PRIVACY POLICY

  1. BASIC CONCEPTS

1.1. Institution or Data Controller – VŠĮ “Socialinės terapijos namai”, company code 304834525, registered address J.Biliūno g. 22, Garliava, Lithuania.

1.2. Client or Data Subject – a natural person who is a client of the Institution (including website visitors), whose personal data is collected by the Institution.

1.3. Online Store – the Institution's online store at www.fullhearts.lt.

1.4. Services – all services provided by the Institution.

1.5. Personal Data – any information relating to an identified or identifiable natural person (Data Subject), who can be identified, directly or indirectly, by reference to such data as personal identification number, or one or more characteristics specific to the person’s physical, physiological, psychological, economic, cultural, or social identity.

1.6. Personal Data Processing – any operation or set of operations performed on personal data, such as collection, recording, storage, organization, grouping, modification (supplementation or correction), provision, disclosure, use, logical and (or) arithmetic operations, search, dissemination, destruction, or other actions.

1.7. Partner – a legal entity providing services to the Institution related to the Institution's activities, selling goods to it, or implementing joint projects, including but not limited to marketing campaigns, joint sales campaigns, loyalty programs, etc., in media, websites, online stores, retail outlets, and trade networks.

1.8. Cookie – a small piece of text automatically created while browsing the website and stored on the visitor's computer or other device.

1.9. Direct Marketing – activities aimed at offering goods or services to individuals by mail, phone, or other direct methods and (or) inquiring about their opinions on the offered goods or services.

1.10. Privacy Policy – this document, which outlines the principles and rules of personal data processing when using the services of the Online Store.

1.11. Account – the basic login credentials for the Online Store, consisting of one email address and a Password.

1.12. Password – a unique combination of numbers, letters, or a combination of numbers and letters or other symbols created by the Client to access the Online Store.

  1. GENERAL PROVISIONS

2.1. The Client grants the Institution the right to carry out all Personal Data processing actions as outlined in this Privacy Policy and for the purposes specified.

2.2. Personal data is processed following the Law on Legal Protection of Personal Data of the Republic of Lithuania and other laws and regulations governing the processing and protection of personal data, as well as this Privacy Policy.

2.3. The Institution processes personal data according to the following principles:

2.3.1. Personal data is collected for specified and legitimate purposes;

2.3.2. Personal data is processed accurately, fairly, and lawfully;

2.3.3. Personal data is relevant and limited to what is necessary for its collection and further processing;

2.3.4. Personal data is kept up to date;

2.3.5. Personal data is stored in a way that allows identification of the Data Subject for no longer than necessary for the purposes for which it was collected and processed;

2.3.6. All information about personal data is confidential;

2.3.7. The Client's personal data and personal information will not be used for unlawful purposes.

2.4. By purchasing from the Online Store, it is considered that the Client has read and agrees with the current version of the Privacy Policy. If the Client does not agree with any part of the Privacy Policy, they must refrain from placing an order and purchasing from the Online Store.

2.5. The Privacy Policy is available on the Online Store and can be printed at any time. The Institution may amend, supplement, or update the Privacy Policy at its discretion. The new version of the Privacy Policy is published in the Online Store.

2.6. The Client can place an order in the Online Store without registration or through their Account.

2.7. During the initial registration for the Online Store through the Account, the Client must provide their email address and create a secure Password, as well as provide accurate personal data for the Online Store. The Client is responsible for the accuracy of this information. Once the Account is created, the Client is assigned an identification code.

2.8. When using the Services or purchasing from the Online Store, the Client must always provide accurate personal data to the Online Store and is responsible for its accuracy.

2.9. The Client has the right to modify and supplement personal data in the Account at any time or request the deletion of the Account from the Online Store.

2.10. The Client must not disclose their Password to third parties and must keep it secure. Otherwise, the Client assumes full responsibility for any related consequences.

  1. COLLECTION, USE, CORRECTION, AND STORAGE OF PERSONAL DATA

3.1. The Institution respects each Client's right to privacy. The Client’s personal data (i.e., name, surname, email address, phone number, delivery address, age/date of birth, payment data for goods/services (bank account number, payment method, etc.), purchase history, and, with the Client's consent, age, gender, date of birth, place of residence) is collected and processed for the following purposes:

3.1.1. For online commerce purposes. The following personal data is processed: name, surname, email address, phone number, delivery address, age/date of birth, IP address, payment data for goods/services. Personal data for online commerce purposes is retained for five years from the date of the last login to the Online Store.

3.1.2. For direct marketing purposes. The following personal data is processed: name, surname, phone number, email address, address, age, gender, date of birth, place of residence. Personal data for direct marketing purposes is retained for five years from the date of the last login to the Online Store.

3.2. The Client may give consent for their personal data (name, surname, phone number, email address, address, age, gender, date of birth, place of residence) to be processed for direct marketing purposes. If the Client no longer wishes to receive direct marketing messages after giving consent, they may inform the Institution, and the Institution will stop processing their personal data for direct marketing purposes and will no longer send any electronic newsletters, except for information related to the Client's order.

3.3. The Client may withdraw their consent for the Institution to process their personal data for direct marketing purposes at any time by notifying the Institution via email at [email protected], clearly stating the withdrawal of consent for direct marketing purposes.

3.4. The Client may opt out of receiving direct marketing messages by clicking the appropriate link in each email sent.

3.5. The Client, as a Data Subject, has the following rights concerning the processing of their personal data:

3.5.1. To receive information from the Institution about the processing of their personal data and access their personal data and how it is processed;

3.5.2. To receive information from the Institution about the sources from which their personal data was collected, the purposes for which it was processed, and to whom the data was provided over the past year;

3.5.3. To request correction, deletion, or suspension of processing (except for storage) of their personal data if the data is processed in violation of the Law on the Legal Protection of Personal Data of the Republic of Lithuania.

3.6. To exercise their rights, the Client must present a passport, identity card, or driver's license. The Institution provides information about the processed personal data of the Data Subject free of charge once a year. The Client can exercise their rights by contacting the Institution via email at [email protected].

3.7. The Client’s personal data is not provided to third parties, except in the following cases:

3.7.1. When the Client's consent is obtained as outlined in this Privacy Policy;

3.7.2. Personal data is provided to Partners for the purposes of online commerce or services related to the Institution's activities;

3.7.3. In cases provided for by Lithuanian law, to competent authorities.

3.7.4. For payment processing, the Institution does not collect payment card data. Payment services are provided by partners such as PayPal (Luxembourg) and Paysera (Lithuania). Before choosing a payment method, please review the relevant partner's privacy policy.

3.8. The Client is aware of their right to object to the processing of their personal data for direct marketing purposes.

3.9. The Client agrees that their personal data may be transferred to Partners for the execution of their order or provision of services.

3.10. If the Client disagrees with the Privacy Policy, they will not be able to use the Online Store's services.

3.11. The Institution implements organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, or any other unlawful processing.

3.12. The Client agrees that their personal data may be stored longer than specified in this Privacy Policy if required by competent authorities or if personal data has been used in illegal activities or if there are reasonable suspicions of identity theft.

3.13. Upon receiving a Data Subject’s request or inquiry, the Institution provides a response or refusal within 30 calendar days from the date of the inquiry.

3.14. For the Institution to offer full services in the Online Store, cookies may be placed on the Client's computer (device) with the Client's consent.

3.15. To learn more about cookies, such as how to manage or delete them, visit www.allaboutcookies.org.

  1. OTHER PROVISIONS

4.1. The Institution reserves the right to change or supplement this Privacy Policy in part or in full. Amendments or changes to the Privacy Policy take effect from the day of their publication in the Online Store.

4.2. For any questions or concerns related to the terms of this Privacy Policy, the Client may contact the Institution via email at [email protected].

4.3. This Privacy Policy is governed by the laws of the Republic of Lithuania.

  1. FINAL PROVISIONS

5.1. The Client acknowledges that by using the services of the Online Store and providing personal data, they agree to the processing of their personal data according to this Privacy Policy.

5.2. If the Client has any questions about personal data processing or the Privacy Policy, they should contact the Institution via email at [email protected].