Order by phone +372 880 7906
PRIVACY POLICY
The purpose of the privacy policy is to inform how the personal data of data of Data Subjects is collected and processed, to explain how long it is stored, to whom it is provided, what rights data subjects have and where to apply for their implementation or other issues related to the processing of personal data.
Personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 of the European Union (hereinafter - the Regulation), the Law on the Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the protection of personal data.
Private Limited Liability Company "Nostra" is guided by the following basic principles of data processing:
1. DEFINITIONS
1.1. Data Controller – Closed Private Limited Liability Company "Nostra" (hereinafter – the Company), legal entity code 120897213, registration address Sausių g. 44, Sausių k., Lentvario sen., Trakų r. sav.
1.2. Data Subject – any natural person whose data is processed by the Company. The Data Controller collects only those data of the Data Subject that are necessary for the performance of the Company's activities and (or) when visiting, using, browsing the Company's websites, social network accounts, etc. (hereinafter referred to as the Website) The Company ensures that the personal data collected and processed will be secure and will only be used for a specific purpose.
1.3. Personal data – any information relating directly or indirectly to a Data Subject whose identity is known or can be identified directly or indirectly by reference to the data concerned. Processing of personal data means any operation performed on personal data (including the collection, recording, storage, editing, modification, granting of access, retrieval, transmission, archiving, etc.).
1.4. Consent – any voluntary and deliberate consent by which the Data Subject consents to the processing of his or her personal data for a specified purpose.
1.5. Cookies – The Company's website uses small pieces of textual information that are automatically generated while browsing the website and stored on a computer or other device used by the data subject (website visitor). Cookies are used to improve the browsing experience for website visitors, to analyze website traffic and behavior of visits on the website.
2. SOURCES OF PERSONAL DATA
2.1. Personal data are provided by the Data Subject themselves. The Data Subject contacts the Company, uses the services provided by the Company, purchases goods and/or services, leaves comments, asks questions, subscribes to newsletters, contacts the Company to request information, etc.
2.2. The personal data is obtained when the Data Subject visits the Company's website. The Data Subject fills in the forms contained therein or leaves their contact details, etc., for whatever reason.
2.3. Personal data is obtained from other sources. Data are obtained from other institutions or companies, publicly available registers, etc.
3. PROCESSING OF PERSONAL DATA
3.1. By providing personal data to the Company, the Data Subject agrees that the Company will use the collected data to fulfill its obligations to the Data Subject in providing the services that the Data Subject expects.
3.2. The Company processes personal data for the following purposes:
3.2.1. Company business performance and continuity. The following data shall be processed for this purpose:
3.2.2. Inquiries, comments and complaints The following data is processed for this purpose:
3.2.3. E-commerce. The following data shall be processed for this purpose:
3.2.4. Direct marketing.. The following data shall be processed for this purpose:
3.2.5. For the purpose of ensuring the security of the Company's employees, other Data Subjects and property (video surveillance). The following data shall be processed for this purpose:
3.2.6. Other purposes for which the Company has the right to process the data subject's personal data, where the data subject has expressed his or her consent, where the processing is necessary for the Company's legitimate interest, or where the Company is obliged to process the data by the relevant legal acts.
4. USE OF COOKIES
4.1. The Company uses cookies on the Website for the purpose of improving and enhancing the experience of buyers and website visitors.
4.2. The following types of cookies may be used on the Company's website:
4.2.1. Technical (required) cookies – help the website visitor to view the website and its content, to ensure the functionality of the website, to create an account, to log in to your account and to manage your orders. Technical cookies are necessary for the proper functioning of the website and their use does not require the consent of the website visitor.
4.2.2. Functional cookies – used to help the website visitor use the Company's website and to remember the choices and preferences made during the browsing process. Functional cookies are not necessary for the website to be fully functional, but they do add functionality and improve your experience of using the Company's website.
4.2.3. Analytical Cookies – used to obtain information about how website visitors use the Company's website. This is necessary in order for us to optimize and improve the Company's website. With the help of analytical cookies, we may collect data about the web pages you have viewed, the pages from which you came, the e-mails you opened and responded to, and date and time information. It also means that we may use information about you and your use of the site, such as the frequency of visits, the number of clicks on a particular page, the search terms used, and more.
4.2.4. Commercial (targeted or promotional) cookies – used to deliver personalized advertising to a visitor to the Company's website. This is called "remarketing", which is based on your browsing activity, such as the products and/or services you've searched for and viewed.
4.3. The Company's employees, who are responsible for the analysis of these data and the improvement of the website, have access to the statistical data about visitors to the Company's website
4.4. Technical records may also be accessed by the Company's partners who provide content management tools for the Company's website.
4.5. The Google Analytics tool is provided by Google Inc., a U.S. company, so it also has access to the statistical data collected by Google Analytics. This provider is subject to contractual and statutory privacy obligations.
4.6. Data collected by means of cookies shall not be stored by the Company for longer than is necessary to achieve the purposes of the processing or for longer than is required by the Data Subjects and/or provided for by law.
4.7. You can find more information about cookies at: AllAboutCookies.org.
4.8. If you do not agree to our use of cookies, you have the option to change your browser settings and control the amount of cookies. Useful links to opt out of cookies can be found below:
4.9. The following cookies are currently used on the Company's website:
Cookie title | Supplier | Validity term | Type |
Required cookies | |||
CookieConsent |
nostra.lt |
1 year |
HTTP |
user_token |
nostra.lt |
6 months |
HTTP |
www_nostra_lt |
nostra.lt |
Session |
HTTP |
Analytical cookies | |||
_ga |
nostra.lt |
2 years
|
HTTP |
_gat |
nostra.lt |
Session |
HTTP |
_gid |
nostra.lt |
Session |
HTTP |
omnisendAnonymousID |
nostra.lt |
1 day |
HTTP |
_clck |
nostra.lt |
3 months |
HTTP |
_hjAbsoluteSessionInProgress |
nostra.lt |
1 day |
HTTP |
_hjFirstSeen |
nostra.lt |
1 day |
HTTP |
_hjid |
nostra.lt |
1 day |
HTML |
_hjTLDTest |
nostra.lt |
Session |
HTTP |
omnisendSessionID |
nostra.lt |
1 day |
HTTP |
soundestID |
nostra.lt |
Session |
HTTP |
soundest-views |
nostra.lt |
Session |
HTTP |
_hjIncludedInPageviewSample |
nostra.lt |
1 day |
HTTP |
Commercial (targeting or advertising) cookies |
|
|
|
CLID |
clarity.ms |
1 day |
HTTP |
IDE |
doubleclick.net |
1 month |
HTTP |
_fbp |
nostra.lt |
3 months |
HTTP |
_gcl_au |
nostra.lt |
3 months |
HTTP |
_fb_chat_plugin |
nostra.lt |
Permanent |
HTML |
fr |
facebook.com |
3 months |
HTTP |
5. USE OF SOCIAL NETWORKS
5.1. All information you provide on social media (including posts, the use of the "Like" and "Follow" fields, and other communications) is controlled by the operator of the relevant social network.
5.2. Our Company currently has an account on the social network Facebook, the privacy policy of which is available at https://www.facebook.com/privacy/explanation;
5.3. Our Company currently has an account on the social network Instagram, the privacy policy of which is available at https://help.instagram.com/519522125107875;
5.4. Our Company currently has an account on the social network LinkedIn, the privacy policy of which is available at https://www.linkedin.com/legal/privacy-policy;
5.5. Our Company currently has an account on YouTube, the privacy policy of which is available at https://policies.google.com/privacy?hl=en-US.
5.6. We encourage you to read third-party privacy notices and contact service providers directly if you have any questions about how they use your personal information.
6. SENDING NEWSLETTERS
6.1. The Company uses the services of a third party Omnisend to send newsletters. The third party Omnisend only uses the e-mail address of the recipient of the newsletter to successfully send it. The Omnisend Privacy Policy is available at:
6.2. You can unsubscribe from the newsletters by clicking on the "Unsubscribe" button at the bottom of each e-mail you receive, by replying to the e-mail you receive, or by contacting the Company directly by e-mail and expressing your wish to stop receiving the Company's newsletters.
7. E-COMMERCE
7.1. The e-shop of the Private Limited Liability Company "Nostra" has been created using the Electronic-LAB platform. Data collected for the purpose of e-commerce is stored on Electronic-LAB servers. The privacy policy of the e-shop platform is available at:
7.2. The Company uses the Swedbank payment collection platform Bank Link, Paysera and EveryPay to accept payments. The privacy policy of the payment acceptance platforms is available at:
7.3. Our website is protected by a security protocol that relies on a data encryption system certificate (SSL). The web address of such a store contains the letter "s": "https://".
8. PROVISION OF PERSONAL DATA
8.1. The Company undertakes to respect the obligation of confidentiality vis-à-vis Data Subjects. Personal data may be disclosed to third parties only if this is necessary for the conclusion and performance of a contract for the benefit of the Data Subject or for other legitimate reasons.
8.2. The Company may provide personal data to its data processors who provide services to the Company and process personal data. The Company's data processors shall have the right to process personal data only on the Company's instructions and only to the extent necessary for the proper performance of their obligations under the Contract. The company shall only use processors that provide sufficient guarantees that appropriate technical and organizational measures will be implemented in such a way as to ensure that the processing complies with the requirements of the Regulation and that the Data Subject's rights are protected.
8.3. The Company may also provide personal data in response to requests from a court or public authority to the extent necessary to properly comply with applicable law and the instructions of public authorities.
8.4. The Company guarantees that personal data will not be sold or rented to third parties.
9. PROCESSING OF PERSONAL DATA OF MINORS
9.1. Individuals under the age of 14 may not provide any personal data through the Company’s website. If a person is under 14 years of age, in order to use the Company's services, the written consent of one of the representatives (parent or guardian) regarding the processing of personal data must be provided prior to the provision of personal information.
10. TERM OF STORAGE OF PERSONAL DATA
10.1. Personal data collected by the Company is stored in hard copy documents and/or in the Company's information systems. Personal data shall be processed for no longer than is necessary for the purposes of the processing or for no longer than required by the data subjects and/or provided for by law.
10.2. Although the Data Subject may terminate the agreement and waive the Company's services, the Company must continue to retain the Data Subject's data due to possible future claims or legal claims until the data retention periods have expired.
11. RIGHTS OF THE DATA SUBJECT
11.1. The right of access to information about data processing.
11.2. The right of access to processed data.
11.3. The right to request rectification of data.
11.4. The right to request deletion of data ("the right to be forgotten"). This right shall not apply if the personal data requested to be deleted is also processed on another legal basis, such as processing necessary for the performance of a contract or the fulfillment of an obligation under the applicable law.
11.5. The right to restrict data processing.
11.6. The right to object to data processing.
11.7. The right to data portability. The right to data portability must not adversely affect the rights and freedoms of others. The Data Subject shall not have the right to data portability in respect of personal data processed in non-automated files, such as paper files.
11.8. The right to request that a decision based solely on automated processing, including profiling, not be applied.
11.9. The right to submit a complaint regarding the processing of personal data to the State Data Protection Inspectorate.
12. The Company shall be obliged to enable the Data Subject to exercise the aforementioned rights of the Data Subject, except in the cases prescribed by law when it is necessary to ensure state security or defense of the state, public order, prevention, investigation, detection or prosecution of criminal activities, the protection of the state's important economic or financial interests, the prevention, investigation, detection or prosecution of breaches of professional or official conduct, or the protection of the rights and freedoms of the Data Subject or of other individuals.
13. PROCEDURES FOR EXERCISING THE RIGHTS OF THE DATA SUBJECT
13.1. The Data Subject may contact the Company in order to exercise their rights:
13.1.1. by submitting a written request in person, by post, by a representative or by electronic means – by e-mail: info@nostra.lt;
13.1.2. orally – by phone: +370 521 62016;
13.1.3. in writing to: Sausių g. 44, Sausių k., Lentvario sen., Trakų r. sav..
13.2. You can also contact the Company’s Data Protection Officer via e-mail: asmensduomenys@sdg.lt.
13.3. In order to protect the data from unauthorized disclosure, the Company must verify the identity of the Data Subject upon receipt of a request from the Data Subject to provide data or exercise other rights.
13.4. Company response