PRIVACY POLICY
1. KEY TERMS
1.1. Company or Data Controller – Veluma.lt, a private limited liability company established and operating under the laws of the Republic of Lithuania, with the legal entity code 39606280942, and registered office at Kintų g. 9, Klaipėda.
1.2. Customer or Data Subject – a natural person, i.e., a client of the Company (including website visitors), whose personal data is collected by the Company.
1.3. Online Store – the Company’s online store located at www.veluma.lt.
1.4. Services – all services provided by the Company.
1.5. Personal Data – any information related to a natural person – the Data Subject – whose identity is known or can be directly or indirectly determined using such data as a personal identification number, or one or more attributes of the person’s physical, physiological, psychological, economic, cultural, or social characteristics.
1.6. Processing of Personal Data – any operation performed with personal data, including collection, recording, accumulation, storage, classification, grouping, linking, alteration (supplementing or correcting), provision, disclosure, use, logical and/or arithmetic operations, search, dissemination, destruction, or any other action or set of actions.
1.7. Partner – a legal entity that provides services to the Company related to its activities, sells goods to the Company, or conducts joint projects with the Company, including but not limited to marketing campaigns, joint sales campaigns, loyalty programs, and others, in media, websites, the Online Store, retail shops, retail chains, etc.
1.8. Cookie – a small piece of text information automatically created while browsing a website and stored on the visitor’s computer or other device.
1.9. Direct Marketing – activity aimed at offering goods or services to individuals by mail, phone, or other direct means and/or inquiring about their opinion on offered goods or services.
1.10. Privacy Policy – this document, which sets out the principles and rules for the processing of Personal Data when using the Online Store’s services.
1.11. Account – the primary login credentials for the Online Store, consisting of a single email address and Password.
1.12. Password – a unique combination of numbers, letters, or other symbols created by the Customer that allows access to the Online Store.
2. GENERAL PROVISIONS
2.1. The Customer grants the Company the right to perform all actions with Personal Data to the extent and for the purposes set forth in this Privacy Policy.
2.2. Personal Data is processed in accordance with the Law on the Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating data protection, as well as this Privacy Policy.
2.3. The Company processes Personal Data following these principles:
-
Data is collected for specific and legitimate purposes;
-
Data is processed accurately, fairly, and lawfully;
-
Data is appropriate and not excessive in relation to the purposes for which they are collected and further processed;
-
Data is kept up to date;
-
Data is stored in a form that permits identification of the Data Subject for no longer than is necessary for the purposes for which it was collected and processed;
-
All information about Personal Data is confidential;
-
The Customer’s Personal Data and personal information will not be used for unlawful purposes.
2.4. By purchasing from the Online Store, the Customer is deemed to have read and agreed to the current version of the Privacy Policy. If the Customer disagrees with any part of the Policy, they must not place an order or purchase goods.
2.5. The Privacy Policy is available on the Online Store and can be printed at any time. The Company may amend, supplement, or update the Policy at its discretion. The new version is published in the Online Store.
2.6. Customers can place orders without registering or through their Account.
2.7. When registering for the first time, the Customer must provide their email address, create a secure Password, and provide accurate Personal Data. The Customer is responsible for its accuracy. Upon account creation, the Customer is assigned an ID.
2.8. When using services or making purchases, the Customer must provide accurate Personal Data and is responsible for its accuracy.
2.9. The Customer may modify or update their Personal Data in their Account or request account deletion.
2.10. The Customer must not disclose their Password to third parties and must protect it; otherwise, they assume full responsibility.
3. COLLECTION, USE, CORRECTION, AND STORAGE OF PERSONAL DATA
3.1. The Company respects every Customer’s right to privacy. The following Personal Data may be collected and processed:
-
First name, last name, email address, phone number, delivery address, age/year of birth, payment information (bank account, method), purchase history, and—if agreed—age, gender, birth date, and location.
3.1.1. For E-commerce purposes:
Processed data: full name, email, phone number, delivery address, age/year of birth, IP address, payment information. Retention: 5 years from the last login.
3.1.2. For Direct Marketing purposes:
Processed data: name, email, phone, address, age, gender, birth date, location. Retention: 5 years from the last login.
3.2. Customers may consent to the use of their data for Direct Marketing. If consent is later withdrawn by notifying the Company, data will no longer be used for such purposes.
3.3. Consent can be withdrawn by emailing info@veluma.lt with a clear message stating the withdrawal and the refusal to receive Direct Marketing messages.
3.4. Customers can also unsubscribe using the link in every marketing email.
3.5. Customers have the right to:
-
Receive information on how their data is being processed;
-
Know the source of data, purpose of processing, and recipients over the past year;
-
Request rectification, deletion, or suspension of processing if data is unlawfully processed.
3.6. To exercise these rights, a passport, ID card, or driver’s license must be provided. One free request per year is allowed. Requests can be sent to info@veluma.lt.
3.7. Data is not shared with third parties except in the following cases:
-
With Customer consent;
-
For e-commerce purposes to Partners involved in fulfilling services;
-
When required by Lithuanian law and competent authorities.
3.7.2. Payments are processed via Makecommerce.lt (operated by Maksekeskus AS, Liivalaia 45, Tallinn 10145, Estonia, reg. nr. 12268475). Necessary personal data will be passed to Maksekeskus AS.
3.8. Customers are aware of their right to object to their data being processed for Direct Marketing.
3.9. Customers agree that data may be transferred to Partners for order fulfillment and service provision.
3.10. If the Customer disagrees with the Privacy Policy, they cannot use the Online Store.
3.11. The Company implements organizational and technical measures to protect Personal Data from destruction, alteration, disclosure, and unlawful processing.
3.12. The Customer agrees that if required by authorities or if there are legitimate suspicions of identity theft or illegal activity, data may be stored longer than defined in this Policy.
3.13. Upon receiving a request related to data processing, the Company will respond within 30 calendar days either by fulfilling or justifying refusal. If requested, the response will be in writing.
3.14. With the Customer’s consent, cookies (text files) may be stored on the Customer’s device to enhance the service experience, recognize returning users, track statistics, and shopping cart info. Customers can view or delete cookies at any time.
3.15. For more information about cookies, including how to manage or delete them, visit www.allaboutcookies.org.
4. FINAL PROVISIONS
4.1. The Company reserves the right to modify the Privacy Policy in full or in part. Changes take effect from the date they are published.
4.2. For questions, contact us at: +37063617712
