Privacy | partecha.com

Privacy

The aim of the privacy policy is to inform data subjects about the collection and processing of their personal data, indicate the period for which the personal data will be stored, for who the data will be provided, the rights of data subjects and who to contact in order to implement these rights or regarding other issues of the processing of personal data.
Personal data are processed according to 2016/679 General Data Protection Regulation of the European Union (EU) (further – Regulation), the Republic of Lithuania Law On Legal Protection of Personal Data and other legislation governing the protection of personal data.
UAB PARTECHA applies the following basic principles of data processing:
-          personal data are collected only for explicit and legitimate purposes;
-          personal data are processed lawfully and fairly;
-          personal data are kept up to date;
-          personal data are kept safe and no longer than is required for the purposes of the processing of personal data or legislation;
-          personal data are processed only by those employees of the company who have this right according to their duties or by appropriately authorised processors.
1.        DEFINITIONS
1.1.  Controller – UAB PARTECHA (further – company), legal entity code: 304159355, establishment address: Miliškių k. 9, Miliškiai, Šakių r. sav.,
1.2.  A data subject – any natural person whose data is processed by the company. The controller collects only that data which are necessary for the activity of the company and/or for visiting, using or surfing the company’s website, Facebook page and etc. (further – website). The company ensures that the personal data being collected and processed will be safe and used only for the specific purpose.
1.3.  Personal data – any information relating to the data subject directly or indirectly and whose identity is known or can be determined directly or indirectly by using appropriate data. The processing means any operation which is performed on personal data (including collection, recording, storage, adaptation, alteration, access, request submission transfer, archiving and etc.).
1.4.  Consent – any freely given and conscious confirmation of the data subject which signifies agreement to the processing of personal data for a specific purpose.
2.        SOURCES OF PERSONAL DATA
2.1.  The data subject provides personal data himself. The data subject contacts the company, registers for the services, uses the company services, buys items and/or services, leaves comments, questions, contacts the company for information and etc.
2.2.  Personal data are obtained when the data subject visits the company’s website. The data subject fills out the forms provided therein or leaves his contact details and etc.
2.3.  Personal data obtained from other sources. Data obtained from other institutions or companies, public registers and etc.
3.        PERSONAL DATA PROCESSING
3.1.  When providing the personal data for the company, the data subject agrees that the company will use the collected data for implementation of its commitment to the data subject and for the provision of services which are expected by the data subject.
3.2.  The company processes personal data for these purposes:
3.2.1. Completion and implementation of the contracts with the data subject regarding goods and services provided and received by the company; contact storage for ensuring the possibility to contact them; accounting and payment control. The following data are processed for these purposes:
·         Name(s), surname(s);
·         Communication data (phone number, email address);
·         Workplace and duties (if the information is provided from the legal person’s representative);
·         Place of residence (for a VAT invoice);
·         Bank account details (if a natural person provides services for the company).
3.2.2. Debt management. The following data are processed for this purpose:
·                     Name(s), surname(s);
·                     Personal identification number/date of birth;
·                     Payment history;
·                     Address;
·                     Other information related to debt.
3.2.3. Management of requests, comments and complaints. The following data are processed for this purpose:
·       Name(s);
·       Communication data (phone number, email address);
·       Street, house number;
·       Text of the question, comment or complaint.
3.2.4. E-commerce. The following data are processed for this purpose:
For the identification of the client/customer:
·                Name(s), surname(s);
·                Age (to determine if the person is a minor);
·                Sex.
·                For contacting the client/customer:
·                Communication data (phone number, email address);
·                For the delivery:
·                Delivery address.
·                For country identification of the client/customer for the purpose of VAT invoice:
·                IP address.
·                For purchase execution:
·                Date of purchasing;
·                Item price;
·                Item title;
·                Number of items;
·                Date of the order;
·                History of e-shop visits.
3.2.5. Games and contests. The following data are processed for this purpose:
·         Name(s), surname(s);
·         Communication data (phone number, email address);
·         Place of residence.
3.2.6. For the purpose of ensuring the security of employees of the company, other data subjects and property (video surveillance). The following data are processed for this purpose:
Video images. Video surveillance systems do not use face recognition and/or technologies of analysis. Video data is not grouped or profiled according to the specific data subject (person). The data subject is informed about the video surveillance with information signs with the camera’s symbol and company information which is provided before entering the monitored territory and/or room. Premises that are intended for the full protection of the personal data of the data subject are not included in the field of video surveillance.
3.2.7. For other purposes for which the company has a right to process the personal data of the data subject after receiving data subject’s consent when the data needs to be processed due to company’s legitimate interest or it is required by appropriate legislation.
4.        THE PROVISION OF PERSONAL DATA
4.1.  The company commits to respect the confidential obligation in respect of the data subjects. The personal data may be disclosed to the third parties only if it is necessary for the conclusion and execution of the contract for the benefit of the data subject, or for other legitimate reasons.
4.2.  The company may disclose the personal data to its processors who provide services to the company and process the personal data on behalf of the company. Processors have a right to process the personal data only in accordance with the instructions of the company and only to the extent necessary for the proper fulfilment of the obligations laid down in the contract. The company uses only those processors who can adequately ensure that the appropriate technical and organizational measures are implemented in such manner that the data processing complies with the requirements of the Regulation and guarantees the protection of the data subject's rights.
4.3.  The company can also provide personal data in response to requests from courts or public institutions to the extent necessary for the appropriate execution of legislation and instructions from public institutions.
4.4.  The company guarantees that personal data will not be sold or leased to the third parties.
5.        DURATION OF PERSONAL DATA STORAGE
5.1.  The personal data collected by the company is stored in printed documents and/or company’s information systems. Personal data shall be processed for no longer than is necessary to achieve the purposes for which the data are processed or no longer than required by the data subjects and/or legislation.
5.2.  Although the data subject can terminate the contract and cancel services of the company, the company must continue to store data of the data subject due to possible future requirements or legal claims until the expiration of the data storage periods.
6.        RIGHTS OF THE DATA SUBJECT
6.1.  Right to obtain information regarding data processing.
6.2.  Right to access the data processed.
6.3.  Right to request rectification.
6.4.  Right to request deletion of data (right to be forgotten). This right does not apply if the personal data requested to be erased is also processed on a different legal basis, i.e. processing is necessary for the execution of the contract or duties in accordance with legislation.
6.5.  Right to restrict the data processing.
6.6.  Right to object to processing.
6.7. Right to data portability. Right to data portability cannot adversely affect rights and freedom of others. The data subject has no rights to the portability of the data in relation to personal data processed in manually-structured files, such as paper files.
6.8.  Right not to be subject to a decision based solely on automated processing, including profiling.
6.9.  Right to lodge a complaint regarding data processing to the State Data Protection Inspectorate.
7.   The company must provide means for implementation of previously mentioned rights of the data subject. Except in the instances laid down in the law when it is necessary to ensure the security or defence of the state, public order, prevention, investigation and detection of criminal activity and prosecution, important economic and financial interests of the state, prevention, investigation and detection of breaches of integrity or professional conduct, the protection of the rights and freedoms of the data subject or other persons.
8.        IMPLEMENTATION OF RIGHTS OF THE DATA SUBJECT
8.1.  The data subject can contact the company regarding the implementation of his rights:
8.1.1.      by submitting a written request in person, by mail, representative or by means of electronic communication; email: info@partecha.com;
8.1.2.      orally: by phone 8 615 34058 (calling from other networks or abroad: +370 615 34 058);
8.1.3. in written; address: Miliškių k. 9, Miliškiai, Šakių r. sav.,
8.2.  In order to protect the data against unauthorized disclosure, the company must verify the identity of the data subject upon receiving the data subject’s request for data provision or regarding the implementation of other rights.
8.3.  The company provides an answer to the data subject no later than within month after receiving the data subject’s request, having regard to specific circumstances of personal data processing. This period can be extended for two more months if necessary, depending on the complexity and the number of requests.
9.        RESPONSIBILITY OF THE DATA SUBJECT
9.1.  The data subject has to:
9.1.1.       inform the company regarding changes of information and data provided. It is important for the company to have correct and valid information about the data subject;
9.1.2.       to provide the necessary information so that at the request of the data subject the Company can identify the data subject and ensure that it communicates or co-operates with a specific data subject (to provide a personal identity document or in accordance with legislation, or by means of electronic communication which will allow identifying the data subject properly). This is necessary for the personal data protection of the data subject and other persons so that the disclosure of the data subject's information is restricted to the data subject, without prejudice to the rights of others.
10.    FINAL PROVISIONS
10.1.   By providing the personal data to the company, the data subject agrees with this privacy policy, understands its provisions and agrees to comply with it.
10.2.   While developing and improving the company, the company has a right to change its privacy policy unilaterally, partly or completely any time and notify about the changes in the website www.partecha.com.
10.3.  The additions or changes to the privacy policy come into force from the date of their publication, i.e. from the day when they are placed on the website www.partecha.com.