I. MAIN TERMS
1. Data manager (next – Manager) – Closed Joint Company „Metausta“, by Lithuanian Republic Laws founded company, which is registered in J. Savickio g. 4, Vilniaus m., Vilniaus m. sav., Lithuanian Republic, legal entity code 303100222, which data are stored and save din Lithuanian Republic legal entity register.
2. Data subject – individual, which personal data is managed by Manager.
3. E-shop – e-shop of the company, address: www.insportline.lt.
4. Services – all the services provided by the company.
5. Personal data – any information that is related to the individual – Data subject, which identity is known or can be directly or indirectly identified using such data as personal identification number, one or many characteristics describing that person like physical, physiological, economic, cultural or social.
6. Personal data managing – any action with personal data: collecting, writing, saving, accumulation, classification, grouping, joining, changing (adding or editing), presenting, publicizing, using, logically or arithmetically operating, announcing, deleting or any other action or action set.
7. Cookie – relevant file which has unique identification number and is transferred from e-shop website to e-shop clients computers hard disk so that e-shop administrator could separate client’s computer and to see its actions in e-shop so that e-shop functionality could be proper.
8. Direct marketing – action which purpose is to offer products or services to people by email, telephone or other direct approach. Also, to ask about their opinion about products or services
10. Account – main client’s login details, which is one email address and a password.
11. Password – unique numbers, letters and symbols combination which can be used to login into e-shop.
II. GENERAL PROVISIONS
14. Company’s personal data are managed leading by these principles:
14.1 Personal data is collected for defined and legitimate purposes;
14.2 Personal data is managed precisely, honestly and legitimately;
14.3 Personal data is correct and only with volume needed to be collected and then managed;
14.4 Personal data is always being renewed;
14.5. Personal data is being saved in this form so that data subject identity can be determined not longer that it is needed for those purposes, for which this data was collected and managed;
14.6. All the information about personal details is confidential;
14.7. Client’s personal data and personal information will not be used for illegal purposes.
17. Client can make and order using his account when it is registered in E-shop.
18. When registering an account in E-shop, client needs to give its email address, safe password and precise personal data. Client is responsible for rightness of the data.
19. When using services, also buying in E-shop, client always needs to give accurate personal data and is responsible for its rightness.
20. Client has right to change and fill its personal data in the account or to delete an account.
21. Client needs not to reveal its password to third persons and save it, otherwise all the responsibility is up to the Client.
III. PERSONAL DATA COLLECTION, USAGE, CORRECTION AND SAVING
22. Company respect every client right to privacy. Clients personal data is being collected and managed for these purposes:
22.1. Ecommerce purpose. Managed data: first name, last name, residence (address), email address, telephone number.
22.2. Direct marketing purpose. Managed data: first name, last name, residence (address), email address, telephone number, birth date, sex.
22.3. Electronical requests administration purpose. Managed data: first name, last name, residence (address), email address, telephone number.
23. When registering in E-shop for the first time, also for every order, Client can give consent for its personal data (first name, last name, residence (address), email address, telephone number, birth date, sex) managing for direct marketing. If client has given consent to manage its personal data and receive direct marketing messages (emails with offers, SMS), and it would not want to give that consent in the future and informs company according to established procedure that is written below, company will not manage client’s personal data and will not send any electronical news, except information about client’s orders.
24. Company confirms that Client’s personal data will be managed only to provide proper services in E-Shop powersport.lt (including right to participate in discounts, projects). Company also confirms that data provided by the Client will be managed for Company performance analysis and direct marketing purposes if client is given it’s consent and did not cancelled it. Personal data storage life for direct marketing purposes is three years from that data submission moment.
25. Client has a right to cancel its consent (23 point) for managing client’s personal data for Direct marketing purposes, sending relevant message to the company’s email email@example.com specifying that it cancels its consent to use its personal data for direct marketing purposes and does not want to receive any direct marketing messages (emails with offers, SMS messages).
26. Client also has an option to cancel its consent for Personal data managing for direct marketing purposes by clicking on relevant link in every sent email.
27. Client as data subject have these following rights related do Client personal data managing procedures:
27.1. To get and information from company about Client personal data managing, get acquainted with it’s personal data and how that data is managed (right to get acquainted).
27.2. To get Company’s information from which source was that personal data collected and for what purpose Company manages it. Also, for what data recipients it was given in last year (right to know).
27.3. To require correct or to delete Client’s personal data or to stop, except saving, their Personal data managing actions, when Personal data was managed not according to Lithuanian Republic Personal data law on legal protection and other statutory provisions (right to correct and delete, right to be forgotten).
27.4. To require to restrict Client’s personal data managing for one of the legitimate reasons (right to restrict)
27.5. To get systematized personal data which it has given to company in ordinary file that can be read in every computer. Also, Client can require to transfer that data for other data manager, when it can be technically possible (right for data transferability)
28. When realizing its rights in 27th point, Client has to submit its passport, ID or driver license. Client has to write to firstname.lastname@example.org to realize these rights. Company have right to correct or to delete Personal data or to stop Personal data managing when it identifies Client’s identity.
29. Individual complaints about incorrect or illegal Personal data managing are investigated by National data security inspection, which headquarters address is A. Juozapavičiaus g. 6, LT-09310 Vilnius, www.ada.lt.
30. Client personal data are not given for third persons, except for these cases:
30.2. Personal data for ecommerce purpose is given for Partners that gives Company services that are related with the Company’s activities carried around.
30.3. To Partners that are in same company group and resides in Europe Union country for IT solutions, finance/accounting purposes.
30.4. In cases that are provided by Lithuanian Republic laws and for the competent institutions.
31. Client knows about its right not to agree so that its Personal Data would be managed for Direct marketing purposes. So that client has right to express disagreement right away or later.
32. Client agrees so that its Personal data would be transferred to Partners when processing Client order in E-shop, also when Company gives services to client and to Company’s Partners as written in 28th point.
35. Personal data are being saved from losing, illegal usage or editions. All Buyer passwords are encrypted. Servers that are related with Personal data can be logged on with additional safety certificate by persons authorized by Data Manager. All the powersport.lt pages which requires Personal data entry are executed through https:// protocol.
- when it is necessary under competent institutions instructions and/or Client’s personal data have been possibly used when doing illegal activities or there is reasonable suspicion for Client’s identity theft for which competent law enforcement institutions carry out pre-trial investigation
- there are other legal reasons or purposes
37. When received Data subject instruction or inquiry about Personal data managing, Company presents answer to the Client. This answer has to satisfy the request or give motivated rejection in no more than 30 calendar days from Data subject appeal date. If Data subject request for it, it has to be submitted in writing.
IV. THE FINAL PROVISIONS