1. General provisions
1.1. Monteda UAB (hereinafter – the Company) respects the right to privacy of its all customers (buyers), including the visitors (hereinafter – the Customers) of the internet site of the Company https://www.starfirescareline.eu/ (hereinafter the Site), and undertakes to guarantee the protection of their personal data and the assurance of their, as the data subjects’, rights.
1.4. When managing Your personal data, we observe the regulation (EU) 2016/679 of April 27, 2016 of the European Parliament and Council regarding the protection of natural entities when managing the personal data and regarding the free movement of such data, which cancels the Directive 95/46/EC (hereinafter – the Regulation), the provisions of the Law of the personal data legal protection of the Republic of Lithuania (hereinafter – LPDLP), the Law of electronic communications of the Republic of Lithuania (hereinafter – LEC) and other directly applied legal acts regulating the protection of personal data, provisions, also, the instructions of the data protection supervision institutions (in Lithuania, State Data Protection Inspectorate).
2. Concepts to be used
2.1. Personal data – any information about the natural entity whose identity was ascertained or the identity of which can be ascertained (data subject); natural entity, whose identity can be ascertained, is the person whose identity can be directly or indirectly ascertained, first of all, according to the identifier such as the name and surname, personal identification number, location data and internet identifier or according to one or several features of physical, physiological, genetic, psychic, economic, cultural or social identity of that natural entity.
2.2. Data subject – natural entity – the customer of the Company (including the visitors of the Site) whose personal data is collected by the Company.
2.3. Data subject’s consent – any specific and unambiguous expression of the will of a properly informed data subject provided in a free will in the form of the declaration or unambiguous actions to agree with the management of personal data related to him/her.
2.4. Data management – any operation or sequence of operations performed with personal data sets using the automated or non-automated means, for example, collection, recording, sourcing, systemisation, keeping, adaptation or supplementation, correction, familiarisation, usage, disclosing by transferring, distributing or making a different possibility to use it, also, comparison or joining with other data, restriction, deletion or destruction.
2.5. Data manager – natural or legal entity, governmental authority, agency or other institution which manages the personal data on the behalf of the Owner of the data.
2.6. The owner of the data - Monteda UAB, the Company established under the legislation of the Republic of Lithuania, code 303131997, registered address: Šv. Gertrūdos St. 64-11, LT-44269 Kaunas, Lithuanian Republic, data about which collected and kept in the Register of Legal Entities.
2.7. Cookie – a small part of textual information which is automatically created when browsing the Site and is kept in Your computer or another backup device.
2.8. Direct marketing – activity intended for offering the goods to the people via the mail, telephone or another direct way and (or) ask their opinion about the offered goods or services.
3. Your personal data to be collected
3.1. The Company collects and further manages Your following personal data which Your provide yourselves when registering and (or) ordering the goods in the Site, or ordering the goods in a different way: name, surname, address, e-mail, telephone number, data related to the delivery of goods, e.g., the item and its ordering details, invoice numbers, invoicing, payment details, information about the agreement or disagreement regarding the personal data management on the purposes of direct marketing, password and any other data which You additionally provide on your own initiative when registering and (or) ordering the goods.
3.2. Your personal data, indicated in clause 3.1., is kept during the period of communication of You and the Company (during the order execution) and 10 (ten) years from the end of this period.
3.3. The Company collects and further manages Your following data which You indirectly provide when registering and (or) ordering the services in the Site, i.e. this data is automatically collected from the computers and (or) mobile devices You use when You connect to the Site: connection IP addresses and times, the browser used by the user and its version, websites which You visited before accessing our Site, data about the usage of services, e.g., data collected by using cookies and similar technologies related to internet browsing, etc.
3.4. Your personal data, indicated in clause 3.3., is kept during the period of communication of You and the Company (during the order execution) and, depending on the data, up to one year from the end of this period. This data can be kept for a longer time if there are other legal grounds for such period of keeping.
4. The purpose of Your personal data management
4.1. The Company manages Your aforementioned personal data for the following data management purposes: for the processing and administration of the purchasing of goods (order), identification of the Company’s customers in the Company’s information systems, when registering in the Site and connecting to own account, for the management of accounting documents related to service ordering, for communication with You regarding the accomplishment of contractual obligations, on purpose of direct marketing (only having the advance consents of the data subjects).
5. The way Your personal data is managed
5.1. We guarantee that Your personal data shall be: managed in a lawful, honest and clear way, collected on determined, clearly defined and lawful purposes, and further not managed in an incompatible manner for those purpose, adequate, suitable and only such which are necessary for reaching the aims for which it is managed (the principle of data amount reduction is applied), precise and updated if necessary (the principle of precision is applied), managed in such manner that, when applying proper technical and organisational means, suitable personal data safety is guaranteed, including the protection from Data management without permission or illegal Data management and from unintentional loss, destruction or damage (the principles of integrity and confidentiality are applied).
6. Your data subjects’ rights
6.1. You have the following data subjects’ rights which we will realize when we get the application from You (via the e-mail: firstname.lastname@example.org; via the mail address: Šv. Gertrūdos St. 64-11, LT-44269 Kaunas) and after You properly confirm Your identity: to familiarise with Your personal data and how it is managed, to demand correcting the incorrect personal data related to You, also, to demand that Your non-exhaustive personal data is supplemented, to demand the Company to delete the personal data related to You if: a. it is not necessary for reaching the objectives, for which they were collected or otherwise managed, any more, b. You cancel the consent and there is no other legal basis for managing Your personal data, c. personal data was managed illegally, d. on other grounds provided in the Regulation; to demand the Company to restrict the management of Your personal data, the reception of the personal data related to You and provided by You in the Company-systemised, normally used and computer-read format, not to agree with the management of the personal data related to You (e.g., for direct marketing, etc.).
6.2. We inform that if You think that Your, as the data subject’s, rights are violated, You can provide the claim to the State Data Protection Inspectorate. More information about the State Data Protection Inspectorate and claim investigation can be found here: https://www.ada.lt/.
7. The management of the personal data on the purpose of direct marketing?
7.1. Only when having Your advance consent and following the provisions of the LEC, the LPDLP and the Regulation, we shall send You the Company’s newsletters via the e-mail and (or) inquire for the quality of the existing services.
7.2. We manage Your following personal data on the purpose of direct marketing: name, surname, e-mail address.
7.3. Your personal data is kept on the purpose of direct marketing till your refusal to get the notices of direct marketing.
8. Who can access Your personal data?
8.1. The access of the Company’s employees to Your personal data is provided only case of necessity to perform own duties and only after the employee undertakes to follow the requirement of confidentiality.
8.2. The Company can provide Your personal data: to data managers who provide services to the Company and manage Your personal data on the Company’s behalf or for Your benefit, to judicial institutions when there are grounds for that, to other third parties with Your agreement.
8.3. We invite only those data managers which guarantee that suitable technical and organisational means are implemented in such manner that data management corresponds to the requirements of the Regulation and guarantees the protection of Your, as the data subject’s, rights.
8.4. We can note that the above mentioned data managers have the right to manage Your personal data only according to our instructions.
8.5. The Data manager cannot invite a different data manager without a preliminary specific or general written permission of the Company (data manager).
8.6. Your personal data can also be provided when replying to official applications of the state institutions and court, but only after assuring the lawfulness of these applications.
9. Cookies and how they are used
10. References provided in the site