• +37060699636
  • baldai@dendrus.lt

PRIVACY POLICY

  1. Dendrus UAB, registration number: 301901538, registered office address: V. Krėvės pr. 109A-31, Kaunas (“Company”), respects the privacy and protection of personal data of every individual and has developed the following privacy policy, which, inter alia, shall be observed by the Company in the processing of personal data provided to the Company by clients and employees. By using the services of dendrus.lt, the user confirms that they have read, understood and accepted this Privacy Policy.

 

 

General Provisions

  1. This Privacy Policy (“Policy”), inter alia, regulates the collection, processing and storage of personal data by the Company as the data controller.
  2. The Company is engaged in commercial activities, including the manufacturing and installation of furniture. In providing these services, the Company processes personal data on the legal basis and for the purposes set out in the Policy and in accordance with legislation applicable to the Company.
  3. This Policy is intended for individuals who are using or intend to use the Company’s services or are visiting the website dendrus.lt.

 

Personal Data Processing Principles

  1. The Company processes personal data in accordance with the European Union General Data Protection Regulation (EU) 2016/679 (“Regulation”), Law on Legal Protection of Personal Data of the Republic of Lithuania and other legislation governing the processing of personal data.
  2. The scope of processed personal data depends on the Company’s services ordered or used and on the information provided by the website visitor when ordering and/or using the Company’s services, visiting or registering on the website.
  3. The Company, inter alia, shall observe the following basic data processing principles:
  • Personal data are collected only for specified, explicit and legitimate purposes.
  • Personal data are processed lawfully and fairly.
  • Personal data are constantly updated.
  • Personal data are stored safely and for no longer than is required for the purposes for which the personal data are processed  or is stipulated by legislation.
  • Personal data are processed only by the Company’s employees who are authorised to do so according to their work functions.
  1. The data shall be processed by the Company only if one or more criteria for lawful processing apply: (i) in order to provide the services under the contract (i.e. for performance of a contract or in order to take steps at the request of the data subject prior to entering into a contract); (ii) with consent of the data subject; (iii) processing is necessary for compliance with a legal obligation to which the Company is subject; (iv) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Company; (v) processing is necessary for the purposes of the legitimate interests pursued by the Company or by a third party (see Art. 6(1) of the Regulation, http://www.privacy-regulation.eu/lt/6.htm).
  2. When processing your personal data, the Company implements organisational and technical measures to protect personal data against accidental or unlawful destruction, alteration, disclosure as well as from any other unauthorised form of processing. Access to personal data processed by the Company shall be limited to the Company’s employees and supporting service providers, who need it for performing work functions or providing services to the Company.
  3. The Company’s customer or potential customer, employees and other natural persons shall be responsible for the accuracy, correctness and completeness of the personal data provided by them to the Company. In case of any change in the personal data provided by them, they must immediately notify the Company. The Company shall not be liable for the damage caused to an individual and/or third parties due to the fact that they provided incorrect and incomplete personal data or failed to request that the Company supplement and/or change the data in case of any change in their personal data.

 

Personal data sources

  1. Personal data are usually received directly from the data subject (the Company’s client or potential client, employees or candidates), who provide the data when visiting the website, using the Company’s services, providing services to the Company, working for or seeking employment with the Company.
  2. In the cases stipulated by legislation or on the basis of consent, personal data may be obtained from third parties (e.g. temporary employment agencies, recruitment agencies, public institutions and registers).
  3. Although the customer is not required to provide any personal data to the Company, it may be impossible to provide certain services or offer employment with the Company if personal data is not provided.

 

Purposes of the processing of personal data

  1. The Company processes personal data for the following main purposes:
  • Administration and fulfilment of contractual relations, in order to properly perform contractual obligations and maintain relationships with suppliers, partners and customers in developing the business, providing the services and cooperating;
  • Sales of products provided on the website;
  • Internal and staff administration of the Company;
  • Marketing and direct marketing;
  • Compliance with statutory requirements for waste management and in other fields and providing data to public authorities (data controllers);
  • Video surveillance cameras are installed in order to ensure the safety of the Company’s facilities and property in the common premises.

Transfer and recipients of personal data

  1. The Company has the right to transfer personal data of its customers’ representatives or employees to third parties, which need to process personal data of the customers for the purposes set out in this Policy or legislation.
  2. The Company undertakes to transfer customer data to third parties only to the extent and only in the cases where it is necessary to provide the services and/or fulfil the obligations laid down by legislation. If personal data are not necessary for providing a specific service, they shall not be transferred. The Company shall transfer personal data to third parties on the basis of a data provision agreement or specific law in strict compliance with the requirements laid down by legislation.
  3. The Company undertakes to comply with confidentiality obligations with regard to personal data of customers, employees and potential customers or employees. Personal data may be disclosed to third parties only where it is necessary for the conclusion and performance of a contract for the benefit of the data subject or for other lawful reasons.
  4. The Company may provide processed personal data to its data processors (subcontractors) who provide IT, accounting, debt collection or other services to the Company and process personal data on behalf of the Company. The processors shall have the right to process personal data only in accordance with the instructions of the Company and only to the extent necessary to properly fulfil the contractual obligations. The Company shall use only the processors providing sufficient guarantees to implement technical and organisational measures which will meet the requirements of the Regulation and ensure the protection of the rights of the data subject.
  5. The Company may also provide customer data in response to requests from courts, bailiffs or public authorities to the extent necessary for the proper enforcement of applicable legislation and instructions from public authorities.

Processing of personal data for direct marketing purposes

  1. The Company may process the contact details of the data subject for direct marketing purposes. Consent to the use of personal data for direct marketing purposes is expressed by email info@dendrus.lt, subscribing to the Company’s newsletter, subscribing to the news on the Company’s social media accounts, giving consent (ticking a box) on the Company’s website, signing a form or contract with the Company, or otherwise informing the Company’s administration in writing. Consent to direct marketing is voluntary, it is not a condition for contractual relations with the Company and does not affect the relationship between the data subject and the Company.
  2. The Company may send informational messages, if the person has consented to the use of their personal data for direct marketing purposes, and to the Company’s customers – without individual consent to the marketing of such services, provided that they are given a clear, free and easy-to-enforce option to object to or refuse such use of contact details with each message and provided they did not initially object to such use of the data.
  3. For direct marketing purposes, the Company may send messages by email.
  4. Consent to direct marketing may be withdrawn at any time by giving notice by email info@dendrus.lt or otherwise contacting the Company.

 

 

 

Time limits for the storage of personal data

  1. Personal data collected by the Company shall be stored in printed documents and/or in e-format in the Company’s information systems. Personal data shall be processed not longer than necessary to achieve the purposes of the processing or not longer than required by data subjects and/or legislation. As a general rule, personal data are processed for 10 years after the end of the contractual relationship.
  2. The customer may terminate the contract and refuse the Company’s products, but the Company must store the personal data of the customer’s representatives due to potential future demands or legal claims until the end of the time limits for data retention.
  3. The Company strives not to store outdated or unnecessary information and ensure that personal data and other customer information are correct, constantly updated, and destroyed in a timely manner.

 

Rights of the data subject

  1. The data subject, inter alia, shall have the following rights:
  • To receive information about their personal data processed by the Company, where and in what way personal data was collected and on what grounds they are processed;
  • To contact the Company with a request to rectify their personal data, suspend their processing or destroy them, if the data are incorrect, incomplete or inaccurate or they are no longer necessary for the purposes for which they were collected. In such case, the data subject shall submit a request, and upon receipt, the Company shall check the information provided and take necessary steps. It is essential for the Company that the personal data at its disposal are accurate and correct;
  • To contact the Company with a request to destroy personal data or suspend the processing of such data, except for storage, if upon access to their personal data, the data subject finds that personal data are processed unlawfully or fraudulently;
  • To object to the processing of personal data, where such data are processed or intended to be processed for direct marketing purposes or for the legitimate interest of the Company or a third party, to whom personal data are provided;
  • To withdraw their consent to the processing of personal data for direct marketing purposes at any time;
  • If the data subject is concerned about the Company’s actions/omissions, which may potentially diverge from the requirements of this Policy or legislation, the data subject may contact the Company and receive free assistance.
  1. An individual can exercise all their rights as a data subject by contacting the Company by e-mail info@dendrus.lt.
  2. If the matter is not resolved with the Company, the customer shall have the right to apply to the State Data Protection Inspectorate (lt), which is responsible for the supervision and control of legislation governing the protection of personal data.

 

Cookies

  1. In order to improve your experience when visiting the Company’s website, the Company may use cookies, which are small text files which are automatically created while browsing the website and stored on the visitor’s computer or other terminal device.
  2. The information gathered by cookies allows for more comfortable browsing of the Company’s website and learning more about visitors’ behaviour on the Company’s website, carrying out trend analysis and improvement of both the website and services provided by the Company or the information provided on the website. The Company processes anonymised personal data with the help of cookies.
  3. If you do not consent to cookies being recorded onto your computer or another device, you may change your browser settings and turn off all cookies or turn them on (off) one at a time. However, please note that in some cases this may slow down the website browsing, limit certain website functionalities or block access to some pages of the website altogether. More detailed information about the cookies used on the Company’s website is provided at orgor google.com/privacy_ads.html.

 

 

Final Provisions

  1. This Policy is governed by the law of the Republic of Lithuania and of the European Union.
  2. The Company reserves the right to change this Policy; therefore, the visitors to the website are kindly requested to periodically check for changes in the Policy and to familiarize themselves with its amended or new provisions.

We wish you a pleasant browsing on our website!