GENERAL PROVISIONS
- This Policy is intended for persons who visit this website owned by the Company (https://purles.ee/) use the information of the Website and the services provided on it.
- By using the services, continuing to browse the website, the Visitor (website user) confirms that he has read this Policy, understands its provisions and agrees to comply with them.
- The Data Controller shall ensure that by adopting and implementing this Policy, it seeks to implement the following fundamental principles related to the processing of personal data:
- Personal data are processed in a lawful, fair and transparent way in relation to the Data Subject (principle of lawfulness, fairness and transparency);
- Personal data is collected for specified, clearly defined and legitimate purposes and is not further processed in a manner incompatible with those purposes;
- Further processing of personal data for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes is not considered incompatible with the original purposes (principle of purpose limitation);
- Personal data are adequate, relevant and only as necessary to achieve the purposes for which they are processed (principle of data minimisation);
- Efforts are made to ensure that the personal data are accurate and, if necessary, are updated within a reasonable time from the fact of the change;
- All reasonable measures shall be taken to ensure that personal data that are not accurate, taking into account the purposes of their processing, are deleted immediately or corrected within a reasonable time (principle of accuracy);
- Personal data shall be stored in a form that allows the identification of data subjects for no longer than is necessary for the purposes for which personal data are processed;
- Personal data may be stored for longer periods if personal data will be processed only for archiving purposes, for the sake of public interest, for scientific or historical research purposes or statistical purposes, after the implementation of appropriate technical and organizational measures necessary to protect the rights and freedoms of the Data Subject (principle of limitation of the duration of storage);
- Personal data, taking into account the general nature of the personal data processed by the Data Controller, are processed in such a way as to ensure proper security of personal data by applying appropriate technical or organizational measures, including protection against unauthorised or unlawful processing of personal data and against accidental loss, destruction or damage (principle of integrity and confidentiality);
- The data controller is responsible for ensuring compliance with the above principles and must be able to prove compliance with them (principle of accountability).
- This Policy has been established in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania (hereinafter referred to as the LLPPD), other legal acts of the European Union and the Republic of Lithuania. The terms used in the Policy shall be understood as defined by the GDPR and the LLPPD.
- We recommend that you take the time to get acquainted with this Privacy Policy in detail.
- If you do not agree with the processing of your personal data as specified in this Privacy Policy, you have the right not to provide the Company with your personal data. Also, if we process certain of your Personal Data on the basis of your consent to the processing of personal data, you can withdraw such consent at any time, without prejudice to the lawfulness of consent-based processing until the withdrawal of consent.
- This Privacy Policy explains how the Company collects and uses your personal data when you:
- You visit the Website managed by the Company and / or the Company’s social networks or use the opportunities provided by them;
- You seek to conclude or conclude an agreement with the Company;
- You acquire the services provided by the Company;
- You agree to receive direct marketing messages sent by the Company or subscribe to the Company’s newsletter;
- You provide your goods or services to the Company;
- Contact the Company’s customer service department;
- You otherwise communicate or cooperate with the Company as a customer, supplier or other person who has a business or consumer relationship with the Company.
- Contact details of the person responsible for the protection of personal data in the Company: e-mail: info@purles.ee .
I. PURPOSES OF PERSONAL DATA PROCESSING AND CATEGORIES OF PERSONAL DATA COLLECTED
- Depending on who you are (customer, supplier, website visitor, etc.) and how you communicate with the Company (live, online, telephone, etc.), the Company may process different personal data about you.
- Below you will find the categories of Personal Data that we may collect:
Purpose of data processing | Categories of data and personal data processed | Time period for data processing | Legal basis for data processing |
---|---|---|---|
Conclusion of the contract with the Company | Personal identification data: name, surname*
Contact details: e-mail address, telephone number, address, delivery address* Service data: date of purchase, description, price* Details of payment for goods / services* |
Personal data is stored during the term of the contract and for 10 years from the date of termination of the contract (in accordance with the General Index of Document Storage Terms approved by the Chief Archivist of the Republic of Lithuania on 9 March 2011 (Order No V-100)) | Processing is necessary for the conclusion and performance of a contract (Art. 6 (1) (b) of the GDPR) |
Site administration | Account login information: login, password or other security codes | Personal data is stored by an active
Personal data is stored during the period of active use of the account and for 1 year after the last login to the account after you stop using it |
Processing is necessary for the conclusion and performance of a contract (Art. 6 (1) (b) of the GDPR) |
Sending direct marketing messages and newsletters | Personal identification and contact details: name, surname, e-mail address, telephone number | Personal data is stored and processed during the period of validity of the consent, unless the consent is withdrawn earlier. The data subject’s consent to the sending of direct marketing communications is valid for 5 years from the date of receipt of the consent | Art. 6 (1) (a) of the GDPR (consent of the data subject to such processing) |
*The provision of marked data is necessary if you wish to conclude an agreement with the Company or submit a request on the website.
II. PROCESSING OF PERSONAL DATA FOR DIRECT MARKETING PURPOSES
- The Company processes your personal data for the purpose of direct marketing after obtaining your explicit consent to such data processing, e.g.: after you subscribe to our newsletters, etc. (the basis for data processing is your freely expressed consent to data processing).
- For the purpose of direct marketing, we may process your name, surname, e-mail address, phone number.
- Your personal data for the purpose of direct marketing may be processed in the following ways:
- By e-mail you can receive the newsletter with our offers, promotions and news;
- you can receive invitations to events, offers and similar information by e-mail.
- You can unsubscribe from our newsletters at any time. You can do this by clicking on the dedicated link at the bottom of the newsletters we send.
- We also use the services of Meta (Facebook), Google, other online advertising providers. You can read about the privacy policy of these service providers, the data collected and the personal data protection measures applied in the privacy policies of the aforementioned service providers. For more information on how it works, as well as information on how you can object to the display of such advertisements or such use of data, please refer to the information provided by the aforementioned providers: https://ltlt.facebook.com/policies/ads#; https://policies.google.com/technologies/ads
III. TO WHOM YOUR PERSONAL DATA IS PROVIDED
- The Company does not transfer your personal data to any third parties without your prior consent, except in the cases described below.
- We may transfer your data for processing to third parties who help us to carry out our activities and administer the provision of services. Such persons may include companies providing data centres, hosting and related services, companies providing advertising, marketing services, companies that develop, provide, maintain and develop software, companies providing information technology infrastructure services, companies providing communication services, companies providing communication services, companies that carry out analysis of internet browsing or activities on the Internet and provide services, security services providing security services, etc.
- In each case, we provide the data processor with only as much data as is necessary for the execution of a specific order or the provision of a specific service.
- The data processors used by us may process your personal data only in accordance with our instructions. In addition, they are obliged to ensure the security of your data in accordance with applicable legislation and written agreements concluded with us.
- Data may also be provided to competent government or law enforcement bodies, such as the police or supervisory authorities, but only upon their request and only when required by applicable legislation or in the cases and in accordance with the procedures provided for by law, in order to ensure our rights, the safety of our buyers, employees and resources, to assert, provide and defend legal claims.
IV. HOW WE ENSURE THE SECURITY OF YOUR DATA
- In order to protect your data, the Company takes appropriate measures that comply with the laws and regulations on data protection and data security, including the requirement for the Company’s service providers / data processors to use appropriate measures to protect your personal data and their confidentiality.
- Depending on modern technologies, the cost of implementing measures and the nature of the data to be protected, the Company has implemented technical and organizational measures to protect against such risks as destruction, loss, alteration, unauthorized disclosure or unauthorized access to your data.
V. YOUR RESPONSIBILITIES
- We would like to remind you that it is your duty to ensure, to the extent that it is up to you, that the data you provide to us is accurate, complete and up to date. In addition, if you provide us with the data of other persons, it is your duty to receive and provide us with such information in accordance with legal requirements. For example, you must inform other persons whose data you provide to the Company about the content of this Privacy Policy and obtain their consent to the provision of such personal data.
VI. YOUR RIGHTS
- Data protection legislation gives you a number of rights related to the processing of your personal data.
1. You have the right to access your personal data processed by us:
2. You have the right to ask us for confirmation of whether we are processing your personal data and in such cases to request access to your personal data processed by us. To exercise the above right, please submit a written request to us by e-mail info@purles.ee
- You have the right to request the rectification of inaccurate data about you.
1. If you believe that the information about you is incorrect or incomplete, you have the right to request its correction. To exercise the above right, please submit a written request to us by e-mail. By mail info@purles.ee
- You have the right to object to the processing of your personal data:
1. You have the right to object to the processing of personal data when personal data is processed on the basis of our legitimate interests. However, notwithstanding your objection, we will continue to process your data if there are reasonable and justified reasons for further processing. To exercise the above right, please submit a written request to us by e-mail info@purles.ee
- You have the right to restrict the processing of your personal data:
1. In certain circumstances, you also have the right to restrict the processing of your personal data. To exercise the above right, please submit a written request to us by e-mail info@purles.ee
2. You have the right to contact the State Personal Data Protection Inspectorate of your country with a complaint about improper processing of personal data.
VII. INFORMATION ABOUT THE COOKIES USED
- The Data Controller uses cookies on the Website in order to be able to separate some users of the Website from others. With the help of cookies, the Data Controller seeks to ensure a more pleasant experience for persons browsing the Website and to improve the Website itself.
- Cookies are small-scale text files that are stored in a Person’s browser or device (personal computer, mobile phone or tablet).
- The company uses the following categories of cookies:
1. Strictly mandatory cookies: cookies are necessary to ensure the functioning of the system. For example, some cookies allow us to identify registered users and ensure their ability to access the entire system. If the user refuses these cookies, he may no longer see the entire content of the system;
2. Performance-enhancing cookies: cookies that allow you to analyze how users use the system and monitor the work of the system. This allows the Company to choose the right offers and quickly identify and eliminate any problems, thus ensuring a high quality of browsing. For example, performance cookies allow you to track which pages are the most popular and determine why some pages show error messages;
3. Functional cookies: cookies that allow you to remember the wishes of users and adapt them to the website / mobile application so that the Company can provide improved functions;
4. Targeting cookies: The Company may use cookies to show users advertisements that promote goods / services sold by the Company that are of interest to specific users.
5. Google Analytics, which allows you to capture and analyze statistical data on the use of the site. You can learn more about Google Analytics and the information that these tools allow you to collect here – https://support.google.com/analytics/answer/6004245?hl=lt. If you prefer that Google Analytics tools do not record information about your web browsing, you can use the Google Analytics opt-out browser plugin.
- The following cookies https://purles.ee/ used on the website https://purles.ee/ :
COOKIE NAME | DURATION | PURPOSE |
woocomerce_cart_hash | session | Helps WooCommerce determine when cart contents/data changes. |
woocomerce_items_in_cart | session | Helps WooCommerce determine when cart contents/data changes. |
wp_woocommerce_session | 2 days | Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. |
35. Cookies used on the website do not allow to determine the identity of the user of the website. A visit to the Website is recorded anonymously, recognizing a personal computer, mobile phone or tablet and IP address, and such collected information is not provided to third parties, except in cases provided for by law.
- By opening the Website and clicking on the “I agree” button in the pop-up field, the person browsing agrees that cookies will be stored on his computer, mobile phone or tablet.
- In order to withdraw the given consent, the person browsing may delete or block cookies by selecting the appropriate settings in his browser that allow him to refuse all or part of the cookies. It should be noted that when using such browser settings that block cookies (including necessary cookies), a person may have problems using all or part of the functions of the Website.
- Personal data collected by cookies are processed in accordance with the provisions of the Law on Legal Protection of Personal Data of the Republic of Lithuania, the Law on Electronic Communications of the Republic of Lithuania, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, as well as other legal acts regulating the protection of personal data.
- In accordance with the requirements of legal acts, the Website applies security measures that would prevent unauthorized disclosure of personal data and their unauthorized use.
VIII. FINAL PROVISIONS
- Legal relations related to this Policy are governed by the law of the Republic of Lithuania.
- The Data Controller shall not be liable for damages, including damages caused by interruptions in the use of the Website, for loss or damage to data caused by the actions or omissions of the person himself or third parties acting with the person’s knowledge, errors, deliberate damage, other misuse of the Website.
- The Data Controller shall also not be liable for any interruptions in the connection and/or use of the Website and(or) damage caused by them caused by the actions or omissions of third parties not related to the Data Controller or the person, including interruptions in the supply of electricity, Internet access, etc.
- The Data Controller has the right to amend the Policy in part or in full.
- Additions or amendments to the Policy shall take effect from the date of their publication on the Website.
- If, after supplementing or amending the Policy, a person continues to use the Website and / or the services provided by the Data Controller, it is considered that the person does not object to such additions and / or changes.
- For all data processing issues, you can contact us by e-mail info@purles.ee
- This Privacy Policy applies from 31 March 2023.