1. General provisions
1.1. UAB "Linartas" (hereinafter - the Company or we) values and respects your privacy and personal data, therefore we process them legally, transparently and honestly, in accordance with predetermined goals and only to the extent necessary to achieve these goals. We have prepared this privacy policy (hereinafter - Privacy Policy), in which we explain how we manage and protect your personal data, what rights we ensure, and provide other information about the processing of your personal data.
1.2. The Company processes your personal data in accordance with the 2016 April 27 Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons in the processing of personal data and on the free movement of such data and which repeals Directive 95/46/EC (hereinafter - the Regulation or GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other provisions of legal acts regulating the protection of personal data.
1.3. The privacy policy applies when you use our website, which is available at https://www.geleta.lt (hereinafter - the Website), visit our social network accounts YouTube, Instagram and Facebook (hereinafter - Social accounts), are interested in our offers, contacting us by phone, other e-mails communication channels or contact us with other questions.
1.4. If you visit the website or Social accounts, contact us, we assume that you have read and agree to the terms of the Privacy Policy and the purposes, methods and procedure of using personal data specified therein.
1.5. The privacy policy may be changed, updated, and all changes will be effective from the date of their publication. Therefore, we recommend that you regularly read our latest Privacy Policy in order to be informed of changes and to understand how those changes may affect your privacy and the processing of personal data.
1.6. Terms used in the privacy policy are understood as they are defined in the Regulation.
2. Who are we?
2.1. The controller of your personal data described in this Privacy Policy is UAB "Linartas", a closed joint-stock company established in the Republic of Lithuania, legal entity code 302335961, registered office address Savanorių pr. 255, LT-50147 Kaunas, e-mail info@geleta.lt, data is collected and processed in the Register of Legal Entities of JV "Registrų centras".
3. External websites
3.1. The Website and Social Accounts may contain links to external websites, such as the websites of business partners. If you click on these links and visit these websites, it is important to note that these websites have their own privacy policies, and we do not accept any responsibility or liability for these policies or the collection of personal data on these websites. Before submitting your personal data to these websites or using related services, it is important to read their privacy policies in detail.
3. What principles do we follow when processing your personal data?
4.1. We ensure that when adopting and implementing this Privacy Policy, we aim to comply with the following fundamental principles related to the processing of personal data:
4.1.1. personal data is processed legally, fairly and transparently (principle of legality, fairness and transparency);
4.1.2. personal data is collected for established, clearly defined and legitimate purposes and is not further processed in a manner incompatible with those purposes (principle of purpose limitation);
4.1.3. personal data are collected adequately, appropriately and only as needed to achieve the purposes for which they are processed (principle of reducing the amount of data);
4.1.4. all reasonable measures are taken to ensure that personal data that are not accurate, taking into account the purposes of their processing, are immediately deleted or corrected within a reasonable period of time (principle of accuracy);
4.1.5. personal data is kept in such a form that the identity of the data subjects can be determined no longer than is necessary for the purposes for which the personal data is processed (principle of limitation of storage duration);
4.1.6. personal data, taking into account the general nature of personal data processed by the data controller, is processed in such a way that adequate security of personal data is ensured through the application of appropriate technical or organizational measures, including protection against the processing of personal data without permission or illegal processing of personal data and against accidental loss and destruction or damage (principle of integrity and confidentiality);
4.1.7. the data controller is responsible for ensuring that the above principles are followed and must be able to demonstrate that they are followed (principle of accountability).
5. On what legal grounds do we process your data?
5.1. We process personal data on the following grounds:
5.1.1. With your consent (according to Article 6(1)(a) GDPR), which you express through your active actions. This may include your actions when you contact us directly or provide your personal data in other active ways.
5.1.2. In the case of a contractual obligation (according to Article 6(1)(b) GDPR), when we process personal data in order to fulfill contracts or agreements concluded by us, for administration, execution of operations or other related activities.
5.1.3. In order to fulfill a legal obligation (according to GDPR Article 6, Paragraph 1, Clause c), when we are required to process your personal data in order to comply with applicable legislation, regulations or legal norms.
5.1.4. In order to protect the vital interests of the data subject or other natural person (according to Article 6, paragraph 1, point d) of the GDPR, when processing data is necessary in order to protect the vital interests of the data subject or other natural person.
5.1.5. In our legitimate exercise (according to Article 6(1)(f) of the GDPR) when we process personal data in order to fulfill our legitimate interests, such as organizational security, business operations, customer service or other activities that are necessary for the operation of our company.
6. In what ways do we collect your personal data?
6.1. We collect your personal data using the following methods:
6.1.1. You provide us with your personal data and other information by contacting us in writing or through other communication channels, such as e-mail. by mail, phone, website, social accounts or other methods.
6.1.2. We record certain information automatically when you use our website, including information about your browser type, time spent on the website, pages viewed, cookies, Internet protocol address, etc.
6.1.3. From other persons, for example, when we receive your personal data from public registers, state or local self-government institutions or institutions, our partners, other third parties, for example, payment institutions and partners about payments made, etc.
7. What personal data about you do we process?
7.1. We process your personal data for the following purposes:
7.1.1. Serving individuals (administering requests, inquiries or other communications from individuals with us):
| Data categories | Name; last name; telephone number; workplace information; email mail adress; the content of a request, request or other message; date and time of application. |
| Legal basis for data processing | Consent of the data subject to such data processing (according to Article 6, paragraph 1, point a of the GDPR); Our legitimate interest (according to Article 6(1)(f) GDPR). |
| Data processing term | Personal data will be processed as long as it is necessary to fulfill the purpose of the service or as long as your consent to data processing is valid, but no longer than 2 (two) years. |
7.1.2. Conclusion and performance of contracts:
| Data categories | Name; last name; email mail adress; telephone number; responsibilities; workplace information; relationship with the represented person; contact address of residence or activity; delivery address; content of correspondence; other data required for cooperation. |
| Legal basis for data processing | It is necessary to process data in order to conclude and execute a contract (according to GDPR Article 6, Paragraph 1, Clause b); Legitimate interests of the data controller or a third party (according to Article 6(1)(f) GDPR). |
| Data processing term | During the period of service provision/cooperation and 10 years after the end of service provision/cooperation, unless in accordance with the decision of the Chief Archivist of the Republic of Lithuania dated March 9, 2011. by order no. The V-100 approved General Document Storage Term Index requires a longer storage term. |
7.1.3. Performing financial transactions, accounting, debt management:
| Data categories | Name; last name; email mail adress; telephone number; responsibilities; workplace; address; relationship with the represented person; Bank account number; credit institution; information about ordered and used services and their changes; payment information; debt information; data and confirmations about payments transmitted by the company administering the collection of contributions. |
| Legal basis for data processing | It is necessary to process data in order to conclude and execute a contract (according to GDPR Article 6, Paragraph 1, Clause b); It is necessary to process the data in order to fulfill the legal obligation imposed on the data controller (according to Article 6, paragraph 1, point c of the GDPR); Legitimate interests of the data controller or a third party (according to Article 6(1)(f) GDPR). |
| Data processing term | According to the regulatory legal acts, as well as in accordance with the decision of the Chief Archivist of the Republic of Lithuania dated March 9, 2011. by order no. V-100 is approved by the General Document Storage Term Index; When the data does not fall within the storage area mentioned above - the period of validity of the contract / cooperation between the parties and 10 years after the termination of the contract / relationship (last contact). |
7.1.4. Evaluation and selection of candidates for the proposed job:
| Data categories | Name; last name; email mail adress; telephone number; address; education and activity data; resume content; content of correspondence with the candidate; other information required for candidate selection and evaluation or provided by the candidate himself. |
| Legal basis for data processing | Consent of the data subject to such data processing (according to Article 6, paragraph 1, point a of the GDPR); Legitimate interests of the data controller or a third party (according to Article 6(1)(f) GDPR). |
| Data processing term | During the selection period and 1 year after the end of the selection, if the candidate's consent to store data after the selection has been received; When the data is not obtained for a specific selection, it is stored for 1 year after the date of its receipt. |
7.1.5. Ensuring the functionality of the website, administration, diagnosis of malfunctions and quality improvement:
| Data categories | Internet Protocol (IP) address; the type of internet browser used; number of visits; viewed website pages; time spent on the website; the online source from which the person came; information about the device used; language; country; internet provider etc. |
| Legal basis for data processing | Consent of the data subject to such data processing (according to Article 6, paragraph 1, point a of the GDPR); Legitimate interests of the data controller or a third party (according to Article 6(1)(f) GDPR). |
| Data processing term | Website data is stored as described in the "How do we use cookies?" section of this Privacy Policy; Website data that is not included in cookie information is stored for no longer than 1 year from the date of collection, unless the person withdraws their consent (when the data is processed on the basis of consent. |
7.1.6. Conducting direct marketing (sending newsletters, promotions, surveys and other marketing offers and news):
| Data categories | Name; last name; email mail adress; telephone number; data requested in the survey advertisement or questionnaire; information about opening the newsletter. |
| Legal basis for data processing | Consent of the data subject to such data processing (according to Article 6, paragraph 1, point a of the GDPR); |
| Data processing term | Personal data is processed as long as the Data Subject's consent is valid, but no longer than 2 years |
7.1.7. Submission of disputes and claims:
| Data categories | Information about the reason for the claim; claim description (content); contact information - name, phone number, e-mail address, workplace |
| Legal basis for data processing | It is necessary to process the data in order to fulfill the legal obligation imposed on the data controller (according to Article 6, paragraph 1, point c of the GDPR); Legitimate interests of the data controller or a third party (according to Article 6(1)(f) GDPR). |
| Data processing term | For the entire period of dispute/claim consideration and 10 years from the end of non-judicial dispute/claim consideration and 10 years after the end of judicial dispute consideration. |
7.2. We post information about ourselves and our activities on our social accounts and organize contests, surveys, and share ads about wanted employees. On these social networks, we may also see certain information about the user's account, depending on the privacy settings he chooses, such as first name, last name, picture, gender, email address, etc. postal address and location. If a user interacts with us on Social Accounts and posts information, depending on the privacy settings he has chosen, this information may be made public, that is, displayed on our specific Social Account.
7.3. The Company, as the administrator of the Social Accounts, selects the appropriate settings, taking into account its target audience and the goals of managing and promoting its activities. By giving the Company the opportunity to create an account on the social network and administer it, the manager of the social network may have limited the ability to change certain, essential settings, and thus the Company cannot influence what information about the data subject will be collected by the manager of the social network after the Company has created an account on the social network. It is important to note that the privacy policies of the operators of the social networks that host the Social Accounts also apply to users without this Privacy Policy.
7.4. In certain cases, using the contacts provided by you, we can send messages related to ordering or providing the Company's services. For example, we will inform you about the confirmation of the order, the expiration date of the ordered services or changes to the terms of service. These messages are necessary for the proper provision of services and are not considered advertising messages.
7.5. You have the right to change and update the information you provide by contacting us. In some cases, it is necessary for us to have accurate and up-to-date information about you, so we may ask you periodically to confirm that the information we have is correct.
7.6. We may make your non-identifying data public or share it with our partners in order to demonstrate general trends in service usage.
8. To whom and when do we transfer your personal data?
8.1. We guarantee that your personal data will not be sold, provided or otherwise transferred to third parties without a legal basis, as well as used for purposes other than those for which they were collected. We will not transfer your personal data in any way other than in accordance with this Privacy Policy and legal acts.
8.2. We may transfer your personal data to companies that help us to carry out our activities. From such partners, we require that your data be processed only in accordance with the instructions given by us and valid legal acts ensuring the protection of your data. We enter into contracts with these persons, which obligate the parties to strictly comply with the requirements for personal data protection.
8.3. For banks or payment institutions that help with settlement operations.
8.4. To state or local self-government institutions and institutions, law enforcement and pre-trial investigation institutions, courts and other institutions dealing with disputes, other persons performing the functions assigned by law, in accordance with the procedure provided by the legal acts of the Republic of Lithuania. We provide these entities with mandatory information provided by law or specified by the entities themselves;
8.5. If necessary - for companies that intend to buy or would buy the Company's business or carry out joint activities with us or cooperate in another form, as well as for companies established by us.
8.6. We usually process personal data in the EU/EEA, but in some cases your personal data may be transferred outside the EU/EEA. Your personal data is transferred outside the EU/EEA only under the following conditions:
8.6.1. Data is only transferred to our trusted partners;
8.6.2. Data processing or provision contracts have been signed with such partners, by which they ensure the security of your personal data;
8.6.3. The European Union Commission has made a decision on the suitability of the state where our partner is established, that is, an adequate level of security is ensured; or
8.6.4. A special permission of the State Data Protection Inspectorate of the Republic of Lithuania to carry out such a transfer was obtained;
8.6.5. You have consented to the transfer of your personal data outside the EU/EEA.
9. What rights do you have?
9.1. As a data subject, you have the following rights related to your Personal Data:
9.1.1. Know (be informed) about the processing of your personal data (right to know);
9.1.2. Get to know your personal data and how they are processed (right to access);
9.1.3. Demand to correct or, taking into account the purposes of personal data processing, supplement your incomplete personal data (right to correction);
9.1.4. Demand the destruction of your personal data or the suspension of the processing of your personal data (except for storage) (the right to be forgotten);
9.1.5. Demand that we restrict the processing of personal data for one of the legitimate reasons (right to restriction);
9.1.6. Right to data portability (right to portability). This right will be exercised only if there are grounds for its implementation and adequate technical measures to ensure that the transfer of the requested personal data to the data of other persons will not cause a risk of security breach;
9.1.7. Do not consent to the processing of your personal data when we process personal data on the basis of the legitimate interest of the Company or a third party, including profiling. If you object, we will continue to process your personal data only for compelling legitimate reasons that override your interests, rights and freedoms, or to assert, enforce or defend legal claims;
9.1.8. Withdraw your consent to the processing of your personal data, when these data are processed or intended to be processed for the purposes of direct marketing, including profiling, as far as it is related to such direct marketing (based on the personal data provided by you, profiling may be carried out for the purpose of direct marketing in order to offer you individually tailored solutions and offers.You can at any time withdraw your consent to the processing of personal data by automated processing, including profiling, or object to it).
9.2. If you do not want your personal data to be processed for the purpose of direct marketing, for the purposes of organizing contests, surveys, including profiling, you can refuse such data processing without stating the reasons for refusal (disagreement) by writing an e-mail to a letter to the address info@geleta.lt, or in another way specified in the message provided to you (for example, by clicking on the corresponding link in the newsletter).
9.3. We may refuse to exercise your rights listed above, with the exception of objection to the processing of your personal data for the purpose of direct marketing or in other cases where personal data is processed with your consent, when your request allows us not to comply with GDPR provisions, or when, in cases provided for by law, it is necessary to ensure crimes, prevention, investigation and detection of violations of official or professional ethics, as well as protection of the rights and freedoms of the data subject, us and other persons.
9.4. Upon receiving your request or instruction regarding the processing of personal data, we will provide an answer and perform the steps specified in the request or inform you why we refuse to perform them, no later than within 1 month from the date of the request. If necessary, the specified period can be extended by another 2 months, depending on the complexity and number of requests. In this case, we will inform you about such an extension within 1 month from the date of receipt of the request.
9.5. If personal data is deleted at your request, we will only keep copies of information that are necessary to protect our and others' legitimate interests, to comply with the obligations of government authorities, to resolve disputes, to identify disturbances or to comply with any agreements you have entered into with us.
10. Will we send you news?
10.1. After receiving your consent, we may use your personal data for direct marketing purposes in order to provide you with newsletters, offers and information about our services that we think may be of interest to you, as well as to inquire about the quality of our services and service.
10.2. News can be sent by e-mail. by mail, SMS messages. Your contacts may be transferred to our partners/processors who provide us with news delivery or quality assessment services.
10.3. After sending news, we may collect information about the people who received them, for example, which message people opened, what links they clicked, etc. Such information is collected in order to offer you relevant and more tailored news.
10.4. Even if you have given consent to the processing of personal data for direct marketing purposes, you can easily withdraw this consent at any time for all or part of the processing of personal data. To do this, you can:
10.4.1. notify us of your opt-out in the manner specified in electronic communications and/or offers (for example, by clicking on the "unsubscribe" link in the newsletter, etc.); or
10.4.2. send us a message to the email address specified in this Privacy Policy. If you request to withdraw consent in this way, we may ask you to verify your identity.
10.5. After you revoke your consent to receive news from the Company about the offered services, you may still receive notifications for some time, as the sending of the Company's newsletters is planned in advance at certain intervals of several days and your removal from the list of news recipients may take a reasonable period of time.
10.6. Withdrawal of consent does not automatically oblige us to destroy your personal data or provide you with information about the personal data we process, so you should submit a separate request for these actions.
11. How do we store your personal data?
11.1. Your personal data is handled responsibly, securely and is protected against loss, unauthorized use and changes. We have implemented physical and technical measures to protect the information we collect from accidental or unauthorized destruction, damage, alteration, loss, disclosure, and any other unauthorized processing. Personal data security measures are determined taking into account the risks that arise when processing personal data.
11.2. Our employees are committed in writing not to disclose or distribute your personal data to third, unauthorized persons.
11.3. We will strive not to store outdated and out-of-date Personal Data, so when it is updated (e.g., correction or change of account information, etc.), only relevant information will be stored. Historical information is stored if necessary to comply with legislation or to carry out our business.
12. How do we use cookies and other tracking technologies?
12.1. A cookie is a small text file that stores information (often consisting only of a sequence of numbers and letters that identifies the device, but may also contain other information) that is used in the browser of the device (computer, tablet, mobile phone, etc.) (e.g. Google Chrome, Microsoft Edge, Firefox, Mozilla, Opera, etc.) according to its settings and saved on the device's hard drive. In the privacy policy, we use the term "cookies" to describe cookies and other similar technologies, such as pixel tags, web beacons, network data collectors (clear GIF). The use of cookies ensures a better and more efficient operation of the website.
12.2. We use cookies to analyze information flows and user behavior, to promote trust and to ensure security, as well as to ensure the proper functioning of the website, its improvement, remembering your chosen settings, in order to personalize the content shown to you, to link the website to social accounts.
12.3. You can choose whether you want to accept cookies. If you do not agree to cookies being saved in your device's browser or memory, you can mark your consent in the cookie bar, change the settings of the browser you are using and disable cookies (all at once or one by one or in groups) or follow the official instructions for the device. Please note that in some cases, opting out of cookies may slow down your browsing speed, limit the functionality of certain website functions, or block access to the website. More information on opting out of cookies is available at AllAboutCookies.org or Google.com/privacy_ads.html
12.4. We may use mandatory cookies that are necessary for the operation of the website, analytical cookies, functional cookies that are used to analyze website visits, remember user preferences and adapt them to the website, performance cookies, third-party cookies that are used by third parties, advertising cookies that to show you personalized and general advertising.
12.5. We use the following Google Inc tools:
12.5.1. Google Analytics - which allows you to analyze the use of the website, create reports, plan and forecast the website's activity. The data collected by Google Analytics is usually stored on a server of Google Inc in the USA. You can change your browser settings to prevent Google Analytics from analyzing your information by changing your browser settings. In this case, an opt-out cookie will be saved for you. However, if you delete all cookies, the opt-out cookie may also be deleted. You can also prevent Google from recording the data generated by the cookie and based on your use of the Website and processing such data by downloading and installing a browser plug-in from https://tools.google.com/dlpage/gaoptout?hl=en.
12.6. Cookies used on the website:
| Title | Purpose | The moment of creation | Expiry date |
|---|---|---|---|
| _ga | The cookie creates a unique ID that is used to collect statistics on how the visitor navigates the website. | After selecting cookie settings | 399 days |
| _ga_# | The cookie is used to determine the number of times a visitor has visited the website and the times of the first and last visit. | After selecting cookie settings | 399 days |
| _gcl_au | Google Tag Manager sets a cookie to test the effectiveness of advertising on websites that use their services. | After selecting cookie settings | 3 months |
| PHPSESSID | The cookie stores and identifies a unique user session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted after closing all browser windows. | After the site loads | During the session |
| apc_popup_session | The cookie saves the settings of the window that opens. | After the site loads | During the session |
| PrestaShop-* | The cookie is designed to save the user's preferences between each browsing session. | After the site loads | From 6 months up to 399 days |
13. Contact us
13.1. If you have any questions regarding the information provided in this Privacy Policy, please contact:
email by mail: info@geleta.lt;
Address: Savanorių pr. 255, LT-50147 Kaunas;
By phone: +37065062828.
13.2. If you wish to make a complaint about our processing of personal data, please submit it to us in writing, giving as much information as possible. We will cooperate with you and try to solve all questions immediately.
13.3. If you believe that your rights have been violated in accordance with the GDPR, you can file a complaint with our supervisory authority - the State Data Protection Inspectorate, you can find more information and contact details on the inspectorate's website (https://vdai.lrv.lt/). We strive to promptly and peacefully resolve all disputes, so we invite you to contact us first.
14. Final Provisions
14.1. We may change this Privacy Policy. We will notify you of changes by placing an updated Privacy Policy on the website or by other usual means of communication. Additions or changes to the Privacy Policy take effect from the update date specified in the Privacy Policy, unless a different effective date is specified.
14.2. If you continue to use the website, order services, use our social accounts, contact us after the Privacy Policy has been changed, it is considered that you have accepted the amended Privacy Policy.