Privacy Policy
UAB “LIBRA VITALIS” PRIVACY POLICY
1. WHAT THIS DOCUMENT IS
1.1.
This privacy policy of UAB “Libra Vitalis” (hereinafter – the “Policy”) applies to all personal data that you provide to us
or that we collect and process when you use the website libra.lt (hereinafter – the “Website”) and the Libra Vitalis
and CREOLINK social media accounts on Facebook, Instagram, and LinkedIn (hereinafter – the “Accounts”) managed by UAB “Libra Vitalis”.
The Policy sets out the privacy terms when using the Website or contacting us by email, phone, or other communication channels,
as they relate to the processing of personal data and our Personal Data Processing Rules (hereinafter – the “Rules”).
1.2.
In this Policy, the term “personal data” means any information by which you can be identified – directly or indirectly.
Personal data includes, but is not limited to, surname, first name, date of birth, postal or email address, location data,
internet identifiers, and characteristics specific to you.
1.3.
When processing your personal data, we comply with the General Data Protection Regulation (EU) 2016/679 (GDPR) of 27 April 2016,
the Republic of Lithuania Law on Legal Protection of Personal Data, and other legal requirements on personal data processing.
1.4.
The provisions of this Policy apply to our clients who have purchased, are purchasing, or intend to purchase our products,
business partners (including their employees), and individuals who contact us directly by submitting requests, claims,
or requirements either in person at our office or via remote communication channels (phone, email, etc.).
1.5.
The Policy applies to all persons visiting the Website, whether or not you are our client, and also covers actions you may perform on the Website.
The Policy also provides information on the processing of personal data of all other individuals that is carried out by us in the course of
conducting our business, entering into, and executing contracts.
1.6.
Please read this Policy carefully to understand the practices we apply when processing your personal data. After reading this document,
you will know how we process your personal data, where we obtain it from, to whom we disclose it, how we protect it, and what rights you have
as a data subject.
2. DATA CONTROLLER
2.1.
This Website is managed and administered by, and the data controller is UAB “Libra Vitalis”, legal entity code: 140817146,
registered office at Vakarinė g. 100, LT-06298 Vilnius, Lithuania, contact details: libra@libra.lt, tel. +370 5 2526001
(hereinafter – “We”).
3. PROCESSED PERSONAL DATA, PURPOSES, LEGAL BASIS AND RETENTION PERIODS
For the purpose of contract conclusion, performance, and administration
Categories of personal data:
Name, surname, VAT number, personal identification number, contact details (phone number, residential address, email address),
bank account number, information about goods or services planned to be purchased or already purchased, delivery address,
information about the person collecting the order, payment data, purchase history, information about returns of goods and refunds,
history of mutual communication between you and us, including electronic correspondence, information about delivery of goods or provision of services.
Legal basis for processing, source of data:
- Data are processed based on your consent and on the basis of a contract.
- We obtain your personal data from you.
Sharing of data:
For this purpose, we provide or share your data with companies providing audit, accounting, or other services,
if their services are necessary to achieve the purposes specified in this Policy.
Data retention period:
We store your personal data for the duration of the contract and for 10 years after its termination, unless a different
retention period is established by the laws of the Republic of Lithuania. In case of a dispute, the retention period may be
extended until the day of the final enforceable decision.
For the purpose of ordering goods/services
Categories of personal data:
Name, surname, VAT number, personal identification number, contact details (phone number, residential address, email address),
bank account number, information about goods or services planned to be purchased or already purchased, delivery address,
information about the person collecting the order, payment data, purchase history, information about returns of goods and refunds,
history of mutual communication between you and us, including electronic correspondence, information about delivery of goods or provision of services.
In the event that you create an account, we additionally process information about the account creation date and time, and IP address.
Legal basis for processing, source of data:
- Data are processed on the basis of a contract.
- In the event that you indicate that another person will collect the goods, we process that person’s data on the basis of our legitimate interest to fulfill the concluded contract.
- We obtain your personal data from you.
Sharing of data:
For this purpose, we provide or share your data with companies providing audit, accounting, or other services if their services are necessary
to achieve the purposes specified in this Policy; for the purpose of delivering goods – with courier services or companies providing logistics services.
Data retention period:
Personal data are stored for the duration of the goods’ warranty period. In case of a dispute, the retention period for this purpose may be
extended until the final decision is made.
For the purpose of issuing invoices and carrying out accounting
Categories of personal data:
Name, surname, VAT number, contact details (phone number, residential address, email address), bank account number,
information about purchased goods or services, including price and applicable taxes, invoice issue date and number,
information about completed payment, and payment date.
Legal basis for processing, source of data:
Your personal data are processed on the basis of a contract and for us to fulfill the legal obligations applicable to us,
as established in the Law on Financial Accounting of the Republic of Lithuania and other legal acts.
Sharing of data:
For this purpose, we provide or share your data with companies providing audit, accounting, or other services,
if their services are necessary to achieve the purposes specified in this Policy.
Data retention period:
10 years after the invoice issuance or other financial transaction.
For the purpose of receiving and publishing feedback about the Company’s goods or services
Categories of personal data:
Name, surname, contact details (phone number, email address), position, represented company (its name), represented brand,
content of the comment to be published, information about the purchased and reviewed product, date of the feedback, country of residence.
Legal basis for processing, source of data:
- Your personal data are processed based on your consent.
- For this purpose, we obtain your personal data directly from you.
Sharing of data:
For this purpose, your data are published on our Website, and we provide or share the data with legal entities providing Website maintenance
and other information technology services.
Data retention period:
For as long as the product or service being reviewed or rated is available on the market.
For the purpose of direct marketing
Categories of personal data:
Name, surname, email address, phone number, name of the represented company.
Legal basis for processing, source of data:
- Data are processed based on your consent.
- We obtain your personal data directly from you.
Sharing of data:
For this purpose, we provide or share your data with companies providing newsletter and automated messaging services.
Data retention period:
3 years from the date of obtaining consent to process personal data, in cases where the data subject has not concluded a contract with us.
More information about cookies can be found in Section 5 of this Policy.
For the purpose of handling your requests, inquiries, or complaints
Categories of personal data:
Name, surname, email address, phone number, residential address, internet address (IP), nickname, related company (its name),
content of the complaint and/or inquiry, date and time of contacting us, communication information, content of the comment to be published.
Legal basis for processing, source of data:
Data are processed based on your consent. For this purpose, we obtain your personal data: (i) directly from you, (ii) while handling a request
or analyzing a complaint, we may generate personal data ourselves (e.g., after receiving your complaint, we contact third parties regarding factual
circumstances and record them, or similar).
Sharing of data:
For this purpose, we provide or share your data with our legal representatives, law enforcement authorities, and courts.
Data retention period:
3 years from the date they are recorded, except in cases where there are grounds to believe that a crime or other illegal actions have been recorded,
or an internal investigation has been initiated, in which case the retention period extends until the conclusion of the respective investigation and/or proceedings.
For the purpose of our organized trainings and other events
Categories of personal data:
Name, surname, contact details (phone number, email address, social media accounts, if provided), workplace name, position (if sent by the employer
or if you provide this information), information about the event you attended (topic, date, time, duration, location, etc.), IP address and login data
(if the event is online), and other data necessary for proper event organization.
Legal basis for processing, source of data:
Personal data are processed based on your consent, on the basis of a contract, or on our legitimate interest to present our activities to the public,
assuming that the personal data processed are necessary to achieve this legitimate interest.
Sharing of data:
For this purpose, your data are published on our Website, and we provide or share the data with legal entities providing Website maintenance and other
information technology services, companies providing automated messaging services, and event organizers.
Data retention period:
For this purpose, we retain the data until the completion of the respective event’s organization and execution.
For the purpose of improving the Website and offering you better and more personalized services
Categories of personal data:
IP address, type of web browser used, number of visits, pages viewed on the Website, time spent on the Website, demographic data, unique ID, and other data.
Legal basis for processing, source of data:
- Personal data are processed based on your consent.
- We obtain the data directly from you.
Sharing of data:
For this purpose, we provide or share your data with legal entities providing Website maintenance and other information technology services,
data storage services, marketing services, and other service providers.
Data retention period:
Personal data are stored for as long as the specific cookie is valid, unless you withdraw your consent for cookie placement earlier.
More information about cookies can be found in Section 6 of this Policy.
For the purpose of managing and administering social media accounts (Facebook, Instagram, LinkedIn)
Categories of personal data:
Social media account name, profile picture, comments, likes, content of inquiries.
Legal basis for processing, source of data:
Personal data are processed based on your consent and our legitimate interests.
Sharing of data:
For this purpose, we provide or share your data with legal entities providing Website maintenance and other information technology services,
data storage services, marketing services, and other service providers.
Data retention period:
Personal data are stored as long as our or your social media account is active, unless you request the deletion of your data from our social media accounts earlier.
4. HOW WE COLLECT AND PROCESS YOUR DATA
4.1.
We process your personal data obtained in the following ways:
4.1.1. When you provide them to us (e.g., by writing to us or communicating with our team members, submitting inquiries and/or complaints, instructions, comments, etc., or when subscribing to our newsletter);
4.1.2. When you use our managed Website and/or our Accounts, certain information (e.g., IP address or other data) is collected automatically;
4.1.3. When we obtain your personal data from other persons in accordance with legal acts and/or this Policy.
4.2.
When you use the Website, certain non-personal information (e.g., IP address, type of web browser used, number of visits, pages viewed on the Website,
time spent on the Website, online source from which you arrived, information about the device used, language, country, etc.) is collected automatically.
This information is used to improve the Website, the content of our social media accounts, their functionality, and appeal.
4.3.
We may combine the personal data obtained from you with data collected by us from other public and/or available sources
(e.g., we may combine the personal data you provide with data obtained through Website cookies or lawfully obtained from third parties, etc.).
5. USE OF YOUR PERSONAL DATA FOR DIRECT MARKETING
5.1. We may use your personal data for direct marketing purposes in order to provide you with offers and information about our goods and services, inform you about events we organize, and provide other information about the Company’s activities that, in our opinion, may interest you.
5.2. For direct marketing purposes, we process only the personal data specified in Section 3 of this Policy and only with your consent.
5.3. You can choose whether to allow us to use your personal data for direct marketing purposes. You can give your consent at any time and withdraw it at any time.
5.4. By granting us the right to process data for direct marketing purposes, you also give us permission to contact you by email for this purpose.
5.5. We may combine the information we have about you with information held by third parties in order to provide you with offers.
5.6. With your consent to use your personal data for direct marketing purposes, we may use your anonymized personal data to analyze and improve the effectiveness of our Website, advertising, and market research, as well as for other marketing and sales purposes.
5.7. You can withdraw your consent to process your personal data for direct marketing purposes at any time, either in whole or in part, by one of the following methods:
5.7.1. By indicating your refusal to use your personal data for direct marketing purposes in electronic messages or offers received (e.g., by clicking the unsubscribe link in a newsletter), or
5.7.2. By visiting our office at the address specified in this Policy and submitting a written request clearly stating your name and surname. In such cases, we may request identity documents;
5.7.3. By sending us a signed request via email to libra@libra.lt, clearly stating your name and surname. In such cases, we may request identity documents.
5.8. Upon receiving your request as specified in Section 5.7, we will stop processing your personal data for direct marketing purposes.
5.9. Please note that if you want us to delete your personal data or provide you with information about the personal data we process, you must submit a separate request.
6. USE OF COOKIES
6.1. We collect information about you using cookies and similar technologies. Cookies are small files temporarily stored on your device’s hard drive that allow you to be recognized during subsequent visits to the Website and/or our Accounts, save your browsing history, preferences, customize content, speed up searches on the Website, create a convenient and user-friendly environment, and provide it more effectively and reliably. Cookies are a common web browsing practice that facilitates the use of the Website.
6.2. Through cookies, we may collect information such as: IP address, type of web browser used, number of visits, pages viewed on the Website, time spent on the Website, demographic data, information about subscribers referred via social networks, unique ID.
6.3. Information obtained via cookies is used for the following purposes:
- 6.3.1. To ensure the functionality of the Website (e.g., so that you can properly use the features provided on the Website);
- 6.3.2. To improve and develop the Website and/or our Accounts so that it better meets your needs;
- 6.3.3. For service development and analysis of Website and/or Account usage;
- 6.3.4. For targeted marketing purposes.
6.4. We may, without violating legal requirements, combine information obtained via cookies with information obtained about an individual through other means (e.g., Website and/or Account usage data combined with personal data you have provided).
6.5. The Website may use the following types of cookies:
- Essential cookies
- Functional cookies
- Analytical cookies
- Marketing or targeting cookies
- Social media cookies
6.6. For analysis purposes, we use the services of Google Analytics and the cookies it provides. Although we have access only to aggregated data (we do not use cookies to identify a specific individual), the service provider of these cookies may have access to your personal data.
For more information on how Google processes your personal data, please visit:
more information.
Please note that this is a hyperlink to a third-party website, which we cannot control and are not responsible for its content.
By accepting third-party cookies, you also agree to the privacy policies of the respective service providers.
6.7. Information about cookies used on the Website, their purpose, duration, and the data they collect is provided in the table below:
| Cookie name | Purpose | Duration |
|---|---|---|
| Cookieyes-consent | Essential cookie. This cookie is necessary for the proper functioning of the Website, e.g., to ensure secure login or allow you to adjust your cookie settings. These cookies do not store any personal information. | 1 year |
| Viewed_cookie_policy | Essential cookie. This cookie remembers whether the user has already seen the cookie notification and ensures that it is not displayed again. | 1 year |
| _GRECAPTCHA | Essential cookie. This cookie is set by “Google reCAPTCHA” to protect the Website from automated attacks and to verify that the user is human. | 6 months |
| pll_language | Functional cookie. This cookie remembers the user’s selected Website language so that the same language is displayed during their next visit to the Website. | 1 year |
| _ga | Analytical cookie. This cookie is used for individual visitor statistics. | 2 years |
| _ga_ | Analytical cookie. This cookie maintains the session state. | 2 years |
| _gd_au | Marketing cookie. This cookie is used by Google Ads to help analyze the effectiveness of advertising campaigns. | 3 months |
| IDE | Marketing cookie. This cookie is used by “DoubleClick” (Google) to display personalized advertisements on the Website. | 13 months |
| test_cookie | Marketing cookie. This cookie is used to check whether the user’s browser accepts cookies before displaying advertisements. | 15 minutes |
6.8. Our Website may use social media cookies, for which the respective social media administrators are responsible.
6.9. You can give your consent to use cookies by clicking the “Accept all cookies” option in the cookie banner provided on the Website. If you do not give consent to store cookies, cookies that are not essential will not be stored on your device.
6.10. You can withdraw your consent to use cookies at any time. This can be done by changing your web browser settings so that it does not accept cookies. How to do this depends on your operating system and web browser. Detailed information about cookies, their use, and options to refuse them can be found at AllAboutCookies.org or google.com/privacy_ads.html.
6.11. In some cases, especially when disabling technical and functional cookies, refusing cookies, or deleting them, it may slow down browsing speed, limit the functionality of certain Website features, or block access to the Website.
7. SHARING OF DATA
7.1. The data we collect from you will be stored on servers located within the EU; however, in certain cases, such as for backups or during technical maintenance, the data may be shared outside the EU/EEA. When sharing your data outside the EU, we will take all necessary measures to ensure that your data is processed securely and in accordance with this Policy.
7.2. Please note that information sharing over the Internet is not completely secure. Therefore, despite our efforts to protect your personal data, we cannot guarantee complete data security when you transmit data to the Website – the risk associated with sharing data via the Website rests with you.
7.3. If we become aware of a security breach of your personal data that may pose a serious risk to your rights or freedoms, we will promptly inform you as soon as we become aware and determine which information was accessed.
8. YOUR RIGHTS
8.1. As a data subject, under the GDPR and the Law on Legal Protection of Personal Data of the Republic of Lithuania, you have the following rights:
8.1.1. To know (be informed) about the processing of your personal data;
8.1.2. The right to request access to your personal data, have them corrected or deleted, or to restrict their processing;
8.1.3. The right to object to the processing of your data;
8.1.4. The right to request the destruction of personal data if they are processed unlawfully, or when you withdraw your consent to the processing of personal data, or do not give such consent where it is required;
8.1.5. The right to receive your personal data in a structured, commonly used, machine-readable format and the right to transmit them to another data controller without hindrance (the right to data portability).
8.2. If you believe that your rights under the GDPR or other applicable personal data protection laws have been violated, you may submit a complaint to the State Data Protection Inspectorate of the Republic of Lithuania, located at L. Sapiegos g. 17, Vilnius, Lithuania; email: ada@ada.lt.
8.3. You may submit requests or complaints related to personal data processing to us personally, by mail, or by electronic means using the contact details specified in Section 2.1 of this Policy. Upon receiving your request, we may ask you to provide identity documents, as well as any other additional information necessary to process your request. We will respond to your request no later than 30 calendar days from the date of receipt of your request and all documents required to provide the response.