1. General provisions
1.1 We care about the protection and privacy of your personal data, and therefore this Privacy Policy (hereinafter referred to as the “Policy”) informs you about the processing of personal data, the rights of the data subject, the means of implementation of the protection of personal data, and other issues related to the processing of personal data.
1.2 The Company collects personal data that a person voluntarily provides by email, registered mail, telephone, by visiting the Company directly, by signing up to the Company’s website and by becoming a registered user using the Company’s website.
1.3 All personal data received by the Company is collected, stored and processed in accordance with the requirements provided for in the Law on Personal Data Protection of the Republic of Lithuania, the General Data Protection Regulation No 2016/679 of the European Union and other legal acts regulating the protection of personal data of the Republic of Lithuania.
1.4 The Company shall ensure that the level of protection of personal data processed by the Company complies with the requirements of the legislation of the Republic of Lithuania.
2. Definitions
2.1 Definitions used in the document:
2.1.1. “Personal data” means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is a person who can be identified, in particular by reference to a particular identifier such as a name, a personal identification number, location data and an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
2.1.2. “Data Subject” means a natural person from whom the Company receives and processes personal data;
2.1.3. data recipient means the person to whom personal data is provided;
2.1.4. “Provision of Data” means the disclosure of personal data by transmission or otherwise making it available (other than publication in the media);
2.1.5. ‘Processing’ means any operation performed upon personal data, whether or not by collection, accumulation, storage, recording, classification, grouping, aggregation, alteration (addition or rectification), provision, disclosure, use, logical and/or arithmetical operations, retrieval, dissemination, destruction or any other operation or set of operations;
2.1.6. ‘Automatic processing’ means processing operations wholly or partly carried out by automatic means;
2.1.7 “Processor” means a legal or natural person (other than an employee of the controller) authorised by the controller to process personal data. The processor and/or the procedure for appointing the processor may be laid down in laws or regulations;
2.1.8. “Data controller” means a legal or natural person who, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes of the processing are laid down by law or regulation, the controller and/or the procedure for appointing the controller may be laid down in that law or regulation;
2.1.9. “Consent” means any freely given, specific and unambiguous indication of the data subject’s wishes, by means of a statement or an unambiguous action, which is freely given and which is unambiguous and unambiguous, by a duly informed data subject, that the personal data concerning him or her may be processed;
2.1.10. “Direct marketing” means activities designed to offer goods or services to individuals by post, telephone or other direct means and/or to seek their opinion on the goods or services offered;
2.1.11. “Third party” means a legal or natural person other than the data subject, the controller, the processor and persons directly authorised by the controller or processor to process data;
2.1.12. Other terms used in this Policy shall be understood as defined in the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the processing of personal data.
3. What are the principles that guide our processing of personal data?
3.1 The Company’s processing of personal data is guided by the following principles:
3.1.1.1. the Company shall process personal data only for the achievement of legitimate purposes as defined in the Policy;
3.1.2. personal data is processed accurately, fairly and lawfully, in accordance with the requirements of the legislation;
3.1.3. the Company processes personal data in such a way as to ensure that the personal data is accurate and is kept up to date in the event of any changes to it;
3.1.4. the Company processes personal data only to the extent necessary to achieve the purposes of the processing;
3.1.5. personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected and processed.
3.1.6. the personal data of the data subject may only be accessed by the Company’s employees and/or third parties engaged by the Company to provide the service, who are appropriately qualified, and only where necessary to provide the service.
3.2 The Company respects the privacy of the Data Subject and undertakes to comply at all times with the Data Subject Data Protection Principles set out in this Policy.
4. For what purposes do we process personal data?
4.1 Personal data shall be processed and used in accordance with the purposes for which the Data Subject has provided them to the Company or for other purposes approved by the Data Subject.
4.2 Purposes of use of the Data Subject’s personal data:
4.2.1. for the processing, administration of the purchase (order) of goods or services by the Data Subject;
4.2.2. identification of the Data Subject in the Company’s information systems;
4.2.3. identification of the Data Subject when logging in to his/her account on the Company’s website;
4.2.4. the issue and submission of purchased (ordered) goods or services, confirmations, invoices and other financial documents;
4.2.5. to resolve problems related to the performance of the contract;
4.2.6. contacting the Data Subject in the event of a change in the terms and conditions of goods or services purchased by the Data Subject;
4.2.7. For the fulfilment of other contractual obligations;
4.2.8. for the Company’s Direct Marketing purposes;
4.2.9. security, health, administrative, crime prevention disclosure and legal purposes;
4.2.10. Business analytics, for general research that enables us to improve the quality of goods or services;
4.2.11. for the purpose of contacting the Data Subject for the purpose of obtaining customer feedback on goods or services purchased;
4.2.12. for the purpose of assessing a person’s suitability for a job role, contacting the relevant candidate, etc.;
4.2.13. For auditing purposes.
4.3 By voluntarily providing the Company with his/her personal data, the Data Subject confirms and voluntarily consents to the Company’s management and processing of the Data Subject’s personal data in accordance with this Policy, applicable laws and other regulatory provisions.
4.4 The Company undertakes not to disclose personal data information to third parties without the Data Subject’s consent, except for the purpose of ensuring the proper performance of the Contract, other services related to the proper performance of the services ordered by the Data Subject. The Company may also transfer the Data Subject’s personal data to third parties who act as Data Processors on behalf of the Company. Personal Data may only be provided to Data Processors with whom the Company has signed the relevant Data Processing Agreements. The Data Subject shall be deemed to have been informed of, and to have consented to, this and the Company shall not be liable for damages arising from the use of the Data Subject’s data by third parties to the extent permitted by law. In all other cases, the Data Subject’s personal data may be disclosed to third parties only in accordance with the procedure provided for by the legislation of the Republic of Lithuania.
5. What personal data do we process?
5.1 The personal data information collected by the Company may include: the Data Subject’s name, first name, surname, telephone number, email address, the address for receiving the goods or services purchased, the home/residential address, the name of the company on whose behalf the Data Subject is acting, the payment details, information about the goods and services purchased by the Data Subject (quantities, purchase dates, the prices of the purchased goods and services, the history of the purchases), and the data subject’s login name and the encrypted form of the password for the Company’s web page. The Company’s website may collect certain information about the Data Subject’s visit, such as: the Internet Protocol (IP) address of the Internet access used by the Data Subject; the date and time of the Data Subject’s visit to the Company’s website; other websites visited by the Data Subject while on the Company’s website; the browser used; information about the Data Subject’s computer’s operating system; versions of the mobile applications; language settings; and others. If the Data Subject uses a mobile device, data may also be collected to determine the type of mobile device, the device settings, as well as the geographic (longitude and latitude) coordinates. This information is used to improve the Company’s website, to analyse trends, to improve products and services and to administer the Company’s website. The data subject voluntarily provides this data by using the services provided by the Company, by becoming a registered user of the Company’s website or by visiting the Company’s website.
5.2 The personal data information collected by the Company may be any personal data information not specified above in this Article but voluntarily provided to the Company by the data subject or otherwise obtained and lawfully processed by the Company.
6. What are the rights of the data subject?
6.1 Data subjects’ rights and means of exercising them:
6.1.1. to be aware of the collection of their personal data. When collecting personal data, the Company must inform the Data Subject what personal data will be processed by the Company, the purpose for which the relevant data will be processed, to whom and for what purpose it may be provided and/or the consequences of not providing personal data.
6.1.2. to be made aware of his/her personal data and how it is processed. The data subject shall have the right to request from the Company information on what and for what purpose his/her personal data are processed. The Company shall, upon receipt of the Data Subject’s request in writing (by registered mail or e-mail), provide the requested data or give reasons for refusing such request within 30 calendar days of receipt of the Data Subject’s request in writing (by registered mail or e-mail). The response shall be provided to the Data Subject in the same form in which the request was received, unless the Data Subject’s request expresses a wish to receive the information in another way;
6.1.3. require the rectification of inaccurate or incomplete personal data;
6.1.4. request the erasure of personal data (right to be forgotten);
6.1.5. Request restriction of the processing of personal data;
6.1.6. to receive the Data you have provided in a structured, commonly used and computer-readable format and/or to request its transfer to another data controller, if this complies with the criteria defined by law and is technically feasible;
6.1.7. the Data Subject shall have the right to object at any time to processing of the Data. Where the Data are processed for direct marketing purposes, the Data Subject may object to such processing (right to object). Upon receipt of the Data Subject’s objection to the processing of personal data, the Company shall immediately cease such processing, unless it is contrary to the requirements of law, and shall inform the Data Subject thereof;
6.1.8. withdraw at any time any consent given by the Data Subject for the processing of personal data, without affecting the lawfulness of the processing based on consent prior to the withdrawal of consent;
6.1.9. to refuse to provide personal data or to object to the processing of personal data;
6.1.10. lodge a complaint with a supervisory authority if the rights of the Data Subject are violated.
7. What are cookies and what are they used for?
7.1 The Company’s website uses data analysis management tools – “cookies”.
7.2 By using the Company’s website, the Data Subject consents to the storage of cookies on the Data Subject’s computer/device.
7.3 Cookies are small amounts of data that the website places on the Data Subject’s computer. Web pages have no memory. If the Data Subject browses different web pages, the Data Subject will not be recognised as the same user. Cookies allow a web page to recognise the Data Subject’s browser. The main purpose of cookies is to remember the Data Subject’s preferences, such as the preferred language of a web page. Cookies also help to recognise the Data Subject when they return to the same web page. They help to personalise the web page. Cookies cannot be used to execute programs or to transfer viruses to your computer. Cookies are addressed only to the Data Subject and can only be read by the web server of the domain that sent the cookie to the Data Subject. One of the main purposes of cookies is to provide a convenient function to save the Data Subject’s time. For example, if a Data Subject uses a website for personal purposes or browses a web page, cookies will help the website to remember specific information after a later visit. This makes it easier to present relevant content, navigate the website, etc. By returning to the website, the Data Subject can find the information he or she has previously provided and can therefore use the already customised features of the website more easily.
7.4 The processing of data by means of cookies does not allow the direct or indirect identification of the user.
7.5 The following types of cookies may be used on the Company’s website:
7.5.1. technical (necessary) cookies. These cookies are necessary for the website to function. For example, they are cookies set by the entity that hosts the website on the server in order to ensure that the website and its pages are downloaded from the same server and thus to ensure a smooth and fast navigation of the website.
7.5.2 Functional cookies. These cookies are used to remember when a user returns to the website and their choices, such as language choices.
7.5.3 Analytical cookies. These are cookies that collect information about a user’s visit to a web page, identify which pages the user views, and determine which pages are visited most frequently. These analytical cookies are completely anonymous and help ensure that users find the information they are looking for.
7.5.4 Advertising cookies. These are cookies that collect information about the user’s visit to the website, specific pages and links provided. This information is used to provide personalised advertising to the user.
7.6 Each time the Data Subject visits the Company’s website, he/she may accept or refuse the use of cookies, but in this case the Company cannot guarantee the quality of the website browsing. Most web browsers automatically accept cookies, but the Data Subject can easily modify the browser not to accept cookies if he or she wishes. Therefore, the Data Subject has the possibility to delete some or all cookies from his/her computer or to block them at any time by using the web browser on his/her computer. If cookies are blocked, some parts of the Company’s website may not work or may not work properly for the Data Subject for technical reasons.
7.7 No personal data of the Customer is collected by means of cookies.
7.8 No information is provided to any third party during the recording of necessary cookies.
8. What are web indicators and how are they used?
8.1 In addition to cookies, the Company may also use web beacons. This is a small graphic image of just one pixel that is delivered to the Data Subject’s computer as part of a web page or as an HTML e-mail message. Directly or through other service providers, these images are used by the Company in the form of online advertisements or on third party websites in order to know whether the user to whom the advertisement is displayed has placed an order, to analyse the movement of users and to optimise the services offered.
8.2 The Company may include web beacons in promotional emails or newsletters in order to determine whether emails have been opened. Some website indicators may be added by third party service providers to determine the effectiveness of the Company’s promotional campaigns or email communications. Web Site Indicators may be used to place a persistent cookie on the Data Subject’s computer. It will then be able to recognise the Data Subject’s computer each time he or she visits certain pages or sends e-mails, and to collect anonymous information about the traffic to such pages. The Company prohibits the use of web beacons to collect or access personal information.
9. Intellectual property
10. Final provisions
10.1 This Policy may be updated in the event of changes in the legislation governing the processing of personal data, and we recommend that you periodically review the provisions of the Policy.
10.2 The law of the Republic of Lithuania shall apply to relations arising from this Policy.
11. Company contact information
11.1 Details of the Data Controller and contact details for any queries regarding this Privacy Policy:
Company name: UAB Textilis
Company code: 300034920
Company’s VAT number: LT100001173717
Address: Draugystės g. 15F, Kaunas, LT-51227, Lithuania
E-mail address: info@textilis.lt
Tel.nr.: +370 37 460117
Updated 05 01 2023