- This Policy is intended for persons who visit this Company-owned website (https://asklubas.lt/) to use the information of the website and the services provided therein.
- Any natural person whose personal data is processed by JSC Kistela is considered to be a data subject in this Policy.
- By using the Services, continuing to browse the website, the Visitor (user of the website) confirms that he has reads this Policy, understands its provisions and agrees to comply with them.
- The controller shall ensure that, when adopting and implementing this Policy, the following fundamental principles relating to the processing of personal data are implemented:
- Personal data are processed in a lawful, fair and transparent manner vis-à-vis the Data Subject (principle of legality, fairness and transparency);
- Personal data shall be collected for specified, clearly defined and legitimate purposes and shall continue to be processed in a manner incompatible with those purposes;
- Further processing of personal data for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes is not considered incompatible with the original objectives (purpose limitation principle);
- Personal data are adequate, relevant and only appropriate for the purposes for which they are processed (principle of data minimisation);
- Efforts shall be made to make personal data accurate and, where necessary, to be updated within a reasonable time from the date of the change;
- All reasonable measures shall be taken to ensure that personal data which are not accurate in the light of the purposes of their processing are erased without delay or rectified within a reasonable time (principle of accuracy);
- Personal data shall be stored in a form that allows the identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
- Personal data may be stored for longer periods if personal data are processed only for archiving purposes, in the public interest, for scientific or historical research purposes or for statistical purposes, following the implementation of the relevant technical and organisational measures necessary to protect the rights and freedoms of the Data Subject (principle of limitation of retention time);
- Personal data, taking into account the general nature of the personal data processed by the Controller, shall be processed in such a way as to ensure the proper security of personal data, including protection against unauthorised or unlawful processing of personal data and against accidental loss, destruction or damage (principle of integrity and confidentiality) by appropriate technical or organisational measures;
- The controller is responsible for complying with the above principles and must be able to demonstrate compliance with them (reporting principle).
- This Policy is based on Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as the GDPR), the Republic of Lithuania Law on Legal Protection of Personal Data (hereinafter referred to as the ADTAD), other legal acts of the European Union and the Republic of Lithuania. The terms used in the policy are understood when defined in the GDPR and the ATAA.
- You visit or use the opportunities offered by the Company’s social networking properties and/or the Company’s social networking facilities;
- You seek to enter into or enter into an agreement with the Company;
- You purchase the services provided by the Company;
- You agree to receive direct marketing communications sent by the Company or subscribe to the Company’s newsletter;
- You provide your goods or services to the Company;
- You contact the Company’s customer service department;
- Otherwise, you communicate or cooperate with the Company as a customer, supplier, or other person with a business or consumption relationship with the Company.
- Contact details of the person responsible for the protection of personal data in the Company: e-mail. mail: [email protected]
PURPOSES OF THE PROCESSING OF PERSONAL DATA AND CATEGORIES OF PERSONAL DATA COLLECTED
- Depending on who you are (customer, supplier, website visitor, etc.) and how you communicate with the Company (live, online, telephone, etc.), the Company may process different personal data for your Personal Data.
- Below you will find the categories of personal data that we may collect:
|Purpose of processing||Categories of data and personal data processed||Time limit for processing||Legal basis for processing|
|Conclusion of the contract with the Company||Personally identifiable data: name, surname, personal identification number* Contact details: e-mail postal address, telephone number, address* Service details: date of purchase, description of service, price* Details required for the account (with consent only): name, personal number, bank account number, service name, price||Personal data shall be stored during the duration of the contract and for 10 years from the date of expiry of the contract (according to the 2011 9 March (order no. (V-100) approved by the General Index of Document Retention Deadlines)||Processing is necessary for the conclusion and performance of the contract (Art. 6(1.b)|
|Sending direct marketing messages and newsletters||Identification and contact details: name, e-mail postal address, phone number||Personal data shall be stored and processed during the period of validity of the consent, unless the consent is withdrawn earlier. The data subject’s consent to the direct transmission of marketing communications shall be valid for 5 years from the date of receipt of the consent||Article 6 GDPR Point (a) of paragraph 1 (consent of the data subject for such processing)|
* The provision of the selected data is necessary if you wish to enter into a contract with the Company .
PROCESSING OF PERSONAL DATA FOR DIRECT MARKETING PURPOSES
- The Company processes your personal data for direct marketing purposes with your explicit consent to such processing, such as: when you subscribe to our newsletters, etc. (the basis for processing is your freely expressed consent, for the processing of data).
- For direct marketing purposes, we can manage your name, email address, phone number.
- Your personal data may be processed for direct marketing purposes in the following ways:
- You can receive a newsletter with our offers, promotions and news by email;
- you can receive invitations to events, offers and similar information by e-mail.
- You can opt out of our newsletters at any time. You can do this by clicking on the dedicated link at the bottom of our newsletters.
- We also use the services of Facebook, Google, other online advertising providers. You may read about the privacy policies of these service providers, the data collected and the personal data protection measures applied in the privacy policies of these service providers. For more information on how it works, as well as information about how you may object to or use such advertisements, please refer to the information provided by the following service providers:
TO WHOM YOUR PERSONAL DATA IS PROVIDED
- The Company shall not transfer your personal data to any third parties without your prior consent, except in the cases described below.
- We may transfer your data to third parties who assist us in operating and administering the Services. Such persons may include data centres, hosting and related services companies, advertising, marketing services companies, software-generating, providing, supporting and developing companies, information technology infrastructure companies, communication companies, internet browsing or online analysis companies, security services providing security services, etc.
- In each case, we provide the processor with only the amount of data necessary to execute a particular order or to provide a specific service.
- Data processors we use may process your personal data only in accordance with our instructions. In addition, they must ensure the security of your data in accordance with applicable law and written agreements with us.
- Data may also be made available to competent authorities or law enforcement agencies, such as the police or supervisory authorities, but only upon request and only when required by applicable law or in cases and procedures provided for by law to ensure our rights, the security of our buyers, employees and resources, to assert, provide and defend legal claims.
HOW WE ENSURE THE SECURITY OF YOUR DATA
- In order to protect your data, the Company shall take appropriate measures in accordance with data protection and data security laws and regulations, including requiring the Company’s service providers/used processors to use appropriate means to protect your personal data and their confidentiality.
- Depending on the cost of implementing modern technologies, the cost of implementing the tools and the nature of the data to be protected, the Company has implemented technical and organizational measures to protect against risks such as the destruction, loss, alteration, unauthorized disclosure or unauthorized access to your data.
- data protection legislation gives you a number of rights in relation to the processing of your personal data.
- You have the right to access your personal data processed by us:
- You have the right to request our confirmation of the processing of your personal data and, in such cases, request access to your personal data processed by us. To exercise the above right, please submit a written request to us by email. by post [email protected]
- You have the right to request the correction of inaccurate data.
- If you think that information about you is incorrect or incomplete, you have the right to ask for a correction. To exercise the above right, please submit a written request to us by email. by post [email protected]
- You have the right to object to the processing of your personal data:
- You have the right to object to the processing of personal data when personal data are processed in accordance with our legitimate interests. However, despite your objection, we will continue to process your data for reasonable reasons to continue processing the data. To exercise the above right, please submit a written request to us by email. by post [email protected]
- You have the right to request the deletion of your personal data (right to be forgotten):
- Under certain circumstances, you have the right to request that we delete your personal data. However, this provision does not apply if we are required by law to store data. To exercise the above right, please submit a written request to us by email. by post [email protected]
- You have the right to restrict the processing of your personal data:
- In certain circumstances, you also have the right to restrict the processing of your personal data. To exercise the above right, please submit a written request to us by email. by post [email protected]
- You have the right to contact the State Inspector of Personal Data Directly or by e-mail with a complaint about improper processing of personal data. by post [email protected]
INFORMATION ABOUT THE COOKIES USED
- Cookies are small-scale text files that are stored in a Person’s browser or device (pc, mobile phone, or tablet).
- The company uses the following cookie categories:
- Strictly binding cookies: Cookies are necessary to ensure the operation of the system. For example, some cookies allow us to identify registered users and ensure they have access to the entire system. If a user refuses these cookies, he may no longer see the full content of the system;
- Performance-enhancing cookies: Cookies that allow you to analyze how users use the system and monitor the performance of the system. This allows the Company to choose the right offers and quickly identify and eliminate any problems, thus ensuring high browsing quality. For example, performance cookies allow you to track which pages are the most popular and determine why error messages appear on some pages;
- Functional cookies: Cookies that allow you to remember users’ preferences and apply them to a website/mobile app so that the Company can provide enhanced functionality;
- Google Analytics, which allows you to capture and analyze statistics about website usage data. You can find out more about Google Analytics and the information these tools allow you to collect here – https://support.google.com/analytics/answer/6004245?hl=lt. If you want Google Analytics tools not to capture information about your browsing the Internet, you can use the Google Analytics Opt-Out Browser add-in.
- The following cookies https://asklubas.lt/ used on the website:
|Type||Cookie name||Purpose||Domain||Expiry date|
|Analytical||__ga;||Evaluate user visit goals, prepare reports on website activity for website operators, and improve the customer experience when visiting a website||https://asklubas.lt/||1 year|
- Cookies used on the website do not allow you to identify the user of the website. A visit to the Website shall be recorded anonymously, recognizing the personal computer, mobile phone or tablet and IP address, and such information collected shall not be made available to third parties, except as provided for by law.
- By opening the Website and clicking the “I accept” button in the pop-up box, the browsing person agrees that cookies should be stored on their computer, mobile phone or tablet.
- In order to withdraw your consent, the browsing person may delete or block cookies by selecting the appropriate settings in their browser that allow you to opt out of all or part of the cookies. You should be aware that using browser settings that block cookies (including the necessary cookies) may cause a person problems using all or part of the functionality of the Website.
- Personal data collected by cookies are processed in accordance with the provisions of the Law on Legal Protection of Personal Data of the Republic of Lithuania, the Republic of Lithuania Law on Electronic Communications, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC and other legal acts on the protection of personal data.
- In accordance with the requirements of the legislation, the website is subject to security measures to prevent the unauthorised disclosure and unauthorized use of personal data.
- The legal relations relating to this Policy shall be governed by the law of the Republic of Lithuania.
- The Controller shall not be liable for damages, including damage caused by interference with the use of the Website, for loss or damage to data caused by errors, errors, intentional harm, other misuse of the Website by the person or third parties acting with the person’s knowledge, actions or omissions.
- The Controller shall also not be liable for any interference and/or damage caused by the connection and/or use of the Website caused by acts or omissions by third parties not related to the Data Controller or person, including failures in the supply of electricity, internet access, etc.
- The controller shall have the right to amend the Policy in whole or in part.
- The additions or amendments to the policy shall take effect from the date of their publication on the Website.
- If, after supplementing or amending the Policy, a person continues to use the Website and/or the services provided by the Data Controller, the person shall be deemed not to object to such additions and/or changes.
- You can contact us by e-mail [email protected] for all data processing issues.