No products in the basket.
1. PURPOSE AND SCOPE
Estnaila UAB (further - we, the Company, are the Service Provider), a private limited liability company established and located in the Republic of Lithuania, legal entity code 304215302, address - Žalgirio g. 92, 3rd entrance, LT-09300, Vilnius, Lithuania.
In this privacy policy (hereinafter Privacy policy) sets out how we process the personal data of the Company's customers, visitors to the Company's website https://www.victoriaboro.lt/ and other persons (hereinafter referred to as You) personal data, what personal data we collect, to whom we transfer it, where we get it from, for what purposes we use it, how we ensure its security, and the effective implementation of your rights.
Respecting your privacy, we process and collect your personal data in accordance with this Privacy Policy, dated 2016. April 27 Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (further - Regulations), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the protection and processing of personal data.
2. CONTROLLER OF PERSONAL DATA
In accordance with the legislation on the protection of personal data, UAB "Estnaila" is the data controller responsible for the processing of your personal data. In this context, the term "personal data” means any information about a natural person that is identified or can be identified, directly or indirectly, in particular by an identifier, such as a name, personal identification number, location data and an Internet identifier, or by one or more of signs of physical, physiological, genetic, mental, economic, cultural or social identity of a natural person (e.g. your name and email mail address combination).
As a Personal Data Controller, we are responsible for ensuring the security of your personal data provided to us, primarily to prevent unauthorized access to your data. We are also responsible for ensuring that all data subjects have the opportunity to exercise their rights in relation to their personal data, such as the right to access or delete their personal data.
When processing personal data, we adhere to the following principles:
Principle: | Meaning: |
1. Legality, fairness and transparency. | 1. Your personal data is processed legally, honestly and transparently. |
2. Limitation of purpose. | 2. Your personal data is collected for established, clearly defined and legitimate purposes, and is not further processed in a manner incompatible with those purposes. |
3. Data reduction. | 3. Only such of your personal data are processed as are necessary to achieve the purposes for which they are processed. |
4. Accuracy. | 4. Your personal data must be accurate and, if necessary, constantly updated, all reasonable measures are taken to ensure that your inaccurate personal data, taking into account the purposes for which they are processed, are deleted or corrected immediately. |
5. Storage period limitation. | 5. Your personal data must be kept in such a form that allows the identification of data subjects no longer than is necessary for the purposes for which the personal data is processed. |
6. Integrity and Confidentiality. | 6. Your personal data must be processed in such a way that adequate security of personal data is ensured by applying appropriate technical or organizational measures, including protection against unauthorized or illegal data processing and against accidental loss, destruction or damage. |
3. WHAT INFORMATION DO WE COLLECT, FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS?
Purpose | Legal basis | Categories of personal data |
1. Creation and management of a personal account. | Your consent. | First name, last name, name displayed on the account, e-mail email address, password. |
2. Purchase/sale of goods. | 1. Your consent. 2. Conclusion and execution of the contract. | 1. Name, surname, telephone number, email address, delivery address, credit/debit card or other payment methods and payment details (amount, location, date, time, etc.), invoicing information (company name, company code, company VAT code, company address), information about the goods purchased (quantities, dates of purchase, prices of goods purchased, purchase history, etc.);
2. Other information provided by the buyer (notes to the courier, door code, etc.). |
3. Customer service execution. | Fulfilling a contract. | Name, surname, telephone number, email address, the content of the communication and other information provided in the correspondence communication with us;
Information on the goods purchased (quantities, dates of purchase, prices, purchase history, etc.).
|
4. Responding when you contact us through our website or other means of communication. | Your consent. | Name, surname, telephone number, email address, the content of the communication and other information provided in the communication with us. |
5. Executing direct marketing campaigns. | Your consent. | Name, surname, phone number, e-mail mail adress. |
6. Complaints. | Fulfilling a contract. | Name, surname, email address, telephone number, information relating to the goods (name of the goods, time of purchase, defects, payment information, etc.), content of the complaint. |
7. Ensuring the functionality of the website. | Legitimate interest in ensuring the optimum functionality of the website. | A history of actions taken on our website, technical information including Internet Protocol (IP) address, browser type and version, time zone settings, operating system and platform, type of device used. |
The above terms are understood as follows:
Legitimate interest: It's our business need to provide and manage our services to better benefit our customers, improve the quality of our services and protect our interests and those of our customers.
Enforcement of the Treaty: processing of your personal data where it is necessary for the performance of a contract to which you are a party or to take action at your request prior to the conclusion of such contract.
Consent: Your consent means any freely given, specific, informed and unambiguous indication of your will by which you express your agreement to the processing of personal data concerning you. We may ask for your consent to process your data where we have no other legal basis for processing your data. If you provide us with the personal data of other persons (e.g. your spouse or family members) or ask us to share their personal data with third parties, you confirm that you have previously informed them of this Privacy Policy.
4. HOW DO WE GET YOUR PERSONAL DATA?
As our customer, we receive your personal data when we conclude or are preparing to conclude a contract(s) with you, as well as when you contact us directly by e-mail. by means of communication or by post.
We also receive your data as a website visitor or other person when you visit and use our website or submit inquiries to us or contact us.
We may collect personal data when it is provided to us by a third party that is related to you or communicates with us, such as business partners, service providers, etc.
We may use the email addresses and/or telephone numbers of our existing customers to market our similar products or services. If you do not object to the use of your email address and/or telephone number for the marketing of our similar goods and services, you will be given a clear, free and easily enforceable opportunity to object to or opt-out of such use of your contact details.
In other cases, we may use your personal data for direct marketing purposes if you give us your prior consent to such use.
We have the right to offer you services provided by our business partners or other third parties, or to obtain your views on various matters relating to our business partners or other third parties, on the basis of your prior consent.
If you do not consent to receive these marketing messages or calls offered by us, our business partners or third parties, this will not affect the provision of services to you as our customer.
We give you a clear, free and easy-to-implement option to withhold your consent or withdraw your consent to receive our offers at any time. We will indicate in each communication we send to you by email or SMS that you have the right to object to the processing of your personal data or to opt out of receiving such communications from us. You have the right to opt-out of receiving communications from us by clicking on the relevant link in each email or SMS message.
6. HOW DO WE SHARE YOUR PERSONAL DATA?
Sometimes we need to provide your personal information to third parties in order to provide you with services. These third parties (data processors) include:
Your personal data is transferred to third parties only to the extent that it is necessary to achieve specific goals.
The Service Provider and the third party with whom the Service Provider shares personal data operate under a separate agreement(s) governing the processing of personal data transferred to the third party.
We may also disclose and/or transfer your personal data to the following categories of recipients:
We may also disclose your personal data if we are required to disclose or share your personal data in order to comply with legal requirements or requests.
7. INTERNATIONAL TRANSFER OF PERSONAL DATA
If your personal data is transferred outside the European Union and the European Economic Area, we will take the necessary measures to ensure that your data is handled securely and in accordance with this Privacy Policy, and we will ensure that it is protected and transferred in compliance with the legal requirements applicable to the protection of personal data. This can be done in a number of ways, such as:
We may transfer personal data to a third party by taking other measures if it provides adequate safeguards as specified in the Regulation.
8. HOW DO WE PROTECT YOUR PERSONAL DATA?
We take various security measures to guarantee the security of your personal data. In our practice, we use legal, technical and organizational security measures in accordance with the latest data protection practices to protect against unauthorized access, loss, misuse, accidental or unauthorized destruction, alteration, disclosure or any other unauthorized processing of personal data.
We and any third-party service providers who may process personal data on our behalf are also contractually bound to comply with the principles and requirements of personal data confidentiality.
Using legal, technical and organizational security measures, the service provider cannot guarantee complete security and cannot guarantee protection against all possible security breaches.
9. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We will keep your personal data as long as they are needed for the purposes for which they were collected and processed, but no longer than required by applicable laws and other legal acts.
If the legal acts of the Republic of Lithuania do not establish any personal data storage period, we will determine this period, taking into account the legal purpose of data storage, the legal basis and the principles of legal processing of personal data. Data not specified below are stored in accordance with the legal acts of the Republic of Lithuania:
We also inform you that in certain cases your personal data may be stored longer:
10. WHAT RIGHTS DO YOU HAVE IN RELATION TO PERSONAL DATA?
As a data subject, you have the following rights:
Right: | Meaning: |
1. The right to receive information about whether the Company processes your personal data and, if so, to get acquainted with your personal data. | 1. You have the right to receive information about what personal data we process, where it is collected from, for what purposes it is processed, how long it is stored, to whom it is provided, etc. It should be noted that your right to access data may be limited by legal acts, the protection of the privacy of others, and reasons related to our business and practice. |
2. The right to demand the correction of inaccurate personal data related to you. | 2. If it turns out that we are processing inaccurate, incomplete personal data about you, you have the right to demand correction and addition of personal data. |
3. The right to demand deletion of data ("the right to be forgotten"). | 3. You have the right to demand the deletion of part or all of your processed personal data, if we no longer have a legal basis for processing them or there are other grounds provided for in legal acts. |
4. The right to demand restriction of personal data processing.
| 4. You also have the right to demand a certain period of time to limit the processing of your personal data. This may be, for example, a situation where you believe that such processing is unlawful and/or the data about you is inaccurate and we need to verify this. |
5. The right to object to the processing of personal data. | 5. You have the right not to consent to us processing your personal data, if there is a basis for this set out in the Regulation. |
6. The right to withdraw consent. | 6. You have the right to withdraw your consent to processing personal data, if personal data were processed on the basis of consent. Withdrawal of consent does not affect the legality of consent-based data processing carried out before the withdrawal of consent. |
7. The right to submit a complaint to the supervisory authority. | 7. If you believe that the processing of our personal data is being processed in violation of your rights and legitimate interests, established in the applicable legal acts, you can file a complaint with the supervisory authority - the State Data Protection Inspectorate. You can find the complaint handling procedure of the State Data Protection Inspectorate here: https://vdai.lrv.lt/lt/veiklos-sritys-1/skundu-nagrinejimas/ |
The above-mentioned rights will be exercised only after we receive your written request to exercise the above-mentioned rights and only after confirming your identity. Such written request shall be submitted to us in person at our registered office address, by regular mail or by electronic mail: diana.borogroup@gmail.com
Your requests will be processed within 30 (thirty) calendar days from the date of receipt of the request. In special cases, depending on the complexity of the requests and the amount of personal data, the period of 60 (sixty) calendar days may be extended, upon prior notification to you. The answer to your request is provided in the same form as the request was submitted, except if you prefer to receive the information electronically.
We may refuse to implement your right as a data subject or to provide you with the information you have requested, if the exceptions and/or restrictions on the implementation of the rights of data subjects established in the Regulation are applicable, as well as if it is determined that your request as a data subject is clearly unfounded or disproportionate. When we refuse to provide the requested information, we will state the reasons for such refusal in writing.
We inform you that our website uses cookies (English cookies) – small files that are transferred to the cookie file of your computer or other device through the Internet browser. They allow the website or service provider's systems to recognize the customer's browser, capture and remember certain information.
For more information on how to manage cookies and browser settings or how to delete cookies, please read our website cookie policy.
12. CHANGES TO THIS PRIVACY POLICY
We regularly review this Privacy Policy and reserve the right to change it at any time in accordance with applicable laws and regulations. Any changes and revisions take effect immediately from the day we post the changed terms on our website: www.victoriaboro.lt.
If you have any questions about how your personal data is handled, or if you want to exercise your rights, you can contact us by email. by post www.victoriaboro.lt or in writing to the Company's address at Žalgirio g. 92, 3rd entrance, LT-09300, Vilnius, Lithuania.
