The purpose of the Privacy Policy is to inform how the personal data of data subjects is collected and processed, how long it is stored, to whom it is provided, what rights data subjects have and where to go to exercise those rights, or any other issues related to personal data processing.

Personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation”), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the protection of personal data.

Visner UAB is guided by the following basic principles of data processing:

  • personal data are collected only for clearly defined and legitimate purposes;
  • personal data are processed only lawfully and fairly;
  • personal data is kept up to date;
  • personal data is kept secure and for no longer than the stated purposes of processing or the law requires;
  • personal data are processed only by those employees of the Company who are authorised to do so by virtue of their job functions or by duly authorised data processors.
  1. CONCEPTS
    1. Data Controller – UAB “Visner” (hereinafter – the Company), legal entity code 301741770, registration address Maironio g. 5, Garliava, Kauno r. sav.
    2. Data Subject – any natural person whose data is processed by the Company. The Data Controller collects only those data of the Data Subject that are necessary for the performance of the Company’s activities and/or for visiting, using, browsing the Company’s websites, social networking accounts, etc. (hereinafter referred to as the “Site”). The Company ensures that the personal data collected and processed will be secure and will only be used for a specific purpose.
    3. Personal data means any information relating directly or indirectly to a data subject whose identity is known or can be established, directly or indirectly, by reference to the data concerned. Processing of personal data means any operation performed on personal data (including collection, recording, storage, adaptation, alteration, access, retrieval, transmission, archiving, etc.).
    4. Consent means any freely given and informed indication by which the data subject consents to the processing of his or her personal data for a specific purpose.
  2. SOURCES OF PERSONAL DATA
    1. The personal data shall be provided by the data subject. The data subject contacts the Company, purchases goods and/or services sold by the Company, leaves comments, asks questions, subscribes to newsletters, contacts the Company for information, etc.
    2. The personal data is obtained when the data subject visits the Company’s website. The data subject fills in the forms on the website or leaves his/her contact details, etc., for whatever reason.
    3. Personal data is obtained from other sources. Data obtained from other bodies or companies, publicly accessible registers, etc.
  3. PROCESSING OF PERSONAL DATA
    1. By providing personal data to the Company, the data subject consents to the Company’s use of the collected data for the purpose of fulfilling its obligations to the data subject, and for the purpose of providing the services expected by the data subject.
    2. The Company processes personal data for the following purposes:
      1. Ensuring business continuity and business continuity. For this purpose, the following data is processed:
        • For the purpose of concluding and executing contracts, the following data of suppliers’ representatives are processed: name(s), surname(s), telephone number, e-mail address, name of the company, address, position, details of the mandate (number, date of birth, date of birth of the authorised person, signature).
        • Contracts, VAT invoices and other related documents shall be stored in accordance with the deadlines set out in the General Document Retention Index approved by the Order of the Lithuanian Chief Archivist.
        • The legal basis for processing is the need to perform a contract to which the customer is a party as a data subject or to take action at the customer’s request prior to entering into a contract with the customer (Article 6(1)(b) of the GDPR), where the processing of certain personal data is required by law (Article 6(1)(c) of the GDPR).
      2. Managing queries, comments and complaints. For this purpose, the following data is processed:
        • Name(s), surname(s) and/or username, email address, telephone number, address, subject of enquiry, comment or complaint, text of enquiry, comment or complaint.
        • Inquiries, comments and complaints are stored for 1 year after they are made.
        • The lawful basis for processing is that the processing is necessary for the purposes of the legitimate interests of the controller or of a third party, unless such interests are overridden by the interests of the data subject or by the fundamental rights and freedoms of the data subject, which make it necessary to ensure the protection of the personal data, in particular, in the case of a child (Art. 6 (1) (f) of the GDPR) and by the consent of the data subject (Art. 6 (1) (a) of the GDPR).
      3. E-commerce. For this purpose, the following data is processed:
        • Name(s), surname(s), purchase history, delivery address, residential address, telephone number, email address, product/service payment details.
        • Personal data is only stored to the extent and for the period necessary to achieve the purposes set out. When the personal data of a customer no longer needs to be processed, a decision shall be taken to destroy it, except for those that must be archived in accordance with the statutory requirements or the Company’s internal local regulations.
        • The legal basis for processing is the need to perform a contract to which the customer is a party as a data subject or to take action at the customer’s request prior to entering into a contract with the customer (Article 6(1)(b) GDPR).
      4. Direct marketing. For this purpose, the following data is processed:
        • Name(s), surname(s), date of birth, residential address, email address, telephone number.
        • The data will be kept for 5 years after the date of consent. This period may be extended if the personal data are used or may be used as evidence or a source of information in a pre-trial or other investigation, including an investigation by the DPAI, in a civil, administrative or criminal proceeding, or in any other case established by law. In such a case, personal data may be kept for as long as necessary for these processing purposes and destroyed as soon as they are no longer necessary.
        • The legal basis for processing is the data subject’s consent (Article 6(1)(a) of the GDPR) and the need to pursue the legitimate interests of the Company in order to improve the Company’s business activities and the success rate of its business (Article 6(1)(f) of the GDPR).
      5. Other purposes for which the Company has the right to process the data subject’s personal data, where the data subject has expressed his or her consent, where the processing is necessary for the Company’s legitimate interest, or where the Company is obliged to process the data by the relevant legal acts.
  4. USE OF SOCIAL NETWORKS
    1. Any information you provide via social media (including posts, the use of the “Like” and “Follow” boxes, and other communications) is under the control of the operator of the relevant social network.
    2. Our Company currently has an account on the social network Facebook, whose privacy policy is available at https://www.facebook.com/privacy/explanation;
    3. Our Company currently has an account on the social networking site Instagram, whose privacy policy is available at https://help.instagram.com/519522125107875;
    4. We recommend that you read the privacy notices of third parties and contact the service providers directly if you have any questions about how they use your personal data.
  5. SENDING NEWSLETTERS
    1. The Company uses third-party services such as MailChimp, Moosend, SendInBlue, GetResponse to send newsletters. The third party MailChimp, Moosend, SendInBlue, GetResponse uses only the email address of the recipient of the newsletter for the successful sending of newsletters. “The privacy policies of MailChimp, Moosend, SendInBlue, GetResponse are available at:
    2. You can unsubscribe from the newsletters by clicking on the “Unsubscribe” button at the bottom of each email you receive, by replying to the email you receive, or by contacting the Company directly by email and expressing your wish to stop receiving the Company’s newsletters.
  6. E-COMMERCE
    1. UAB “Visner” e-shop is built using WooCommerce platform. The data collected for the purpose of e-commerce is stored on WooCommerce servers. The privacy policy of the e-commerce platform can be found at:
      • “WooCommerce” privatumo politika: https://docs.woocommerce.com/documentation/get-help/woocommerce-com/privacy.
  7. PROVISION OF PERSONAL DATA
    1. The company undertakes to respect the duty of confidentiality towards data subjects. Personal data may be disclosed to third parties only if necessary for the conclusion and performance of a contract for the benefit of the data subject or for other legitimate reasons.
    2. The Company may provide personal data to its data processors who provide services to the Company and process personal data on behalf of the Company. The processors shall have the right to process the personal data only on the instructions of the Company and only to the extent necessary for the proper performance of their obligations under the contract. The Company shall only use processors that provide sufficient guarantees that appropriate technical and organisational measures will be implemented in such a way that the processing complies with the requirements of the Regulation and that the data subject’s rights are protected.
    3. The Company may also provide personal data in response to requests from the courts or public authorities to the extent necessary for the proper observance of applicable law and the instructions of public authorities.
    4. The company guarantees that personal data will not be sold or rented to third parties.
  8. STORAGE PERIOD FOR PERSONAL DATA
    1. Personal data collected by the Company is stored in hard copy documents and/or in the Company’s information systems. The processing of personal data shall not be longer than is necessary to achieve the purposes of the processing or longer than is required by the data subjects and/or provided for by law.
    2. Although the data subject may terminate the contract and refuse the Company’s services, the Company shall remain obliged to retain the data subject’s data for possible future claims or legal claims until the expiry of the retention periods.
  9. DATA SUBJECT RIGHTS
    1. The right to receive information about processing.
    2. The right of access to the data processed.
    3. The right to have data rectified.
    4. The right to have data erased (‘Right to be forgotten’). This right does not apply if the personal data for which erasure is requested is also processed on another legal basis, such as processing necessary for the performance of a contract or the performance of an obligation under applicable law.
    5. The right to restrict processing.
    6. The right to object to processing.
    7. The right to data portability. The right to data portability shall not adversely affect the rights and freedoms of others. The data subject shall not have the right to data portability in respect of personal data processed in non-automatically structured files, such as paper files.
    8. The right to request that a decision based solely on automated processing, including profiling, is not applied.
    9. The right to lodge a complaint about the processing of personal data with the State Data Protection Inspectorate.
  10. The company must provide conditions for the data subject to implement the above-mentioned rights of the data subject, except for cases established by law when it is necessary to ensure state security or defense, public order, prevention, investigation, detection or prosecution of criminal activities, important economic or financial interests of the state, official or professional prevention, investigation and detection of ethical violations, protection of the rights and freedoms of the data subject or other persons.
  11. PROCEDURE FOR EXERCISING THE RIGHTS OF THE DATA SUBJECT
    1. The Data Subject may contact the Company in order to exercise their rights:
      1. by written application in person, by post, by a representative or by electronic means – by email: info@voltlink.eu;
      2. in writing to Maironio g. 5, Garliava, Kaunas district municipality.
    2. In order to protect against unauthorised disclosure of data, the Company must verify the identity of the data subject upon receipt of a data subject’s request for the provision of data or the exercise of other rights.
    3. The Company’s response to the data subject shall be provided no later than one month from the date of receipt of the data subject’s request, taking into account the specific circumstances of the processing of personal data. This period may be extended by a further two months, if necessary, depending on the complexity and number of requests.
  12. RESPONSIBILITIES OF THE DATA SUBJECT
    1. The data subject shall:
      1. inform the Company of any changes to the information and data provided. It is important for the Company to have correct and valid data subject information;
      2. provide the necessary information to enable the Company to identify the data subject at the request of the data subject and to verify that it is communicating or cooperating with the data subject (by means of proof of identity or by means of a procedure established by law or by means of electronic communication which permits the proper identification of the data subject). This is necessary for the protection of the data subject’s data and the data of others, so that the information disclosed about the data subject is provided only to the data subject, without prejudice to the rights of other persons.
  13. FINAL PROVISIONS
    1. By transferring personal data to the Company, the data subject agrees to this Privacy Policy, understands its provisions and agrees to comply with it.
    2. The Company has the right to unilaterally change this Privacy Policy at any time as part of the development and improvement of the Company’s activities. The Company has the right to unilaterally, partially or completely change the Privacy Policy by notifying you on the website www.voltlink.eu.
    3. Amendments or changes to the Privacy Policy shall take effect from the date of their publication, i.e. the date on which they are posted on the website www.voltlink.eu.