Privacy Policy

UAB “INRĖ” PRIVACY POLICY

 

  1. INTRODUCTION

 

1.1. UAB “INRĖ” (hereinafter – the Company), company code 303231307, registered office address: Vėtrungių g. 21-11, Vilnius, specializes in the provision of remote administrative services and e-commerce. The Company operates transparently, honestly, and responsibly.

1.2. We are flexible and dynamic, always responding promptly to our clients’ needs and feedback. We value client opinions regarding our services and take them into account. We assess information objectively and provide professional advice tailored to each client’s needs. The client is the most important part of our company. We are constantly learning and maintain professional standards to meet our clients’ expectations. We deliver professional solutions for everyone.

1.3. We respect the rights of our Clients and other data subjects to their private information and process their personal data lawfully and fairly in order to maintain their trust.

1.4. We only collect the data necessary to provide services, sell products, conduct business, and/or when visiting, using, or browsing the Company’s websites and pages (hereinafter – the Website). We ensure that the collected and processed client data is secure and used solely for its intended purpose.

1.5. By submitting your personal data to us, you agree to the terms of this Privacy Policy, understand its provisions, and agree to comply with it.

1.6. The purpose of this Privacy Policy is to inform about how the Company protects clients’ privacy, explain how the Company safeguards clients’ personal data, and help clients understand how their data is processed and what their rights are.

 

  1. DEFINITIONS

2.1. Client – any natural person, data subject, who orders, purchases, uses, has used, or has expressed the desire to use the Company’s services, visits the Company’s website, points of sale, or is otherwise related to the services provided by the Company.

2.2. Personal Data – any information that is directly or indirectly related to a Client whose identity is known or can be directly or indirectly determined using the relevant data. The processing of Personal Data means any operation performed with Personal Data (including collection, recording, storage, editing, modification, granting access, submitting requests, transfer, archiving, etc.).

2.3. Services – any products, goods, and/or services offered by the Company, whether electronically or non-electronically.

 

  1. PROCESSING OF PERSONAL DATA

3.1. The Company processes personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter – the Regulation), the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other legal acts governing the processing of personal data.

3.2. The scope of processed personal data depends on the services ordered, purchased, or used by the individual, and on the information provided by the person as a visitor of the Company’s website when ordering, purchasing, and/or using the Company’s services, visiting or registering on the Company’s website.

 

  1. SOURCES OF PERSONAL DATA

4.1. The Client provides personal data directly by contacting the Company, registering for services, using the Company’s services, purchasing goods, participating in loyalty programs, lotteries or contests, surveys or research, leaving comments, submitting questions, subscribing to newsletters and/or using the Company’s services, or by requesting consultation from the Company.

4.2. Personal data is obtained when the Client visits the Company’s website at: www.colostrum.lt. The Company uses cookies on the website. Cookies are files that store information on the Client’s hard drive or browser. This allows the Company to recognize that the Client has previously visited the Company’s website. The Company uses cookies to ensure the Client has the most convenient browsing experience.

4.3. Personal data is obtained on the basis of the Client’s consent. When the Client has expressed a wish to receive information or provide feedback regarding specific products and/or services, personal data may be processed to ensure the delivery of relevant information. For the purposes of client opinion surveys, market research and statistical data collection, organizing games and promotions for Clients, personal data may be processed upon receiving the Client’s consent or based on the Company’s legitimate interest in improving service quality, enhancing customer experience, and developing new products and services. The Client has the right to withdraw the consent given to the Company at any time. The consent remains valid until it is fulfilled or withdrawn, whichever occurs first. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

 

  1. PROCESSING OF PERSONAL DATA

5.1. By providing personal data to the Company, the Client agrees that the Company may use the collected data to fulfill its obligations to the Client and to provide the services expected by the Client. The Company requires the Client’s personal data for the following purposes:

5.1.1. To maintain relationships with Clients and to facilitate and administer access to the Company’s products and services.

5.1.2. For the conclusion and performance of product sales and service agreements with the Client, and to update Client data using external and internal registers, when necessary for contract performance or to take steps at the Client’s request prior to contract conclusion, or to fulfill a legal obligation.

5.1.3. For the purpose of electronic commerce.

5.1.4. For processing product orders, resolving issues related to product sale, delivery or supply, and fulfilling other contractual obligations.

5.1.5. To protect the interests of the Client and the Company. This includes ensuring service quality, and maintaining records of business communication (e.g., recording telephone conversations).

5.1.6. For direct marketing, loyalty programs, promotional campaigns (including direct marketing games, lotteries, and contests), loyalty card and discount administration, and to provide offers, news, services, products, or newsletters requested by the Client or deemed of interest to the Client by the Company.

5.1.7. To ensure the safety of Company employees, Clients, and property (video surveillance).

5.1.8. For the purpose of assessing Clients’ creditworthiness and managing debts.

5.1.9. For personnel recruitment purposes (processing of candidate personal data). The Company processes candidates’ personal data (email address, name and surname, phone number, all information provided in the CV and cover letter, and the position applied for) submitted directly via email or through job portals in order to conduct recruitment for specific positions. Candidate data is processed on the basis of consent and stored only for the duration of the recruitment process unless the candidate consents to a longer retention period. The Company does not collect or process special categories of personal data from candidates.

5.1.10. For other purposes where the Company has the right to process the Client’s personal data, based on the Client’s consent, the Company’s legitimate interests, or legal obligations imposed by applicable laws.

 

  1. DISCLOSURE OF PERSONAL DATA

6.1. The Company undertakes to maintain the confidentiality of the Client’s personal data. Personal data may be disclosed to third parties only when necessary for the conclusion and performance of a contract in favor of the data subject or for other legitimate reasons.

6.2. The Company may provide personal data to its data processors who provide services to the Company and process personal data on the Company’s behalf. Data processors are entitled to process personal data only according to the Company’s instructions and only to the extent necessary for fulfilling contractual obligations. The Company engages only those data processors who ensure adequate implementation of technical and organizational measures to ensure that data processing complies with the Regulation and guarantees the protection of the data subject’s rights.

6.3. The Company may also provide Client data in response to requests from courts or government authorities to the extent necessary to comply with applicable laws and instructions of such authorities.

6.4. The exchange of personal data within the Company may be necessary for specific predefined purposes. The Company may be required to disclose personal data to the following recipients: companies within the same group, business partners, and data processors (subcontractors).

 

  1. PERSONAL DATA RETENTION PERIOD

7.1. The personal data collected by the Company is stored in printed documents and/or in electronic format within the Company’s information systems. Personal data is processed no longer than necessary to achieve the purposes of data processing or as long as required by data subjects and/or stipulated by legal acts.

7.2. Although a Client may terminate the agreement and discontinue the use of the Company’s services, the Company is still obliged to retain the Client’s personal data due to possible future claims or legal demands, until the applicable data retention periods have expired.

 

  1. CLIENT’S RIGHTS AS A DATA SUBJECT

8.1. The Client has the right to:

8.1.1. Contact the Company with a request for information on whether the Company processes their personal data and, if so, to access such data.

8.1.2. Request the Company to rectify their personal data and/or suspend the processing of such data (except for storage) if, upon accessing the data, it is determined that the data is incorrect, incomplete, or inaccurate.

8.1.3. Request the Company to delete their personal data that is processed solely on the basis of the Client’s consent, if the Client withdraws such consent. This right does not apply if the data is also processed on other legal grounds, such as contract performance or compliance with legal obligations.

8.1.4. Restrict the processing of their personal data in accordance with applicable legal provisions, for example, during the period when the Company is assessing whether the Client has the right to request deletion of their data.

8.1.5. Receive the personal data they provided, which is processed based on consent or contract, in written or commonly used electronic format, and, where technically feasible, transfer such data to another service provider (data portability).

8.1.6. Object to the processing of their personal data when such processing is based on legitimate interests, including profiling for direct marketing purposes (e.g., receiving marketing offers or participating in surveys).

8.1.7. Withdraw their consent to the processing of personal data for direct marketing purposes at any time.

8.1.8. Object to being subject to a decision made solely by automated processing, including profiling, if such decision produces legal effects or similarly significantly affects the Client. This right does not apply when such decision-making is necessary for entering into or performing a contract with the Client, is permitted by applicable laws, or the Client has given explicit consent.

8.1.9. Lodge a complaint with the State Data Protection Inspectorate if an issue cannot be resolved with the Company.

8.2. The Client may exercise their rights by contacting the Company:

8.2.1. By submitting a written request in person, by mail, through a representative, or via electronic communications – by email: ina@diabetas24.lt;

8.2.2. Verbally – by phone: +37061823673;

8.2.3. In writing – to the address: UAB “INRĖ”, Vėtrungių g. 21-11, Vilnius, LT-06313.

8.3. The Company processes clients’ requests related to data subject rights free of charge. However, processing may be refused or a reasonable fee may be charged if the request is clearly unfounded or excessive, or in other cases provided for by law.

 

  1. CLIENT’S RESPONSIBILITY

9.1. To inform the Company about any changes to the information and data provided. It is important for the Company to have accurate and up-to-date Client information.

9.2. To provide the necessary information that would allow the Company, upon the Client’s request, to identify the Client and ensure that it is communicating and cooperating with the correct individual (e.g., by providing a valid identity document or by means established by law or through electronic communication methods that enable proper identification of the Client). This is necessary to protect the Client’s and other individuals’ data, ensuring that information about the Client is disclosed only to the Client, without violating the rights of others.

 

  1. FINAL PROVISIONS

10.1. This Privacy Policy is an integral part of the Services provided by the Company. As the Company develops and improves its operations, it reserves the right to unilaterally amend this Privacy Policy at any time. Clients are advised to regularly review the latest version of the Privacy Policy on this website to stay informed of any updates.