1. General provisions
1.1 The controller of your personal data is Umega Group, AB, Company code: 126334727, contact details are published at www.snol.com.
1.3 The Company collects personal data that a person voluntarily submits by e-mail, registered mail, fax, telephone, or using the Company’s website.
1.4 All personal data received by the Company are collected, stored and processed in accordance with the Personal Data Protection Law of the Republic of Lithuania, the General Data Protection Regulation of the European Union no. 2016/679 and other legal acts of the Republic of Lithuania regulating the protection of personal data.
1.5 The Company ensures that the level of protection of personal data processed by the Company meets the requirements of the legal acts of the Republic of Lithuania.
2.1. Terms used in the document:
2.1.1. Personal data – any information about an identified or identifiable natural person (data subject). An identifiable natural person is a person whose identity can be determined, in particular by a certain identifier, such as a name, personal identification number, location data and an Internet identifier, or by one or more of that natural person’s physical, physiological, signs of genetic, mental, economic, cultural or social identity;
2.1.2. Data subject – means a natural person from whom the Company receives and processes personal data;
2.1.3. Data recipient – the person to whom personal data is provided;
2.1.4. Provision of data – disclosure of personal data by transmission or otherwise making them available (except for publication in public information media);
2.1.5. Data processing – any action performed with personal data: collection, accumulation, storage, recording, classification, grouping, connection, change (addition or correction), provision, publication, use, logical and/or arithmetic operations, search, dissemination, destruction or other action or set of actions;
2.1.6. Automatic processing of data – data processing actions that are fully or partially performed by automatic means;
2.1.7. Data processor – a legal or natural person (who is not an employee of the data controller) authorized by the data controller to process personal data. The data processor and/or the procedure for its appointment may be determined by laws or other legal acts;
2.1.8. Data controller – a legal or natural person who, alone or together with others, determines the goals and means of processing personal data. If the purposes of data processing are determined by laws or other legal acts, the data controller and/or the procedure for his appointment may be determined in those laws or other legal acts;
2.1.9. Consent – any freely given, specific and unambiguous expression of the will of a properly informed data subject by means of a statement or unequivocal actions by which he agrees to the processing of personal data related to him;
2.1.10. Direct marketing – activities aimed at offering goods or services to individuals by mail, telephone or other direct means and/or asking for their opinion on the offered goods or services;
2.1.11. Third party – a legal or natural person, excluding the data subject, data controller, data processor and persons who are directly authorized by the data controller or data processor to process data;
2.1.12. Other concepts used in this Policy are understood as they are defined in the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the processing of personal data.
3. What principles do we follow when processing personal data?
3.1. When processing personal data, the company is guided by the following principles:
3.1.1. The Company processes personal data only to achieve the legal goals defined in the Policy;
3.1.2. Personal data is processed accurately, honestly and legally, in compliance with the requirements of legal acts;
3.1.3. The company processes personal data in such a way that the personal data is accurate and is constantly updated in the event of a change;
3.1.4. The company processes personal data only to the extent necessary to achieve the goals of personal data processing;
3.1.5. Personal data is stored in such a form that the identity of data subjects can be determined no longer than is necessary for the purposes for which these data were collected and processed.
3.1.6. The personal data of the data subject can be accessed only by employees of the Company with the relevant competence and/or third parties that the Company has used to provide the service, and only in cases where it is necessary to provide the service.
3.2. The Company respects the Data Subject’s privacy and undertakes to constantly comply with the Data Subject’s data protection principles specified in this Policy.
4. For what purposes do we process personal data?
4.1. Personal data are processed and used in accordance with the purposes for which the Data Subject provided them to the Company or for other purposes approved by the Data Subject.
4.2. Purposes of using personal data of the data subject:
- for the processing and administration of purchasing (ordering) services performed by the data subject;
- for the identification of the data subject in the Company’s information systems;
- for the identification of the data subject when logging in to his account on the Company’s website (when the Company provides such an opportunity);
- for issuing and submitting purchased (ordered) service coupons, confirmations, invoices and other financial documents;
- for the solution of problems related to the execution of the contract;
- for communication with the Data subject, in case of changes in the conditions of goods or services purchased by the Data subject;
- for the fulfillment of other contractual obligations;
- For the purposes of the Company’s Direct Marketing;
- for security, health, administrative, crime prevention disclosure and legal purposes;
- business analysts, for general research that allows improving the quality of goods or services;
- for contact with the Data Subject, in order to receive customer feedback on purchased services;
- evaluation of a person’s candidacy for a job position, contact with the relevant candidate, etc.;
- for auditing.
4.3. By voluntarily submitting his personal data to the Company, the Data Subject confirms and voluntarily agrees that the Company will manage and process the Data Subject’s personal data in accordance with this Policy, applicable laws and other normative legal acts.
4.4. The Company undertakes not to disclose personal data information to third parties without the Data Subject’s consent, with the exception of ensuring the proper performance of the contract, other services related to the proper performance of the services ordered by the Data Subject. The Company may also transfer the personal data of the Data Subject to third parties who act as Data Processors on behalf of the Company. Personal data can only be provided to those Data Processors with whom the Company has signed relevant Data Processing Agreements. It is considered that the Data Subject is informed about it, agrees with it and the Company does not assume responsibility for damage arising from the use of the Data Subject’s data by third parties to the extent permitted by law. In all other cases, the personal data of the Data Subject may be disclosed to third parties only in accordance with the procedure provided by the legal acts of the Republic of Lithuania.
5. What personal data do we process?
5.1. The personal data information collected by the company can be: Name, surname, code, telephone number, e-mail address of the data subject, name of the company on whose behalf it is acting, information about the goods and services purchased by the data subject (their quantities, dates of purchase, prices of purchased services , purchase history), the data subject’s login name and encrypted form of the password on the Company’s website (if the Company provides such an opportunity). The Company’s website may collect certain information about the Data Subject’s visit, for example: Internet Protocol (IP) address that the Data Subject uses to access the Internet; Date and time of the data subject’s visit to the Company’s website; other web pages that the Data Subject visits while on the Company’s web page; the browser used; information about the Data Subject’s computer operating system; versions of mobile apps; language settings and more. If the Data Subject uses a mobile device, data may also be collected to determine the type of mobile device, device settings, as well as geographic (longitude and latitude) coordinates. This information is used to improve the Company’s website, analyze trends, improve products and services, and administer the Company’s website. The data subject provides this data voluntarily by using the services provided by the Company, becoming a registered user of the Company’s website or visiting the Company’s website.
5.2. Personal data information collected by the Company may be any information not specified above in this article, but personal data information voluntarily submitted to the Company by the data subject or otherwise obtained by the Company and legally processed.
6. What are the rights of the subject of personal data?
6.1. Data subject rights and means of their implementation:
6.1.1. To know about the collection of your personal data. The data subject has the right to access his personal data;
6.1.2. Get to know your personal data and how it is handled. The data subject has the right to apply to the Company with a request to provide information about what and for what purpose his personal data is being processed;
6.1.3. Demand correction, destruction of your personal data or suspension of processing of your personal domains;
6.1.4. To receive the Data provided by you read in a structured form, if it meets the criteria defined by law;
6.1.5. The data subject has the right to refuse data processing when optional data is processed. When Data is processed for direct marketing purposes, the Data Subject may object to such Processing (right to object). The company, upon receiving a request to terminate the processing of non-compulsorily processed personal data, immediately terminates such processing, unless it contradicts the requirements of legal acts, and informs the person thereof;
6.1.6. At any time to withdraw any consent given by the Data Subject when registering or using the services provided by the Company. Such refusal will not affect the legality of the Data Processing carried out prior to the refusal and based on the consent given;
6.1.7. Refuse to provide personal data;
6.1.8. File a complaint with the supervisory authority if the Data Subject’s rights are violated;
7. What are cookies and what are they used for?
7.1. The company’s website uses data analysis management tools – cookies.
7.2. By using the Company’s website, the Data Subject agrees that the Data Subject’s computer (device) will be recorded on the website (when the Company provides such an opportunity).
7.3. Cookies are small amounts of data that a website places on the Data Subject’s computer. Web pages have no memory. When the Data Subject browses different Internet pages, the Data Subject will not be recognized as the same user. Cookies allow the web page to recognize the Data Subject’s browser. The main purpose of cookies is to remember the choices of the Data Subject, for example the preferred language of the website. Cookies also help the Data Subject to be recognized when returning to the same website. They help to personalize the website. Cookies cannot be used to run programs or transmit viruses to your computer. Cookies are assigned only to the Data Subject and can only be read by the web server of the domain that sent the cookie to the Data Subject. One of the most important purposes of cookies is to provide a convenient function to save the Data Subject’s time. For example, if the Data Subject uses the website for personal needs or browses the website, cookies will help the website to remember specific information on subsequent visits. This makes it easier to present relevant content, easier to navigate the website, etc. Upon returning to the website, the Data Subject can find his/her previously provided information and thus can more easily use the functions of the website already adapted.
7.4. Data processing with the help of cookies does not allow direct or indirect identification of the user.
7.5. The following types of cookies may be used on the company’s website:
7.5.1. Technical cookies: they help the users of the Company’s website. The Company strives to provide an advanced and easy-to-use website that automatically adapts to their wishes and needs.
7.5.2. Functional cookies: they allow the Data Subject’s choices to be remembered and together to use the website efficiently.
7.5.3. Analytical cookies: with their help, the aim is to understand how the Company’s visitors use the Company’s website, to discover the weak and strong parts of the website, and to optimize the work of the website.
7.5.4. Commercial cookies: the Company uses these cookies to place the Company’s advertisements on other web pages.
7.7. No personal data of the customer is stored with the help of cookies.
7.8. During the recording of necessary cookies, no information is provided to any third parties.
8. Websites of third parties
8.1 The Company is not responsible for ensuring the Customer’s privacy on third-party websites, even in cases where the Customer accesses third-party websites using the links on this website. The Company recommends that you familiarize yourself with the privacy terms of each website not owned by the Company.
9. Ensuring information security
9.1 The Company’s goal is to ensure the highest possible security of all information received from the Customer and from public data files. In order to protect this information from unauthorized access, use, copying, accidental or unauthorized destruction, alteration, or disclosure, as well as from any other unauthorized processing, the Company uses appropriate legal, administrative, technical and physical security measures.
10. Final Provisions