Our Principles of Privacy
We take your privacy seriously and give you 5 promises:
• We will ALWAYS ensure that your personal data is processed in accordance with applicable data protection laws.
• We will ALWAYS provide you with complete and transparent information on how and for what purposes we process your personal data. This shall include cases of informing you about the data we collect about you, what we do with such data, who we share such data with and who you should contact in case you have any questions.
• We will ALWAYS give you the ability to simply say STOP if you no longer wish to receive our marketing messages.
• We will ALWAYS take all reasonable steps in order to protect your personal data and ensure that it is not accessed by unauthorized persons.
• We will ALWAYS answer your questions about the processing of personal data immediately.
Our Privacy Policy
Last updated on: 14 June 2021.
We protect your privacy and ensure that your personal information is protected.
In this Privacy Policy, we shall explain what personal data we collect, how we process and store them during the provision of our services. This shall include information collected outside of online points of sale or obtained by providing services to customers online through the website www.rigalit.lt, apps (including apps for mobile devices) and third-party platforms (hereinafter referred to as the Websites).
This Privacy Policy shall also apply to our targeted content, including online offers and advertising of products and services, which you may see when browsing the Internet on third-party websites, platforms and apps (hereinafter referred to as Third-Party Websites). Please note that these Third-Party Websites may have their own privacy policies and conditions. Please read them before using these Third-Party Websites.
1. WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA?
We, UAB RIGALIT Lietuva (hereinafter referred to as RIGALIT Lietuva or we), shall be responsible for the processing of your personal data on our Website, databases, etc.
2. HOW CAN I CONTACT THE DATA PROTECTION OFFICER?
In case you have any questions concerning how we process your personal data, you may contact our data protection officer by e-mail at info@rigalit.lt or by post: Europos pr. 89, 46333 Kaunas, telephone: +370 618 50633.
3. WHAT IS PERSONAL DATA?
Personal data is information that allows you to be identified, directly or indirectly (hereinafter referred to as the personal data). This usually includes your name, surname, address, e-mail address, telephone number, but may also include IP address, buying habits.
4. WHAT HAPPENS WHEN YOU PROVIDE US WITH YOUR PERSONAL DATA OR WE RECEIVE YOUR PERSONAL DATA IN ANOTHER WAY?
We collect your personal data directly in a number of ways, such as when you provide us with your personal data by registering as a customer on our Website or when you participate in our loyalty programs, register for seminars organised by us, subscribe to our newsletter, receive the information or e-mails, buy products and services from us, complete questionnaires, comment, make inquiries or contact our staff.
When you provide us with your personal data, we process it for the purposes and in accordance with the procedures set out in this Privacy Policy. If you do not want us to process your personal data in this way, please do not provide such data to us.
We may also obtain your personal data from other sources, including commercial sector data sources such as public databases and data collectors, and information from third parties. If you do not want us to receive your personal data from other sources, please indicate your preferences to the relevant sources.
We shall process your personal data in order to provide you with services as explained below. In certain cases, we may only process your personal data with your consent, for example, usually when we use cookies or location data in order to process your personal data for marketing purposes. In other cases, we may use another legal basis for the processing of your personal data, such as when performing a contract with you or having other legitimate interests, e.g. in order to prevent crime.
If you become a member of any of our loyalty programs, we may consider it to be your consent that you want us to process your personal data for marketing purposes. You may opt out of these marketing communications at any time and this will not affect your participation in the loyalty program and its benefits.
When processing your personal data with your consent, we shall ask for your consent for the specific purpose of the processing. We shall also ask for your consent if we need your personal data for purposes other than those specified in this Privacy Policy.
Please review the information provided in Section 6.1 about the various personal data we may collect, the purposes for which they are collected and the legal basis for the processing of such data.
5. WHAT HAPPENS IF THE CUSTOMER IS A CHILD?
Our Website is intended for adults, but there may be times when some customers under the age of 16 (sixteen) review or purchase products on our Website. If we know that a customer has not yet reached the age of 16 (sixteen), we shall not use such customer’s personal data for marketing purposes unless we obtain their parental consent.
We would like to point out that access to specific parts of the Website may only be granted to users who have reached the required age. We may process your personal data in order to verify your age and enforce any age restrictions.
Once an order is placed in the e-shop, it shall still be reviewed by the manager and only then submitted for further execution.
6. FOR WHAT PURPOSES DO WE PROCESS YOUR PERSONAL DATA?
6.1. We process the following categories of your personal data for the following purposes:
6.1.1. Browsing/registering on our Website
What personal data can we collect?
When you visit/browse the Website - information about the browser you use when you visit our Website, your IP address and device address, links clicked, other websites visited before our Website and information collected through cookies and similar tracking tools.
If you register as a buyer - name, surname, e-mail address, cell phone number, password, address, city, account activity, login details if connecting via Facebook or another network - your username, profile photo, gender, contacts and any other information you agree to share through third party websites (Facebook, Linkedin, etc.).
What is the purpose of processing this data?
When you visit/browse the Website, we (and third-party service providers acting on our behalf) shall use cookies and similar technologies in order to process data about you when you visit our Website. We want to know if you have visited our Website before and what you prefer so that we could tailor the experience for you.
If you register as a buyer, the data shall be processed in order to place your orders for products and services.
Please also review the Privacy Policy and Cookie Policy on our website https://www.rigalit.lt/duomenu-apsauga/, where you will find more detailed information about cookies.
How long do we store your personal data?
When you visit/browse the Website, use the Cookie Permission Tool in order to find out how long each cookie is stored for.
You can set your browser to accept all cookies, reject all cookies, or be notified when a cookie is received. Every browser is different, so if you do not know how to change your cookie settings, read its help manual. Your device's operating system may contain additional cookie controls. If you do not want cookies to collect information, opt out of the use of cookies in your browser settings. In order to learn more about how to manage cookies, visit: http://www.allaboutcookies.org/manage-cookies/.
If you register as a buyer, the registration data shall be stored for the entire period of use of the services, or for a longer period if we have your consent.
What is the legal basis for data processing?
Your consent when you register in the e-shop on our website. In some cases and whenever permitted by law, we shall assume that you agree to the use of cookies based on your actions. Please note that we need to process the basic data of your browsing in order to provide you with the basic functions of the Website, such as a secure connection, or in order to remember what stage of the order you are at.
You can change your cookie settings at any time by changing your browser settings.
6.1.2. Purchase / acceptance of the service
What personal data can we collect?
Name, surname, e-mail address, cell phone number, passwords, order history, payment history, payment information (i.e. bank or credit card details), order history / wish list, age / date of birth, gender, order fulfilment information - delivery and residence addresses of the goods, signature (if you accept the goods yourself), date and time of purchase and delivery, names of goods, quantities, purchase prices and discounts granted and other personal data that you voluntarily provide to us.
What is the purpose of processing this data?
We process personal data in order to provide the products and services you order, including the sending of ordered products or samples.
How long do we store your personal data?
For as long as you buy from us. If no transactions have taken place within 5 (five) years, we shall delete or anonymise your personal data, unless the law provides for a longer term for the storage of such data.
What is the legal basis for data processing?
We use this information to fulfil your order or any other service you have ordered (to fulfil the contract).
6.1.3. Customer service
What personal data can we collect?
Name, surname, cell phone number, e-mail address, residential address, contact message content, order history, payment history, payment information (i.e. bank or credit card information), order history / wish list, age / date of birth, gender, request fulfilment information, postings and other content you provide on our Website, as well as other information you provide when purchasing or ordering a product / service, making an inquiry, contacting our staff live, by telephone or e-mail.
What is the purpose of processing this data?
We process your personal data when you contact us and when we respond to your inquiries and comments.
How long do we store your personal data?
General inquiries and comments related to service issues, store standards, product availability, etc. are stored for 5 (five) years from the date of the last contact with you. Correspondence relating to personal injury, accidents and other health and safety issues may be kept longer in the event of litigation or agreements.
What is the legal basis for data processing?
Processing of your inquiries, comments and complaints at your request (fulfilment of an obligation arising from a contract or other lawful action).
6.1.4. Offering products and services that may be of interest to you
What personal data can we collect?
Name, surname, e-mail address, cell phone number, order history / wish list (including your purchases on our Website, mobile app, store), payment history, age, date of birth, gender, products viewed on our Website, favourite brands, favourite store, your actions on our Website and while reading our e-mails, your responses to surveys or contests, your buying habits and priorities.
What is the purpose of processing this data?
To offer you customized products or services (including from related third parties) that may be of interest to you based on your shopping history and behaviour, priorities, and our marketing segmentation strategies. We may do so by sending you information by mail, e-mail, newsletters, SMS messages, active app notifications, or other third-party tools (such as sending advertisements through Facebook, Google Ads, etc.) about products, services, promotions, etc. We can also contact you and offer to participate in customer surveys, promotions. You can also receive promotional offers run by stores once you have registered for an e-shop account on our Website.
How long do we store your personal data?
For as long as you buy from us. If no transactions have taken place within 5 (five) years, we shall delete or anonymise your personal data, unless the law provides for a longer term for the storage of such data. If you have subscribed to our newsletter, we will retain your data until you unsubscribe.
What is the legal basis for data processing?
You allow us to process your personal data if you become a member subscribing to the newsletter or sign an agreement to receive marketing offers.
6.1.5. Invoicing
What personal data can we collect?
Customer contact details, identification details, financial details (bank account details, invoice numbers).
What is the purpose of processing this data?
Data processing is necessary to fulfil the financial obligations of the order/contract to which the data subject is a party.
How long do we store your personal data?
Invoices (including cash register receipts, which are considered invoices) shall be retained for 10 years from the date of issue.
What is the legal basis for data processing?
The basis for the processing of invoices shall be the Republic of Lithuania Law on Value Added Tax, our Accounting Policy.
6.1.6. Crime prevention and support services such as debt management
What personal data can we collect?
Name, surname, e-mail address, home or cell phone number, payment information (e.g., bank information), payment history, age.
What is the purpose of processing this data?
To provide our services, including the processing of your requests for services, the prevention of fraud and other crimes, the verification of your identity and credit / payment status, and the execution of payment orders. Your personal data relating to the execution of a payment may be transmitted to payment intermediaries for the purpose of the execution of payments or passed on to the police for fraud prevention purposes.
How long do we store your personal data?
For as long as you buy from us. If no transactions have taken place within 5 (five) years, we shall delete or anonymise your personal data, unless the law provides for a longer term for the storage of such data.
What is the legal basis for data processing?
Designed to detect and prevent fraud to ensure that your identity and transactions are secure (combining our interests with our interest in protecting against fraud and protecting our customers).
We provide other service services to provide you with relevant additional services (contract performance).
6.1.7 Selection of candidates for positions or jobs
What personal data can we collect?
The employee responsible for selection may collect personal data relating to qualifications, professional abilities and subject-matter from the candidate applying for the position or job, after informing the candidate from the former employer and only with the consent of the candidate from the current employer. If there is a need to include the CVs of unsuccessful candidates in the database of potential employees, the candidate obtains consent to be contacted for other positions.
By submitting their personal data, the candidates confirm that the data and information provided by them are accurate and correct and the Company is not responsible for the submission and processing of excess data if the candidate submits such data through negligence. The candidate undertakes to inform the Company about changes in the submitted data or other related information.
What is the purpose of processing this data?
When searching for employees for vacancies, the Company collects and processes the personal data of candidates applying for positions or jobs (hereinafter referred to as the candidate). In this way, the Company ensures its interest in recruiting the most suitable employees based on the acquired qualifications and experience.
How long do we store your personal data?
UAB RIGALIT Lietuva processes the candidate's personal data for no longer than required by the specified data processing purposes or provided by the applicable legal acts (1 month after the filling of the job, or upon termination of the selection of employees).
What is the legal basis for data processing?
By employing the most suitable employees based on the acquired qualifications and experience, the Company ensures its legitimate interest in carrying out activities.
6.1.8. Video surveillance
What personal data can we collect?
Videos (with sound).
What is the purpose of processing this data?
The purpose of video surveillance and video data processing is to ensure the security of the Company's property, the security of Company's customers, employees and other persons and their property. For other purposes, video data may be processed if such processing is carried out with consent. If the image is monitored for other purposes, such monitoring must be preceded by a data protection impact assessment, identified risks and mitigation measures. Audio with video shall be listened to and recorded only when it is necessary to achieve the objectives set out in this Clause.
How long do we store your personal data?
Video surveillance recordings (with sound), up to 14 days. Videos shall be stored for a longer period of time if they are related to personal injury, accidents and other health and safety issues, and can be stored longer in the event of litigation or agreements.
What is the legal basis for data processing?
Video surveillance and video data processing – to fulfil the legitimate interest of the Company, ensuring the security of the Company's property, customers, employees and other persons and their property.
7. TO WHOM MAY WE TRANSFER (SHARE) YOUR PERSONAL DATA?
7.1. Our service providers
We share your personal data with the following data processors (i.e. service providers who help us perform the abovementioned tasks):
Related companies and trusted third parties that directly support the administration of our Website for the management (support, maintenance and testing) of IT systems;
Reliable third parties who assist us in the processing and analysis of your personal data and support us when we offer the products and services discussed in Clause 6.1 that may be of interest to you;
If you order a product or service from us, to trusted third parties in order to enable payments and delivery of the products and services you have ordered. If you have not given your consent, these trusted third parties shall not have our authority to use your personal data in any way other than as set out in this section; we require these trusted third parties to use appropriate technical and organisational measures in order to ensure the security of your personal data.
We emphasize that these data processors are subject to strict requirements under applicable data protection laws in order to make them process your personal data only for the purposes and to the extent specified by us and to meet high IT security standards.
7.2. Other recipients
We share your personal data with the following third parties who process your personal data for their own purposes in cases provided for by law (i.e. these third parties are not our authorized data processors, they use your personal data for their own benefit or because you have consented to it):
We share your data with the law enforcement and other authorities, if the disclosure of your personal data is required by law, a lawful instruction from a government/official or a court decision.
We note that we never share your personal data on social networks. When we expand our customer base or match customers through social networks such as Facebook or Google, we make your personal information anonymous before transmitting it. If there are changes in the future and we have to share your personal data on social networks, we will ask for your consent in advance.
7.3. Sharing information about your use of the Website
We do not share information about your use of our Website.
8. TO WHICH COUNTRIES DO WE TRANSFER YOUR PERSONAL DATA?
We do not send your personal data to other countries.
9. HOW LONG DO WE PROCESS YOUR PERSONAL DATA?
We only process your personal data until we have fulfilled the abovementioned purposes for which we collected or received your personal data and the expiry of our record keeping obligations as set out in Section 6.1.
10. WHAT ARE YOUR RIGHTS?
If the relevant requirements are met, you shall have the following rights:
• To receive confirmation from us as to whether or not we process your personal data and, if so, to access your personal data and get acquainted with them;
• To require us to correct inaccurate personal data;
• To require us to delete your personal data (“right to be forgotten”);
• To disagree with the processing of your personal data;
• To require us to restrict the processing of your personal data;
• To contact us about the portability of your personal data – to receive your personal data in our form in a structured, commonly used and automatically scanned form and to transfer it to another data controller.
You can find out more about these rights at https://www.ada.lt/go.php/JUSU-TEISES770. In order to exercise your rights, contact the person responsible for personal data protection, whose contact details shall be provided in Section 2.
11. CAN YOU REVOKE YOUR CONSENT ISSUED TO US FOR PROCESSING OF YOUR PERSONAL DATA?
In cases where your consent constitutes a legal basis for us to process your personal data, you can revoke your consent in the following ways:
Marketing notices: by opting out of receiving marketing communications or by clicking on the unsubscribe link in any marketing message we send;
Other purposes: send us an e-mail at info@rigalit.lt or call our Company as described in Section 2.
Please note that the revocation of your consent shall not affect the lawfulness of the processing of your personal data prior to the revocation.
12. CAN YOU COMPLAIN TO DATA PROTECTION AUTHORITIES?
If you believe that the processing of your personal data violates data protection laws, you may file a complaint with the competent supervisory authority in the Republic of Lithuania or in another country where you live, work or where the General Data Protection Regulation has been violated.
13. HOW DO WE ENSURE THE SECURITY OF YOUR PERSONAL DATA?
We use appropriate technical and organisational measures to protect the personal data you provide from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to your personal data.
14. CAN WE CHANGE THE PRIVACY POLICY?
If necessary, we may change this Privacy Policy by posting an updated version of the Privacy Policy here. We kindly ask you to visit this section frequently and read the current version of the Privacy Policy.