privacy policy

privacy policy
1. DEFINITIONS

1.1. Company or Personal Data Controller – Pupelė puodelyje, MB, a small partnership established and operating under the laws of the Republic of Lithuania, legal entity code 306229592, registered address Perkūnkiemio str. 19, LT-12120 Vilnius

1.2. Client or Data Subject - a natural person – a client of the Company (including website visitors) whose personal data is collected by the Company.

1.3. E-shop – The Company's e-shop at https://coffeebean.lt

1.4. Services – all services provided by the Company.

1.5. Personal Data - any information related to a natural person – Data Subject, whose identity is known or can be directly or indirectly identified by using such data as personal identification number, one or more characteristics specific to the person's physical, physiological, psychological, economic, cultural or social nature.

1.6. Processing of Personal Data - any action performed with personal data: collection, recording, accumulation, storage, classification, grouping, combining, alteration (addition or correction), provision, publication, use, logical and (or) arithmetic operations, search, dissemination, destruction or any other action or set of actions.

1.7. Partner – a legal entity providing services to the Company related to the Company's activities, or selling goods to it, or implementing joint projects with the Company, including, but not limited to, marketing campaigns, joint sales campaigns, loyalty programs, etc., in media, websites, the E-shop, retail stores, trade networks, etc.

1.8. Cookie – a small piece of text information that is automatically created when browsing the website and is stored on the visitor's computer or other device.

1.9. Direct Marketing – activities aimed at offering goods or services to individuals by mail, telephone or other direct means and/or inquiring about their opinion regarding the offered goods or services.

1.10. Privacy Policy – means this document, establishing the principles and rules for the processing of Personal Data when using the services of the E-shop.

1.11. Account – the Client's main login details for the E-shop, consisting of an email address and a Password.

1.12. Password – a unique combination of numbers, letters, or numbers and letters or other symbols created by the Client, which, when entered, allows access to the E-shop.

2. GENERAL PROVISIONS

2.1. The Client grants the Company the right to perform all Personal Data processing actions to the extent and for the purposes specified in this Privacy Policy. 

2.2. Personal Data is processed in accordance with the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating Personal Data processing and protection, and this Privacy Policy.

2.3. Personal Data is processed by the Company in accordance with the following principles:

2.3.1. Personal Data is collected for defined and legitimate purposes;

2.3..2. Personal Data is processed accurately, fairly and lawfully; 

2.3..3. Personal Data is adequate and limited to what is necessary for their collection and further processing;

2.3..4. Personal Data is continuously updated;

2.3..5. Personal Data is stored in a form that permits identification of Data Subjects for no longer than is necessary for the purposes for which the data were collected and processed.

2.3..6. All information about Personal Data is confidential;

2.3..7. Client's Personal Data and personal information will not be used for illegal purposes.

2.4. It is considered that the Client, by purchasing in the E-shop, has read and agrees with the current version of the Privacy Policy. If the Client does not agree with any part of the Privacy Policy or the Privacy Policy itself, in such case the Client must not place an order or purchase goods in the E-shop. 

2.5. The Privacy Policy can be accessed in the E-shop and printed at any time. The Privacy Policy may be changed, supplemented or updated at the Company's discretion. The new version of the Privacy Policy is published in the E-shop. 

2.6. The Client can place an order in the E-shop without registration, or through their Account by registering in the E-shop. 

2.7. During the initial registration to the E-shop through the Account, the Client must provide their email address and create a secure Password, and provide accurate Personal Data to the E-shop. The Client is responsible for their accuracy. After creating an Account, the Client is assigned an identification code. 

2.8. When using the Services, as well as when purchasing in the E-shop, the Client must always provide accurate Personal Data to the E-shop and is responsible for their accuracy.

2.9. The Client has the right to change and supplement Personal Data in the Account at any time or to contact the e-shop with a request to delete the Account.

2.10. The Client must not disclose the Password to third parties and must protect it, otherwise all related responsibility lies with the Client.

3. COLLECTION, USE, CORRECTION AND STORAGE OF PERSONAL DATA

3.1. The Company respects every Client's right to privacy. The Client's Personal Data (i.e. name, surname, email address, phone number, product/service delivery address, age/year of birth, product/service payment details (bank account no., payment method, etc.), purchase history, and, with the Client's consent, age, gender, date of birth, place of residence) are collected and processed for the following purposes:

3.1.1. For the purpose of e-commerce. The following Personal Data is processed: name, surname, email address, phone number, product/service delivery address, age/year of birth, IP address, product/service payment details. The storage period for Personal Data used for e-commerce purposes is 5 (five) years from the date of the last login to the E-shop.

3.1.2. For direct marketing purposes. The following Personal Data is processed: name, surname, phone number, email address, address, age, gender, date of birth, place of residence. The storage period for Personal Data used for Direct Marketing purposes is 5 (five) years from the date of the last login to the E-shop.

3.2. The Client may give consent for their Personal Data (name, surname, phone number, email address, address, age, gender, date of birth, place of residence) to be processed for Direct Marketing purposes. If, after giving consent to process their data for Direct Marketing purposes and to receive Direct Marketing communications, the Client later no longer wishes to do so and informs the Company, the Company will no longer process their Personal Data for Direct Marketing purposes and will not send any electronic news to the Client, except for information related to the Client's order.

3.3. The Client has the right to withdraw their consent, given in clause 3.2, for the Company to process the Client's Personal Data for Direct Marketing purposes at any time, by submitting a corresponding notice to the Company via email info@coffeebean.lt and clearly stating that they are withdrawing their consent to use their Personal Data for Direct Marketing purposes and do not wish to receive any Direct Marketing communications. 

3.4. The Client also has the option to refuse to exercise their right not to consent to the processing of the Client's Personal Data for Direct Marketing purposes by clicking on the appropriate link in each email sent.

3.5. The Client, as a Data Subject, has the following rights related to the Client's Personal Data processing procedures:

3.5.1. to receive information from the Company about the processing of the Client's Personal Data, to access their Personal Data and how it is processed;

3.5.2. to receive information from the Company about the sources from which and what Client's personal data has been collected, for what purpose it is processed, to which data recipients it is provided and has been provided at least in the last 1 (one) year;

3.5.3. to demand the correction, destruction of the Client's Personal Data or the suspension, except for storage, of their Personal Data processing actions, when Personal Data is processed in violation of the provisions of the Law on Legal Protection of Personal Data of the Republic of Lithuania and other laws.

3.6. When exercising their rights, the Client must present a passport, identity card or driving license. The Company provides the Data Subject with information about the processed Personal Data of the Data Subject once a year free of charge. The Client can exercise their rights provided in clause 3.5 by contacting via email info@coffeebean.lt . The Company has the right to correct, change, destroy Personal Data or suspend Personal Data processing only after identifying the identity of the Client who made the request. 

3.7. The Client's Personal Data is not provided to third parties, except in the following cases:

3.7.1. When the Client's consent is obtained, as stated in this Privacy Policy;

3.7.2. Personal Data for e-commerce purposes is provided to Partners who provide services to the Company related to the Company's activities;

3.7.3. To competent authorities in cases provided for by the laws and legal acts of the Republic of Lithuania.

3.7.2. Payments in the E-shop are processed using the makecommerce.lt platform, managed by Maksekeskus AS (Liivalaia 45, Tallinn 10145, Estonia, reg. no.: 12268475), therefore your personal information required for payment execution and confirmation will be transferred to Maksekeskus AS.

3.8. The Client is aware of their right not to consent to the processing of their Personal Data for Direct Marketing purposes, i.e. the Client has the right to express their disagreement immediately or later.

3.9. The Client agrees that their Personal Data may be transferred to Partners when fulfilling the Client's order placed in the E-shop, as well as when the Company provides Services to the Client, and to the Company's Partners, as specified in clause 3.7.

3.10. If the Client does not agree with the Privacy Policy, the Client will not be able to use the services of the E-shop. 

3.11. The Company implements organizational and technical measures designed to protect Personal Data from accidental or unlawful destruction, alteration, disclosure, as well as from any other unlawful processing. 

3.12. The Client agrees that in cases where it is necessary according to the instructions of competent authorities and/or the Client's Personal Data may have been used in illegal activities, or there are reasonable suspicions of identity theft, due to which competent law enforcement authorities are conducting a pre-trial investigation, or there are other legitimate grounds or purposes, their Personal Data will be stored on the Company's servers longer than specified in this Privacy Policy. 

3.13. Upon receiving a Data Subject's instruction or request related to Personal Data processing, the Company provides the Client with a response, satisfying the request/instruction or reasonably refusing to do so, no later than 30 (thirty) calendar days from the date of the Data Subject's request. If the Data Subject wishes, the response must be provided in writing. 

3.14. In order for the Company to be able to offer full services to the Client in the E-shop, with the Client's consent, Cookies (cookies) are stored on the Client's computer (device), which are used to identify the Client as a previous user of the E-shop, to collect E-shop traffic statistics, information about the shopping cart. The Client can at any time review which Cookies are stored and can delete some or all of the stored Cookies. 

3.15. To learn more about cookies, for example, how to manage or delete them, you can visit www.allaboutcookies.org.

4. OTHER PROVISIONS

4.1. The Company has the right to change and supplement the "Privacy Policy" in whole or in part. Additions or changes to the Privacy Policy become effective from the date of their publication.

4.2. For questions, please contact us at: info@coffeebean.lt