Privacy policy
- General provisions
1.1 We process your data in MB Partum Persona, Company code: 305971128, whose headquarters are at Kalvarijų gatvė 157, Vilnius (henceforward - the company).
1.2. We care about the protection and privacy of your data, accordingly, in this privacy policy (henceforward referred to as the Policy), we inform you about the processing of personal data, the rights of the data subject, the measures for the implementation of personal data protection and other issues related to the processing of personal data.
1.3 The company collects personal data that a person voluntarily provides by e-mail, registered mail, telephone, or using the company's website.
1.4 All personal data received by the Company are collected, stored, and processed following the personal data protection law of the Republic of Lithuania, the European Union's General Data Protection Regulation no. 2016/679, and other legal acts of the Republic of Lithuania regulating the protection of personal data.
1.5 The Company ensures that the level of protection of personal data processed by the Company meets the requirements of the legal acts of the Republic of Lithuania.
- Concepts
2.1. Terms used in the document:
2.1.1. Personal data - any information about an identified or identifiable natural person (data subject). An identifiable natural person is an individual whose identity can be determined, in particular by some identifier, such as a name, personal identification number, location data, and an Internet identifier, or by one or more of that natural person's physical, physiological, signs of genetic, mental, economic, cultural or social identity;
2.1.2. Data subject – means a natural person from whom the Company receives and processes personal data;
2.1.3. Data recipient - the person to whom personal data is provided;
2.1.4. Provision of data - disclosure of personal data by transmission or otherwise making them available (except for publication in public information media);
2.1.5. Data processing - any action performed with personal data: collection, accumulation, storage, recording, classification, grouping, connection, change (addition or correction), provision, publication, use, logical and/or arithmetic operations, search, dissemination, destruction or other action or set of actions;
2.1.6. Automatic processing of data - data processing actions that are fully or partly performed by automatic means;
2.1.7. Data controller – a legal or natural person (who is not an employee of the data controller) authorized by the data controller to process personal data. The data processor and/or the procedure for its authorization may be decisive by-laws or other legal acts;
2.1.8. Data controller - a legal or natural person who, alone or collectively, determines the goals and means of processing personal data. If the objectives of data processing are decisive by-laws or other legal acts, the data controller and/or the procedure for his authorization may be decisive in those laws or other legal acts;
2.1.9. Consent - any freely given, specific and unambiguous expression of the will of an accurately informed data subject by means of a statement or unequivocal actions by which he agrees to the processing of personal data related to him;
2.1.10. Direct marketing - activities aimed at offering goods or services to individuals by mail, telephone, or other direct means and/or asking for their opinion on the staged goods or services;
2.1.11. Third-party - a juridical or individual person (excluding the data subject, data controller, data processor, and persons who are directly certified by the data controller or data processor to process data);
2.1.12. Other concepts used in this Policy are understood as they are defined in the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the processing of personal data.
- What principles do we follow when processing personal data?
3.1. When processing personal data, the company is guided by the following principles:
3.1.1. The Company processes personal data only for the purposes defined in the Policy;
3.1.2. Personal data is processed accurately, honestly, and legally, in compliance with the requirements of legal acts;
3.1.3. The company processes personal data in such a way that the personal data is accurate and constantly modified in the event of a change;
3.1.4. The company processes personal data only to the extent necessary to achieve the goals of personal data processing;
3.1.5. Personal data is stored in such a form that the identity of data subjects can be determined no longer than is necessary to achieve the purposes for which these data were collected and processed.
3.1.6. The personal data of the data subject can be accessed only by employees of the Company with the relevant competence and/or third parties that the Company has used to provide the service, and only in cases where it is necessary to provide the service.
3.2. The Company respects the Data Subject's privacy and guarantees to continually comply with the Data Subject's data protection principles specified in this Policy.
- For what purposes do we process personal data?
4.1. Personal data are processed and used following the purposes for which the Data Subject provided them to the Company or other purposes approved by the Data Subject.
4.2. Purposes of using personal data of the data subject:
4.2.1. For the processing and administration of purchasing (ordering) services performed by the data subject;
4.2.2. For the identification of the data subject in the Company's information systems;
4.2.3. For the identification of the data subject when logging into his account on the Company's website (when the Company provides such an opportunity);
4.2.4. for issuing and submitting coupons, confirmations, invoices, and other financial documents for purchased (ordered) services;
4.2.5. for the resolution of problems related to the execution of the contract;
4.2.6. for contacting the Data Subject, in the event of a change in the conditions of goods or services purchased by the Data Subject;
4.2.7. for the fulfillment of other contractual obligations;
4.2.8. Companies for direct marketing purposes;
4.2.9. for security, health, administrative, crime prevention disclosure, and legal purposes;
4.2.10. analytics of business, for general research that allows for improving the quality of goods or services;
4.2.11. for contact with the Data Subject, to receive customer feedback on purchased services;
4.3. By voluntarily submitting his personal data to the Company, the Data Subject confirms and voluntarily agrees that the Company will manage and process the Data Subject's personal data in accordance with this Policy, applicable laws, and other normative legal acts.
4.4. The company undertakes not to disclose personal data information to third parties without the Data Subject's consent, except for ensuring the proper fulfillment of the agreement, and other services related to the decent attainment of the services ordered by the Data Subject. The Company may also transfer the Personal Data of the Data Subject to third parties who act as Data Processors on behalf of the Company. Personal data can be provided only to those Data Processors with whom the Company has signed relevant Data Processing Agreements. It is considered that the Data Subject is informed about it, and agrees with it and the Company does not assume responsibility for damage arising from the use of the Data Subject's data by third parties to the extent permitted by law. In all other cases, the Personal Data of the Data Subject may be disclosed to third parties only in accordance with the procedure provided by the legal acts of the Republic of Lithuania.
- What personal data do we process?
5.1. The personal data information collected by the company can be the Name of the data subject, name, surname, code, telephone number, email address, name of the company on whose behalf it is acting, information about the goods and services purchased by the data subject (their quantities, dates of purchase, prices of purchased services, purchase history), the data subject's login name and encrypted form of the password on the Company's website (if the Company provides such an opportunity). The Company's website may collect certain information about the Data Subject's visit, for example, the Internet Protocol (IP) address that the Data Subject uses to access the Internet; the Date and time of the data subject's visit to the Company's website; other web pages that the Data Subject visits while on the Company's web page; the browser used; information about the Data Subject's computer operating system; versions of mobile apps; language settings and more. If the Data Subject uses a mobile device, data may also be collected to determine the type of mobile device, device settings, as well as geographic (longitude and latitude) coordinates. This information is used to improve the Company's website, analyze trends, improve products and services, and administer the Company's website. The data subject provides this data voluntarily by using the services provided by the Company, becoming a registered user of the Company's website, or visiting the Company's website.
5.2. Personal data information collected by the Company may be any information not specified above in this article, but personal data information voluntarily submitted to the Company by the data subject or otherwise obtained and legally processed by the Company.
- What are the rights of the subject of personal data?
6.1. Data subject rights and means of their implementation:
6.1.1. to know about the collection of your data. The data subject has the right to access data;
6.1.2. Get to know your data and how it is managed. The data subject has the right to apply to the Company with a request to provide information about what and for what purpose his data is being processed;
6.1.3. demand correction, destruction of your data, or suspension of processing of your domains;
6.1.4. to receive the Data provided by you read in a structured form if it meets the criteria defined by law;
6.1.5. The data subject has the right to refuse data processing when optional data is processed. When Data is processed for direct marketing purposes, the Data Subject may object to such processing (right to object). The company, upon receiving a request to stop the processing of non-mandatory personal data, immediately stops such processing, unless it contradicts the requirements of legal acts, and informs the person about it;
6.1.6. withdraw at any time any consent given by the Data Subject when registering or using the services provided by the Company. Such refusal will not affect the legality of the Data Processing carried out before the refusal and based on the consent given;
6.1.7. refuse to provide personal data;
6.1.8. file a complaint with the supervisory authority if the Data Subject's rights are violated;
- What are cookies and what are they used for?
7.1. The company's website uses data analysis management
tools - cookies.
7.2. By using the Company's website, the Data Subject agrees to the data being recorded on the Data Subject's computer (device).
7.3. Cookies are small amounts of data that a website places on the Data Subject's computer. Web pages have no memory. When the Data Subject browses different Internet pages, the Data Subject will not be remembered as the same user. Cookies allow the web page to perceive the Data Subject's browser. The essential purpose of cookies is to observe the choices of the Data Subject, for example, the preferred language of the website. Cookies also help the Data Subject to be recognized when returning to the same website. They help you to personalize the website. Cookies are not used to run programs or transfer viruses to your computer. Cookies are assigned only to the Data Subject and can only be read by the web server of the domain that sent the cookie to the Data Subject. One of the most meaningful purposes of cookies is to provide a convenient function to save the Data Subject's time. For example, if the Data Subject uses the website for personal needs or browses the website, cookies will help the website to remember specific information on subsequent visits. This makes it easier to present relevant content, easier to navigate the website, etc. Upon returning to the website, the Data Subject can find his/her previously provided information and thus can more easily use the functions of the website already fitted.
7.4. Data processing with the help of cookies does not allow direct or indirect identification of the user.
7.5. The company's website may use the following types of cookies:
7.6. Technical cookies: their help for the users of the Company's website. The Company strives to provide an advanced and easy-to-use website that automatically adapts to their wishes and needs.
7.7. Functional cookies: they allow the Data Subject's choices to be remembered and to use the website efficiently.
7.8. Analytical cookies: with their help, the aim is to understand how the Company's visitors use the Company's website, to discover the weak and secure parts of the website, and to optimize the website's work.
7.9. Commercial cookies: the Company uses these cookies to place Company advertisements on other web pages.
7.10. While visiting the Company's website, the Data Subject can accept or refuse the use of cookies, but in this case, the Company cannot guarantee the quality of the website. Most Internet browsers automatically accept cookies, but if the Data Subject wishes, the browser can be easily modified to not accept them. Thus, the Data Subject can delete part or all of the cookies from his computer at any time or block them using the Internet browser on his computer. After blocking cookies, for technical reasons, some of the Company's online parts of the page may not function or function properly for the Data Subject.
7.11. No personal data of the customer is stored with the help of cookies.
7.12. No information is provided to any third parties during the recording of the necessary cookies.
- Third Party Websites
8.1 The Company is not responsible for ensuring the Customer's privacy on third-party websites, even in cases where the Customer accesses third-party websites using the links on this website. The Company recommends that you familiarize yourself with the privacy terms of each website not owned by the Company.
- Ensuring information security
9.1 The company's goal is to ensure the highest possible security of all information received from the Customer and from public data files. In order to protect this information from unauthorized access, use, copying, accidental or unauthorized destruction, alteration, or disclosure, as well as from any other unauthorized processing, the Company uses appropriate legal, administrative, technical, and physical security measures.
- Final Provisions
10.1 These Privacy Policy provisions are governed by the law of the Republic of Lithuania. All disputes arising from the provisions of this Privacy Policy will be resolved through negotiations, and if they fail, in the courts of the Republic of Lithuania.
In this Privacy Policy, the term "this website" refers to www.gintaute