Privacy policy
Privacy Policy
BASIC CONCEPTS
1.1. The controller of personal data is Viktorija Karalienė, according to the laws of the Republic of Lithuania, according to individual activity certificate no. 1176007 working natural person, whose personal code is 49105211665, activity reg. address Užupio 16-27, Vilnius, 01203, Lithuania. VAT code : LT100016086613. VMVT code: 410002810
1.2. Customer or Data Subject - natural person - a client of the Personal Data Controller (including website visitors) whose personal data is collected by the Personal Data Controller.
1.3. Electronic store - the personal data manager's electronic store at sacredlotus.eu
1.4. Services – all services provided by the Personal Data Manager.
1.5. Personal data - any information related to a natural person - the Data subject whose identity is known or can be directly or indirectly determined using data such as a personal code, one or more physical, physiological, psychological, economic, cultural or social characteristics characteristic of a person signs
1.6. Processing of personal data - any action performed with personal data: collection, recording, accumulation, storage, classification, grouping, connection, change (addition or correction), provision, publication, use, logical and/or arithmetic operations, search, dissemination , destruction or other action or set of actions.
1.7. Partner - a legal entity that provides services to the Personal Data Controller in connection with the activities carried out by the Personal Data Controller, or sells goods to the Personal Data Controller, or carries out joint projects with the Personal Data Controller, including, but not limited to, marketing campaigns, joint sales campaigns, loyalty programs, etc. ., in media, web pages, Electronic store, retail stores, shopping networks, etc.
1.8. A cookie is a small piece of textual information that is automatically created when browsing the website and is stored on the visitor's computer or other device.
1.9. Direct marketing is an activity aimed at offering goods or services to individuals by mail, telephone or other direct means and/or asking for their opinion on the offered goods or services.
1.10. Privacy policy - means this document, which establishes the principles and rules of processing Personal data, using the services of the Electronic Store.
1.11. Account - the main data for the Customer's connection to the Online Store, which consists of one email address and Password.
1.12. Password is a unique combination of numbers, letters, or numbers and letters or other symbols created by the Customer, which can be used to connect to the Online Store.
GENERAL PROVISIONS
2.1. The Client grants the Personal Data Controller the right to perform all Personal Data Processing actions within the scope and purposes provided for in this Privacy Policy.
2.2. Personal data is processed in accordance with the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the processing and protection of Personal Data, this Privacy Policy.
2.3. The controller of personal data processes personal data in accordance with the following principles:
2.3.1. Personal data is collected for defined and legitimate purposes;
2.3..2. Personal data is processed accurately, fairly and legally;
2.3..3. Personal data are valid and only to the extent necessary for their collection and further processing;
2.3..4. Personal data are constantly updated;
2.3..5. Personal data is stored in such a form that the identity of the Data Subject can be determined no longer than is necessary for the purposes for which these data were collected and processed.
2.3..6. All information about Personal Data is confidential;
2.3..7. Personal data and personal information of the customer will not be used for illegal purposes.
2.4. It is considered that the Customer has read the Privacy Policy of the current version and agrees with it when making a purchase in the Electronic Store. If the Customer does not agree with any part of the Privacy Policy or the Privacy Policy, in this case the Customer must not place an order or purchase a product in the Online Store.
2.5. The Privacy Policy can be viewed in the Online Store and printed at any time. The Privacy Policy may be changed, supplemented or updated at the discretion of the Personal Data Controller. The new version of the Privacy Policy is published in the Electronic Store.
2.6. The customer can place an order in the Electronic Store without registration, or after registering in the Electronic Store through his Account.
2.7. During the initial registration to the Electronic Store through the Account, the Customer must provide his e-mail address and come up with a secure Password, as well as provide accurate Personal Data to the Electronic Store. The customer is responsible for their correctness.
2.8. When using the Services, as well as when purchasing in the Electronic Store, the Customer must always provide accurate Personal Data to the Electronic Store and is responsible for their correctness.
2.9. The customer has the right to change and supplement Personal data in the Account at any time or to contact the electronic store with a request to cancel the Account.
2.10. The Customer must not disclose the Password to third parties and must keep it safe, otherwise, all related responsibility rests with the Customer.
COLLECTION, USE, CORRECTION AND STORAGE OF PERSONAL DATA
3.1. The controller of personal data respects the right to privacy of each Client. Customer Personal Data (i.e. name, email address, phone number, product/service delivery address, age/year of birth, product/service payment details (bank account number, payment method, etc.), purchase history, etc. also, with the Client's consent, age, gender, date of birth, place of residence) are collected and processed for the following purposes:
3.1.1. For the purpose of e-commerce. The following Personal Data are processed: name, surname, e-mail address, phone number, product/service delivery address, age/year of birth, IP address, product/service payment data. The duration of storage of personal data used for the purpose of e-commerce is 5 (five) years from the day of the last connection to the Electronic Store.
3.1.2. For direct marketing purposes. The following personal data are processed: name, surname, telephone number, e-mail address, address, age, gender, date of birth, place of residence. The storage period of personal data used for the purpose of Direct Marketing is 5 (five) years from the day of the last connection to the Electronic Store.
3.2. The customer can give his consent to the processing of his personal data (name, surname, telephone number, e-mail address, address, age, gender, date of birth, place of residence) for the purpose of Direct Marketing. If, after giving consent to process his data for the purpose of Direct Marketing, as well as to receive Direct Marketing messages, the Customer no longer wishes to do so and informs the Personal Data Controller about this, the Personal Data Controller will no longer process his Personal Data for the purpose of Direct Marketing and will not send any electronic news to the Customer, except with the Customer's order related information.
3.3. The Customer has the right at any time to revoke his consent in point 3.2 to the Personal Data Controller processing the Customer's Personal Data for the purpose of Direct Marketing by submitting an appropriate notification to the Personal Data Controller by e-mail at lotosas.eu@gmail.com and clearly indicating that he is withdrawing his consent to use his Personal Data for Direct Marketing. for marketing purposes and do not wish to receive any Direct Marketing communications.
3.4. The Customer also has the opportunity to refuse to exercise his right to object to the processing of the Customer's Personal Data for the purpose of Direct Marketing by clicking on the relevant link in each e-mail sent.
3.5. The Customer, as a Data Subject, has the following rights listed below in relation to the procedures for processing the Customer's Personal Data:
3.5.1. to receive information from the Personal Data Controller about the processing of the Customer's Personal Data, to get acquainted with his Personal Data and how they are processed;
3.5.2. to receive information from the Personal Data Controller, from which sources and which Client's personal data was collected, for what purpose it is processed, to which data recipients it is provided and has been provided for at least the last 1 (one) year;
3.5.3. demand correction, destruction of the Client's Personal Data or suspension, except for storage, of the processing of his Personal Data, when the Personal Data are processed in violation of the Law on Legal Protection of Personal Data of the Republic of Lithuania and other laws.
3.6. When exercising his rights, the Customer must present a passport, identity card or driver's license. The Personal Data Controller shall provide the Data Subject with information about the processed Personal Data of the Data Subject free of charge once a year. The customer can exercise his rights, provided for in point 3.5, by sending an e-mail to lotosas.eu@gmail.com. The Personal Data Manager has the right to correct, change, delete Personal Data or stop the processing of Personal Data only after identifying the identity of the Client who applied.
3.7. The Customer's Personal Data is not provided to third parties, except in the following cases:
3.7.1. When the Client's consent is obtained, as indicated in this Privacy Policy;
3.7.2. Personal data for e-commerce purposes are provided to Partners who provide the Personal Data Controller with services related to the Personal Data Controller's activities;
3.7.3. to the competent authorities in the cases provided for by the laws and legal acts of the Republic of Lithuania. 3.7.2. Payments in the e-store are processed using the shopify.com platform, so your personal information required for payment execution and confirmation will be transferred to shopify.com .
3.8. The customer is aware of his right not to consent to the processing of his personal data for the purpose of direct marketing, i.e. The customer has the right to express disagreement immediately or later.
3.9. The Customer agrees that his Personal Data will be transferred to the Partners when fulfilling the Customer's order submitted in the Electronic Store, as well as when the Personal Data Manager provides Services to the Customer, as well as to the Partners of the Personal Data Manager, as specified in 3.7. point.
3.10. If the Customer does not agree with the Privacy Policy, the Customer will not be able to use the services of the Electronic Store.
3.11. The controller of personal data implements organizational and technical measures to protect personal data from accidental or illegal destruction, alteration, disclosure, as well as from any other illegal processing.
3.12. The Client agrees that in cases where it is necessary according to the instructions of the competent authorities and/or the Client's Personal Data may have been used in the course of illegal activities, or there are reasonable suspicions of identity theft, for which the competent law enforcement authorities are conducting a pre-trial investigation, or there are other legal grounds or purposes, his Personal Data would be stored on the servers of the Personal Data Manager for a longer period than is specified in this Privacy Policy.
3.13. Upon receipt of the Data Subject's instruction or inquiry related to the processing of Personal Data, the Personal Data Controller provides the Client with an answer, satisfying the request/instruction or refusing to do so with reasons, no later than within 30 (thirty) calendar days from the date of the Data Subject's request. If the Data Subject wishes, the answer must be given in writing.
3.14. In order for the Personal Data Manager to be able to offer the Customer full-fledged services in the Electronic Store, with the Customer's consent, information Cookies are stored on the Customer's computer (device), which are used to identify the Customer as a previous user of the Electronic Store, to collect statistics on the presence of the Electronic Store, information about shopping cart. At any time, the customer can view what cookies are being saved and can delete part or all of the saved cookies.
3.15. To learn more about cookies, such as how to manage or delete them, you can visit www.allaboutcookies.org.
OTHER PROVISIONS
4.1. The controller of personal data has the right to change, supplement the "Privacy Policy" in whole or in part. Additions or changes to the privacy policy take effect from the date of their publication.
4.2. If you have any questions, contact the following contacts: lotosas.eu@gmail.com
Makecommerce
5. In e-store the payments are processed via makecommerce.lt platform, which is operated by Maksekekesus AS (Niine 11, Talin, 10414, Estonia, reg. nr: 12268475), so your personal information, that is needed for payment processing and confirmation will be shared with Maksekeskus AS