Privacy Policy

1.2.  Data subject – any natural person whose data is processed by the Cooperative. The Data Controller collects only the data subject's data that is necessary for the Cooperative's activities and/or when visiting, using, browsing the Cooperative's websites, social media accounts, etc. (hereinafter referred to as the Website). The Cooperative ensures that the personal data collected and processed will be secure and will be used only for a specific purpose.

1.3.  Personal data – any information relating, directly or indirectly, to an identified data subject or to an identifiable natural person who is known or can be identified, directly or indirectly, from the data concerned. Processing of personal data means any operation which is performed on personal data (including collection, recording, storage, editing, alteration, provision of access, retrieval, transmission, archiving, etc.).

1.4.  Consent – any freely given and informed consent by which the data subject signifies agreement to the processing of his or her personal data for a specific purpose.

2.1.  Personal data is provided by the data subject himself. The data subject applies to the Cooperative, uses the services provided by the Cooperative, leaves comments, asks questions, contacts the Cooperative requesting information, etc.

2.2.  Personal data is obtained when the data subject visits on the cooperative's website. The data subject fills out the forms contained therein or for some reason leaves their contact details, etc.

2.3.  Personal data is obtained from other sources. Data is obtained from other institutions or companies, publicly available registers, etc. 

3.1.  By providing personal data to the Cooperative, the data subject agrees that the Cooperative will use the collected data to fulfill its obligations to the data subject, providing the services that the data subject expects.

3.2.  The Cooperative processes personal data for the following purposes:

3.2.1.  Execution of services provided by the cooperative; saving contacts, ensuring the possibility of contacting them. For this purpose, the following data is processed:

    Name(s), surname(s), contact details (telephone number, email address), residential address, personal identification number, bank account details, payment history, price of services, other data necessary for the proper performance of obligations set out in the contract or legal acts.

• Contracts, VAT invoices and other related documents are stored in accordance with the terms specified in the General Document Storage Index, approved by order of the Chief Archivist of Lithuania.
• The legal basis for data processing is the necessity to perform a contract to which the customer as the data subject is a party, or in order to take steps at the customer's request prior to entering into a contract with him (Article 6(1)(b) of the GDPR), where the processing of certain personal data is required by law (Article 6(1)(c) of the GDPR).

3.2.2.  Conclusion and execution of contracts with the data subject for services and goods received by the cooperative, storage of contacts, ensuring the possibility of contacting them, tax accounting. For this purpose, the following data is processed:

• Contracts, VAT invoices and other related documents are stored in accordance with the terms specified in the General Document Storage Index, approved by order of the Chief Archivist of Lithuania.
• The legal basis for data processing is the necessity to perform a contract to which the customer as the data subject is a party, or in order to take steps at the customer's request prior to entering into a contract with him (Article 6(1)(b) of the GDPR), where the processing of certain personal data is required by law (Article 6(1)(c) of the GDPR).

3.2.3.  Administration of inquiries, comments and complaints. The following data is processed for this purpose:

    Name(s), contact details (phone number, email address), text of question, comment or complaint.

• Data on inquiries, comments and complaints are stored for 1 year from the date of their submission.
• The legal basis for data processing is that data processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests or fundamental rights and freedoms of the data subject which require protection of personal data are overridden by them, in particular where the data subject is a child (Article 6(1)(f) of the GDPR) and the data subject's consent (Article 6(1)(a) of the GDPR).

3.2.4. For the purpose of ensuring the security of the cooperative's employees, other data subjects and property (video surveillance). For this purpose, the following data is processed:

    Video image. Video surveillance systems do not use facial recognition and (or) analysis technologies, the video data recorded by them are not grouped or profiled according to a specific data subject (person). The data subject is informed about the ongoing video surveillance by information signs with a video camera symbol and the Cooperative's details, which are provided before entering the monitored territory and (or) premises. The field of video surveillance does not include premises where the data subject expects absolute protection of personal data.

• Personal data (video data) obtained by video surveillance cameras are stored for up to 60 (sixty) days from the moment of their capture, after which they are automatically destroyed, except in cases where there is reason to believe that a misdemeanor, criminal act or other illegal actions have been recorded (until the end of the relevant investigation and (or) case hearing).
• Legal basis for data processing – processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests or fundamental rights and freedoms of the data subject which require protection of personal data are overridden, in particular where the data subject is a child (Article 6(1)(f) of the GDPR).

3.2.5.   For other purposes for which the Cooperative has the right to process the personal data of the data subject, when the data subject has expressed his/her consent, when the data needs to be processed due to the legitimate interest of the Cooperative, or when the Cooperative is obliged to process the data by relevant legal acts.

4.1.   All information you provide on social media (including messages, use of the "Like" and "Follow" boxes, and other communications) is controlled by the operator of the relevant social network.

4.2.   Currently, our Cooperative has an account on the social network "Facebook", whose privacy policy is available at https://www.facebook.com/privacy/explanation.

4.3.   We recommend that you read the privacy notices of third parties and contact the service providers directly if you have any questions about how they use your personal data. 

5.1.  The Cooperative undertakes to comply with a confidentiality obligation towards data subjects. Personal data may be disclosed to third parties only if this is necessary for the conclusion and performance of a contract in favor of the data subject, or for other legitimate reasons.

5.2. The Cooperative may provide personal data to its data processors, who provide services to the Cooperative and process personal data on behalf of the Cooperative. Data processors have the right to process personal data only in accordance with the Cooperative's instructions and only to the extent necessary to properly perform the obligations set out in the contract. The Cooperative uses only those data processors who sufficiently ensure that appropriate technical and organizational measures will be implemented in such a way that the data processing complies with the requirements of the Regulation and the protection of the rights of the data subject is ensured.

5.3.  The Cooperative may also provide personal data in response to requests from a court or state authorities to the extent necessary to properly implement applicable legal acts and instructions from state authorities.

5.4.  The cooperative guarantees that personal data will not be sold or rented to third parties. 

6.1.  Persons under the age of 14 may not provide any personal data through the Cooperative's website. If a person is under the age of 14, in order to use the Cooperative's services, prior to providing personal information, it is mandatory to provide written consent from one of the representatives (father, mother, guardian) for the processing of personal data. 

7.1.  Personal data collected by the Cooperative are stored in printed documents and/or in the Cooperative's information systems. Personal data are processed for no longer than is necessary to achieve the purposes of the data processing or for no longer than is required by the data subjects and/or provided for by legal acts.

7.2.  Although the data subject may terminate the contract and refuse the Cooperative's services, the Cooperative must continue to store the data subject's data for possible future requirements or legal claims until the data retention periods expire. 

8.1.  The right to receive information about data processing.

8.2.  The right to access processed data.

8.3.  The right to request correction of data.

8.4.  The right to request erasure of data ("Right to be forgotten"). This right does not apply if the personal data that are requested to be erased are also processed on another legal basis, such as processing is necessary for the performance of a contract or is compliance with an obligation under applicable law.

8.5.  The right to restrict data processing.

8.6.  The right to object to data processing.

8.7.  Right to data portability. The right to data portability may not adversely affect the rights and freedoms of others. The data subject does not have the right to data portability in respect of personal data which are processed in non-automatically structured files, such as paper files.

8.8.  The right to object to a decision based solely on automated processing, including profiling.

8.9.  The right to file a complaint regarding the processing of personal data to the State Data Protection Inspectorate.

9.    The Cooperative must enable the data subject to exercise the above-mentioned rights of the Data Subject, except in cases established by law when it is necessary to ensure state security or defense, public order, prevention, investigation, detection or prosecution of criminal activities, important economic or financial interests of the state, prevention, investigation and detection of violations of official or professional ethics, protection of the rights and freedoms of the data subject or other persons.

     10.    PROCEDURE FOR EXERCISING DATA SUBJECT'S RIGHTS 

10.1.        The data subject may contact the Cooperative to exercise his or her rights:

10.1.1.  by electronic means of communication – by e-mail: info@joniskioaruodas.lt;

10.1.2.  orally – by phone: +370 677 28812;

10.1.3.  in writing – to the address: Sandėlių g. 5, Joniškis.

10.2.   In order to protect data from unlawful disclosure, the Cooperative, upon receiving a request from a data subject to provide data or exercise other rights, must verify the identity of the data subject.

10.3.   The cooperative's response to the data subject shall be provided no later than one month from the date of receipt of the data subject's request, taking into account the specific circumstances of the personal data processing. This period may be extended by two more months, if necessary, taking into account the complexity and number of requests. 

11.1.     The data subject must:

11.1.1.  inform the Cooperative about changes in the information and data provided. It is important for the Cooperative to have correct and valid data subject information;

11.1.2.  provide the necessary information so that, upon request by the data subject, the Cooperative can identify the data subject and verify that it is communicating or cooperating with a specific data subject (provide a personal identification document or, in accordance with the procedure established by law or by electronic means of communication, which would allow for the proper identification of the data subject). This is necessary for the protection of the data subject and other persons' data, so that the disclosed information about the data subject is provided only to the data subject, without violating the rights of other persons. 

12.1.   By transferring personal data to the Cooperative, the data subject agrees to this Privacy Policy, understands its provisions and agrees to comply with it.

12.2.   In the course of developing and improving the activities of the Cooperative, the Cooperative has the right to unilaterally change this Privacy Policy at any time. The Cooperative has the right to unilaterally, partially or completely change the Privacy Policy by notifying the same on the website. https://www.joniskioaruodas.lt/privacy-policy.

12.3.   Additions or changes to the Privacy Policy come into effect from the date of their publication, i.e. from the date they are posted on the website.https://www.joniskioaruodas.lt/privacy-policy.