Privatumo politika

October 10th, 2023

Introduction

Lithuanian company UAB GrynumberHealth (company code: 303345008 address: Menulio str. 11 101, LT-04326 Vilnius, Lithuania, e-mail: info@grynumberhealth.com (further in the text referred to as the Company, Data Controller, us, we, or our) as data controller by implementing Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (further in the text referred to as the GDPR) and applicable local data protection laws, complies with this personal data privacy policy (further in the text referred to as the Privacy Policy).

The Privacy Policy contains the information on processing of the personal data of data subjects using this website (further in the text referred to as the Service). The Company fulfils its obligation to be a transparent organisation, and provides clear information in this Privacy Policy about the type of personal data processed by operating the Service, purposes of such processing, storage period of personal data, also the legal basis for the processing as well as other information which must be indicated in accordance with applicable law.

By using the Service for browsing the website, you as data subject agree to the collection and use of personal data in accordance with this Privacy Policy. If you do not agree to this Privacy Policy please do not use our Service.

Personal Data Collection

We may collect several different types of your personal data for digital purposes mentioned below in order to provide and improve our Service to you.

While using our website, contacting us with questions regarding our products, we may ask you to provide us with certain personal data that can be used to contact or identify you. Such personal data may include:

  • contact information (such as name, surname, email address,)
  • IP address, device, operating system, and browser information that we detect
  • information generated by cookies used in our website, if your prior consent is received

Personal data is obtained from you when you write an email to us or transmit them to us in any other way. You are not required to provide this information but, if you choose not to do so, we may not be able to offer you certain Service and related features.

Usage Data

We may also collect information how the website is accessed and used (further in the text referred to as Usage Data). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the Oxigravide pages that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Cookie Notice

We may use cookies and similar tracking technologies to track the activity on our website and hold certain information. Cookies are files with small amount of data which may include an unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we may use:

Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually set only in response to actions taken by the user, which boils down to requesting services, such as setting privacy preferences, logging in or filling out forms. You can set your browser to block or warn you about these cookies, but some parts of the website will then not work. These cookies do not store any personal information.

Performance cookies
These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help you find out which pages are the most and least popular and see how your visitors are navigating the page. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you visited our website.

Functional cookies
These cookies enable the website to provide more functionality and personalization. They can be set by us or by external providers whose services have been added to our websites. If you do not allow these cookies, some or all of these services may not function properly.

Cookies related to advertisements and their recipients
These cookies can be set by our advertising partners through our website. They may be used by these companies to build a profile of your interests and display relevant advertisements on other sites. They do not directly store personal data, but rely on the unique identification of your browser and internet hardware. If you do not allow these cookies, you experience fewer targeted advertising.

Social media cookies
These cookies are set by a number of social media services that have been added to the site to allow users to share our content with friends and networks. They are able to track the user’s browser on other websites and build a profile of his interests. This may affect the content and messages displayed on other websites you visit. If you do not allow these cookies, you may not be able to use or see these data sharing tools.

In order to respect your privacy this webpage functions  on anopt-in basis. This means that, to the extent that it is technically feasible and in a manner that these trackers are not related to any strictly necessary purposes, we will block all non essential trackers until you provide your consent to other trackers. These include i.a. all trackers used for marketing or analytical purposes as well as targeted advertising.

Please note that accepting only necessary cookies may affect your browsing experience compared to the experience of a user who accepted these functionalities.

Storage Period

The storage period for personal data is established by applicable law. Personal data are usually retained for 10 years after expiry of the agreement, if you conclude one with us. Usage Data and Cookie Data are stored for one year.

Use of Data for a Legitimate Interest

We also use the collected data if we have a legitimate interest to do so, including to support the following functions and activities:

  • processing claims in connection with our products and services,
  • identifying and authenticating you so you may use the Service
  • responding to your requests and inquiries and providing customer support
  • operating, evaluating and improving our business
  • protecting against, identifying and preventing fraud and other criminal activity, claims and other liabilities
  • complying with and enforcing applicable legal requirements, relevant industry standards and our policies, including this Privacy Policy and Standard Terms & Conditions of Sale.

Principles for Data Processing

We respect privacy rights and interests of each user and our customer. We will abide by the following principles when processing personal data:

  • Personal data will be processed lawfully, fairly and in a transparent manner in relation to the data subject
  • Personal data will be collected for specified, explicit and legitimate purposes and will be processed for in accordance with those purposes
  • Personal data collection will be limited to what is necessary to provide requested services
  • Personal data will be accurate and, where necessary, kept up to date
  • Personal data will be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed
  • Personal data will be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

Legal Basis of Processing

The legal basis for our processing of personal data is Article 6.1.a-c,f of the GDPR: (a) the data subject has given consent to the processing of his or her personal data for direct marketing or cookies usage, or (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, or (c) processing is necessary for compliance with a legal obligation to which the controller is subject (e.g. official requests of state institutions in case of administrative or criminal investigations), or (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (e.g. to defend our rights in court).

Disclosure of Data

We do not disclose personal data to anyone except if we believe it is necessary to comply with law, enforce our policies, or protect our or others’ legal rights. This does not include trusted third parties (i.e. data processors) which help us to operate our business and services as long as they agree to keep personal data confidential. We may disclose your personal data in the good faith belief that such action is necessary to:

  • To comply with a legal mandatory obligation
  • To protect and defend the rights or property of the Company
  • To protect the personal safety of users
  • To protect against legal liability

Security of Data

The security of your data is important to us, but please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. Both technical and organisational measures are used in the Company for protection of personal data. Data are stored securely, and can be accessed by a limited number of persons.

Cross-border transmission of personal data. Personal data are processed in the territory of the European Union / European Economic Area. It may be necessary in some cases to transmit personal data to the recipients located outside of the territory of the European Union / European Economic Area. The Company takes steps to protect personal data in such cases and can rely on the adequacy decision of the European Commission, which means that, in view of the European Union, the laws and agreements in that country ensure adequate protection of personal data. In the absence of the adequacy decision of the European Commission, the Company (as the data controller) or its data processor may transfer personal data to a third country or international organisation outside of the territory of the European Union / European Economic Area only if the data importer has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available.

Service Providers

We may employ third party companies and individuals to facilitate our website (further in the text referred to as Service Providers or data processors), to provide the Service on our behalf, to perform Service related services or to assist us in analysing how our website is used. These third parties may have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. Upon your request we will disclose to you detailed information about our Service Providers.

Your personal data can be transferred to:

  • providers of IT, server, mail, archiving, marketing, accounting services
  • other affiliate companies of Company’s group
  • notaries, bailiffs, attorneys, consultants, auditors and debt recovery companies
  • law enforcement authorities, courts and other dispute settlement institutions
  • potential or existent successors of our business

Children’s Privacy

Our Service does not address anyone under the age of 18 (further in the text referred to as Children). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We may also let you know via email and/or a prominent notice on our website, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Your Rights

As a data subject, you have the following rights:

  • the right to receive information if we process your personal data, and if so, the right to access such personal data
  • the right to contact us with a request of rectifying inaccurate personal data
  • the right to have the personal data erased, if you believe that there is no need for the Company to keep them, or if you had given consent and then decided to withdraw it. The request may be granted only if it is well-grounded, except in direct marketing or cookie cases where you have full discretion to revoke your consent. Also, this right may not apply where the processing is related to legal obligations, or establishment, exercise or defence of legal claims
  • the right to receive the personal data or transfer them to another entity (the so-called right of data portability). This right applies where personal data are processed by automated means, based on your request
  • the right to restrict processing of the personal data in certain circumstances. It means that we will continue storage of your personal data, but we will be unable to process them temporarily. (For instance, that may be necessary if inaccurate data are found. It is likely that you would not want data processed until they are rectified)
  • the right to object to processing of personal data if the processing is carried out based on legitimate interests of the Company or third parties. You may exercise this right if you believe that the legitimate interests of processing such personal data pursued by the Company are overridden by your personal interests.
  • the right to withdraw your consent to processing of personal data for direct marketing purpose.

If you wish to exercise these rights, you may contact the Company in writing, including electronically.

In order to implement the rights of a data subject, your identity needs to be authenticated. If your identity is not authenticated, it is impossible to make sure, if a request is filed by the same person, whose personal data is processed. Therefore, we may be unable to implement your data subject’s rights.

We may refuse to examine your request on the implementation of the rights or we may charge a fee for this service, if your request is clearly unjustified or filed in excess, also in other cases provided in the legal law.

If you believe that the manner of processing of personal data at the Company is inconsistent with the effective legislation, you have the right to contact the local data protection authority.

Contact Us

If you have any questions about this Privacy Policy or your personal data processing, please contact us by email: info@grynumberhealth.com