Jūsų privatumas – svarbiausia

Privatumo politika

Privatumo politika

INTRODUCTION

Please read the privacy policy of Artwin Baltics UAB and SP Z.O.O Artwin Poland (hereinafter referred to as "Artwin" or "we", "us", "our" in this privacy notice).

"Artwin" respects your privacy and is committed to protecting your personal data. This privacy policy informs you about how we handle your personal data when you visit our website (regardless of the location from which you visit) and explains your privacy rights and how the law protects you.

This privacy policy is provided as a reference content, listing the main sections. To understand the meaning of some of the terms used in this text, please consult the Glossary.

Table of Contents

  1. IMPORTANT INFORMATION AND WHO WE ARE
  2. THE DATA WE COLLECT ABOUT YOU
  3. HOW YOUR PERSONAL DATA IS COLLECTED
  4. HOW WE USE YOUR PERSONAL DATA
  5. DISCLOSURE OF YOUR PERSONAL DATA
  6. DATA SECURITY
  7. DATA RETENTION
  8. YOUR RIGHTS
  9. GLOSSARY

1. IMPORTANT INFORMATION AND WHO WE ARE

PURPOSE OF THIS PRIVACY POLICY

The purpose of this privacy policy is to provide you with information about how Artwin collects and processes your personal data when you use this website, including any data you may provide on this website when you subscribe to our newsletter, purchase a product or service or enter a competition.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy policy together with any other privacy notice or fair processing notice that we may provide in particular cases when collecting or processing your personal data, so that you know how and why we use your data. This Privacy Policy is in addition to other notices and is not intended to override them.

DATA CONTROLLER

"Artwin" is the data controller and responsible for your personal data.

We have appointed a Data Protection Officer to deal with issues relating to this privacy policy. If you have any questions about this privacy policy or any requests relating to the exercise of your rights, please contact the Data Protection Officer using the details below.

CONTACT DETAILS

Email: info@artwin.io, support@artwin.io

You have the right to lodge a complaint at any time with the State Data Protection Inspectorate, the supervisory authority responsible for data protection issues in Lithuania or Poland. However, we would be grateful if you would give us the opportunity to resolve your concerns before you contact the State Data Protection Inspectorate, so please contact us first.

CHANGES TO THE PRIVACY POLICY AND YOUR OBLIGATION TO NOTIFY CHANGES

This Privacy Policy may be updated from time to time.

It is important that the personal data we hold about you is accurate and up to date. Please let us know if your details change during the course of our relationship with you.

THIRD PARTY LINKS

This website may contain links to third party websites, plug-ins and applications. By clicking on these links or enabling logins, you may allow third parties to collect or share your data. We do not control these third party websites and are not responsible for their privacy statements. When you leave our website, we recommend that you read the privacy policy of each website you visit.

2. THE DATA WE COLLECT ABOUT YOU

Personal data or personal information means any information about an individual from which that individual can be identified. It does not include data where the person is not identified (anonymous data).

We may collect, use, store and transfer different types of personal data about you, which we have categorised into the following groups:

  • Identity Data generally includes the following data (to the extent applicable): [name, surname, username or similar identifier, job title, date of birth, gender].
  • Contact data in a general sense includes the following data (to the extent applicable): [billing address, delivery address, email address and telephone numbers].
  • Financial data generally includes the following data (to the extent applicable): [bank account and payment card details].
  • Transaction data generally includes the following data (to the extent applicable): [information about payments to you or by you and other information about products and services you purchase from us].
  • Technical Data generally includes the following data (to the extent applicable): [Internet Protocol (IP) address, your login details, browser type and version, time zone settings and location, browser plug-in types and versions, operating system and platform and other technologies on the devices you use to access this website].
  • Profile Data generally includes the following data (to the extent applicable): [your username and password, your purchases or orders, your interests, preferences, feedback and survey responses].
  • Usage data generally includes the following data (to the extent applicable): [information about your use of our website, products and services].
  • Marketing and Communications Data generally includes the following data (to the extent applicable): [your preferences about receiving marketing from us and our third parties and your preferences about communications].
  • Vehicle data generally includes the following data (to the extent applicable): [vehicle registration number, vehicle identification number (VIN) and other information about the vehicle].

We also collect, use and share aggregated data, such as statistical or demographic data, for any purpose. Aggregate Data may be derived from your personal data, but is not considered personal data under the law as this data does not reveal your identity either directly or indirectly. For example, we may aggregate your usage data in order to calculate the percentage of users who use a particular website feature. However, if we combine or link the Aggregated Data with your personal data in a way that directly or indirectly identifies you, we will treat the combined data as personal data that will be used in accordance with this Privacy Policy.

We do not collect your Special Categories (special) personal data (this includes information about your race, ethnic origin, religious or philosophical beliefs, sex life, sexual orientation, gender identity, political opinions, trade union membership, information about your health, genetic and biometric data). We also do not collect any information about your criminal record or criminal offences.

IF YOU DO NOT PROVIDE PERSONAL DATA

Where we are required to collect personal data by law or under the terms of a contract we have with you and you do not provide this data when we ask for it, we may not be able to perform the contract we have entered into with you or the contract we are seeking to enter into with you (such as providing you with goods or services). In this case, we may have to cancel the provision of the product or service you purchase from us, but we will inform you if this situation arises.

3. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different ways to collect data from you and about you, including:

Direct communication

You may provide us with your identity, contact, financial, profile, marketing and communications and other data by filling in forms and communicating with us by post, telephone, email or other means. This includes providing personal data when you:

  • apply for our products or services, enquire about our products or services or purchase our products or services;
  • create an account on our website;
  • subscribe to our service or publications;
  • request marketing products to be sent to you;
  • participate in a competition, promotion or survey;
  • or provide us with feedback.

Automated technologies or interfaces

When you use our website, we may automatically collect technical, usage and profile data about you, including, but not limited to, your equipment, browsing actions and patterns. We may collect this personal data through the use of cookies, server logs and other similar technologies. We may also receive technical, usage, profile and other data about you if you visit other websites that use our cookies. For more information about our cookie policy, please see section 8.

Third party or publicly available sources

We may receive your personal data from a variety of third party and public sources as set out below:

  • Technical data from the following parties:
    • analytics service providers [e.g. Google outside the EU];
    • advertising networks; and
    • information search providers.
  • Contact, financial and transactional data from technical, payment and delivery service providers.
  • Identity and contact data from data collection and aggregation agents.
  • Identity and contact data from publicly available sources [e.g. the Register of Legal Persons and the Electoral Register in the EU].
  • Vehicle data from manufacturers, parts suppliers, inspection centres, repairers, registers and other sources.
  • Any other means of collecting personal data.

4. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when we are legally able to do so. The most common circumstances in which we will use your personal data are:

  • When we have to perform a contract that we plan to enter into with you or that we will enter into with you.
  • Where it is necessary for our legitimate interests (or the legitimate interests of a third party) and your interests and fundamental rights will not override those interests.
  • Where we are required to comply with a statutory or regulatory obligation.

We generally do not rely on consent as a legal basis for processing your personal data, except in relation to third party direct marketing communications sent to you by email or text message. You have the right to withdraw your consent to marketing communications at any time by contacting us.

THE PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA

In the table below, we have provided a description of all the ways in which we intend to use your personal data and the legal bases on which we will do so. In addition, we have highlighted our legitimate interests that would be relevant in the relevant cases.

It should be noted that we may process your personal data on more than one lawful basis, depending on the specific purpose for which we use your data. Please contact us if you need information about the specific legal basis on which we process your personal data where more than one basis is listed in the table below.

Purpose/activity Data type Legal basis for processing, including the legitimate interest ground
Register you as a new customer (a) Identity data(b) Contact details Performance of the contract with you
To process and deliver your order and/or provide you with services, including:(a) processing payments, fees and charges(b) receive and recover monies due to us (a) Identity data(b) Contact details(c) Financial data(d) Transaction data(e) Marketing and communication data (a) Performance of the contract with you(b) Where it is necessary for our legitimate interests (to recover debts owed by you to us)
Manage our communications with you, including:(a) notifying you of changes to our terms and conditions and privacy policy(b) asking you to provide feedback or participate in a survey (a) Identity data(b) Contact details(c) Profile data(d) Marketing and communication data (a) Performance of the contract with you(b) Where necessary to comply with a legal obligation(c) Where it is necessary for our legitimate interests (to update our records and to investigate how customers use our products/services)
To give you the opportunity to enter a lottery, competition or survey (a) Identity data(b) Contact details(c) Profile data(d) Usage data(e) Marketing and communication data (a) Performance of the contract with you(b) Where it is necessary for our legitimate interests (to study how customers use our products/services, to improve our products/services and to grow our business)
To operate and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and data hosting) (a) Identity data(b) Contact details(c) Technical data (a) Where it is necessary for our legitimate interests (for the conduct of our business, the provision of administration and IT services, network security, to prevent fraud, and for the reorganisation of our business or restructuring of the group)(b) Where it is necessary to comply with a legal obligation
To provide you with relevant website content and advertisements and to evaluate and understand the effectiveness of the advertising we provide to you (a) Identity data(b) Contact details(c) Profile data(d) Usage data(e) Marketing and communication data(f) Technical data Where it is necessary for our legitimate interests (to study how customers use our products/services, to improve our products/services, to develop our business and to inform our marketing strategy)
Conduct data analysis to improve our website, products/services, marketing, customer relations and experience (a) Technical data(b) Application data Where it is necessary for our legitimate interests (to identify our customer types for our products and services, to update and keep our website up to date, to develop our business and to inform our marketing strategy)
To provide you with suggestions and recommendations for goods and services that may be of interest to you (a) Identity data(b) Contact details(c) Technical data(d) Usage data(e) Profile data Where it is necessary for our legitimate interests (to improve our products/services and grow our business)

OUR PROMOTIONAL OFFERS

We may also use your identity, contact, technical, usage and profile data to form a view about what we think you may want or need, or may be interested in. In this way, we make decisions about what products, services and offers may be relevant to you (we call this marketing).

You will receive our marketing communications if you have requested information from us or purchased goods or services from us, or if you have provided us with your details when you entered a competition or registered for a promotion, and in any event if you have not opted out of receiving marketing communications.

THIRD-PARTY MARKETING

We will obtain your explicit consent before transferring your personal data for marketing purposes to any non-Artwin companies.

OPTING OUT OF MARKETING MESSAGES

You can ask us or third parties to stop sending you marketing communications at any time by [signing up on the website and ticking or unticking the relevant boxes to clarify your preferences, or by clicking on the unsubscribe links for any marketing communications we have sent you, or by] contacting us.

Opting out of marketing communications will not affect the processing of your personal data for non-marketing purposes, such as the provision of the product/service to you, warranty registration, product/service experience, other transactions, etc.

COOKIES

In certain applicable cases, you can set your browser to refuse all or some browser cookies. If you restrict or refuse cookies, please note that this may result in some parts of this website being unavailable or not working properly. For more information about the cookies we use, see section 8.

CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collect it, unless we reasonably believe that we need to use it for another reason and that reason is compatible with the original purpose. If you would like clarification on how processing for this new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will inform you and explain what legal basis allows us to do so.

Please note that we may process your personal data without your knowledge or consent in accordance with the above rules where required or permitted by law.

5. DISCLOSURE OF YOUR PERSONAL DATA

We may need to share your personal data with the following parties for the purposes set out in the table in paragraph 4 above:

  • Domestic third parties listed in the Glossary.
  • External third parties listed in the Glossary.
  • Third parties to whom we may decide to sell, transfer, merge part of our business or assets. We may also seek to acquire or merge with other businesses. In the event of such a change in our business, the new owners may use your personal data in the ways set out in this privacy notice.

We require all third parties to ensure the security of your personal data and to process it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and we only allow them to process your personal data for specified purposes and under our instructions.

THIRD PARTIES

Internal third parties

Other companies belonging to Artwin acting as joint controllers or processors and providing IT and systems administration services and information obligations.

External third parties

  • Service providers who are data processors and provide IT and system administration services.
  • Law enforcement structures, third parties involved in the prevention of crime and fraud, third parties involved in marketing and price comparison.

6. DATA SECURITY

We have put in place appropriate security measures to prevent accidental loss of your data, unauthorised use, obtaining, alteration or disclosure of your data. In addition, we restrict access to your data to those of our employees, agents, contractors and other third parties who need access to it for business reasons. They will only process your personal data on our instructions and will be subject to a duty of confidentiality.

We have established procedures for dealing with any suspected personal data breaches and will notify you and any competent authority of the breach where we are required to do so by law.

7. DATA RETENTION

HOW LONG WILL YOU USE MY PERSONAL DATA?

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of complying with any legal, accounting or reporting requirements.

In determining the appropriate retention period, we take into account the volume, nature and sensitivity of the personal data, the potential risk of harm that may arise from the unauthorised use or disclosure of your personal data, the purposes for which we are processing your personal data, whether we can achieve those purposes by other means, and the applicable legal requirements.

Information on the retention periods of your personal data is provided in our data retention policy, which you can request by contacting us.

More specifically, by law, we keep basic information about our clients (including contact, identity, financial and transactional data) for tax, financial audit and accounting purposes for at least 5 years after you cease to be our client.

In certain applicable circumstances, you may ask us to delete your data; for more information on this, see Request for deletion.

In certain circumstances, we may depersonalise your personal data (so that it can no longer be linked to you) for research or statistical purposes, in which case we may use this information indefinitely without informing you.

8. YOUR RIGHTS

You have rights under data protection legislation in relation to your personal data. You can find a more detailed explanation of these rights in the Glossary below:

  • Requesting access to your personal data;
  • Request for rectification of your personal data;
  • Request for erasure of your personal data;
  • Objection to the processing of your personal data;
  • Request to restrict the processing of your personal data;
  • Request to transfer your personal data;
  • Right to withdraw consent.

If you wish to exercise any of the above rights, please contact us.

NO FEE IS NORMALLY CHARGED

You do not have to pay any fee to obtain your personal data (or to exercise any other rights). However, we may charge a reasonable fee if your request is manifestly unfounded, repeated or disproportionate. In these circumstances, we may also refuse to comply with your request.

WHAT WE MIGHT NEED FROM YOU

We may need to request specific information from you in order to identify you and to ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person not entitled to receive it. We may also contact you to request further information in relation to your request for a faster response.

DEADLINE FOR REPLY

We aim to respond to all legitimate requests within one month. Sometimes we may take longer if your request is very complex or you have made several requests. In this case, we will inform you and provide you with an update.

9. GLOSSARY

LEGAL BASIS

Legitimate interest means our business interest in conducting and managing our business so that we can provide you and the market with the best service/product and the best and safest experience. We ensure that before processing your personal data for our legitimate interest purposes, we will take into account and weigh any potential impact (both positive and negative) on you and your rights. We will not use your personal data for activities where the impact on you overrides our interests (unless we have your consent or are required or permitted by law to do so). By contacting us, you can obtain further information about how we weigh our legitimate interests against any potential impact on you where this relates to a particular activity.

Performance of a contract means the processing of your data where it is necessary for the performance of a contract to which you are a party or, at your request, to take steps prior to the conclusion of such contract.

Compliance with a legal or regulatory obligation means the processing of your personal data for the purposes of compliance with a legal or regulatory obligation that we are required to comply with.

THIRD PARTIES

Internal third parties

Other companies belonging to Artwin acting as joint controllers or processors and operating in the [EEA] and providing IT and system administration services and undertaking to provide information.

External third parties

  • Service providers who are data processors [in the EEA] and provide IT and system administration services.
  • Law enforcement structures, third parties involved in crime and fraud prevention, marketing and price comparison third parties.

YOUR RIGHTS

You have the right to:

Request access to your personal data (this right is commonly known as "data subject access request"). This right gives you the opportunity to obtain the personal data we hold about you and to check whether we are lawfully processing it.

Request rectification of personal data that we hold about you. This right gives you the opportunity to request the rectification of any incomplete or inaccurate data that we hold about you. This may require us to assess the accuracy of new data that you provide.

Request deletion of your personal data. This right gives you the opportunity to request the erasure or removal of your personal data when there is no longer a reason for us to continue processing it. You also have the right to ask us to erase or remove your personal data where you have exercised your right to object to processing (see below), where we may have unlawfully processed your information or where we are required to erase your personal data by law. However, it should be noted that we may not always be able to comply with your request to erase your data due to specific legal reasons, if applicable, which we will inform you of at the time of your request.

Object to the processing of your personal data where we process the data on the basis of a legitimate interest (or the legitimate interest of a third party) and, in your particular situation, you object to the processing on this basis because you consider that it affects your fundamental rights and freedoms. You also have the right to object to processing where we process your personal data for direct marketing purposes. In some cases, we may be able to justify that we are required to process your data on a lawful basis that overrides your rights and freedoms.

Request to restrict the processing of your personal data. This right gives you the possibility to request that we stop processing your personal data in the following cases: (a) where you wish to establish the accuracy of the data; (b) where your data is being used unlawfully but you do not want us to delete it; (c) where you need us to retain the data (even if we no longer need it) in order to enable you to provide it to comply with a legal requirement or to defend yourself against a legal claim; or (d) where you have objected to our processing of your personal data, but we need to assess whether there is an overriding legitimate basis for us to continue to use it.

Request the transfer of your personal data to you or to a third party. We will provide your personal data to you or to the third party you specify in a structured, commonly used, machine-readable format. It should be noted that this right only applies to automated information for the use of which you originally gave us your consent or where we have used the information to perform a contract with you.

Withdraw consent at any time where we process your personal data on the basis of consent. However, this will not affect the lawfulness of the processing carried out before the withdrawal of consent. If you withdraw your consent, we may no longer be able to provide you with certain products or services. We will inform you if this situation arises at the time of your withdrawal of consent.