PRIVACY POLICY

General Information

JSC "Tiekimo projektai" (hereinafter - the Data Controller and/or the company) sets out the conditions and principles for processing personal data through these Privacy Policy rules (hereinafter - the Rules) when using the company's websites.

The conditions set forth in these Rules apply every time an individual wishes to access content published and/or services provided by the company, regardless of the device (mobile phone, computer, tablet, etc.) the individual uses.

Data Controller's details:
JSC “Tiekimo projektai”
Legal entity code: 302513392
Registered office address: Palemono str. 1A, Kaunas, Lietuva.
Tel.: +370 37 330880
Email: info@tpr.lt

Data about the Data Controller are collected and stored in the State Enterprise Centre of Registers.

The terms used in these Rules are understood as they are specified and defined in the General Data Protection Regulation No. 2016/679 (EU).

Please read and familiarize yourself carefully with the provisions of these Rules!

Every time you visit a website belonging to the Data Controller, you express your consent to the terms of these Rules. If you do not agree with the terms of the Rules, please do not visit our websites or use the Data Controller's services specified therein.

It is hereby confirmed that the data of Data Controller's website visitors will be collected in compliance with the provisions of applicable European Union and Republic of Lithuania legal acts

The Data Controller applies all possible technical and administrative measures to protect the personal data collected about website visitors from loss, unlawful and/or unauthorized use, and alterations.

The Data Controller's employees are committed in writing not to disclose or disseminate information obtained at the workplace related to personal data to third parties.

The Data Controller, taking into account available technologies, makes reasonable efforts to verify that the person providing consent for data is not younger than 16 years old. In case of doubt that the provisions of GDPR Article 8 may be violated, the Data Controller reserves the right to refuse to provide services and information, and to delete personal data without a separate request or consent from the individual.

How collected personal data is used and how it's collected.

The Data Controller collects information provided directly by the individual.

The Data Controller's website accounts allow individuals to provide information directly to the Data Controller. For example, the website www.from.lt permits both registered members and unregistered individuals to order goods and/or use the company's offered services. However, in any case, to create an account and/or order a product and use other services, the individual is asked to provide certain information about themselves.

An individual can choose not to provide certain information to the Data Controller, but in such cases, the individual may not be allowed to purchase goods and/or use the services offered by the company.

Purposes of Personal Data Processing, Collected Personal Data, Their Storage Period, and Processing Basis

Purpose of Data Processing	Personal Data	Storage period (after the period expires, data will be deleted in such a way that it cannot be recovered)	Processing Basis
Sale of goods specified on the company's website	name, surname, email, address, telephone number.	3 years from the last active action. An active action is logging into the account or purchasing a product.	Fulfillment of the contract with the individual; Compliance with legal acts.
To answer customer questions	name, email	1 year from the active action (question submitted)	Individual's request to provide an answer.

To Whom the Data Controller May Disclose Information Related to Personal Data

The Data Controller may disclose information related to personal data to the subjects listed below:

Companies that provide services at the company's request, e.g., companies engaged in postal and courier activities, the company whose server stores personal data, etc. The ability of these companies to use this information is limited; they cannot use this information for purposes other than providing services to the Data Controller.
Other parties, when required by law.

The Data Controller may disclose information related to personal data to other parties:

To avoid violating laws or in response to a mandatory request from a state authority, including, but not limited to, a court;
To confirm the legality of the company's activities and actions;
To protect and ensure the security of the Data Controller's rights, legitimate interests, and property;
In other cases, with the consent or request of the personal data subject, or their properly authorized representative.

Based on the personal data subject's consent and request, the Data Controller may transfer personal data to another data recipient to whom the data subject has given consent to process personal data for the purpose specified in the consent.

Data Controller's Actions to Protect Personal Data

The Data Controller has implemented reasonable and appropriate physical, organizational, and technical measures to protect the information collected for content/service provision purposes. However, at the same time, the Data Controller reminds website visitors that although appropriate steps have been taken to protect personal data, no website, online transaction, computer system, or wireless connection is completely secure.

Rights of the Personal Data Subject

A personal data subject whose data is processed in the Data Controller's activities has the following rights:

To know (be informed) about the processing of their data (right to be informed);
To access their data and how it is processed (right of access);
To demand the rectification or, taking into account the purposes of personal data processing, completion of incomplete personal data (right to rectification);
To have their data erased or to restrict the processing of their data (excluding storage) (right to erasure and right to be forgotten);
To request that the Data Controller restrict the processing of personal data for one of the legitimate reasons (right to restriction of processing);
The right to data portability (right to data portability);
The right to object to the processing of their personal data or to withdraw their consent to personal data processing at any time, so that personal data is processed for one or more specific purposes, without affecting the lawfulness of processing based on consent before its withdrawal.

The Data Controller may not provide data subjects with the conditions to exercise the above-listed rights when, in cases provided for by law, it is necessary to ensure the prevention, investigation, and detection of crimes, official or professional ethics violations, as well as the protection of the rights and freedoms of the data subject or other persons.

Cookies

Our website uses cookies. Here is information about the cookies used:

Cookie	Cookie Purpose	Expiry Time
_gid	Used to distinguish users, saves a unique ID which is used to generate statistical data on how the visitor browses the website.	1 day
privacy_policy_confirmation	Used for confirming the Privacy Policy published on the website.	1 year
_ga	Used to distinguish users, saves a unique ID which is used to generate statistical data on how the visitor browses the website.	2 years
PHPSESSID	Session ID cookie, used to ensure page functionality (e.g., returning to the last position in a list).	During the session (valid until the browser is closed)
currency	Used to ensure currency (EUR) functionality on the website.	9 days
language	Used to ensure language (LT) functionality on the website.	9 days
_gat	Google Analytics cookie, used to regulate the request rate.	During the session
__Secure-3PSID	Used to show personalized Google ads to the visitor.	2 years
__Secure-3PSIDCC	Used to show personalized Google ads to the visitor.	1 year
__Secure-3PAPISID	Used to show personalized Google ads to the visitor.	2 years
SIDCC	Google Analytics cookie, designed to protect user data from unauthorized access	1 year
SID	Google advertising cookie.	2 years
SSID	Security cookie, designed to protect user data from unauthorized information; it can also be used for advertising purposes.	2 years
SAPISID	Designed to ensure the integrity of website functionality.	2 years
APISID	Google Analytics cookie, designed for session enablement.	2 years
HSID	Google Analytics cookie, designed for session enablement.	2 years
DV	Google Analytics cookie, used to regulate the request rate.	During the session (valid until the browser is closed)
1P_JAR	Google Analytics cookie, designed for session enablement.	1 month
ANID	Google advertising cookie.	7 months
SEARCH_SAMESTIE	Google advertising cookie.	3 months
NID	Google Analytics cookie, designed for session enablement.	6 months
OTZ	Google Analytics cookie, providing general analysis of website visitors.	21 days
CONSENT	Used for data consent.	17 years

Contact Us

If you have noticed any discrepancies in these Rules, a security vulnerability on UAB "Tiekimo projektai" websites, or have any questions, please contact us:

by mail: JSC “Tiekimo projektai”, Palemono st.. 1A, Kaunas, Lietuva.
by phone: +370 37 330880
by email: info@tpr.lt

Submitting Complaints

We also inform you that you can submit complaints regarding the violation of personal data processing rights to the State Data Protection Inspectorate.

Concluding Provisions

These Rules are reviewed at least once every two years.

Upon updating the Rules, we will inform you of what we consider to be significant changes by publishing an announcement on the Data Controller's website.

If you connect to or use our provided content and/or services after such an announcement is published, we will consider that you agree to the new requirements stated in the update.

The latest version of the Rules is always available on the website www.from.lt.

Document approved on May 25, 2018, by order No. 98 of the Head of UAB "Tiekimo projektai".
Last reviewed on June 17, 2024.