Privacy
Policy

CHAPTER I

General provisions

1. This Privacy Policy (hereinafter – the Policy) regulates how UAB Osteca, address Danės str. 47, Klaipėda, e-mail info@osteca.lt, and whose company code is 300871049 (hereinafter – the Data Controller), implements the principles and procedures of personal data protection and operating conditions of the website managed by the Data Controller https://osteca.lt/ (hereinafter – the Internet Website).

2. This policy is intended for anyone who uses Company’s website (https://osteca.lt/) and any information in it.

3. Any individual whose personal data is processed by UAB Osteca is considered a data subject in this policy.

4. By using the Services while continuing to browse the Website, the Visitor (user of the Website) confirms that he has read this policy, understands its provision and agrees to keep it.

5. The Data Controller shall ensure that by adopting and implementing this Policy it seeks to implement the following essential principles related to the processing of personal data: 5.1. Personal data are processed in a lawful, fair and transparent manner (principle of legality, fairness and transparency);

5.2. Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes;

5.3. The further processing of personal data for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered incompatible with the original purposes (purpose limitation principle);

5.4. Personal data must be adequate, relevant and not excessive in relation to the purposes for which they are processed (data reduction principle);

5.5. Efforts shall be made to ensure that personal data are accurate and, where necessary, updated within a reasonable time of the change;

5.6. All reasonable steps shall be taken to ensure that personal data which are inaccurate, having regard to the purposes for which they are processed, are erased without delay or rectified within a reasonable time (principle of accuracy);

5.7. Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;

5.8. Personal data may be stored for longer periods provided that the personal data are processed solely for archival, public interest, scientific or historical research or statistical purposes, subject to appropriate technical and organizational measures to protect the data subject’s rights and freedoms (retention limitation principle);

5.9. Personal data shall be processed in such a way as to ensure adequate security of personal data, including protection against unauthorized or unlawful processing of personal data and against unintentional loss, taking into account the general nature of the personal data processed by the controller (principle of integrity and confidentiality);

5.10. The controller is responsible for ensuring that the above principles are complied with and must be able to demonstrate that they are complied with (accountability principle).

6. This Policy is established in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (BDAR). Law on Security (hereinafter – ADTAĮ), other legal acts of the European Union and the Republic of Lithuania. The terms used in the policy are understood as they are defined in the BDAR and the ADTA.

CHAPTER II

ON WHICH BASIS WE PROCESS YOUR DATA
7. UAB Osteca collects and processes personal data in accordance with the legal acts of the EU and the Republic of Lithuania regulating the protection of personal data. The company processes personal data on the website on the following grounds:

8. On the basis of consent, which is expressed in your active actions (contacting us and providing personal data, or other active actions);

9. The pursuit of our legitimate interests (foe: by administering the Website and ensuring its proper functioning);

10. In order to fulfill our obligations under the law.

11. The company shall ensure that personal data are processed accurately, fairly and lawfully, that they are processed only for the purposes for which they were collected, that they are processed in accordance with clear and transparent principles and requirements for the processing of personal data.

CHAPTER III

INFORMATION ABOUT THE COOKIES USED
12. The Data Controller uses cookies on the Website in order to distinguish one user of the Website from another. With the help of cookies, the Data Controller seeks to ensure a more pleasant experience for visitors browsing the Website and to improve the Website itself.

13. Cookies are small text files that are stored on a personal browser or device (personal computer, mobile phone or tablet).

14. We use the website analytics service Google Analytics, which allows us to capture and analyze statistics on the use of the website. You can learn more about Google Analytics and the information these tools can collect here – https://support.google.com/analytics/answer/6004245?hl=en_US.

15. If you don’t want Google Analytics tools to capture information about your web browsing, you can use the Google Analytics Opt-out Browser Add-on.

16. The following cookies are used on the website https://osteca.lt/: 16.1. Performance-enhancing (session) cookies. They are designed to improve the operation of the website and collect general (anonymous) information about your use of the website.

16.2. Analytical (tracking cookies from Google Analytics). These cookies allow the Data Controller to identify and count visitors to the Website and to monitor how visitors navigate the Website. This helps the Data Controller improve the performance of the site, for example, by ensuring that users can easily find what they are looking for.

16.3. Functional cookies. These cookies are used to identify Visitors when they return to the Website. This allows the Data Controller to provide content tailored to the needs of the Visitor on social networks, to memorize relevant information for customers.

17. The cookies used on the website do not allow to identify the user of the website. Visits to the Website are recorded anonymously, identifying the personal computer, mobile phone or tablet and the IP address, and such collected information is not provided to third parties, except as required by law.

18. By opening the Website and clicking on the “Accept all cookies” button in the pop-up box, the browser agrees that cookies are stored on his or her computer, mobile phone or tablet.

19. In order to revoke the given consent, the browser can delete or block cookies by selecting the appropriate settings in his browser, which allow to refuse all or part of the cookies. Be aware that using browser settings that block cookies (including necessary cookies) may cause a person problems using all or part of the website’s features.

20. Personal data collected by cookies shall be processed in accordance with the Law on the Legal Protection of Personal Data of the Republic of Lithuania, the Law on Electronic Communications of the Republic of Lithuania, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and 95/46 / EC and other legislation on the protection of personal data.

21. In accordance with the requirements of legal acts, the Website is subject to security measures that would prevent the illegal disclosure of Personal Data and their illegal use.

CHAPTER IV

FOR HOW LONG DO WE PROCESS AND STORE YOUR DATA
22. We will process and protect your personal data for no longer than is necessary for the purposes for which the data were collected or for the period required by law.

23. The storage of your personal data for longer than established in the Policy may be carried out only when: 23.1. There are reasonable grounds for suspecting an illegal act (and it is under investigation);

23.2. Your data is necessary for the proper resolution of a dispute or complaint;

23.3. If we have received complaints related to the Visitor, or if we have noticed violations committed by the respective Visitor;

23.4. Backups and other purposes related to the operation and maintenance of information systems or for similar purposes;

23.5. In the case of other special grounds, conditions or cases provided for in the legislation.

CHAPTER V

IN WHICH CASES AND TO WHICH THIRD PARTIES DO WE DISCLOSE YOUR DATA?
24. The Company will not transfer your personal data to any third parties without your prior consent, except as described below.

25. We may transfer your data to third parties for processing, who assist us in the operation and administration of the Services. Such may include data center, hosting and related services companies, advertising, marketing services companies, software developers or providers, communication service companies, etc.

26. In each case, we provide the controller with only the amount of data necessary to execute a specific order or provide a specific service.

27. The data processors used by us may process your personal data only in accordance with our instructions. In addition, they must ensure the security of your data in accordance with applicable law and written agreements with us.

28. Data may also be provided to competent authorities or law enforcement agencies, such as the police or supervisory authorities, but only upon their request and only when required by applicable law or in cases and procedures provided for by law to ensure our rights, our security of buyers, workers and resources, to make, provide and defend legal claims.

CHAPTER VI

YOUR RIGHTS
29. Data protection law gives you many rights regarding the processing of your personal data.

30. You have the right to get acquainted with your personal data processed by us: 30.1. You have the right to request our confirmation that we process your personal data and, in such cases, to request access to your personal data processed by us. To exercise the above right, please submit a written request to us by e-mail: info@osteca.lt.

31. You have the right to demand the correction of your inaccurate data. 31.1. If you believe that information about you is incorrect or incomplete, you have the right to ask for it to be corrected. To exercise the above right, please submit a written request to us by e-mail: info@osteca.lt.

32. You have the right to object to the processing of your personal data: 32.1. You have the right to object to the processing of personal data when personal data are processed in accordance with our legitimate interests. However, notwithstanding your objection, we will continue to process your data if there are good reasons to continue processing the data. To exercise the above right, please submit a written request to us by e-mail: info@osteca.lt.

33. You have the right to demand the deletion of your personal data (right to be forgotten): 33.1. In certain circumstances, you have the right to request that we delete your personal data. However, this provision does not apply if we are required by law to retain data. To exercise the above right, please submit a written request to us by e-mail: info@osteca.lt.

34. You have the right to restrict the processing of your personal data: 34.1. In certain circumstances, you also have the right to restrict the processing of your personal data. To exercise the above right, please submit a written request to us by e-mail: info@osteca.lt.

34.2. You have the right to contact the State Personal Data Protection Inspectorate directly or by e-mail with a complaint about improper processing of personal data: ada@ada.lt.

CHAPTER VII

FINAL PROVISIONS
35. The law of the Republic of Lithuania shall apply to legal relations related to this Policy.

36. The Data Controller shall not be liable for damages, including damages caused by disruptions in the use of the Website, for loss or damage to data resulting from acts or omissions of the person or third parties acting on the person’s knowledge, errors, intentional damage, other misuse of the Website.

37. The Data Controller shall also not be liable for any disruptions in the use of the Website and / or damage caused by them as a result of acts or omissions of third parties unrelated to the Data Controller or person, including power, Internet access failures, etc.

38. The Data Controller has the right to partially or completely change the Policy.

39. Additions or changes to the Policy shall take effect from the date of their publication on the Website.

40. If after the addition or change of the Policy the person continues to use the Website and / or the services provided by the Data Controller, it is considered that the person does not object to such additions and / or changes.

41. For all data processing issues, you can contact us by e-mail: info@osteca.lt.

42. This Privacy Policy applies from 2021 January 1.