Privacy Policy


Effective date 27th of November 2021


INTRODUCTION

This website stanco.lt (the “Website”) is operated by TOV «MNVK «Stanco Group» registered in Ukriane (called in this notice “Controller” “we”, “our” or “us”).


1. PURPOSE OF THIS POLICY

This privacy policy tells you about the information we collect about you when you visit our Website or otherwise provide us with information.

We are committed to processing your personal data in full compliance with our legal obligations as well as being clear with you about what kind of data is collected, how it is used and passed on, what security measures we take to protect your data and how you can exercise your rights.


2. LEGAL BASES OF PROCESSING OF YOUR PERSONAL DATA

Your personal data may be processed on the following legal grounds:

  • Art. 6 (1) lit. a) GDPR is the legal basis for processing on the basis of consent obtained from you for a specific processing purpose.
  • Art. 6 (1) lit. b) GDPR applies if your personal data is processed to conduct pre-contractual measures and to comply with contractual obligations.
  • Art. 6 (1) lit. c) GDPR applies if we are subject to a legal obligation requiring the processing of personal data, for instance to comply with tax-related obligations.
  • Art. 6 (1) lit. d) GDPR applies if the processing of personal data is necessary to protect your vital interests or those of another natural person.
  • Art. 6 (1) lit. f) GDPR applies in the case of a legitimate interest pursued by us or by a third party.

3. DURATION OF STORAGE OF PERSONAL DATA

We will only process and store your personal data for the period required to perform the purpose for which it is being stored or if this is required by statute or other legal provisions. If the purpose lapses or is completed, your personal data will be deleted or blocked. If it is blocked, erasure will take place as soon as this is no longer precluded by statutory, constitutional or contractual retention periods, there are no grounds to assume that any erasure will be detrimental to your protectable interests and an erasure does not require disproportionate effort due to the special manner in which it is stored.


4. COLLECTING AND PROCESSING YOUR PERSONAL DATA


4.1. Log files

When visiting and using our Website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server, which are technically necessary for us to display our Website to you and to guarantee stability and security.

The information comprises:

  • Browser type and version used
  • The user’s operating system
  • The internet service provider of the user
  • IP address
  • Date and time of access
  • Web pages from which the user’s system accessed our website
  • Web pages accessed by the user’s system through our website

The data is stored in the log files of our system. The data is not stored with the user’s other personal data.

Purpose: The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session. The storage in logfiles is done to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our IT systems. An analysis of the data for marketing purposes does not take place.

Duration of data storage: The data will be deleted as soon as it is no longer necessary for the purpose of its collection. The session is complete when the collection of data for the provision of the Website is accomplished.

Legal basis for processing:

Art. 6 (1) f GDPR (legitimate interest)


4.2. Cookies

In addition to the aforementioned data, cookies or other technologies like pixels (hereinafter referred to as “Cookies”) are used on your computer when visiting and using our Website. Cookies are small text files that are stored by your browser on your device to save certain information or image files, such as pixels. The next time you visit our Website on the same device, the information saved in the cookies will subsequently be transmitted either to our Website (“First Party Cookie”) or to another Website to which the cookie belongs (“Third Party Cookie”).

Through the information saved and returned, the respective Website recognizes that you have already accessed and visited it with the browser you use on that device. We use this information to be able to design and display the Website in an optimum way in line with your preferences. In that respect, only the cookie itself is identified on your device. Beyond this extent, your personal data will only be saved upon your express consent or if it is strictly necessary to be able to use the service offered to and accessed by you accordingly.

Our Websites use cookies on various pages. Their purpose is to enhance our product and services, as well as to make our site more user friendly, more secure and simply better. Within the scope of our legitimate interest (Art. 6 (1) lit. f) GDPR) we utilise cookies that are technically necessary for the running of the Website and to secure its functionality. Depending on the purpose, these are permanently stored—even after the session has ended—(persistent cookies, e.g. opt out) or are deleted when the browser closes (so-called session cookies that are only valid for one browser session).

With your consent, we also use other cookies. These cookies help us to see how users use our Website, enabling us to design the Website content according to the visitor’s needs. In addition, cookies enable us to measure the effectiveness of a particular advert and to place it according, for example, to the user’s thematic interests. The legal basis for this is your consent (Art. 6 (1) lit. a) GDPR).


4.3. E-mail/Contact form

A contact form is available on our Website which can be used to contact us electronically. If you write to us using the contact form, we will process the information you provide to contact you, answer your questions and requests. If you contact us by e-mail, we will process the personal data provided for the purpose of processing your inquiry.

On our Website we use the Pipedrive CRM an integrated software solution by which we cover different aspects of our digital marketing, sales and customer relation management. Furthermore, we use the tool for analytical purposes of our web offer in order to optimize it and to offer you the best possible and user-friendly service.

For this purpose, we forward your data to Pipedrive, which processes the data exclusively at our request. All data required to complete the contact form is subject to the principles of data reduction and data economy, meaning you only have to provide the data that is absolutely necessary for processing inquiries and making contact.

Collected data: Usage data, connection data. Your data will be processed to enable us to contact you, to process your request and to provide you with our respective services, to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of data storage: The data is deleted as soon as it is no longer required for the processing purposes.

Legal basis for processing:

Art. 6 (1) b GDPR (when processing in the context of a contract or a situation similar to a contract)

Art. 6 (1) f GDPR (legitimate interest)


4.4. Third party providers

4.4.1. Google Analytics

This Website uses the services Google Analytics of the third party provider Google Ireland Limited a company organized and existing under Irish law (register number: 368047) having its seat at Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics is a service that enables us to analyze user behavior on our Website. Google Analytics uses cookies for this. Our Website uses the service Google Analytics on an exclusively pseudonymous basis. Your IP address is only recorded in abbreviated form and is hence anonymized.

The following data is collected and processed:

  • IP-Addresses (anonymized)
  • Usage data
  • Click path
  • App updates
  • Browser information
  • Device information
  • JavaScript support
  • Pages visited
  • Referrer URL
  • Downloads
  • Flash-version
  • Location information
  • Purchase activity
  • Widget interactions
  • Date and time of visit

If you have agreed to the setting of cookies, the information generated by these cookies about the use of this Website to the best of our knowledge, are also transmitted to and stored by Google on servers in the United States.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

The processing of your personal data (IP address, cookies, device IDs) takes place on the basis of your consent (Art. 6 (1) lit. a) GDPR), provided that you have given this via our cookie banner. You can revoke this consent at any time by calling up our cookie banner again and changing your settings for the cookies under the “Cookie Settings” button.

In addition you can prevent the storage of cookies by setting your browser software accordingly or you can prevent the collection and transfer of data generated through cookies in the course of the usage of our website (inclusive your IP address) to Google and the processing of such data by Google, by downloading and installing the browser plugin available under the following Link https://tools.google.com/dlpage/gaoptout?hl=en (external link to Google).

Data may be transferred to the USA as part of processing by Google Analytics. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1) (a) GDPR prior to the data processing.


4.4.2. Google Tag Manager

We use the Google Tag Manager to embed contents of third-party providers (e.g. Google Analytics). This is a technical solution which does not itself store or read cookies or similar technologies requiring consent, but merely controls the conditions under which the other programs used on our Website.

Purposes of data processing: Functioning and optimisation of the website and ensuring the security of our information technology systems if our website is used for mere information purposes; integration and display of features and contents which we do not provide ourselves.

Collected data: Usage data, connection data. Legal basis: Art. 6 (1) point (f) GDPR. Duration of storage: The data are deleted as soon as they are no longer needed for the processing purposes.

You can find further information on the tag manager at: https://www.google.com/intl/de/tagmanager/use-policy.html


4.4.3. Google Ads (formerly Google Adwords) and Google Ads Conversion Tracking

This website uses the service “Google AdWords”. The operator of this service is the company Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. The purpose of this service is so-called conversion tracking, i.e., we can detect what happened after you clicked on our advertisements. Cookies are placed for this purpose, but they are only valid for a limited time.

Our aim is for our advertising campaigns to reach only those people, who are interested in our offers. With the conversion tracking tool, we see what keywords, ads, ad groups and campaigns lead to the desired customer actions. We see how many customers interact with our ads on a device, to then convert. With this data we can calculate our cost-benefit-factor, measure the success of individual ad campaigns and therefore optimise our online marketing measures. With the help of the obtained data we can give our website a more interesting design and customise our advertising offer better to your needs.

The following data is collected and processed:

  • Cookie-ID
  • Visited Pages
  • IP Addresses
  • Duration of visit
  • Usage data
  • Content user is interested in
  • Clicked Ads
  • Web requests
  • Cookie information
  • Referrer URL
  • Browser language
  • Browser type

The legal basis of the processing is your consent according to Art. 6 (1)(f) GDPR. The Controller has a legitimate interest in analyzing user behavior in order to optimize both their website and their advertising.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

Data may be transferred to the USA as part of processing by Google Ads. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.


4.4.4. Pipedrive CRM

To process and respond to your concerns, requests, and messages as quickly as possible, we have connected our contact forms to the customer relationship management tool (“CRM tool”) Pipedrive. The system sends the data submitted when filling out the form to Pipedrive and stored on Pipedrive’s servers.

We use the CRM system Pipedrive of provider Pipedrive OÜ based on our legitimate interests as per Art. 6 (1) point (f) GDPR (efficient and fast processing of user inquiries, existing customer management, new customer business), a private limited company established under the laws of the Republic of Estonia, with the address Paldiski mnt 80, Tallinn, 10617, Estonia. The company is registered in the Estonian Commercial Register under reference number 11958539, and a subsidiary of Pipedrive US. For this purpose, we have entered into a contract with Pipedrive using so-called standard contractual clauses, in which Pipedrive undertakes to process User Data only following our instructions and to comply with the EU level of data protection. Pipedrive US is also certified under the Privacy Shield agreement and offers an additional guarantee of compliance with European data protection law. You can access Pipedrive’s privacy policy here: https://www.pipedrive.com/en/privacy. Further information can be found here: https://support.pipedrive.com/article/pipedrive-and-gdpr .

Your data will be deleted from the Pipedrive CRM tool once we have processed your request and the purpose for storing it has ceased to exist, and there are no other legal exceptions to the contrary. You can get information about the data stored concerning your person upon request.


4.4.5. Facebook Custom Audiences

Our website uses the “Custom Audiences” remarketing function of Facebook Inc. (“Facebook”). This allows users of the website to see interest-based advertisements (“Facebook ads”) when visiting the social network Facebook or other websites that also use the process. We want to show you advertisements that are of interest to you in order to make our website more interesting for you.

Due to the marketing tools used, your browser automatically establishes a direct connection to the Facebook server. We do not have any influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: By integrating Facebook Custom Audiences, Facebook receives information that you have accessed the corresponding website of our online presence or that you have clicked on one of our ads. If you are registered with a Facebook service, Facebook may associate your visit with your account. Even if you are not registered with Facebook or have not logged in, it is possible that the provider may obtain and store your IP address and other identifying features.

The legal basis for the processing of your data is Art. 6 Para. 1 (1) (f) GDPR. For more information about Facebook’s data processing, please visit https://www.facebook.com/about/privacy.


4.4.6 Tilda Publishing

Our pages use features of Tilda Publishing. Provider is Tilda Publishing, Ltd, 107031, Moscow, Moscow region Meshchansky, st. Kuznetsky Most, 19, bldg. 1, floor / pom. 2 / I, room 28, Russia. Tilda Publishing is a platform for creating websites, online stores, or landing pages.


Tilda Publishing makes copies of our Website and places them on their own servers. When you visit our Website, you will automatically be connected to Tilda Publishing servers which deliver the data.

We use Tilda Publishing to increase the speed of developing and operation of our website while reducing latency and thus improving/optimizing the user experience as well as to ensure the security of our website and information technology systems.

You can access Tilda Publishing’s privacy policy here: https://tilda.cc/privacy/


5. HYPERLINKS

The Website may contain hyperlinks, which refer you to content provided on websites operated by third parties. As TOV «MNVK «Stanco Group» is not legally responsible for the content and the data protection compliance of such third-party-operated websites, we kindly ask you to closely pay attention to the respective privacy terms of these third-party-operated websites.


6. YOUR RIGHTS AS A DATA SUBJECT

We would first like to inform you of your rights as a data subject as defined in the following articles:

  • Information rights (Art. 13, Art. 14 EU GDPR)
  • The right of access (Art. 15 EU GDPR)
  • The right to erasure (Art. 17 EU GDPR)
  • The right to rectification (Art. 16 EU GDPR)
  • The right to data portability (Art. 20 EU GDPR)
  • The right to restriction of processing (Art. 18 EU GDPR)
  • The right to object (Art. 21 EU GDPR)
  • The right to withdraw consent (Art. 7 EU GDPR)
  • The right to lodge complaint with supervisory authority (Art. 77 EU GDPR)

To exercise these rights, please contact: privacy@stanco.lt.The same applies if you have questions about data processing in our company. You also have the right to appeal to the data protection supervisory authority (please see below).


6.1. Right to object

Please note the following in connection with the right to object:

If we process your personal data for the purpose of direct marketing, you have the right to object at any time without giving reasons. This right also applies to profiling as long as it is connected with direct advertising.

If you object to the processing of your personal data for direct marketing purposes, we will no longer process it for these purposes.

In the event that we process your data to safeguard legitimate interests, you can object to such processing at any time for reasons relating to your particular situation; this also applies to profiling based on these provisions.

We shall no longer process the personal data unless the we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.


6.2. How can you withdraw your consent?

If you gave us your consent to processing your personal data, please note that you may withdraw this consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

If you have consented to receive our newsletter, you may withdraw this consent yourself using the unsubscribe link in the newsletter.

In all other cases or if you have problems withdrawing your consent on this website, you can contact us via privacy@stanco.lt


7. DATA TRANSFER TO A THIRD COUNTRY

In third countries, the same level of data protection may not be guaranteed as in the European Economic Area. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take reasonable measures to maintain an adequate level of data protection when sharing your personal data with such countries. If data is transferred to a third country, we ensure that this transfer only takes place in accordance with the statutory provisions (Chapter V GDPR). In this respect, we always orientate ourselves on the current case law and follow the applicable recommendations of authorities in order to be able to ensure that your data is protected at the same level as the GDPR. In the case of a transfer outside of the EEA, this transfer is safeguarded in accordance with Chapter V GDPR. You can find further information about the aforementioned safeguards by following this link https://ec.europa.eu/info/law/law-topic/data-protection_en or contact us via privacy@stanco.lt for specific information on respective safeguards.


8. SECURITY

Data you insert on our Website is transmitted using SSL encryption. We protect our Website and other systems by technical and organizational measures against loss, destruction, access, modification or dissemination of your data by unauthorized persons.


9. CHILDREN AND MINORS

We do not process personal data relating to children and minors under the age of 13 years, unless we are legally obliged to do so. If we become aware that data were transferred to us or collected by us relating to children and minors under the age of 13 years without the informed consent of a parent or legal guardian, we will delete such personal data without any undue delay.


11. CONTACTING US

If you have any questions, comments, complaints or suggestions in relation to this notice, or any other concerns about the way in which we process data about you, please contact us via email: privacy@stanco.lt


12. AMENDMENT OF PRIVACY POLICY

We may update our Privacy policy from time to time. Updates of our Privacy policy will be published on our Website. Any amendments become effective upon publication on our Website. We therefore recommend that you regularly visit the site to keep yourself informed on possible updates.