* You can revoke your consent any time using the “Revoke consent” button.Revoke consent
The Data Controller ensures, within the framework of applicable laws and Regulation, the confidentiality of Personal data and has implemented appropriate technical and organisational measures to safeguard the User’s Personal data from unauthorized access or disclosure, accidental loss, modification or destruction, or other unlawful Data processing.
“Consent” means a free, and unambiguous expression of the User’s will under declaration or unequivocal actions pursuant to which the User gives consent to process any Personal data related to him/her.
“Cookies” are type of messages with a unique identification number that is given to a web browser by a web server. It is transmitted to the User’s hard disk drive so that the Data Controller could distinguish the User’s computer from the Internet and see it on the Internet.
“Data Controller” is IĮ “ELSTINA”, registration code 124287054, registered office at Olandų 19-1, Vilnius, Lithuania.
“Data processing” means any operation or set of operations which is performed on Personal data or on sets of Personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Personal data” or “Data” means any information about the User whose identity has been identified or whose identity can be directly or indirectly identified (the data subject).
“User” is a natural person who has visited the Website and provided his/her Personal data to the Data Controller.
“Newsletter” means a newsletter sent by the Data Controller to the User about the latest news and updates of the Data Controller’s services.
“Regulation” means 2016/679 Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, which entered into force in the European Union on 25 May 2018.
“Website” is the internet website of the Data Controller, the address of which is https://phiremovallab.com.
To properly provide its services, the Data Controller collects the following information about the User:
Personal data submitted by the User
Country and city of residence
Automatically collected Data
Data from third-party sources
The Data Controller may receive information about the User from public and commercial sources (to the extent allowed by applicable legal acts) and associate it with other information that the Data Controller receives from the User.
Purposes of processing personal data
Personal data of the User is processed for the following purposes:
For registering to a Craftmaster. In case the User wants to register to a training with Grand Master Ella Sakalauskiene, the User has to provide his/her Personal data. After the User registers to the training and provides his/her Data, the Data Controller sends to the User all meaningful information about the training.
For selling tickets to trainings. The Data Controller sells tickets to the trainings organised by the Data Controller or other service providers. In order to participate in the training, the User has to make a payment through the selected external service provider to the Data Controller.
For sending the Newsletter. Sending notifications about the special offers, updates or changes on the Data Controller’s services.
For contacting. If the User wants to contact the Data Controller, under the rules specified on the Website, the User has to fill in the contact form with his/her Personal data.
DISCLOSURE OF PERSONAL DATA
The Data Controller undertakes not to disclose or transfer Personal data of the User to third parties except in the following cases:
when it is necessary to complete the contract with the User and provide services properly – to partners of the Data Controller. For these partners, the Data Controller will provide only as much of Personal data as will be required to fulfil a specific commitment;
if the individual Consent of the User on such transfer of Data has been received;
data transfer is obligatory upon the demand of law enforcement agencies in accordance with the procedure established by legal acts of the Republic of Lithuania;
in other cases, established in the Regulation and legal acts of the Republic of Lithuania.
The Data Controller collects the Cookies to:
ensure proper functions of the Website;
analyse the User’s browsing habits;
improve and develop the Website.
by clicking the “Accept” button on the Cookies bar that show up on the Website;
by not deleting them and/or not changing the User’s browser settings so that the Cookies cannot be stored.
The User may withdraw the Cookies Consent at any time. The User can do this by changing his/her browser settings so that the Cookies cannot be stored. Instructions may vary depending on the User’s operating system and the type of the web browser. More information about the Cookies, their use and how to refuse them are available at http://AllAboutCookies.org.
In some cases, disabling some Cookies, especially the technical and performance Cookies, refusal to accept Cookies or their deletion may slow down the User’s browsing or prevent the User from using certain functions within the Website.
DATA STORAGE TERMS
Data Controller seeks not to store irrelevant and outdated Personal data, and therefore when the User updates Data, old information is change into updated. Historical data is stored only if it is necessary pursuant to the applicable laws or to carry out activity of the Data Controller.
If the User does not make any payment or purchase any product that the Data Controller offers on the Website, the Data Controller will keep the User’s Data for no longer than 3 (three) years. In such a case, in 5 (five) calendar days before expiry of the term of 3 (three) years, the Data Controller will send an inquiry to the User’s e-mail address as to whether the User agrees to further processing of his/her Data. If the User expresses an objection or does not respond within 5 (five) calendar days, the Data Controller will delete all the Personal data related to the User.
If the User purchases any services offered on the Website, the Data Controller will keep the User’s Personal data for 10 (ten) years from the exercised payment on the Website, as it is foreseen in the Clause 10.15 of the Order of the archivist of the Government of the Republic of Lithuania “On Approval of the Register of Terms for the Storage of General Documents”. In such case, in 5 (five) calendar days before the expiry of the term of 10 (ten) years, the Data Controller will send an inquiry to the User’s e-mail address as to whether the User agrees to further processing of his/her data. If the User expresses an objection or does not respond within 5 (five) calendar days, the Data Controller will delete all the Personal data related to the User.
If the User subscribes the Newsletter, the Data Controller will store the Data and send the Newsletter in accordance with the procedure and terms as specified in the paragraphs 7.3 and 7.4 hereof.
RIGHTS of the Users
The User on the Website has the following rights:
know what and for what purpose the Personal data is processed;
require rectification or erasure of the Personal data;
require the Data Controller to restrict the processing of User’s Personal data for one of the legitimate reasons;
to submit claim to the State Data Protection Inspectorate concerning the illicit processing of Personal data or Data infringement;
to disagree with the processing of Personal data when this Data is processed or intended to be processed for direct marketing purposes.
The User has a right to request erasure of all the Data about the User held by the Data Controller. In the answer to requests of the Users regarding the exercise of right to be forgotten, the Data Controller undertakes to answer in detail providing the grounds and (or) explanation on why there is no possibility to exercise such right when there is an overriding ground of legitimate interest or, when it is possible – how to exercise such right.
When the User submits the request to erase his/her Data, the Data Controller undertakes without undue delay to erase all Personal data, where one of the following grounds applies:
the Personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
the User withdraws consent on which the processing is based, and where there is no other legal ground for the processing;
the User objects to the processing of his/her Data and Data Controller does not determine overriding legitimate grounds for the further processing;
the Personal data have been unlawfully processed;
the Personal data have to be erased for compliance with a legal obligation in European Union or laws of the Republic of Lithuania.
User has a right to request that the Data Controller would restrict processing of the User’s Data in one of the following cases:
the accuracy of the Personal data is contested by the User for a period enabling the Data Controller to verify accuracy of the Personal data;
the Data processing is unlawful and the User opposes the erasure of the Data and requests the restriction of its use instead;
the Data Controller no longer needs the Personal data for the purposes of the processing, but they are required by the User for the establishment, exercise or defence of legal claims; or
when the User has objected to processing until the verification whether the legitimate grounds of the Data Controller override those of the User.
Where processing has been restricted under the paragraph 8.5 hereof, such Personal data shall, with the exception of storage, only be processed with the User’s Consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.
The Data Controller after receipt of the User’s request or order shall respond and perform the steps in the request or refuse to perform stating the reasons for refusal no later than within 30 (thirty) days from the date of receipt. If necessary, the specified period may be extended by another 2 (two) months depending on the complexity and number of requests. In this case, within 30 (thirty) days from receipt of the application, the Data Controller informs the User of any such extension, together with a reason for the delay.
The Data Controller might not satisfy the User’s requests, in cases it is necessary to ensure:
execution of established legal obligations of the Data Controller;
public order and prevention of crimes; or
rights and freedoms of other Users or other third parties.
If the User has discovered the unlawfulness of its Data processing or in the event of a dispute with the Data processor, it has a right, at any time, to apply to the out-of-court dispute resolution authority in Lithuania – the State Data Protection Inspectorate, under the rules specified on its website, which can be found here.
The User can subscribe to the Data Controller’s Newsletter, indicating his/her email and expressing the Consent to the Data Controller for processing Personal data for direct marketing purposes.
The User may at any time refuse to receive the Newsletter by sending an email to the Data Controller or by selecting the “Unsubscribe” button at the bottom of every Newsletter sent to the User.
Sending mail – IĮ “ELSTINA”, Olandų 19-1, Vilnius, Lithuania
Sending e-mail – firstname.lastname@example.org
Last updated on 13 January 2020