1. BASIC CONCEPTS OF ULTIMATE DATA PROTECTION
1.1. The Company or Personal Data Controller – UAB Alvita, a closed joint-stock company established and operating in accordance with the laws of the Republic of Lithuania, whose legal entity code is 140460420, VAT code LT404604219, registered office address Kampiškių st. 11, Kaunas.
1.2. Customer or Data subject – natural person – a customer of the Company (including website visitors) whose personal data is collected by the Company.
1.3. Electronic store – the Company’s electronic store at Alvita.lt.
1.4. Services – all services provided by the Company.
1.5. Personal data – any information related to a natural person – a Data subject whose identity is known or can be directly or indirectly determined using data such as a personal code, one or more physical, physiological, psychological, economic, cultural or social characteristics characteristic of a person signs.
1.6. Processing of personal data – any action performed with personal data: collection, recording, accumulation, storage, classification, grouping, connection, change (addition or correction), provision, publication, use, logical and/or arithmetic operations, search, dissemination, destruction or other action or set of actions.
1.7. Partner – a legal entity that provides services to the Company related to the Company’s activities, or sells goods to it, or carries out joint projects with the Company, including, but not limited to, marketing campaigns, joint sales campaigns, loyalty programs, etc., in media, online pages, Electronic store, retail stores, retail chains, etc.
1.8. A cookie is a small piece of textual information that is automatically created when browsing the website and is stored on the visitor’s computer or other device.
1.9. Direct marketing is an activity aimed at offering goods or services to individuals by mail, telephone or other direct means and/or asking for their opinion on the offered goods or services.
1.11. Account – the main data for the Customer’s connection to the Online Store, which consists of one email address and Password.
1.12. Password is a unique combination of numbers, letters, or numbers and letters or other symbols created by the Customer, which can be used to connect to the Online Store.
2. GENERAL PROVISIONS
2.3. In the company, Personal data is processed in accordance with the following principles:
2.3.1. Personal data is collected for defined and legitimate purposes;
2.3..2. Personal data is processed accurately, fairly and legally;
2.3..3. Personal data are valid and only to the extent necessary for their collection and further processing;
2.3..4. Personal data are constantly updated;
2.3..5. Personal data is stored in such a form that the identity of the Data Subject can be determined no longer than is necessary for the purposes for which these data were collected and processed.
2.3..6. All information about Personal Data is confidential;
2.3..7. Personal data and personal information of the customer will not be used for illegal purposes.
2.6. The customer can place an order in the Electronic Store without registration, or after registering in the Electronic Store through his Account.
2.7. During the initial registration to the Electronic Store through the Account, the Customer must provide his e-mail address and come up with a secure Password, as well as provide accurate Personal Data to the Electronic Store. The customer is responsible for their correctness. After creating the Account, the Customer is provided with an identification code.
2.8. When using the Services, as well as when purchasing in the Electronic Store, the Customer must always provide accurate Personal Data to the Electronic Store and is responsible for their correctness.
2.9. The Customer has the right to change and supplement Personal data in the Account at any time or to contact the electronic store with a request to cancel the Account.
2.10. The Customer must not disclose the Password to third parties and keep it safe, otherwise, all related responsibility rests with the Customer.
3. COLLECTION, USE, CORRECTION AND STORAGE OF PERSONAL DATA
3.1. The company respects every customer’s right to privacy. Customer Personal Data (i.e. name, email address, phone number, product/service delivery address, age/year of birth, product/service payment details (bank account number, payment method, etc.), purchase history, etc. also, with the Client’s consent, age, gender, date of birth, place of residence) are collected and processed for the following purposes:
3.1.1. For the purpose of e-commerce. The following Personal Data are processed: name, surname, e-mail address, phone number, product/service delivery address, age/year of birth, IP address, product/service payment data. The duration of storage of personal data used for the purpose of e-commerce is 5 (five) years from the day of the last connection to the Electronic Store.
3.1.2. For direct marketing purposes. The following personal data are processed: name, surname, telephone number, e-mail address, address, age, gender, date of birth, place of residence. The storage period of personal data used for the purpose of Direct Marketing is 5 (five) years from the day of the last connection to the Electronic Store.
3.2. The customer can give his consent to the processing of his personal data (name, phone number, e-mail address, address, age, gender, date of birth, place of residence) for the purpose of direct marketing. If, after giving consent to process his data for the purpose of Direct Marketing, as well as to receive Direct Marketing messages, the Customer no longer wishes to do so and informs the Company about it, the Company will no longer process his Personal Data for the purpose of Direct Marketing and will not send the Customer any electronic news, except for information related to the Customer’s order.
3.3. The Customer has the right at any time to revoke his consent in point 3.2 for the Company to process the Customer’s Personal Data for the purpose of Direct Marketing, by submitting a corresponding notification to the Company by e-mail [email protected] and clearly stating that he revokes his consent to the use of his Personal Data for the purpose of Direct Marketing and does not wish to receive any Direct Marketing communications.
3.4. The Customer also has the opportunity to refuse to exercise his right to object to the processing of the Customer’s Personal Data for the purpose of Direct Marketing by clicking on the relevant link in each e-mail sent.
3.5. The Customer, as a Data Subject, has the following rights listed below in relation to the procedures for processing the Customer’s Personal Data:
3.5.1. to receive information from the Company about the processing of the Client’s Personal Data, to get acquainted with his Personal Data and how they are processed;
3.5.2. to receive information from the Company, from which sources and which personal data of the Client was collected, for what purpose it is processed, to which recipients the data is provided and has been provided for at least the last 1 (one) year;
3.5.3. demand correction, destruction of the Client’s Personal Data or suspension, except for storage, of the processing of his Personal Data, when the Personal Data are processed in violation of the Law on Legal Protection of Personal Data of the Republic of Lithuania and other laws.
3.6. When exercising his rights, the Customer must present a passport, identity card or driver’s license. The Company provides the Data subject free of charge with information about the processed Personal data of the Data subject once a year. The customer can exercise his rights, provided for in point 3.5, by sending an e-mail to info@alvita. The Company has the right to correct, change, delete Personal Data or stop the processing of Personal Data only after identifying the identity of the Client who applied.
3.7. The Customer’s Personal Data is not provided to third parties, except in the following cases:
3.7.2. Personal data for e-commerce purposes are provided to Partners who provide the Company with services related to the Company’s activities;
3.7.3. to the competent authorities in the cases provided for by the laws and legal acts of the Republic of Lithuania.
3.7.2. In the electronic store, payments are processed using the makecommerce.lt platform, which is managed by Maksekeskus AS (Liivalaia 45, Tallinn 10145, Estonia, reg. no.: 12268475), therefore your personal information, required for payment execution and confirmation, will be transferred to Maksekeskus AS.
3.8. The customer is aware of his right not to consent to the processing of his personal data for the purpose of direct marketing, i.e. The customer has the right to express disagreement immediately or later.
3.9. The Customer agrees that his Personal Data will be transferred to the Partners when fulfilling the Customer’s order submitted in the Electronic Store, as well as when the Company provides Services to the Customer, as well as to the Company’s Partners, as specified in 3.7. point.
3.11. The Company implements organizational and technical measures to protect Personal Data from accidental or unlawful destruction, alteration, disclosure, as well as from any other unlawful processing.
3.13. Upon receiving the Data Subject’s instruction or inquiry related to the processing of Personal Data, the Company provides the Client with an answer, satisfying the request/instruction or refusing to do so with reasons, no later than within 30 (thirty) calendar days from the date of the Data Subject’s request. If the Data Subject wishes, the answer must be given in writing.
3.14. In order for the Company to be able to offer the Customer full-fledged services in the Electronic Store, with the Customer’s consent, information Cookies are recorded on the Customer’s computer (device), which are used to identify the Customer as a previous user of the Electronic Store, to collect statistics of the Electronic Store’s attendance, information about the shopping cart . At any time, the customer can view what cookies are being saved and can delete part or all of the saved cookies.
3.15. To learn more about cookies, such as how to manage or delete them, you can visit www.allaboutcookies.org.
4. OTHER PROVISIONS
4.2. If you have any questions, contact the following contacts: [email protected], tel. +37069033049.