.


      Exactly what Personal Data is processed depends on the type of Services you use and your relationship with the Company.

      In order to ensure the provision of the Services and to improve those Services, the Company shall collect information, such as:

      1. identifying information, e.g. name, surname, date of birth, gender, personal identifier (personal identity number), passport data, citizenship, photograph;
      2. contact information, e.g. telephone number, e-mail address, address;
      3. digital footprint during access, e.g. the IP network address used for access, time and date of access, information about the web browser used for access;
      4. information regarding location, e.g. during access according to the IP address or during payment according to the location of the ATM used;
      5. financial information, e.g. salary and other income;
      6. professional data, e.g. education, position, employer information;
      7. information regarding family, e.g. marital status;
      8. special categories of Personal Data, e.g. criminal record data;
      9. video surveillance data, e.g. video recordings in our premises;
      10. 10. voice recordings, e.g. voice recordings of telephone calls;
      11. 11. other personal data the collection of which might be necessary to render Services or in accordance with the requirements of the applicable regulations.

      Except when directly required by the law, we do not process special categories of Personal Data, i.e. data revealing your race or ethnicity, political views, religious or philosophical convictions, participation in trade unions, or the genetic or biometric data of the data subject in order to perform a unique identification of a natural person, health data or data regarding the sexual life or sexual orientation of a natural person.


      The Company usually collects Personal Data directly from the person the data is related to.

      For example, if you:

      • apply for Services (e.g. apply to open an account);
      • use the Services (e.g. use a debit card);
      • contact the Company (e.g. visit our home page on the Internet or give us your contact information for some reason).

      In some cases, the Company obtains Personal Data from other individuals who are not data subjects, e.g. when a parent applies for a Service that applies to his child, or when legal entities apply for Services in relation to their employees. In such cases, we request the data subjects to be informed regarding disclosure of their Personal Data to the Company, as well as regarding the purposes of such processing of Personal Data and the content of the Personal Data Privacy Policy.

      Personal Data may also be provided to the Company by third parties upon the request of the Customer.

      The Company may also receive Personal Data when signing various agreements, wherein the other contractual party or representative of the contractual party may not be the Customer, or from other external sources, e.g. public registers, state authorities and other sources, if it is in our legitimate interests or in cases specified by the applicable laws and regulations.


      We use collected Personal Data for:

      Provision of Services - we use your Personal Data in order to provide Services. It would not be possible to provide Services without the use of your Personal Data.

      For protection of your and our legitimate interests - we use Personal Data in order to improve the trustworthiness of our Services and to protect your legitimate interests, as well as those of the Company and of society.

      For compliance with the requirements of the law - we also use Personal Data in cases when required to do so by the applicable laws and regulations. In order to comply with the requirements of the law in the area of the prevention of money laundering and the financing of terrorism, we have to know, for example, the sources of your income or if you are a politically exposed person or associated with such a person, as well as your country of tax residence. We also have a duty to provide reports to state authorities, e.g. to the State Revenue Service or other supervisory and control institutions. The data included in our report will depend on the requirements of the applicable laws and regulations.

      To provide security - we use your Personal Data in order to improve the security of our Services.

      To improve our Services - we also use your information in order to develop and improve our Services.

      To develop new Services -we use the information collected within the framework of current Services in order to develop new Services.

      To assess performance and other technical parameters of the Service - we use Personal Data for analysis in order to understand how our Services are being used.

      To contact you - we use the information collected, e.g. your e-mail address, in order to contact you directly.

      Prior to the use of your Personal Data for a purpose that is not mentioned in this Personal Data Privacy Policy, we will ask for your consent.


      Within the Company, your Personal Data is accessible only to authorised personnel, as well as to third parties engaged by the Company and other individuals who have been granted or authorised to have such access by the applicable laws and regulations. If the third parties process Personal Data on behalf of the Company, we involve only such third persons, who provide sufficient guarantees that the technical and organisational methods involved in the processing comply with the requirements of the GDPR and applicable laws, and also ensure the protection of your rights. Processing operations performed by such third-party processors will always be governed by the Privacy and Data Processing Agreement or other special terms and conditions agreed upon between the Company and the processor.

      Due to the nature of the Services that we provide, it is necessary to share the Personal Data of Customers in order to conduct our everyday business, i.e. process transactions, maintain Customer accounts and provide reports to state authorities.

      When processing data for the above-mentioned purposes, we do not disclose Personal Data to third parties outside the Company except in the following cases:

      • to the Company's partners, e.g. partners with which the Company offers joint products and Services, or participants in the SWIFT or SEPA payment systems, and international payment card systems for execution of a Customer's financial transactions;
      • to state authorities for the execution of their functions required by law;
      • to authorised auditors, legal and financial advisers;
      • to Personal Data processors hired by the Company and that provide support for the provision of the Company's Services - we transfer Personal Data to our contractors and commission them to process the information on our behalf, taking into account our instructions and in accordance with the Personal Data Privacy Policy, as well as in compliance with any other applicable privacy and security measures;
      • to credit institutions and financial institutions;
      • to managers of public registers;
      • to officers of the court;
      • to debt recovery companies, credit history research (credit information) offices and other third parties to which the Company may assign its rights and obligations.

      Prior to disclosing Personal Data to parties that are not mentioned above in this Personal Data Privacy Policy or to which the disclosure of Personal Data is not required by the applicable laws and regulations, we will ask for your consent.

      We disclose Personal Data outside the Company only if we are confident that access to the information, use, storage or disclosure of the information is reasonably necessary in order to:

      • comply with the applicable laws and regulations or requests and orders by state authorities and officers of the court;
      • implement the applicable terms and conditions for the provision of Services, including the investigation of possible infringements;
      • discover, prevent or otherwise solve problems in relation to fraud, security or technical issues;
      • to protect from harm our interests, as well as the interests of our Customers, partners or society as requested or permitted by the applicable laws and regulations.

      We can publicly disclose information that doesn't let to identify a person.

      In certain cases, data may be transferred outside the EU/EEA if, for example, the Personal Data processor hired by the Company is located outside the EU/EEA and the transfer of such data is necessary in order to provide a Service or upon the Customer's request.

      Data may be transferred outside the EU/EEA only if the Company provides the respective protection measures as required by the GDPR and such a transfer has legitimate grounds.


      We ensure the security of all (non-public) Personal Data in the possession of the Company and the processing and storage thereof in compliance with the applicable laws and regulations in force in Latvia, including protection of the privacy and integrity of the Personal Data. The Company's internal processes determine the technological and procedural processes for achieving this objective, and the Company pays special attention to these issues, being aware of the significance of Personal Data security. Access to the Personal Data in the possession of the Company is strictly controlled, and Company employees have access only to the Personal Data they need to perform their work duties.

      The Company's Information Security Policy provides a strict procedure for the management of security by, for example, specifying guidelines for the physical security of data. The Company's Encryption Management procedure supplementing this policy determines that the Company will use data encryption in order to protect the privacy of your data during storage and transfer.

      In order to protect your Personal Data from unauthorised access, unlawful processing or disclosure, accidental loss, modifications or destruction, we apply appropriate measures in order to comply with the requirements of the applicable laws and regulations. Such measures include technical measures, such as the selection and configuration of suitable information systems, the provision of the respective connection security, the protection of data and files, as well as organisational measures, such as restricted access to such systems, files and objects.


      The Company ensures that the processing of Personal Data is honest and transparent, and that all rights of natural persons arising from the applicable laws and regulations shall always be attainable.

      In particular, you have:

      • the right to access your Personal Data processed by the Company. Upon your request, the Company:

      a) shall confirm that Personal Data in relation to you is being processed and shall provide information regarding the purposes of processing, categories of Personal Data and recipients or categories of recipients of Personal Data to which the Personal Data has been disclosed;

      b) shall inform you regarding the Personal Data being processed and the available information on the sources thereof;

      c) shall provide information regarding the logic of automated processing of Personal Data in case of automated decision-making.

      • the right to request corrections to inaccurate Personal Data;
      • if the processing of Personal Data is based on your consent, you have the right to withdraw such consent at any time, notwithstanding the legitimacy of data processing performed on the basis of consent prior to the withdrawal of such consent;
      • the right to receive the processed Personal Data in a structured, widely used and machine-readable format, as well as the right to send the Personal Data to another controller under certain circumstances;
      • the right to request the deletion or restriction of the processing of your Personal Data under certain circumstances;
      • the right to object to the processing of Personal Data for certain purposes and under certain circumstances;
      • You also have the right to submit a complaint to the supervisory authority, the State Data Inspectorate (Blaumaņa iela 11/13-11, Riga, LV-1011, telephone: +371 67223131, e-mail: ).


      Personal Data shall be stored in accordance with the applicable laws and regulation and no longer than necessary. The Personal Data storage period is determined by the Company, and it depends on the particular agreement/Service and basis for Personal Data processing.

      The Company stores Personal Data for as short a period as possible and irrevocably destroys all Personal Data once the business necessity and the storage period determined by the applicable laws and regulations have ended (it should be kept in mind that applicable Latvian, European and international laws and regulations, e.g. on accounting and the prevention of money laundering and the financing of terrorism, often require the Company to store historic data).


      Profiling is any type of automated Personal Data processing manifested as the use of Personal Data in order to assess certain personal aspects in relation to a natural person, especially in order to analyse or forecast aspects related to the performance of the mentioned natural person at work, their economic situation, health, personal desires, interests, trustworthiness, behaviour, location or movement, for example, in order to perform a risk assessment for the purposes of preventing money laundering and the financing of terrorism.

      The Company uses profiling in order to prepare an analysis for advising the Customer, for the purposes of direct marketing, automated decision-making, for example, risk management, as well as for monitoring transactions for the purposes of fraud prevention.

      The Company performs profiling on the following legal basis:

      • execution of legal obligations. The Company can process Personal Data and assess personal aspects when performing risk assessment for the purposes of preventing money laundering and the financing of terrorism;
      • Customer's consent or legitimate interests in some cases. The Company can conduct profiling in order to assess Customer needs, develop its Services, or provide more timely offers of Services.

      The Company can make a decision in relation to the Customer only on the basis of the automated processing of Personal Data. In such a case, the Customer is entitled to decide that decisions made only on the basis of automated processing of their Personal Data, including profiling, not be made in relation to them. The Customer may exercise such rights if, on the basis of an automated decision, the Company refuses to enter into an agreement or to provide Services. Upon your request, Company employees will review such an automated decision.


      The Company uses cookies, which are small text files stored on a computer or other device in order to improve the functionality of the home page. The Company's Policy on Use of Cookies is available here: .


      Our advertisements and direct marketing notifications (e.g. about our Services) are sent to those Customers who have agreed to receive direct marketing and advertising offers from the Company. Such Customers receive offers and direct marketing notifications from the Company by using the selected communication channels. Within the framework of its legitimate interests, the Company can offer its Services to existing Customers.


      We regularly review this Personal Data Privacy Policy and ensure that it is complied with when processing your Personal Data.


      In case of questions, you can contact the Company; updated contact information can be found on our web site .

      You can also contact the State Data Inspectorate (Blaumaņa iela 11/13-11, Riga, LV-1011, telephone: +371 67223131, e-mail: ), if you have doubts regarding your rights in relation to the processing of your Personal Data.

  • Mastercard City Key cards
  • Terms and Conditions
  • Fees & Charges
  • Requirements for Merchant websites
    • Merchant's website should contain all of the following information

      Merchant's contact info

      Merchant’s contact information (the address should not be posted as a picture)

      • Company name

      • Registration number

      • Address (legal)

      • Address (actual) – if it is different from Legal

      • Address Phone number

      • Fax number – if company has such number

      Customer Service information (the address should not be posted as a picture)

      • Addresses of branch/shop (if such exists)

      • Phone number

      • Fax number (if such exists)

      • Email

      *The address and contact details should be easily accessible and available for at least 120 days upon the last transaction.

      *Billing descriptor should be displayed in the way this shall appear in the credit card statement of the cardholder.

      Description of goods and services

      Goods and services from the website must fully comply with the goods and services listed in the application for registration, as well as in the contract with the bank-acquirer and should contain (at least):

      • Overview - Merchant website should contain complete description of the goods or services offered for sale by the Merchant. Product details/Technical specifications, including but not limited to characteristics, measurements, photographs, content and material. For the software - the system requirements, for services - how and when could be provided.

      • Price and currency - accurate information about price and billing currency should be provided for all goods and services presented to potential customers.

      Payment methods

      International payment system logos should be full color to indicate card acceptance. Logos of payment systems (Visa, MasterCard) should be integrated in website. Logos should not appear in disadvantage in regards to other payment methods.

      3D-Secure marks (Optional)

      Merchants who participate in 3-D Secure must display the Verified by Visa and MasterCard SecureCode marks in full colors.

      Legal information

      Terms & Conditions - purchase terms and conditions should be displayed to the Cardholder during the order process either: 

      • On the same screen used as the checkout screen indicating the total transaction amount; or 

      • Within the sequence of web pages accessed by the Cardholder prior to the final checkout.

      Privacy Policy - website should carry a proper displayed privacy policy section stating that cardholder’s personal and credit card details will be handled secure to ensure confidentiality and SSL encryption will be used to ensure sensitive data protection.

      Sales and Refunds:

      • Payments & Pricing - Website should contain information regarding payment methods (internet, phone), accepted card types (Visa, Visa Electron, Mastercard, Maestro), processing exceptions if any, speed of payment.

      • Tax information, Export restrictions and regulations of delivery as well as restrictions on the provision of services (if any such restrictions).

      Delivery - complete and accurate information about the delivery of goods and services should be provided by the Merchant on its website - terms, methods, conditions, and any other information required to obtain a clear understanding of the delivery of goods and services after payment with credit card. Shipping address - Merchant in the website should not specify a shipping address only in USA, in the EU- it is required.

      Returns - Merchant should provide a description of the procedures and conditions (including possible penalties) of refund in the event of buyer's refusal to accept the order, exchange or delivery of substitute goods / services.

      Website should contain a "click to accept" button, or other acknowledgement, on its website evidencing that the cardholder has accepted the return policy.

    • Requirements for the website
      • Merchant’s website should be working - it is not allowed to sell any goods and services, referring to a web page that is not available.

      • URL/domain redirections are not allowed - Merchant’s website should not redirect or forward customers to other URL/domains, as well Merchant’s website should not receive redirected customers from other resources. Exceptions – advertisement, search queries, domain name change (if it was necessary).

      • Merchant’s website should not contain any malicious software.


  • Transact Online User Manual
    • Registration in the Transact Online system

      Transact Online allows you to access the information relating to all your registered accounts and cards. In order to start working with Transact Online system you have to complete straightforward registration process during your first log-in attempt.

      For registration in the Transact Online system you will need information, contained in the PIN-envelope issued to you.

      For registration in the Transact Online system:

      1. Open Transact Online website
      2. Enter in the User ID field the 8-digit account number, which you will find on the front side of the PIN-envelope.
      3. Enter in the Password field the password, which you will find under “Password” label inside of the PIN-envelope.
      4. Press "Sign-in".

      On the next page you will able to see your User ID and you will be offered to enter the new password for the access to the system (you may use the same password, which you used for registration in the system). IMPORTANT! Once the registration is complete, you will be able to access the Transact Online only by using your User ID and the password you have entered. The password can always be changed in the future if needed.

    • How to log in?
      1. Open Transact Online website
      2. Use the relevant fields to enter your User ID and the permanent password. 
        User ID consists of “u” character and 8 digits and is assigned to each user during registration process in the Transact Online system. During the registration process, the user also chooses permanent password.
      3. Depending on type of services you have requested from Transact Pro, you may also be required to enter 6-digit code from the code card or digipass in the additional field that will be displayed.
      4. Press "Sign-in".
    • Basic Principles on the Use of Transact Online

      In Transact Online you can select operations by clicking on the desired menu.

      Unlike with regular browsers, you cannot use the Back, Forward or Refresh (Reload) buttons, all orders must be given from menus.

      All users, who have been inactive (have not performed any activities on the Transact Online) for 5 minutes, are logged out from the system. The alert box will be displayed, informing the user on period of time, after which the session will be terminated. After the alert box opens the user can choose option to continue the session by pressing “Logout”. If no action is taken during time period given, the user will be required to re-log in the Transact Online to continue.

      We recommend avoiding lengthy pauses when entering information.

      If a technical error occurs and your Transact Online session has been erroneously closed, you can re-log in the Transact Online system right away and continue your work.

      To stop working in Transact Online, click "Exit" on the right top of the page. This must be always done to stop using Transact Online.

    • Security

      Transact Pro ensures security of Transact Online through constant development and monitoring of its electronic channels. However, no less important is to take care of safety of the computer and adhere to the principles of financial safety on the web by the user himself or herself:

      • keep username and password secret, store the means of authentication at a location accessible to the user only;
      • use of anti-viruses and security software;
      • avoid disclosure of details necessary for use of electronic services. It is important to keep in mind that Transact Pro will never ask you to e-mail or disclose by phone data such as Transact Online password or codes from the code card or security token.
  • Other Documents
  • Archive
  • Currency calculator

    Currency calculator temporarily unavailable