UAB Mavy studio ( hereafter the company


1. General provisions

1.1. We take care of the protection and privacy of your personal data, therefore in this privacy policy (hereinafter - the Policy) we inform you about the processing of personal data, the rights of the data subject, the measures for the implementation of personal data protection and other issues related to the processing of personal data.

1.2. The Company collects personal data that a person voluntarily provides by e-mail, registered mail, fax, telephone, directly coming to the Company's store, which is monitored by video cameras, registering on the Company's website and becoming a registered user (when the Company provides such an opportunity), when purchasing goods purchase in the Company's electronic store or using the Company's website.

1.3. All personal data received by the Company are collected, stored and processed in accordance with the personal data protection law of the Republic of Lithuania, the European Union's General Data Protection Regulation no. 2016/679 and other legal acts of the Republic of Lithuania regulating the protection of personal data.

1.4. The company ensures that the level of protection of personal data processed by Bednrovė meets the requirements of the legal acts of the Republic of Lithuania.

2. Concepts

2.1. Terms used in the document:

2.1.1. Personal data - any information about an identified or identifiable natural person (data subject). An identifiable natural person is an individual whose identity can be determined, in particular by some identifier, such as a name, personal identification number, location data and an Internet identifier, or by one or more of that natural person's physical, physiological, signs of genetic, mental, economic, cultural or social identity;

2.1.2. Data subject – means a natural person from whom the Company receives and processes personal data;

2.1.3. Data recipient - the person to whom personal data is provided;

2.1.4. Provision of data - disclosure of personal data by transmission or otherwise making them available (except for publication in public information media);

2.1.5. Data processing - any action performed with personal data: collection, accumulation, storage, recording, classification, grouping, connection, change (addition or correction), provision, publication, use, logical and/or arithmetic operations, search, dissemination, destruction or other action or set of actions;

2.1.6. Automatic processing of data - data processing actions that are fully or partially performed by automatic means;

2.1.7. Data controller – a legal or natural person (who is not an employee of the data controller) authorized by the data controller to process personal data. The data processor and/or the procedure for its appointment may be determined by laws or other legal acts;

2.1.8. Data controller - a legal or natural person who, alone or together with others, determines the goals and means of processing personal data. If the purposes of data processing are determined by laws or other legal acts, the data controller and/or the procedure for his appointment may be determined in those laws or other legal acts;

2.1.9. Consent - any freely given, specific and unambiguous expression of the will of a properly informed data subject by means of a statement or unequivocal actions by which he agrees to the processing of personal data related to him;

2.1.10. Direct marketing - activities aimed at offering goods or services to individuals by mail, telephone or other direct means and/or asking for their opinion on the offered goods or services;

2.1.11. Third party - a legal or natural person, excluding the data subject, data controller, data processor and persons who are directly authorized by the data controller or data processor to process data;

2.1.12. Other concepts used in this Policy are understood as they are defined in the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the processing of personal data.

3. What principles do we follow when processing personal data?

3.1. When processing personal data, the company is guided by the following principles:

3.1.1. The Company processes personal data only to achieve the legal goals defined in the Policy;

3.1.2. Personal data is processed accurately, honestly and legally, in compliance with the requirements of legal acts;

3.1.3. The company processes personal data in such a way that the personal data is accurate and is constantly updated in the event of a change;

3.1.4. The company processes personal data only to the extent necessary to achieve the goals of personal data processing;

3.1.5. personal data is stored in such a form that the identity of data subjects can be determined no longer than is necessary for the purposes for which these data were collected and processed.

3.1.6. The personal data of the data subject can be accessed only by the relevant comp