Privacy Policy

This Privacy Policy statement was last updated on 2019-11-08 and applies to citizens of the European Economic Area.

1. General Provisions

1.1. UAB “STIKLO KUBAS” (hereinafter the “Company”) respects the right to privacy enjoyed by all its clients (purchasers of services), including the visitors of the Websites of the Company at https://shop.vimi.lt and https://www.vimi.lt (hereinafter the “Websites”) (hereinafter the “Clients”), and undertakes to ensure protection of the personal data and their rights as data subjects.

1.2. The present Privacy Policy (hereinafter the “Policy”) regulates the main principles and procedure of collection, processing and storage of the personal data of the clients of the Company (including the visitors of the Website) to the extent, in the manner and for the purposes laid down in the present Policy and the Rules of Purchase-Sale of Goods at the Online Shop of the Company (hereinafter the “Rules”).

1.3. The Policy presents important information about the data of the Client which are collected and processed by the Company, the purpose of use, the length of storage, etc. of such data; therefore, the Clients are encouraged to read the Policy carefully. If you disagree with the Policy or any individual terms and conditions thereof, the Company hereby regretfully notifies that you shall not be able to use all or any of the services provided by the Company (hereinafter the “Services”).

1.4. While using the Website of the Company, when placing orders / using the services provided by the Company and by providing your personal data to the Company you agree with the provisions of the present Policy (with the exception of the data the processing whereof requires your separate consent). The Clients shall be deemed to have read the Policy by ticking a box below the text of the Policy when registering at the Website/Client System. The present Policy may be accessed at any time on the Website.

1.5. The Company respects the privacy of its Clients and the safety of your personal data is our priority. The Company takes the relevant organisational and technical means in order to ensure that your personal data are always safe and the data processing acts comply with the requirements of data protection legislation and internal policies of the Company.

1.6. When processing your personal data we act in compliance with the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “Regulation”), the Republic of Lithuania Law on Legal Protection of Personal Data, the Republic of Lithuania Law on Electronic Communications and other directly applicable legal acts, which regulate the issues of protection of personal data, also the instructions issued by the data protection supervisory authority (in Lithuania – the State Data Protection Inspectorate).

2. What definitions are used

2.1. Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2.2. Data subject means a natural person or a client of the Company (including the visitors of the Website) the personal data whereof are collected by the Company.

2.3. Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2.4. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

2.5. Data processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

2.6. Data controller means UAB “STIKLO KUBAS”, the company duly established in accordance with the laws of the Republic of Lithuania, registration number 302602574, registered office address: Visorių g 6 – 22, Vilnius, Republic of Lithuania, the data whereof are collected and stored in the Register of Legal Entities.

2.7. Cookie is a small piece of text information that automatically is created when browsing the Website and is stored on your computer or other device.

2.8. Direct marketing is an activity aimed at offering services to individuals by post, telephone or other direct means and / or inquiring about the goods or services.

3. Which personal data are collected by us

3.1. The Company collects and processes the following personal data that you submit when registering and accepting the Rules and (or) when placing orders for the services on the Website or when ordering the services by any other means:

Particulars of the person: name, surname, address, e-mail address, telephone number;

Data related with the provision/purchase of services and administration of services: data used for the conclusion and performance of purchase – sale agreements, provision of discounts, performance of purchase transactions, e.g., delivery and residence addresses, signatures, purchase and delivery service and the details of the order, account numbers, issuance of invoices, details of payments, information, etc.;

Data about the consent or refusal for the processing of personal data for the purposes of direct marketing;

Data about the consent or refusal for the profiling of the data for the purposes of submission of personalised offers;

Any other personal data provided by you additionally at own initiative when registering and (or) ordering, controlling the services.

3.2. It is highly important to ensure that your particulars are accurate and correct. If you provide incorrect (false) data, forget them or do not update the data that have changed, this may cause difficulties for us in ensuring the provision of services and implementation of your rights. In no case shall we assume any liability for the loss suffered by you as a result of the incorrect or incomplete provision of your personal data. In the event the data provided by you change, you must immediately notify about this by amending the relevant data in the registration form on the Website or in the mobile application. The Company does not have any possibilities to verify the correctness and authenticity of the data provided by you, thus, by accepting your registration questionnaire we shall deem your data to be correct and accurate and all your consents given on free will and after the careful examination of the present Policy and the Rules.

3.3. Your personal data, which are specified in paragraph 3.1 above shall be stored over the period of cooperation maintained between the Company and you (during the provision of services) and 5 (five) years thereafter.

3.4. The Company shall also collect and process the following:

3.4.1. Your account administration data: personal data provided by you indirectly when registering and (or) ordering the services on the Website, i.e. the following data shall be collected from your computers and (or) mobile devices by automated means when you login to the Website: login IP addresses and times, browser used by the user and its version, Websites visited by you before logging in to our Website, data about the use of services, e.g., the data collected with the help of cookies and similar technologies related with the online browsing, etc.

3.5. The personal data specified in subparagraph 3.4.1 above shall be stored as long as you hold the account on the Website. Such data may be stored for a longer period of time, if this is necessary due to the claims filed and if there are legal grounds for this.

4. For what purposes we process your personal data

4.1. The Company processes the personal data specified in paragraphs 3.1 and 3.4 above for the following data processing purposes:

– to identify the Clients and to communicate with you by responding to your enquiries, comments, by providing important information about the services, purchase terms and conditions  and (or) amendments of the present Policy, by contacting you in the event of detection of inaccuracies in the transactions performed, etc.;

– to identify the Clients in the information systems of the Company when registering on the Website and logging in to own accounts, as well as for other Client account supervision and administration purposes;

– to process the service purchase transactions performed by the Clients, to process and administer the services (the order); to process the documents related with the orders for services, and to contact you regarding the performance of contractual obligations;

– for the purposes of direct marketing and to profile the data when submitting personalised offers (only with the consent of the data subject)

5. How we process your personal data

5.1. We ensure that your personal data shall be: processed lawfully, fairly and in  a transparent manner; collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (by applying the data minimisation principle), accurate and, where necessary, kept up to date (by applying the principle of accuracy), processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (by applying the principles of integrity and confidentiality).

6. What rights of data subjects you have

6.1. You shall have the following rights of data subjects, which shall be implemented by us upon receipt of your request (by e-mail info@vimi.lt; by mail to the following address: UAB “STIKLO KUBAS”, P.d. 1444, 30-paštas, LT-02008 Vilnius, Lithuania) and proper confirmation of your identity: the right of access to the personal data and the purposes of the processing, the right to demand rectification of your inaccurate personal data, the right to have your incomplete personal data be completed, the right to demand erasure by the Company of your personal data  if: 

a. they are no longer necessary in relation to the purposes for which they were collected or otherwise processed, 

b. you withdraw consent on which the processing is based and where there is no other legal ground for the processing of your personal data, 

c. the personal data have been unlawfully processed, 

d. on other grounds laid down in the Regulation; the right to demand restriction by the Company of the processing of your personal data, the right to receive your personal data provided by you to the Company in a structured, commonly used and machine-readable format (you also have the right to request the Company to transfer your personal data to another controller), the right to object to the processing of your personal data (e.g., for the purposes of direct marketing, etc.).

6.2. Please be notified that if you believe that your rights of data subject have been violated, you may file a complaint to the State Data Protection Inspectorate. For more information about the State Data Protection Inspectorate and the procedure of examination of complaints please visit the Website at: https://www.ada.lt/

7. How we process personal data for the purposes of direct market

7.1. Only with your prior consent and by acting in compliance with the provisions of the Republic of Lithuania Law on Electronic Communications, the Republic of Lithuania Law on Legal Protection of Personal Data and the present Policy, we may send you newsletters (SMS messages, notifications via Viber Whats app, Messenger, Facebook or Instagram etc.) by e-mail and (or) enquire about the quality of the existing services.

7.2. The following personal data concerning you shall be processed by us for the purposes of direct marketing and data profiling in order to submit personalised offers to you:

Your name, surname, e-mail address, telephone number, city, country;

The request to mark the requested means of communication, the enquiry about the goods of interest;

The consent of the Client/data subject for the use of personal data for the purposes of direct marketing, the consent of the client/data subject for the profiling of data for the purposes of submission of personalised offers;

The signature

7.3. When administering the provision of services and while pursuing the goals specified in the present Policy we may apply the analysis of personal data (including the data of your purchases) and adopt decisions, including the profiling of your data.

If you have chosen to receive personalised offers and have given your consent for the profiling of the data to that end when completing your account questionnaire, in order to have a better knowledge of you, we shall not only process your particulars, we shall also additionally analyse and use your purchase data history for the purposes of sending personalised offers relevant to you.

7.4. As regards the submission of personalised offers, your personal data shall be stored until your withdrawal of consent for the profiling of data for the purposes of submission of personalised offers. We may store your consent and the proof of your consent for a longer period of time, if this is necessary to defend against the demands, claims, etc. filed against us. In the event of your consent for the profiling of your data for the purposes of submission of personalised offers to you, we can have a better knowledge of you, adjust the offers matching your needs and provide any other advantages adapted specially to you.

7.5. If you do not want that your data be profiled for the purposes of submission of personalised offers to you, you have the right not to give such consent or to withdraw it at any time by e-mail info@vimi.lt.  In such a case, you shall be able to continue using the services, but we shall no longer be capable of providing you with personalised offers and information.

7.6. Your personal data for the purposes of direct market shall be stored until your withdrawal of the consent to receive the direct marketing communications.

8. To whom we transfer your personal data

8.1. The employees of the Company shall have access to your personal data only when this is necessary for the implementation of their official duties and only after the employee has undertaken to comply with the confidentiality obligation.

8.2. The Company may provide your personal data: to data processors which provide services to the Company and process your personal data on behalf of the Company and for the benefit of the Company or for your benefit; to law enforcement authorities when there exist legal grounds for this; to other third persons provided that you have given your consent to that end.

8.3. We use only those data processors, which can ensure that the proper technical and organisational means were implemented in such a manner that the processing complied with the requirements of the Regulation and ensured protection of your rights as the data subject.

8.4. We hereby note that the abovementioned data processors have the right to process your personal data only in accordance with our instructions.

8.5. The data processor may not use another data processor without the prior specific and general written permit of the Company (data controller).

8.6. Your personal data may also be provided when responding to the official requests of state authorities and courts, but only after the verification of the lawfulness of such requests.

9. What cookies we use and why

9.1. We use cookies (small information files sent to your computer or any other device (for example, mobile telephone) while you are visiting out Website, which are saved in your browser. More about Cookies policy.

10. How you can contact us

10.1. On any issues related with the processing of data please contact us by the following means of communication:

By e-mail info@vimi.lt

By telephone +370 60786808

By mail sent to the following address: UAB “STIKLO KUBAS”, P.d. 1444, 30-paštas, LT-02008 Vilnius, Republic of Lithuania.

Detail of the Company as the data controller:

UAB “STIKLO KUBAS”

Legal entity registration number 302602574

Office address:  Visorių g. 6-22, LT-08300 Vilnius, Republic of Lithuania.

Data controller: UAB “STIKLO KUBAS”, the company duly established in accordance with the laws of the Republic of Lithuania, registration number 302602574, registered office address: Visorių g. 6-22, LT-08300 Vilnius, Republic of Lithuania, the data whereof are collected and stored in the Register of Legal Entities.

11. Term of validity of the Policy and procedure of amendment

11.1. The Director of Company shall approve, supplement and amend the present Policy, and determine the term of validity and other provisions related with the implementation of the present Policy. The Policy shall become valid on the date of approval of the Policy by the signature of the Director of the Company.

11.2. In the event the Policy is amended, supplemented or renewed, the updated version of the Policy shall be announced on the Websites.