Privacy Policy
1. General provisions
1.1. This Privacy Policy regulates how Sandra Grokauskaitė (hereinafter referred to as the Data Controller) processes, collects, uses, discloses and protects your personal data when you visit the website www.sandragrok.com (hereinafter referred to as the Website).
1.2. The data controller is responsible for the collection, use and disclosure of your personal data and ensures the protection of this data in accordance with the General Data Protection Regulation (2016/679) (hereinafter referred to as the “GDPR”) and other European Union and Lithuanian national data protection legislation.
1.3. Information about the Data Controller:
Data controller details:
„Sandra Grokauskaitė“
2. Privacy Policy Definitions
2.1. Personal data means any information relating to an identified or identifiable natural person (data subject), an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data and an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
2.2. Data processing – any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination with other data, restriction, erasure or destruction;
2.3. Data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of data; where the purposes and means of such processing are determined by Union or Member State law, the data controller or the specific criteria for his designation may be determined by Union or Member State law;
2.4. Data processor – a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller;
2.5. Consent of the data subject means any freely given, specific and unambiguous indication of the data subject’s wishes, by a statement or by a clear action, by which he or she signifies agreement to the processing of personal data relating to him or her;
2.6. A cookie is a small piece of text information that is automatically created when browsing the Website and is stored on your computer or other terminal device.
2.7. Direct marketing is an activity aimed at offering goods or services to individuals by mail, telephone or other direct means and/or asking for their opinion on the goods or services offered.
3. Collection and use of personal data
3.1. The data controller collects information you voluntarily provide in the contact form of the Website (name, surname, e-mail, phone number).
3.2. Information about the user experience on the Website is obtained using Cookies installed on the Website. Such information collection helps to better adapt the Website to the user’s convenience, increase the awareness and dissemination of the information on the Website, and track the effectiveness of advertising (if used).
3.3. When you visit the Website, you will receive a notification about the Cookies used on the Website. You can agree or disagree with the use of Cookies. If you do not agree to the use of Cookies, your personal data will not be used for marketing purposes. However, Cookies that are necessary for the smooth operation of the Website will still be used, regardless of whether you have agreed or not.
3.4. The data controller uses the collected information for direct marketing purposes – sending newsletters, sending notifications about promotions or special offers, and analyzing the market. Also, as mentioned above, the collected information is used to improve the user’s experience of visiting the Website, i.e. to ensure convenient use of the Website.
4. Data subject rights
4.1. 4. The data subject has the right to obtain from the data controller confirmation as to whether personal data relating to him or her are being processed, and if such personal data are being processed, has the right to access the personal data.
4.2. The data subject shall have the right to obtain from the controller the rectification of inaccurate personal data concerning him or her without undue delay. Taking into account the purposes for which the data were processed, the data subject shall have the right to request that incomplete personal data be completed, including by providing a supplementary statement.
4.3. The data subject has the right to request that the data controller erase personal data relating to him or her without undue delay, and the data controller is obliged to erase personal data without undue delay if this can be justified by certain reasons provided for by law.
4.4. The data subject has the right to request that the data controller restrict data processing in certain specified cases.
4.5. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to the data controller, in a structured, commonly used and machine-readable format and shall have the right to transmit those data to another data controller, without hindrance from the data controller to whom the personal data have been provided.
4.6. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to personal data relating to him or her being processed for such marketing purposes, including profiling insofar as it is related to such direct marketing.
4.7. The data subject has the right to lodge a complaint with the supervisory authority.
5. Data security
5.1. The Data Controller has implemented various technical and physical measures to protect personal data from loss, unauthorized use or any alteration. However, although the Data Controller takes all necessary measures to protect your personal data, it is impossible to guarantee that your personal data will be completely protected, since browsing the Internet is not secure.
5.2. The Data Controller stores your personal data for 5 years. This period begins after the last day of using the Data Controller’s service or content.
5.3. The Data Controller undertakes not to transfer personal data to third parties. However, there are several cases where personal data may be transferred: To the Data Processor, if it provides services to the Data Controller and processes data on behalf of the Data Controller; To law enforcement authorities, in accordance with the procedure established by the legal acts of the Republic of Lithuania; To other third parties, with your consent.
Final provisions
6.1. If you have any questions, requests or comments regarding the modification, processing, use or storage of personal data, please contact the Data Controller by e-mail info@sandragrok.com
6.2. The data controller will provide a response within 30 calendar days after receiving your request.
6.3. If you believe that your personal data has been improperly processed or protected, you have the right to file a complaint with the State Data Protection Inspectorate.