Protecting personal data under the GDPR
Name and address of the responsible person
According to the definition of the General Data Protection Regulation and the national data protection laws and regulations of the Member States, the data protection officer is:
Siglus UAB
Phone number: +370 45 436801
Address: Klaipėdos g. 79a
Postal code LT-37106
City: Panevėžys
E-mail: info@siglus.lt
Scope of personal data processing
In general, we collect and use the personal data of our users to the extent necessary to ensure the proper functioning of the website and the quality of its content and services. We do this on a regular basis and only with the consent of our customers to allow the collection and use of personal data. An exception applies if it is not possible to request prior consent or if the processing is required by law.
Personal data will only be collected if you yourself consent to the provision of information about you when ordering. Otherwise, the website will only use your data without your consent for the purpose of fulfilling and processing your order. Once all the formalities of the order have been completed and the customer has paid the agreed price in full, your data will not be allowed to be used and will only be deleted after the expiry of the retention period for fiscal and commercial information, unless you yourself express your willingness to allow us to continue to use that data.
Transfer of personal data
Your data will also be transferred to the freight forwarding company if this is required for the delivery of the goods to the customer. In order to ensure smooth payment, we will transfer your payment details to the bank through which payment will be made or to the payment service provider you specify when completing your order.
Legal framework for processing personal data
Article 6(1) of the EU General Data Protection Regulation (GDPR) comes into force once the data subject has consented to the processing of his/her personal data.
The processing of personal data required for the purpose of signing a contract with the data subject is governed by Article 6(1)(3) GDPR. This also applies to data that is needed before the contract is signed. As the processing of personal data is carried out in accordance with the statutory procedure, our company is guided by Article 6(1) GDPR.
In order to protect the vital interests of the consumer or natural person, the processing of personal data is governed by Article 6(1) GDPR.
If the data are necessary for the protection of the legitimate interests of our company or of a third party, and if the processing does not prejudice the interests of the data subject, the fundamental rights and freedoms of the data subject or the interests of others, Article 6(1) of the GDPR shall apply.
Erasure of data and duration of data retention
User data shall be erased or deleted when there is no longer any need to store it. On the other hand, the EU or national legislator reserves the right to retain the data in accordance with EU directives, laws or other regulatory acts applicable to data controllers. Data shall also be erased or deleted after the expiry of the standard retention period or if there is no longer a need to retain the data for the purpose of entering into a future contract or the performance of contractual obligations.
Description and scope of data processing
Every time you open our website, the system automatically collects data and information from your computer's operating system.
The following data is collected:
1. information about the type and version of the browser you use;
2. the user's operating system;
3. the user's internet service provider;
4. the user's IP address;
5. the date and time of access;
6. the blogs through which the user accesses our system;
7. the blogs that the user accesses through our website.
Log files contain IP addresses and data of other persons which may also be accessible to the user. For example, a link to a blog that enables the user to access the Internet, or a link to a blog that takes the user to another website, may allow access to the personal data of others.
The data is also stored in our log files. The storage of this data does not affect the user's IP address or any other data accessed. The aforementioned data is not stored together with other personal data of the user.
Legal framework for data processing
The temporary storage of data and log folders is governed by Article 6(1) of the GDPR.
For what purpose is the data processed?
It is necessary to store an IP address in the system for temporary use, so that the user can access the website from his/her computer. For this purpose, the user's IP address must be stored for the duration of the session.
Log folders are stored in files to improve the functionality of the website and to ensure the security of our information technology. Data is not collected for marketing purposes.
It is therefore our ambition to process the data we hold in accordance with Article 6(1) of the GDPR.
Duration of storage
The data will be deleted if it is no longer appropriate to collect it. The data used to make the website work is stored for the duration of the session.
Data stored in the log folders will be kept for a maximum of seven days. It can be stored for longer. In this case, the user's IP addresses will be deleted or classified and the user will no longer have any access to his/her account.
Withdrawal of consent and means of data disposal
It is necessary to collect data on the website and store it in log folders to ensure optimal online performance. Consumer complaints in this case would therefore be completely unfounded.
Description and scope of data processing (analysis of search patterns)
We use cookies on the website to help us analyse the user's search habits. The following data may be collected for this purpose:
1. search phrases;
2. page views;
3. the use of the website features.
The collected user data will be classified by technical means and will not be accessible to the user. The data will not be stored together with other users' data.
Description and scope of data processing (shopping cart)
Some cookies remain on your computer so that the website recognises you each time you visit (persistent cookies). We do not allow partners to collect, process or use personal data through cookies on our website. Some browsers allow the use of standard cookies. You can enable or disable the use of both temporary and permanent cookies in your security settings. Disabling cookies may sometimes prevent certain features of the website from being supported, and may cause some pages of the website to function incorrectly. You can only use our shopping cart with temporary cookies enabled! The data stored in our cookies will not be linked to your personal data (name, address, etc.). They will not be linked to your personal data (name, address, etc.) without your explicit consent.
We use Google Analytics services
Our website uses Google Analytics, a web analytics service including Google, which uses special cookies. These are text folders stored on your computer to analyse the use of the website. For example, they record information about your operating system, browser, the website you have used in the past (referrer URL), your IP address and the date and time of your visit to our website. The information generated by this text folder about your use of our website is transmitted to a Google server in the USA for storage. This information will be useful to Google for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and use of the online space. Where such activities are required by law or where third parties process this data on Google' s behalf, Google will also transfer this information to such third parties. Such use of the data will be anonymous or the user will be identified under a false name. Such use will be anonymous or under a false name. For more information, please go to Google. Click here.
Legal framework for data processing
The processing of personal data using cookie folders is governed by Article 6(1) of the GDPR.
What is the purpose of the processing?
By analysing the data in the cookie folder, we aim to improve the quality and content of our website. By analysing the results, we can see how our website is being used, so that we can continuously optimise its functions.
In this sense, we aim to process personal data in accordance with the requirements of Article 6(1) of the GDPR.
Duration of storage, withdrawal of consent and possibility of removal
Cookies stored on the user's computer are automatically placed on our website. You, as a user, therefore have the right to control the use of cookies. You can disable them or restrict their transmission by changing your browser settings. Saved cookies can be removed at any time. This is done automatically. If cookies are disabled on your website, it is unlikely that you will be able to use all the features of the website.
Flash cookies cannot be adjusted in your browser settings software, but can be done by changing the settings of these cookies.
Newsletter Description and scope of data processing
On our website you can subscribe to a free newsletter. The data you provide when registering your order will be transmitted to us.
For this purpose, we will collect the following data:
1. The IP address of the user's computer
2. Date and time of registration
When registering, you will be asked to authorise the processing of your data in accordance with the confidentiality policy.
The data related to the subscription to the newsletter is used only for the purpose of sending the newsletter.
We use the mailing service provider MailChimp to send out our newsletters. "MailChimp is a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, Georgia 30318 ("Rocket"). "Rocket uses the so-called "Safe Harbor Abkommen" ("Safe Harbor Agreement"), a data protection agreement between the European Union and the United States of America.
The data saved during registration is transmitted to and stored by Rocket. The data entered during registration will not be passed on to other third parties. In order to confirm your registration, MailChimp will send you an email after registration. In addition, MailChimp offers various analytical options to analyse how the sent newsletters are opened and used, such as how many users the email was sent to, whether the newsletter was rejected and whether users unsubscribed from the list after receiving the email. However, these analyses only relate to the group and we do not use them for individual evaluation. In addition, MailChimp uses Google Analytics, an analytics tool from Google, Inc. and may include it in the newsletter. For more information about Google Analytics, please refer to this privacy statement "Data collection using Google Analytics".
For more information about data protection at MailChimp, please visit http://mailchimp.com/legal/privacy/.
Legal framework for data processing
The legal regime for processing data following registration for the newsletter with the consent of the user is regulated by Article 6(1)(a) GDPR.
For what purpose is personal data processed?
The email address is necessary for the newsletter to reach the user.
Other personal data provided by the user at the time of registration will be useful to prevent misuse of the services provided by the website or the user's email address.
Duration of storage
The data will be deleted if it is no longer appropriate to collect it. The user's email address will be retained for the duration of the newsletter subscription.
Withdrawal of consent and possibility of data disposal
The user may unsubscribe from the newsletter at any time.
Simply click on the appropriate button on the website next to the newsletter.
Register at Description and scope of data processing
We offer users the possibility to register on our website by providing personal data. The data is recorded in an encrypted input template and is only transmitted to the internet service provider. The following data is required for registration:
1. email;
2. a password;
3. a referral name.
In addition to these data, other data will be entered during registration:
1. the user's IP address;
2. date and time of registration.
When registering data, the user's permission to process the data must be obtained.
Logging in using universal access technologies(Facebook, Google)
We offer the possibility to use the services of our website using global access technologies. In this case, it will not be possible to register additionally. When you register on the website, you will be redirected to the relevant page of the provider of the single sign-on technology and you will enter your personal login data. In this way, the profile data you provide there will also be accessible to our service: name, surname, email address, user ID and gender.
This information will be automatically transmitted to us by the respective service provider. This information will be automatically transmitted to us by the relevant service provider. The data listed above will be useful to us in identifying you.
Login via Facebook
For additional information about Facebook login settings and privacy requirements, please refer to the Facebook Inc. Data Protection and Terms of Use.
Logging in via Google
For further information on the settings and confidentiality requirements for logging in via Google, please refer to the Data Protection and Terms of Use descriptions.
Legal framework for data processing
The legal regime for processing data with the user's consent is regulated by Article 6(1)(a) GDPR.
If the data is provided during registration for the purpose of fulfilling the user's order or other pre-contractual obligations, Article 6(1)(b) GDPR applies.
For what purpose is the data processed?
The user is obliged to provide personal data at the time of registration insofar as it relates to the execution of an order or to pre-contractual obligations.
This data is useful when ordering goods from the online shop.
Duration of storage
The data will be deleted if it is no longer appropriate to collect it.
For example, if you have registered on the website when entering into a contract or fulfilling any pre-contractual obligations, but then you no longer need the data. It is sometimes important to retain the personal data of a contractual partner even after the expiry of the contract, when you have to comply with contractual or legal obligations
Withdrawal of consent and the possibility of data deletion
The user has the right to unsubscribe at any time. You can recover your data whenever you wish
by contacting us by e-mail or regular mail.
Siglus UAB
Phone number: +370 45 436801
Address: Klaipėdos g. 79a
Postal code LT-37106
City: Panevėžys
E-mail: info@siglus.lt
If the data is necessary for the conclusion of a contract or for the fulfilment of pre-contractual obligations, it can only be deleted earlier if it does not interfere with contractual or legal obligations.
Contact page and email contacts Description and scope of data processing
Our website contains a contact page where the user can access our e-mail. If the user makes use of this option, the data entered by the user will be encrypted by the system, recorded and transmitted to us. This:
1. order number;
2. phone number;
3. name and surname;
The following data is also recorded when the message is sent:
1. the IP address of the user;
2. date and time of registration.
We will only process your data with your consent and after we have made you aware of the data protection requirements of our website.
You can also contact us at the email address provided on the website. In this case, the personal data of the user transmitted with the email will be recorded.
This information is only used to process the content of the communication.
Legal regulation of data processing
The legal regime for processing data with the consent of the user is regulated in Article 6(1)(a) GDPR.
The processing of data provided by the user by sending a message to an e-mail address is governed by Article 6(1)(f) GDPR. If the email address is used for the purpose of concluding a contract, then Article 6(1)(b) GDPR applies additionally to the processing of the data.
For what purpose is the data processed?
We are only interested in the encrypted personal data processed insofar as it is necessary to store the contact details. If our website is contacted via an e-mail address, the data provided by the user will also come to our attention.
Other personal data provided by the user when sending a message will be useful to prevent misuse of the contact details provided and to ensure the security of our website's IT systems.
Duration of storage
The data will be deleted if it is no longer appropriate to collect it. The personal login data provided on the contact page and when sending a message to an e-mail address will only be deleted once the communication with the user has ended. The communication will be deemed to be closed when it is clear that the user's concern has already been addressed.
Additional personal data entered during the communication will be deleted after a maximum of seven days.
Withdrawal of consent and possibility of data deletion
The user may withdraw consent to our use of personal data at any time. If the user communicates with us via e-mail, he or she may, at any time, prohibit the recording of his or her personal data. But in this case, communication on the website will become impossible for him.
The user will only have to contact us by e-mail or by post:
Fastlita UAB
Fax: 8 675 40033
Phone number: +370 675 40033
Address: Žemaičių pl.
Postal code: LT-48258
City: Kaunas
E-mail: info@stampas.lt
All personal data entered on the website during a communication session will be deleted in this case.
Active notifications via Firebase Google
We offer a free active messaging service on our website. You can subscribe to this service by clicking on the "Allow" button. Social media:
1. Google+
Our websites use the Google +1 functionality. The service provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
Collecting and sharing information: by clicking the "Google +1" button
You can publish information around the world. By using the Google +1 button, you will be able to share your personal content with Google and our other partners. "Google stores both the information about the +1 content and information about the page you have viewed after clicking +1. Your +1, together with your profile name and photo, will serve as a link when you use Google services, such as the search page or your Google profile or other websites and ads. "Google records information about your activity when you visit Google +1 in order to improve the service we provide to you and other users. To use the Google +1 button, you must have a publicly visible Google profile and a username of your choice. This name will be displayed when you use all Google services. In some cases, it can be replaced by another name that you have used to share content through your Google account. Your profile will be displayed to visitors who know your email address or have other information about your identity.
Use of the information collected: in addition to the purposes mentioned above, the information you collect will be used in accordance with the data protection requirements established by Google. "Google may publish statistics about the activity of visitors to +1 or may pass them on to users and partners, such as computer game publishers, advertisers or aggregator sites.
2. Facebook
Our pages contain plug-ins for the social network Facebook, a service provider of Facebook, Inc., 1 Hacker Way, Menlo Park, California, 94025, USA. "The Facebook plug-ins on our website are marked with the Facebook logo or the "Like" button. You can find out more about Facebook plugins here developers.facebook.com/docs/plugins / developers.facebook.com/docs/plugins.
When you visit our pages, the plug-in will automatically connect your browser to the Facebook server. "Information about your visit to our website and your IP address will be transmitted to Facebook. If you click on the "Like" button on Facebook after logging in to your Facebook account, you will be able to share the content of our website with your Facebook profile. In this case, you will be able to link to our pages on Facebook using your account. Please note that our website does not collect information about the content and use of data transmitted from Facebook. For more information on Facebook's privacy policy, please visit https://lt-lt.facebook.com/privacy/explanation. If you do not want Facebook to visit our website, please deactivate your Facebook user account.
3. Twitter
Our pages include features of Twitter services. These features include
provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA.
94103, USA. The Twitter and Re-Tweet feature allows you to visit websites that are linked to your Twitter account and known to other visitors. This data will also be transmitted to Twitter. Please note that our website does not collect information about the content and use of data transmitted via Twitter. For more information, please refer to Twitter's privacy policy at twitter.com/privacy.
You can change your privacy settings in your Twitter account at twitter.com/account/settings.
4. Instagram
Instagram features are enabled on our website. Service provider Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. By logging in via your Instagram account, you can share the content of our pages by clicking on the Instagram button. You will then be able to connect to our pages on Instagram using your account. Please note that our website does not collect information about the content and use of data transmitted via Instagram.
For more information on Instagram's privacy policy, please visit https://help.instagram.com/519522125107875.
5. Pinterest
Our website contains plug-ins for the social network Pinterest. The provider of these services is Pinterest Inc. 635 High Street, Palo Alto, CA, 94301, USA ("Pinterest"). If you visit a page with such plug-ins, your browser will be automatically connected to the Pinterest server and will transmit your protocol data to the Pinterest server in the USA. This may include your IP address, the addresses of the websites you have visited with plug-ins installed, data about your browser type and settings, the date and time of your searches, and your use of Pinterest and cookies.
For more information on the purpose and scope of Pinterest's use and processing of your data, as well as on your rights and options for ensuring your privacy, please visit https://policy.pinterest.com/en/privacy-policy.
Rights of data subjects
This list sets out all the rights of data subjects guaranteed by the GDPR. There is no need to mention other rights that are not relevant to data subjects. In this sense, the list can be shortened.
If you process your own personal data, you are a data subject as defined by the GDPR and have the right to contact the controller.
Right to information
You have the right to ask the controller to confirm whether we are actually processing your personal data.
If the data in question has not yet been processed, you may request such information from the controller:
1. for what purpose the personal data will be processed;
2. the specific personal data to be processed;
3. to which category or categories of persons your personal data have been or will be disclosed;
4. the period for which your personal data are intended to be retained or, if this cannot be determined, the criteria used to determine the duration of retention;
5. whether you have the right to have your personal data concerning you rectified or erased, or to restrict or prohibit the actions of the controller;
6. do you have the right to lodge a complaint with the supervisory authority?
7. to receive all available information about unknown data that have not been collected by the data subject;
8. to enable the data subject to have the problem automatically addressed, including through the GDPR's automatic profiling of personal data in accordance with the requirements of Article 22(1) and (4) of the GDPR, and - at least in the cases listed - to be informed specifically about the grounds for such action, as well as the possible consequences of such processing on the personal data of the data subject.
You have the right to request information as to whether your personal data are transferred to third countries or to any international organisation. Otherwise, you may request the guarantees applicable to the data subject provided for in Article 46 of the GDPR.
Right to rectification
You have the right to request the controller who processed your personal data to rectify or correct errors or to clarify if the data is incorrect or inaccurate. The controller is obliged to rectify them without delay.
Right to restrict the scope of processing
You may restrict the scope of processing of your personal data if:
1. You do not accept the time period within which the controller would have time to verify the information relating to your personal data;
2. if the processing has been carried out unlawfully, but you do not consent to the erasure of your data and you request the restriction of access to your data;
3. if the controller sees no need to further process your personal data, but they will be useful to you where necessary for the establishment or defence of legal claims; or
4. if you have made the claims provided for in Article 21(1) of the GDPR, but you are not sure that the legitimate grounds put forward by the controller are not prejudicial to your interests.
If the processing of your personal data is nevertheless restricted, the data in question may, subject of course to its retention, only be processed with your consent or following the intervention of legal authorities, or in order to protect the rights of another natural or legal person or on grounds of overriding reasons of public interest relating to the EU or a Member State of the Union.
If the processing of your personal data has been restricted for the reasons listed above, the controller must inform you before such restrictions come into force.
Right to erasure Obligation to erase data
You may request the controller to erase the data relating to you without delay and the latter shall be obliged to erase it without delay if:
1. there is no longer any need to store or otherwise process the data relating to you;
2. if you withdraw your consent in accordance with Article 6(1)(a) or Article 9(2)(a) of the GDPR in relation to the processing of the data and if there is no other lawful basis for the processing of the data;
3. if you make a claim pursuant to Article 21(1) of the GDPR in relation to the processing of the data and if there is no other substantial legitimate ground for the processing of the data or if you make a claim pursuant to Article 21(2) of the GDPR in relation to the processing of the data;
4. if the data relating to your person have been unlawfully processed;
5. if the data relating to you have been erased in compliance with legal obligations of the European Union or of the Member States which are also binding on the controller;
6. if the data relating to your personal data are used by information agencies whose lawful activities are covered by Article 8(1) of the GDPR.
Information to third parties
If the controller has disclosed data relating to your person which, pursuant to Article 17 of the GDPR, are subject to a data protection obligation. Article 17(1), it must take appropriate steps, taking into account the technological means, including those of a technical nature, available to it and the costs involved, to inform the other controllers processing your data of your request, as a data subject, to erase the data relating to your person from all links or copies or synchronised applications.
Exceptions
You do not have the right to erasure of data processed in accordance with the requirements:
1. where it is necessary to ensure freedom of expression and the right to information;
2. where it is necessary for compliance with legal obligations under EU or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
3. where it is in the public interest in the field of public health pursuant to Article 9(2)(h) and 9(3) of the GDPR;
4. where it is in the public interest to store data for archival or scientific or historical research or statistical purposes within the meaning of Article 89(1) of the GDPR, subject to the right referred to in point (3), that these conditions do not allow the attainment of the specific objectives or are likely to constitute a serious obstacle to the attainment of the specific objectives; or
5. if the data subject will need them to assert, exercise or defend legal claims.
Right to be informed
If the data subject has the right to rectification, erasure or restriction of the controller's processing of personal data, the controller must require all persons to whom the personal data relating to you have been disclosed to rectify or erase the data, or to restrict the processing in any other way, even if this would be impossible or involve disproportionate costs.
You have the right to request information from the controller about those persons.
Right to data portability
You have the right to receive personal data relating to your person that you have provided to the controller in a structured, commonly used and computer-readable format. You also have the right to transfer that data to another controller, and the controller to whom you have provided your personal data shall not prevent you from doing so if:
1. the processing is based on your consent in accordance with Article 6(1)(a) or 9(2)(a) of the GDPR or on a contract in accordance with Article 6(1)(b); and
2. the processing is carried out by automated means.
When exercising the right to transfer your data, the data subject has the right to require one controller to transmit your personal data directly to another controller, where technically feasible. This shall be without prejudice to the freedoms and rights of other persons.
The right to transfer your data may not be exercised in relation to the processing of personal data where the controller is required to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller.
Right to object
You have the right to object at any time to the processing of your personal data in accordance with Article 6(1)(e) or (f) of the GDPR in the event of an unusual situation, and the same applies to profiling based on these provisions.
The controller shall no longer process the data relating to your person unless the controller demonstrates that the processing is necessary for imperative grounds of urgency which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Where personal documents are processed for marketing purposes, you, as the data subject, have the right to object at any time to the processing of your personal data for such purposes, and the same applies to profiling where it is directly related to marketing.
If you object to the processing of your data for marketing purposes, said data will no longer be processed for these purposes.
If you use information society services, you have the right - notwithstanding Directive 2002/58/EC - to exercise the possibility to prevent automated measures subject to technical specifications from being applied to you.
Right to withdraw consent to data retention
You have the right to withdraw your consent to the storage of your data at any time. Such action will not have negative legal consequences for your personal data processed up to that point.
Automated decision-making including profiling
You have the right to object to a decision if it is based solely on automated processing, including profiling, and it causes you legal conflicts or is contrary to your other interests. You do not have the right to choose a different solution if:
1. the conclusion or performance of a contract between the data subject and the controller;
2. if this right is exercised by the EU or by Member States in their countries and the controller takes appropriate measures to protect the rights and freedoms and legitimate interests of the data subject; or
3. if the data subject himself or herself consents
In any case, such decisions should not be based on special categories of personal data as provided for in Article 9(1) of the GDPR, unless Article 9(2)(a) or (g) applies in this case, and appropriate measures are taken in order to protect your rights and freedoms and legitimate interests.
In the first and third cases, the controller shall take appropriate measures to protect your rights and freedoms and legitimate interests and to ensure that you have the right to request human intervention from the controller, to express your views and to contest the decision.
Theright to lodge a complaint with the supervisory authority
Without prejudice to other administrative or judicial measures, you have the right to lodge a complaint with the supervisory authority of the Member State in which you reside, work or otherwise, where you consider that your rights may have been infringed by the non-compliance with the GDPR regulation on the processing of personal data
Upon receipt of a complaint, the supervisory authority informs the applicant of the progress and outcome of the complaint and of the possibility for him/her to apply to the courts in accordance with Article 78 GDPR.