Privacy Policy
Version: 2021-11-01
This Privacy Policy (hereinafter referred to as "Privacy Policy") governs collection, storage and use of personal information collected by the Technobela, UAB (hereinafter referred to as "Controller") in relation to the use of the website www.foog.com (hereinafter referred to as "Website") and/or purchase of the services and goods offered on the Website by customers (hereinafter referred to as "Customers").
Namely this Privacy Policy outlines:
- personal data being collected by the Controller;
- the purposes and grounds of processing of personal data;
- the recipients or categories of recipients of personal data;
- the period for which personal data will be stored or the criteria used to determine that period;
- personal data safeguarding measures the Controller undertakes to apply;
- rights of the Customer.
The Controller undertakes to process personal data collected via the Website in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as GDPR) and other applicable privacy laws.
- Controller
- Technobela, UAB, legal entity code 305676010, VAT payer code LT100013724510, registered in Republic of Lithuania, address: Laisves pr. 6-1107, 05103 Vilnius, LT, contact phone number: +447389643835, e-mail address: [email protected], is a controller of Customers’ personal data.
- Scope of the personal data
- The Controller may process the personal data as follows:
- Customer’s name (names);
- Customer's phone number;
- Customer's email address;
- IP address and MAC address;
- Banking and/or credit card information;
- Additionally, but only after obtaining Customer’s permission, the Controller may use Google Analytics to collect information about sex, age, interests, web pages visited or to be visited, peripheral equipment used, software settings, and referrer URL.
- Purposes and grounds of processing of the personal data
- The Controller collects and processes personal data of Customers for the following purposes:
- conclusion and execution of purchase agreements (delivery of products purchased, initiate and/or accept payments);
- verification purposes for the use of the Website;
- sending newsletters;
- gathering the Website statistics, improvements of the Website use;
- market analysis and target audience analysis;
- targeting advertising and making personal offers.
- administration and maintenance of the Website;
- compliance with legal obligations, or protection and enforcement of Controller’s legal rights and those of its partners or other users;
- The personal data are processed on the following grounds:
- processing is necessary for the conclusion and/or execution of the agreement between the Customer and the Controller (point (b) of Article 6 (1) of the GDPR);
- processing is necessary to comply with a legal obligation of the Controller (point (c) of Article 6(1) of the GDPR);
- processing is necessary to promote Controller’s justified interests, such as […] (point (f) of Article 6(1) of the GDPR);
- Customer has given his/her consent (point (a) of Article 6(1) of the GDPR).
- Retention of personal data
- Customers’ personal data are processed as long as it is necessary to provide services/goods to them but not less than the Controller is obliged to process respective personal data by applicable law (fiscal laws of the Republic of Lithuania require to keep purchaser’s/client’s data for 10 years after relevant transaction is executed). Personal data, processed by the Controller on basis of the Customer’s consent, is processed and stored until such a consent is withdrawn.
- The Controller may retain Customer’s information after it is no longer necessary to provide services/goods to comply with the law, prevent fraud, resolve disputes, troubleshoot problems and to comply with other legitimate obligations.
- Disclosure of personal data to other parties
- Customers’ personal data can be disclosed to trusted partners with which the Controller has contracted. Such partners may be hired for services/works as follows:
- for providing relevant services to the Controller;
- for closing and executing purchase agreements;
- the delivery of products;
- payment processing;
- the financial administration;
- delivery of the newsletter;
- survey in order to detect and prevent fraudulent activity.
- The Controller can also disclose the Customers’ personal data to governmental bodies and law enforcement authorities, any purchaser or (on terms of confidentiality) likely purchaser of the Controller’s business and/or other third parties where required or permitted by law.
- The Controller shall only disclose personal data to third parties with whom it has signed a processing agreement unless disclosure of the personal data is legally required and allowed.
- The Controller collects data with the help of Google Analytics' (tracking) cookies and share them with third parties. More information about this is provided at policies.google.com/privacy.
- Storage and security of personal data
- Customers’ personal data is stored in electronic and physical records maintained by the Controller and/or its service providers. For maintenance of the personal data the Controller and/or its service providers may use servers located in different countries across European Union. Controller’s service providers may have servers located overseas. Where personal data is processed outside the European Union, the Controller will ensure that the data is processed in accordance with Lithuanian law requirements and/or that there are adequate safeguards in place to protect the personal data.
- The Controller has taken appropriate technical and organizational measures to protect Customers’ personal data against unlawful processing. These measures include the following:
- all persons who have access to your personal data on behalf of the Controller are obligated to keep personal data secret;
- the Controller’s systems are protected by a user name and a complex password policy;
- the Controller makes backups to be able to recover data in case of physical or technical incidents;
- the Controller regularly tests and evaluates its systems and measures;
- the Controller’s employees are informed about the importance of the protection of personal data.
- Customers’ rights
- Customer can review his/her personal data held by the Controller within the relevant application.
- Customer may object against the processing of his/her personal data (or part thereof) by the Controller. Customer also has a right to “be forgotten” and to have the data provided by him /her to be transferred to him/her or directly to a third party. Customer also has the right to refuse to be subject to automated individual decision-making, including profiling. Customer has the right of limitation and the right to object.
- If personal data is being processed based on Customer’s permission, the Customer has the right to withdraw that permission at all times by providing to the Controller respective written application (including by marking respective field on the Website).
- The Controller may ask the Customer to identify him(her)self before granting his/her request.
- If Customer thinks that his/her rights have been violated, the Customer may contact State Data Protection Inspectorate (Address: L. Sapiegos g. 17, Vilnius 10312, tel. (8-5) 279 1445, e-mail [email protected], http//vdai.lrv.lt).
- Queries
- Should Customer have any queries in relation to the processing of his/her personal data by the Controller, he/she may contact the Controller by email: [email protected]
- The Controller reserves the right to ask proper identification of the Customer before executing his/her request.