Privacy Policy

PRIVACY POLICY

1.General provisions
1.1 The controller of your personal data is SM Trading MB, company code: 306121912, with its registered office at Lukiškių g. 5-429, LT-01108, Vilnius, contact details are available at www.smartparts.lt
1.2. We care about the protection and privacy of your personal data, therefore, this Privacy Policy (hereinafter referred to as the “Policy”) informs you about the processing of personal data, the rights of the data subject, the means of implementing personal data protection and other issues related to the processing of personal data.
1.3 The Company collects personal data that a person voluntarily submits by e-mail, registered mail, fax, telephone or by using the Company’s website.
1.4 All personal data received by the Company shall be collected, stored and processed in accordance with the requirements provided for in the Law on Personal Data Protection of the Republic of Lithuania, the General Data Protection Regulation No 2016/679 of the European Union and other legal acts regulating the protection of personal data of the Republic of Lithuania.
1.5 The Company shall ensure that the level of protection of personal data processed by Bednrovė complies with the requirements of the legislation of the Republic of Lithuania.
2. Definitions
2.1. Terms used in the document:
2.1.1. Personal data means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is a person who can be identified in particular by reference to a particular identifier, such as a name, a personal identification number, location data and an online identifier, or to one or more factors specific to that natural person’s physical, physiological, genetic, mental, economic, cultural or social identity;
2.1.2. Data Subject – means a natural person from whom the Company receives and processes personal data;
2.1.3. Recipient – the person to whom the personal data are provided;
2.1.4. Provision of data means the disclosure of personal data by transmission or otherwise making them available (except for publication in the media);
2.1.5. “Processing” means any operation performed on personal data, such as collection, accumulation, storage, recording, classification, grouping, aggregation, alteration (addition or rectification), communication, disclosure, use, logical and/or arithmetical operations, retrieval, dissemination, erasure or any other operation or set of operations;
2.1.6. Automatic processing – processing operations carried out wholly or partly by automatic means;
2.1.7. Processor – a legal or natural person (other than an employee of the controller) authorised by the controller to process personal data. The processor and/or the procedure for appointing the processor may be laid down in laws or regulations;
2.1.8. Data controller – a legal or natural person who, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes of the processing are laid down by law or regulation, the controller and/or the procedure for appointing the controller may be laid down in that law or regulation;
2.1.9. Consent means any freely given, specific and unambiguous indication of the data subject’s wishes, given freely and by means of a statement or unambiguous action, by which he or she consents to the processing of personal data concerning him or her;
2.1.10. Direct marketing means the activity of offering goods or services to persons by post, telephone or other direct means and/or seeking their opinion on the goods or services offered;
2.1.11. Third party – a legal or natural person other than the data subject, the controller, the processor and persons directly authorised by the controller or processor to process the data;
2.1.12. Other terms used in this Policy shall be understood as defined in the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating personal data processing.
3. What are the principles that guide our processing of personal data?
3.1. The following principles apply to the processing of personal data by the Company:
3.1.1. The Company processes personal data only for the legitimate purposes defined in the Policy;
3.1.2. Personal data is processed accurately, fairly and lawfully in accordance with the requirements of the law;
3.1.3. The Company shall process personal data in such a way as to ensure that the personal data is accurate and kept up-to-date as it changes;
3.1.4. The Company shall process personal data only to the extent necessary to achieve the purposes of the processing;
3.1.5. personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected and processed.
3.1.6. The personal data of the data subject may only be accessed by the Company’s employees and/or third parties engaged by the Company to provide the service, who are appropriately qualified, and only where necessary to provide the service.
3.2. The Company respects the privacy of the Data Subject and undertakes to comply at all times with the Data Subject Data Protection Principles set out in this Policy.
4. For what purposes do we process personal data?
4.1. Personal data shall be processed and used in accordance with the purposes for which the Data Subject has provided them to the Company or for other purposes approved by the Data Subject.
4.2. Purposes of the use of the data subject’s personal data:
4.2.1. for the processing and administration of the purchase (order) of services by the data subject;
4.2.2. to identify the data subject in the Company’s information systems;
4.2.3. to identify the data subject when logging into his or her account on the Company’s website (where the Company provides this facility);
4.2.4. issuing and submitting vouchers, receipts, invoices and other financial documents for services purchased (ordered);
4.2.5. resolving problems with the performance of the contract;
4.2.6. to contact the Data Subject in the event of a change in the terms of goods or services purchased by the Data Subject;
4.2.7. the fulfilment of other contractual obligations;
4.2.8. For the Company’s Direct Marketing purposes;
4.2.9. for security, health, administrative, crime prevention disclosure and legal purposes;
4.2.10. Business analysts, for general research that helps improve the quality of goods or services;
4.2.11. to contact the Data Subject for the purpose of obtaining customer feedback on the services purchased;
4.2.12. assessing a person’s suitability for the job, contacting the relevant candidate, etc;
4.2.13. For audits.
4.3. By voluntarily providing the Company with his/her personal data, the Data Subject confirms and voluntarily consents to the Company’s management and processing of the Data Subject’s personal data in accordance with this Policy, applicable laws and other regulatory legal acts.
4.4. The Company undertakes not to disclose personal data information to third parties without the Data Subject’s consent, except, for the purpose of ensuring the proper performance of the contract, other services related to the proper performance of the services ordered by the Data Subject. The Company may also transfer the Data Subject’s personal data to third parties who act as Data Processors on behalf of the Company. Personal Data may only be provided to Data Processors with whom the Company has signed relevant Data Processing Agreements. The Data Subject shall be deemed to have been informed of this, to have consented to it and the Company shall not be liable for damages arising from the use of the Data Subject’s data by third parties to the extent permitted by law. In all other cases, the personal data of the Data Subject may be disclosed to third parties only in accordance with the procedure provided for by the legislation of the Republic of Lithuania.
5. What personal data do we process?
5.1. The personal data information collected by the Company may include: the Data Subject’s name, first name, surname, code number, telephone number, e-mail address, the name of the company on behalf of which the Data Subject acts, information about the goods and services purchased by the Data Subject (quantities, purchase dates, prices of purchased services, purchase history), the Data Subject’s login name and a coded form of the password on the Company’s website (if the Company provides such an option). The Company’s website may collect certain information about the Data Subject’s visit, such as: the Internet Protocol (IP) address of the Internet access used by the Data Subject; the date and time of the Data Subject’s visit to the Company’s website; other websites visited by the Data Subject while on the Company’s website; the browser used; information about the Data Subject’s computer’s operating system; versions of the mobile applications; language settings; and others. If the Data Subject uses a mobile device, data may also be collected to identify the type of mobile device, the settings of the device, as well as the geographical coordinates (longitude and latitude). This information is used to improve the Company’s website, analyse trends, improve products and services and administer the Company’s website. The data subject voluntarily provides these data when using the services provided by the Company, becoming a registered user of the Company’s website or visiting the Company’s website.
5.2. The personal data information collected by the Company may be any personal data information not specified above in this Article but voluntarily provided to the Company by the data subject or otherwise obtained and lawfully processed by the Company.
6. What are the rights of the data subject?
6.1. Data subject rights and means of exercising them:
6.1.1. be aware of the collection of your personal data. The data subject has the right to have access to his or her personal data;
6.1.2. access to your personal data and how they are processed. The data subject shall have the right to request from the Company information on what and for what purpose his or her personal data are processed;
6.1.3. request the rectification, destruction of your personal data or suspension of the processing of your personal domains;
6.1.4. to receive the Data you have provided in a structured, readable format, if this meets the criteria defined by law;
6.1.5. The data subject has the right to refuse the processing of the Data when processing optional data. Where Data is processed for direct marketing purposes, the Data Subject may object to such Processing (right to object). Upon receipt of a request to cease processing of personal data that is subject to optional processing, the Company shall immediately cease such processing, unless this is contrary to the requirements of the legislation, and shall inform the individual thereof;
6.1.6. withdraw at any time any consent given by the Data Subject when registering or using the services provided by the Company. Such a refusal will not affect the lawfulness of the Data Processing carried out prior to the refusal and based on the consent given;
6.1.7. refuse to provide personal data;
6.1.8. lodge a complaint with a supervisory authority if the rights of the Data Subject are violated;
7. What are cookies and what are they used for?
7.1. The company’s website uses data analytics management
tools – cookies.
7.2. By using the Company’s website, the Data Subject consents to the recording on the Data Subject’s computer/device of online .
7.3. Cookies are small amounts of data that a website places on a Data Subject’s computer. Web pages have no memory. If the Data Subject browses different web pages, the Data Subject will not be recognised as the same user. Cookies allow a website to recognise the Data Subject’s browser. The main purpose of cookies is to remember the Data Subject’s preferences, such as the preferred language of a web page. Cookies also help to identify the Data Subject when they return to the same web page. They help you personalise your website. Cookies cannot be used to run programs or transfer viruses to your computer. Cookies are addressed only to the Data Subject and can only be read by the web server of the domain that sent the cookie to the Data Subject. One of the main purposes of cookies is to provide a convenient function to save the Data Subject’s time. For example, if the Data Subject uses the website for personal purposes or browses the website, cookies will help the website to remember specific information after a later visit. This makes it easier to present relevant content, navigate the website, etc. Upon returning to the website, the Data Subject can find the information he or she has previously provided and can therefore more easily use the already customised features of the website.
7.4. The processing of data by means of cookies does not enable the user to be identified directly or indirectly.
7.5. The following types of cookies may be used on the Company’s website:
7.6. Technical cookies: these are used to provide users of the Company’s website with an advanced and easy-to-use website that automatically adapts to their preferences and needs.
7.7. Functional cookies: these allow us to remember the Data Subject’s preferences and, together, to use the website effectively.
7.8. Analytical cookies: these are used to understand how visitors to the Company use the Company’s website, to discover the weaknesses and strengths of the website, and to optimise the website.
7.9. Commercial cookies: these cookies are used by the Company to serve the Company’s advertisements on other websites.
7.10. The Data Subject may accept or refuse the use of cookies each time he/she visits the Company’s website, in which case, however, the Company cannot guarantee the quality of the website browsing. Most web browsers automatically accept cookies, but the Data Subject can easily modify the browser not to accept them if they wish. Thus, the Data Subject has the possibility at any time to delete some or all of the cookies from his/her computer, or to block them, by using the web browser on his/her computer. If cookies are blocked, for technical reasons, some parts of the Company’s online
parts of the Site may not work or may not work properly for the Data Subject.
7.11. No personal customer data is collected through cookies.
7.12. No information is provided to any third party during the recording of the necessary cookies.
8. Third party websites
8.1 The Company shall not be responsible for ensuring the privacy of the Customer on third party websites, even if the Customer accesses the third party websites using the links on this website. The Company recommends that you read the privacy policy of each website that is not owned by the Company.
9. Ensuring information security
9.1 The Company’s aim is to ensure the maximum possible security of all information received from the Customer and from public data files. The Company uses appropriate legal, administrative, technical and physical security measures to protect this information from unauthorised access, use, copying, accidental or unlawful destruction, alteration or disclosure, or any other unauthorised processing.
10. Final provisions
10.1 This Privacy Policy is governed by the law of the Republic of Lithuania. Any disputes arising out of these provisions of the Privacy Policy will be settled by negotiation, or, failing that, in the courts of the Republic of Lithuania.
For the purposes of this Privacy Policy, “this website” refers to www.smartparts.lt