Your order is below the minimum. €20.00 amount (excluding shipping costs). The current amount of your order is €0.00.
Privacy Policy
Small partnership "AmberHuman" (hereinafter - AmberHuman), address Sakalo 7-2, Palanga 00169, company code 305918353 pays great attention to the protection and privacy of the data of its customers, employees and partners, fair, responsible and lawful data processing and constantly updates its knowledge and applied methodologies in the field of data protection and privacy. Website address: www.amberhuman.lt.
CONCEPTS:
Personal data – any information related to a natural person – a data subject, whose identity is known or can be directly or indirectly determined using relevant data (for example, name, surname, personal identification number, telephone number, etc.).
Data controller – the legal entity that determines the purposes and means of processing personal data (“AmberHuman”).
Data Controller – a natural or legal person who processes personal data on behalf of the data controller, i.e. AmberHuman.
Data subject – you, AmberHuman customers, as well as employees, partners and other natural persons whose personal data we process.
Processing of personal data – any operation performed on personal data, such as collection, recording, storage, modification, deletion, provision of access, etc.
Special personal data – data relating to a natural person's racial or ethnic origin, health, political, religious, philosophical or other beliefs, trade union membership, as well as information about a person's criminal record.
Politics – this privacy policy, which describes how AmberHuman collects and uses your personal data obtained when you visit our website (http://www.amberhuman.lt/).
Customer – any person who orders, purchases or uses AmberHuman services.
Depersonalized data – information that no longer relates to a natural person because all elements allowing the identification of the person have been removed from the personal data set.
Services – any products and/or services offered by AmberHuman, both electronically and non-electronically.
Traffic data – data processed for the purpose of transmitting information over an electronic communications network and/or for the purpose of recording such transmission. If traffic data directly or indirectly allows the identification of a person, they are also considered personal data
GDPR – The General Data Protection Regulation is a directly applicable EU law that entered into force on 25 May 2018. The Regulation concerns the protection of personal data and the rights of individuals to information about it. The Regulation gives users greater control over the data held about them by organisations. The Regulation applies to the processing of personal data relating to EU citizens by a natural person, company or organisation. The Regulation does not apply to the processing of personal data of legal persons.
In order to fulfill our obligations to you and provide you with quality services, in accordance with the data minimization principle established by the GDPR, we collect and process your personal data only when and to the extent necessary for a specific, defined and legitimate purpose. This privacy policy (hereinafter referred to as the Policy) explains how we collect, use, store, transfer and otherwise process your personal information. Here you will also find information about your rights established in the European Union General Data Protection Regulation, the Law of the Republic of Lithuania on the Legal Protection of Personal Data and the legal acts of the Republic of Lithuania regulating the protection of personal data.
We ensure that we use your personal information only for lawful purposes and are confident that:
• You have freely consented to the use of this information; or
• The use of your personal data is necessary for us to enter into a contract with you or to take steps to enter into a contract; or
• The use of your personal data is necessary for compliance with or enforcement of a relevant legal act, including the Regulation (GDPR), a legal act of the Republic of Lithuania, a recommendation, decision or other act adopted by the State Data Protection Inspectorate (hereinafter referred to as the VDAI), an instruction of the European Data Protection Supervisor; or
• The use of your personal data is necessary for the purposes of AmberHuman's legitimate interests, provided that it does not significantly impact your fundamental rights and freedoms and AmberHuman's legitimate interests are not overridden by your legitimate interests.
The purposes for which we process your personal data are as follows:
1) Making online purchases;
2) Conclusion and execution of contracts
3) Meeting the requirements of legal acts and state institutions;
4) Direct marketing;
5) Fulfillment of obligations established in legal acts regulating the prevention of money laundering and terrorist financing and the application of international sanctions;
6) Personal data is processed for internal administration purposes: for the selection of employees, conclusion and execution of employment contracts, proper performance of employer duties, communication with employees, ensuring appropriate working conditions. Use of your personal data for direct marketing purposes We may process your personal data for direct marketing purposes only with your consent. In such a case, we may contact you by e-mail, telephone or in another way to offer you services and/or ask for your opinion on the services offered. You have the right to refuse to receive direct marketing messages at any time by contacting us using the contacts specified at the end of this Policy.
7) For the purposes of document storage, archival management and confidential destruction.
8) For other purposes provided for in the GDPR and other legal acts and agreements between the Parties.
Who do we provide your personal data to?
We may share your personal data only for the purpose for which you provided it to us or to provide you with services, for example, with banks. When disclosing or transferring your personal data, we are committed to ensuring the integrity and security of your personal data.
We may provide your personal data to:
• Law enforcement and other state institutions and organizations implementing official powers in accordance with the procedure established by law, such as the Financial Crimes Investigation Service, the Special Investigation Service, the European Police Office (Europol), the European Police Office (Europol), etc.;
• The State Tax Inspectorate under the Ministry of the Republic of Lithuania for tax administration purposes;
• Your personal data may be provided to other entities to the extent necessary to establish the purposes specified in the previous section of the Policy. We will carefully and thoroughly assess all requests for the provision of your personal data received from law enforcement and state institutions. In response to such requests, we will provide your personal data only to the extent necessary to properly implement the legal acts of the Republic of Lithuania and the European Union and / or court decisions.
How do we protect your personal data?
We are committed to ensuring the confidentiality and security of your personal data provided to AmberHuman and to continuously invest in reliable technical, physical and organizational security measures to protect this information from accidental or unauthorized access, alteration, disclosure, unauthorized destruction, loss or any other unlawful processing of your personal data. In doing so, we ensure secure access to personal data, paying close attention to information, IT infrastructure, public and internal networks, physical and other protection.
How long do we store your personal data?
AmberHuman stores and processes your personal data for the period that is reasonably necessary to achieve the purposes of data processing set out in the Policy and the GDPR. Personal data is stored in a form that allows you to be identified for no longer than is necessary for the purposes for which the data were collected and processed. In some cases, AmberHuman may store your personal data for a longer period, for example, if we are obliged to do so by legal requirements or in AmberHuman's legitimate interest or due to archiving requirements (see, for example, the Index of General Document Retention Terms, approved by Order No. V-100 of the Chief Archivist of Lithuania). If your personal data is no longer necessary for the purposes of their processing, your personal data must be securely deleted, erased and/or stored in the manner and to the extent required by the legal acts of the Republic of Lithuania and the European Union, for example, regulating payment, accounting, money laundering prevention requirements, etc. (see, for example, the Law of the Republic of Lithuania on Electronic Money and Electronic Money Institutions, the Law of the Republic of Lithuania on Payments, etc.). Your personal data (including data processed for direct marketing purposes) are processed during the period of provision of services or for the purposes of acquiring a payment instrument, and after its expiration, if you terminate the contract or otherwise refuse the services provided by AmberHuman, AmberHuman will continue to store your personal data until the data storage periods expire (usually 10 years after the expiration or termination of the service contract or the acquisition of the goods). After the expiration of the storage period, we will destroy your personal data, unless otherwise specified by law.
What is the geographical area of processing your personal data?
Your personal data is processed for the purposes of concluding and performing service contracts (including the sale of goods). They are processed within the territory of the European Union (hereinafter referred to as the EU) or the European Economic Area (hereinafter referred to as the EEA) and may be transferred outside the EU/EEA in accordance with applicable law and agreements between the Parties. Personal data of employees and customers processed for internal administration purposes may be transferred and processed outside the EU/EEA when the transfer is necessary for the conclusion and performance of employment contracts. In such cases, AmberHuman always takes steps to ensure that any transfer of employees' personal data outside the EU/EEA is properly handled and the privacy rights of employees or customers are maximally protected. Therefore, AmberHuman concludes contracts only in strict compliance with the requirements of the GDPR.
A third country outside the EU/EEA where the recipient of the personal data of employees or Customers is located must, by decision of the EU Commission, ensure an adequate level of protection of personal data. In the case of the USA, the recipient of the personal data of employees or Customers must be approved in accordance with the requirements of the Privacy Shield (a data protection agreement between the EU and the United States of America).
Where do we get your personal data from?
AmberHuman receives your personal data from their primary source on the basis of free and voluntary consent. As specified in Article 12 of the Law of the Republic of Lithuania on the Legal Protection of Personal Data, consent is a voluntary statement of the data subject's will to process their personal data for a purpose known to them. Consent to process sensitive personal data must be expressed clearly - in writing, equivalent to it or in another form that undoubtedly proves the data subject's consent. However, sometimes information about your data may be collected from other sources, for example:
• State Enterprise "Center of Registers";
• Other public databases (such as SODRA, Credit Bureau, etc.),
Is automated decision-making, including profiling, used?
AmberHuman currently does not apply such measures.
What are your rights?
You can contact AmberHuman with a request:
• Confirm that we are processing your personal data;
• Provide you with a copy of this data;
• Provide information about your personal data being processed, for example,
• what personal data we collect about you,
• for what purpose we process them,
• for whom and for what purpose we collect and disclose them,
• whether we transfer that data outside the EU,
• what security measures we apply to them,
• how long we store your personal data
• and other information about your personal data.
• You may contact AmberHuman with a request to correct inaccurate personal data about you. AmberHuman will check the accuracy of your personal data before correcting them. If, after reviewing your personal data, you determine that your personal data is incorrect, incomplete or inaccurate, and contact AmberHuman, we will check your personal data and, at your request, correct the incorrect, incomplete, inaccurate data and/or suspend the processing of such personal data, except for storage. AmberHuman will inform the recipients of the data about the personal data corrected or destroyed at your request, the suspended processing of personal data, except in cases where providing such information would be impossible or excessively difficult (due to the large number of data subjects, data period, unreasonably high costs).
You may contact AmberHuman with a request to delete your personal data in the following cases:
• when they are no longer necessary to fulfil the purposes for which they were collected;
• when you have withdrawn your consent (applies to cases where the processing of your personal data was based on consent);
• when you have exercised your right to object to the processing of your personal data by AmberHuman;
• when you believe that your personal data is being processed unlawfully or improperly. If, having become familiar with your personal data, you believe that your personal data is being processed unlawfully and contact AmberHuman, your personal data will be checked for the lawfulness of the processing within a reasonable period of time, which is not shorter than 10 business days, and, taking into account your request, AmberHuman will suspend the processing of such personal data, except for storage, or correct the identified errors. Personal data is corrected and deleted or its processing is suspended upon receipt of your request. AmberHuman will not be able to implement your request to delete your personal data if the processing of your personal data is necessary:
• to implement legal obligations established in the GDPR or legal acts of the Republic of Lithuania, for example, resolutions of the Board of the Bank of Lithuania, etc.
You may contact AmberHuman with a request to restrict (for example, store but not use) the processing of your personal data when one of the following applies:
• You dispute the accuracy of the data for a period during which we can verify the accuracy of the said data;
• they are no longer necessary for the purposes of processing personal data for which they were collected, but they are required by the data subject for the establishment, exercise or defence of legal claims;
• you have objected to the processing of your data, pending verification of whether AmberHuman’s legitimate grounds override your legitimate grounds. When the processing of your personal data is restricted, we may process your personal data, with the exception of storage, only:
• with your consent;
• to establish, exercise or defend legal claims;
• to protect the rights of another data subject.
The right to data portability of your personal data.
You may request AmberHuman to provide you with the personal data relating to you, which you have provided to us, in a structured, commonly used and machine-readable format and in a user-friendly format / definition, or you may request that we transmit your personal data directly to another controller of your personal data, to the extent technically feasible and where:
• The processing of your personal data is based on your consent or the performance of a contract concluded with you;
• The processing of your personal data is carried out by automated means.
The right to disagree.
You may request AmberHuman to stop processing your data where such processing is based on your consent or may be necessary for the purposes of AmberHuman’s legitimate interests. Upon receipt of your request, AmberHuman will no longer process your personal data unless it demonstrates compelling legitimate grounds for the processing that override your interests or for the establishment, exercise or defence of legal claims. Withdrawal of consent does not affect the lawfulness of processing of your personal data based on consent carried out prior to withdrawal of consent.
NOTE: If you provide explicit consent for us to process your sensitive personal data, you may withdraw your consent to the processing of your personal data. However, you should be aware that if you decide to do so, we may not be able to continue to provide you with certain services, such as those related to purchases and sales and related services.
The right to object to direct marketing.
Where your personal data is processed for direct marketing purposes, you may withdraw your consent to the processing of personal data relating to you for direct marketing purposes. From the moment you withdraw your consent to the processing of data for direct marketing purposes, we will no longer process your personal data for these purposes.
The right to file a complaint regarding the processing of personal data.
If you believe that your personal data is being processed unlawfully, you have the right to file a complaint with the head of AmberHuman: info@amberhuman.lt, as well as to contact the Data Protection Inspectorate.
AmberHuman kindly asks all its Clients and Buyers, especially if you have any questions related to your personal data, to contact AmberHuman so that we can answer your questions. Important information you need to know in order to exercise your rights:
• When you submit a request to exercise your rights, we may ask you to provide proof of your identity - by providing an identification document or by confirming your identity by means of electronic communication that allows you to be properly identified.
• We will provide you with information about your processed personal data once a year free of charge. If you apply more than once per calendar year or your request is unfounded, repetitive or disproportionate, in such case we may charge a reasonable fee, the amount of which will not exceed the costs of providing the data. We will always inform you in advance about the obligation of such a fee, before responding to your request or inquiry.
• We will respond to all your requests and inquiries regarding the processing of personal data and provide the requested data no later than 30 (thirty) days from the date of application. However, the deadline may be extended if the request is particularly complex or you have submitted several inquiries. We will always inform you if the preparation of the response will take longer than one month. In order to speed up our response, we may ask you to provide more detailed information about what information you would like to receive.
• If you have any complaints or questions about how we process your personal data, please contact us using the contact details provided at the end of this Policy so that we can resolve your issue as quickly as possible.
AmberHuman's use of cookies.
The protection of the rights and interests of our customers is a cardinal goal of AmberHuman's long-term development, therefore ensuring the security of your personal data is very important to us. AmberHuman uses cookies technology. These tools serve to display the structure and content of the AmberHuman website www.amberhuman.lt, ensure the ability to provide you with customer self-service services, as well as maintain the functionality of the website and applications.
Cookies used:
Woocommerce - woocommerce_items_in_cart
Woocommerce - woocommerce_recently_viewed
Woocommerce - woocommerce_cart_hash
Woocommerce – tk_ai
PHP – PHPSESSID
Google – _ga
WordPress - wordpress_test_cookie
WordPress – of_current_opt
WordPress – wp-settings-3
WordPress - wp-settings-time-3
WPML Plugin - wp-wpml_current_language
Facebook - pressence, c_user, dart, dpr, oo, sb, spin, xs
Privacy Policy Changes, Updates.
In light of business developments and legal requirements, we may change this Policy, i.e. review and update it accordingly, so we recommend that you periodically visit our website, where you will find the latest version of this Policy. If we make significant changes to this Policy, we will notify you in advance by posting a notice on our website.
If you have any questions or suggestions regarding the processing of your personal data or this Privacy Policy, please contact us.
How to contact us?
Regarding data protection:
To exercise your rights or submit a request regarding your personal data processed by AmberHuman, you can contact the manager at the following address: info@amberhuman.lt.