UAB ACC Distribution Privacy Notice
1. General provisions
This document (hereinafter referred to as “the Privacy Notice”) establishes the main principles for the collection, processing and storage of Personal Data of the Customer (defined below) performed by UAB ACC Distribution (data is stored in the Register of Legal Entities of the Republic of Lithuania; legal entity code 135150085; registered office address Raudondvario pl. 131B, LT-47191 Kaunas; e-mail address email@example.com; hereinafter referred to as “the Company” or “us”).
The Privacy Notice is designed to protect and defend the Customer’s Personal Data from unauthorised use.
When processing Personal Data, the Company adheres to the Regulation, the Republic of Lithuania Law on Legal Protection of Personal Data, the Republic of Lithuania Law on Electronic Communications, and other directly applicable legislation governing the protection of personal data, as well as the instructions and recommendations of competent authorities.
2. Privacy Notice terms
Personal Data – any information relating to a natural person – the data subject – whose identity is known or can be directly or indirectly established by reference to the data concerned.
Customer (hereinafter also referred to as “you”) – any person who orders, purchases or uses our services, who has expressed an intention to use or in any way uses the Company’s services, who intends to purchase or purchases the Company’s goods and/or is otherwise related to the services or goods provided by the Company.
Processing – any operation performed on Personal Data (including collection, recording, storage, alteration, granting of access, submission of requests, transfer, etc.).
Login Details – the Internet Protocol (IP) address and Internet service provider used to connect the device to the Internet, browser type and version, time zone settings, browser plug-in type and version, operating system and platform, login location, font encoding, full Uniform Resource Locator (URL), the products you viewed.
The Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
3. Principles for the Processing of Personal Data
In its activities, the Company follows the following basic principles for the Processing of Personal Data:
- Personal Data are collected for explicit and legitimate purposes.
- Personal Data are processed accurately and fairly.
- Personal Data are processed lawfully, i.e. only in cases where:
– the Personal Data subject gives consent, for example, to the receipt of promotional information;
– a contract is being concluded or performed where one of the parties is the Personal Data subject;
– the Company is obliged to process the Personal Data by law;
– the Personal Data must be processed due to a legitimate interest pursued by the Company or a third party to whom the Personal Data are provided, provided that the interests of the data subject are not of more importance.
- Personal Data are constantly updated.
- Personal Data are stored for no longer than is necessary for the purposes for which the Personal Data are processed.
- Personal Data are only processed by those employees who have been granted such a right.
- All information about the Personal Data being processed is confidential.
4. Nature of the information collected
Depending on the nature of the goods/services provided, the Company may collect the following Customer data:
- basic Customer information: name, surname, national identification number, address, copy of an identity document (if provided) and details, telephone number, e-mail address;
- information on the goods/services purchased by the Customer: information on the services selected/provided and the duration of their use, information related to assessment of the quality of goods/services, information on the return of goods, warranty service, etc., data on the Customer’s insolvency risk assessment;
- information on payment for goods/services: details of the invoices issued to the Customer, details of payments made by Customers or other persons, debt management information (including data transfer to third parties);
- information on the Customer’s consent to direct marketing: information on the consent/objection provided by the Customer regarding the receipt of promotional information (news, programme offers, promotions, etc.), participation in opinion polls, use of data and provision of the Customer’s data to third parties, as well as consent to the insolvency risk assessment;
other data: information on prize winners, information about survey participants, newsletter subscribers.
5. Purposes of processing
The Company uses the data collected to provide you with its services/goods, as well as to provide assistance, send notices, offers and information about promotions, protect its own rights and interests and those of third parties, ensure the security of Personal Data, and comply with applicable legislation.
Purposes of processing:
- the conclusion and performance of a contract (provision of goods/services) and quality assurance thereof, as well as Customer service and provision of information. If the Customer does not provide Personal Data, it will not be possible to conclude a contract and fulfil the obligations provided therein;
- direct marketing and general information on new products and services (if you have not objected to such notifications);
- to fulfil legal obligations such as debt management and recovery;
- to administer and improve the Company’s website, keep it secure, and ensure that the content is presented on your device in the most efficient way;
- fulfilment of the legal obligations provided for in legislation;
- for other purposes that the Company has the right to process your Personal Data for, when you express your consent, when the data need to be processed in the legitimate interest of the Company, or when the Company is obliged to process the data by relevant legislation. We may also process Personal Data for other purposes if we have obtained the consent of the data subject or have the right to process the data on the basis of a legitimate interest.
6. Methods of data collection
We collect information about you:
- when you submit information to the Company yourself (e.g. by filling out Company applications, contracts and/or other documents (including through our partners) electronically on our website, or by submitting requests by post, e-mail, telephone, live video chat or other means of communication);
- upon receiving information about you from third parties that we work with (e.g. partners, public authorities, etc.)
7. Duration of data processing
The Company only processes Personal Data for as long as is necessary to achieve and fulfil the purposes set out in this Privacy Notice, taking into account the nature of the goods/services provided to the Customers and the contracts concluded with them, except for cases where a longer retention period for Personal Data and related documents has been established or is permitted under applicable regulatory acts and this is necessary (e.g. mandatory document retention periods, limitation period, etc.).
8. Data transfer
To achieve the purposes set out in the Privacy Notice, the Company may transfer your data to the following data recipients:
- Processors who provide services and process your data on behalf, in the interests, or by order of the Company (e.g. IT service providers, auditors, consultants, etc.). Processors only process your Personal Data in accordance with clear instructions, undertaking to ensure proper protection of the Personal Data received from the Company for processing, confidentiality, and technical and organisational measures that meet security requirements, as specifically discussed in the contracts between the Company and subcontractors on data processing.
- Entities engaged in the administration of debts and debtor databases. Data are only provided to the extent and under the conditions permitted by legislation.
- Entities entitled to receive information in accordance with legislative requirements (e.g. courts, state and municipal institutions, etc.), but only to the extent necessary for the proper enforcement of applicable legislation.
- Companies in the ACME Group, which the Company belongs to, when this is necessary to ensure the proper provision of services.
- Other third parties on other legitimate grounds or with your consent, which may be obtained for a particular case.
The processors whom the Company transfers your Personal Data to may be established outside of the Republic of Lithuania, the European Union or the European Economic Area. Data will be transferred to such processors only if this is permitted by legislative requirements and only if appropriate or adapted safeguards and measures are in place to ensure the protection of your privacy.
9. What rights does the Customer have?
The Customer has the right:
- to contact us and discuss any issues regarding the Company’s Processing of Personal Data;
- to receive confirmation from the Company regarding whether Personal Data related to him or her is being processed, and if so, to obtain access the processed Personal Data and information related thereto;
- to receive in writing, including in commonly used electronic form, the Personal Data provided thereby being processed on the basis of his or her consent or performance of a contract, and, if possible, to request that this data be transferred to another service provider;
- to have his or her Personal Data rectified if the data are inaccurate, or to have incomplete data completed;
- to obtain the erasure of his or her Personal Data as a Customer of the Company, if said is being processed at the consent of the Customer and the Customer withdraws said consent. This right does not apply if the Personal Data that the Customer is asking to be erased is also being processed on another legal basis, such as when processing is necessary for the performance of a contract, or for fulfilling an obligation under applicable legislation;
- to have the processing of his or her Personal Data restricted, e.g. for a period during which the Company will analyse whether the Customer has the right to request this, and whether it is technically possible for said Personal Data be erased;
- to object to the processing of the Customer’s Personal Data for the legitimate interests of the Company or third parties if the processing of Personal Data is based on legitimate interests, as well as if the Personal Data are being processed for direct marketing purposes, including profiling being done for this purpose;
- to object to a fully automated decision being used, including profiling, if said decision-making has legal effects or similarly significantly effects on the Customer. This right does not apply in the event that this decision-making is necessary for the purpose of concluding or performing a contract with the Customer or is permitted under applicable legislation, of if the Customer has given his or her explicit consent thereto;
- to withdraw his or her consent to the Processing of Personal Data.
Customers can exercise their rights by submitting a specific request to the contacts specified in this Privacy Notice. Customers are provided with information related to the exercise of their rights free of charge. Within one month of receipt of the request, the Company shall provide the Customer with information on the actions taken upon receipt of the said request regarding the exercise of the Customer’s rights, or indicate the reasons for not taking action.
The period for providing the information requested may be extended by two further months where necessary, taking into account the complexity and number of the requests. Where the Customer makes the request by electronic form means, the information shall also be provided by electronic means.
The Customer’s request received for the exercise of rights may be refused to be handled, or an appropriate fee may be charged for this, if the request is clearly unfounded or excessive, as well as in other cases specified in regulatory acts.
If the Customer considers that his or her Personal Data is being processed in violation of his or her rights and legitimate interests under the applicable legislation, the Customer has the right to lodge a complaint regarding the Processing of Personal Data to the State Data Protection Inspectorate.
10. Updating the Privacy Notice
If necessary, the Privacy Notice may be updated, i.e. the Company has the right to change the conditions of the Privacy Notice for justified reasons; once the Privacy Notice is updated, the information will be published on the websites administered by the Company, indicating the version number and approval date of the Privacy Notice.
11. Contact details
If you have any questions, requests or comments regarding the Company’s Privacy Notice or Processing of Personal Data, or the implementation of the rights of data subjects, please e-mail us at firstname.lastname@example.org.
Contact details for the Company’s data protection officer:
Address: Raudondvario pl. 131B, LT-47191, Kaunas.
12. Other information
The Company’s websites and products may include links to third-party websites (e.g. when using www.smartertechnology.lt, the Customer may be redirected to www.smartertechnology.lv, www.smartertechnology.ee, or www.lenovo.com). When you use third-party applications, services or websites, even if they are accessed through the Company’s websites and products, this Privacy Notice does not apply to the applications, services, websites or processing of data of said third parties. The processing and collection of data by third parties and their services are subject to the privacy policies and terms and conditions of service of those third parties, which we recommend becoming familiar with at:
13. Information about cookies
In the procedure established by legislation, we may only store cookies on your device if they are necessary for the functioning of this website. For all other types of cookies, we must obtain your consent.
|_ga||A Google Analytics cookie used to identify users.||Two years|
|_gid||A Google Analytics cookie used to identify users.||One day|
|_gat_gtag_UA_207697377_1||A Google Analytics identification code for tracking website visitors.||Until the end of the session|
|_fbp||Facebook Pixel advertising cookie.||Three months|