CLOSED JOINT STOCK COMPANY MONTE PACIS
(Company code: 301126535)
APPROVED
Director of UAB MONTE PACIS
2020 November 27 Order. No. DS2020-11-27
PRIVACY POLICY
CHAPTER I
GENERAL PROVISIONS
- This privacy policy (hereinafter – the Policy) is regulated by UAB MONTE PACIS, operating at T. Masiulio str. 31, Kaunas, e-mail info@monastic.lt, and the company code of which is 301126535 (hereinafter – the Data Controller), the principles and procedure of personal data processing and the website managed by the Data Controller https://monastic.lt/ (hereinafter – the Internet website) operating conditions.
- This Policy is intended for persons who visit this website belonging to the Company (https://monastic.lt/), use the information on the website and the services provided on it.
- Any natural person whose personal data is processed by UAB MONTE PACIS is considered a data subject in this Policy.
- By using the Services, by continuing to browse the Website, the Visitor (user of the Website) confirms that he has read this Policy, understands its provisions and agrees to abide by them.
- The Data Controller shall ensure that, in adopting and implementing this Policy, it seeks to implement the following essential principles relating to the processing of personal data:
- Personal data is processed in a lawful, fair and transparent manner vis-à-vis the data subject (principle of lawfulness, fairness and transparency);
- Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes;
- The further processing of personal data for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered incompatible with the original purposes (purpose limitation principle);
- Personal data must be adequate, relevant and not excessive in relation to the purposes for which they are processed (data reduction principle);
- Efforts shall be made to ensure that personal data are accurate and, where necessary, updated within a reasonable time of the change;
- All reasonable steps shall be taken to ensure that personal data which is inaccurate, having regard to the purposes for which they are processed, are erased without delay or rectified within a reasonable time (principle of accuracy);
- Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
- Personal data may be stored for longer periods if the personal data are processed solely for archival, public interest, scientific or historical research or statistical purposes, subject to appropriate technical and organizational measures to protect the data subject’s rights and freedoms (principle of limitation). ;
- Personal data shall be processed in such a way as to ensure adequate security of personal data, including protection against unauthorized or unlawful processing of personal data and against unintentional loss, taking into account the general nature of the personal data processed by the controller. or damage (principle of integrity and confidentiality);
- The controller is responsible for ensuring that the above principles are complied with and must be able to demonstrate that they are complied with (accountability principle).
- This Policy is established in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on free movement of such data and repealing Directive 95/46 / EC (GDPR). (hereinafter – ADTAĮ), other legal acts of the European Union and the Republic of Lithuania. The terms used in the policy are understood as they are defined in the GDPR and the ADTA.
- We encourage you to take the time and familiarize yourself with this Privacy Policy.
- If you do not consent to the processing of your personal data as set out in this Privacy Policy, you have the right not to provide your personal data to the Company. Also, if we process certain of your Personal Data on the basis of your consent to the processing of personal data, you may revoke such consent at any time, without prejudice to the lawfulness of the processing based on the consent prior to the withdrawal of the consent.
- This Privacy Policy explains how the Company collects and uses your personal information when you:
- You visit the Website managed by the Company and / or the Company’s social networking accounts or use the opportunities provided by them;
- You seek or enter into an agreement with the Company;
- You purchase the goods provided by the Company;
- You agree to receive direct marketing communications from the Company or to subscribe to the Company’s newsletter;
- You provide the Company with your goods or services;
- Contact the Company’s customer service department;
- Otherwise, you communicate or cooperate with the Company as a customer, supplier or other person who has a business or consumer relationship with the Company.
- Contact details of the person responsible for personal data protection in the Company: e-mail e-mail: personasduomenys@monastic.lt.
CHAPTER II
PURPOSE OF PERSONAL DATA PROCESSING AND CATEGORIES OF PERSONAL DATA TO BE COLLECTED
- Depending on who you are (Customer, Supplier, Website Visitor, etc.) and how you interact with the Company (live, online, by telephone, etc.), the Company may process different Personal Data about you.
- Below you will find the categories of Personal Data we may collect:
Purpose of data processing |
Data categories and personal data processed |
Deadline for data processing |
Legal basis for data processing |
Contract with the Company |
Identification data: name, surname *
Contact details: e-mail postal address, telephone number, address *
Service data: date of purchase, description, price *
Data required for invoicing (or payment information for goods): name, surname, bank account number, product name, price |
Personal data is stored during the validity period of the contract and for 10 years from the date of termination of the contract (in accordance with the General Index of Document Storage Terms approved by the Chief Archivist of the Republic of Lithuania on March 9, 2011 (Order No. V-100)) |
Processing of data is necessary for the conclusion and performance of the contract (Article 6 (1) (b) GDPR)
|
Website administration |
Account login information: Login name, password, or other security codes |
Personal data is stored during the active use of the account and for 1 year after the last login to the account when you stop using it |
Processing of data is necessary for the conclusion and performance of the contract (Article 6 (1) (b) GDPR) |
Sending direct marketing messages and newsletters |
Personal identification and contact details: name, surname, e-mail, postal address, telephone number * |
Personal data shall be stored and processed during the period of validity of the consent, unless the consent has been revoked earlier. The data subject’s consent to the sending of direct marketing communications shall be valid for 3 years from the date of receipt of the consent. |
GDPR 6 p. Paragraph 1 (a) (consent of the data subject to such processing) |
*the provision of marked data is necessary if you wish to enter into an agreement with the Company (purchase goods or receive newsletters sent by the Company).
CHAPTER III
PROCESSING OF PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING
- The company processes your personal data for the purpose of direct marketing after receiving your explicit consent to such data processing, for example: when you subscribe to our newsletters, etc. (basis for data processing – your voluntary consent for data processing).
- For the purpose of direct marketing, we can process your name, e-mail address, telephone number.
- Your personal data may be processed for direct marketing purposes in the following ways:
- You can receive a newsletter via email with our offers, promotions and news;
- you can receive event invitations, offers, and similar information via email.
- You can unsubscribe from our newsletters at any time. You can do this by clicking on the link at the bottom of the newsletters we send.
- We also use the services of Facebook, Google, other online advertising providers. You can read about the privacy policies of these service providers, the data collected and the personal data protection measures applied in the privacy policies of these service providers. For more information about how this works, as well as information about how you may object to the display of such advertisements or the use of such data, please refer to the information provided by the above service providers:
– https://lt-lt.facebook.com/policies/ads#; https://policies.google.com/technologies/ads
CHAPTER IV
TO WHOM YOUR PERSONAL DATA IS PROVIDED
- The Company will not transfer your personal data to any third parties without your prior consent, except as described below.
- We may transfer your data for processing to third parties who assist us in the operation and administration of the Services. Such persons may include data center, hosting and related services companies, advertising, marketing services companies, software developers, providers, support and development companies, information technology infrastructure service companies, communication service companies, web browsing or internet activity analysis. companies providing and providing services, security services providing security services, etc.
- In each case, we provide the data controller with only as much data as is necessary to execute a specific order or provide a specific service.
- The data processors used by us may process your personal data only in accordance with our instructions. In addition, they must ensure the security of your data in accordance with applicable law and written agreements with us.
- The data may also be provided to the competent authorities or law enforcement agencies, such as the police or supervisory authorities, but only upon their request and only when required by applicable law or in the cases and procedures provided for by law to ensure our rights, our customers, security of workers and resources, to make, submit and defend legal claims.
CHAPTER V
HOW WE ENSURE THE SECURITY OF YOUR DATA
- In order to protect your data, the Company takes appropriate measures to comply with data protection and data security laws and regulations, including requiring the Company’s service providers / processors to use appropriate measures to protect your personal data and their confidentiality.
- Depending on modern technology, the cost of implementing the measures and the nature of the data to be protected, the Company has implemented technical and organizational measures to protect against risks such as destruction, loss, alteration, unauthorized disclosure or unauthorized access to your data.
CHAPTER VI
YOUR RESPONSIBILITIES
- We would like to remind you that it is your responsibility to ensure, to the extent that it is up to you, that the information you provide to us is accurate, complete and up to date. In addition, if you provide us with data from others, it is your responsibility to obtain and provide such information to us in accordance with legal requirements. For example, you must inform other persons whose data you provide to the Company of the content of this Privacy Policy and obtain their consent to the provision of such personal data.
CHAPTER VII
YOUR RIGHTS
- Data protection law gives you many rights regarding the processing of your personal data.
- You have the right to access your personal data processed by us:
- You have the right to request our confirmation that we process your personal data and, in such cases, to request access to your personal data processed by us. To exercise the above right, please submit a written request to us by e-mail asmensduomenys@monastic.lt.
- You have the right to request the correction of your inaccurate data.
- If you believe that information about you is incorrect or incomplete, you have the right to ask for it to be corrected. To exercise the above right, please submit a written request to us by e-mail asmensduomenys@monastic.lt.
- You have the right to object to the processing of your personal data:
- You have the right to object to the processing of personal data when personal data are processed in accordance with our legitimate interests. However, notwithstanding your objection, we will continue to process your data for good reason to continue processing the data. To exercise the above right, please submit a written request to us by e-mail. Email asmensduomenys@monastic.lt.
- You have the right to request the deletion of your personal data (right to be forgotten):
- In certain circumstances, you have the right to request that we delete your personal data. However, this provision does not apply if we are required by law to retain data. To exercise the above right, please submit a written request to us by e-mail. Email asmensduomenys@monastic.lt.
- You have the right to restrict the processing of your personal data:
- In certain circumstances, you also have the right to restrict the processing of your personal data. To exercise the above right, please submit a written request to us by e-mail. Email asmensduomenys@monastic.lt.
- You have the right to contact the State Personal Data Protection Inspectorate directly or by e-mail with a complaint about improper processing of personal data by e-mail ada@ada.lt.