GRIGEO PRIVACY POLICY
As one of the largest company groups in the paper and wood industry in the Baltic States, AB Grigeo group of companies recognizes the importance of personal data protection and respects the right of every person to personal data protection.
This Privacy Policy (hereinafter – Privacy Policy) provides information about how AB Grigeo (code of legal entity 110012450, registered address: 10 Vilniaus str., Grigiškės, Vilnius city municipality, Lithuania (hereinafter – Company)) processes the personal data that you may provide on the website www.grite.lt (hereinafter – Website), in the accounts of our social media sites, by contacting us by email or phone, or when you visit the Company’s office.
What personal data are we collecting?
When you visit the Company’s office, visit the website, accounts of social media sites, or contact us by email or phone, we may collect the following information:
Information collected through cookies (more details in the section “What cookies are used on this website?”);
Information that you provide through inquiries, applications or complaints (name, surname, email address, text of your inquiry). We will store these data for 2 (two) years after receipt of your inquiry;
Information that you provide when you want to take part in competitions, promotional events and/or lotteries organized by us (name, surname, email address, phone number and other data that we ask you to provide according to the rules of the competition or promotional event). We will keep these data for the term defined for the particular competition, promotional event and/or lottery on the ground of the consent expressed by providing us your personal data in order to be able to take part in the competition, promotional event or lottery;
The data that you provide of your own free will and active actions (name, surname, comment, inquiry, etc.) through the accounts of our social media sites (e.g. Facebook). We will store these data for 2 (two) years after their submission;
Your video data if you are seen on video surveillance when visiting the Company’s office. We process video data of our employees and other persons, who are seen on video surveillance, on the ground of our lawful interest, in order to ensure the safety of persons and property. We will store these data for 14 (fourteen) calendar days;
Any other personal data provided by you at any time through our website or by contacting us. We will store these data for 2 (two) years after their submission.
What cookies are used on this website?
A cookie is information that the internet server sends to the browser and that is stored in the browser. This information is sent to the internet server each time the browser asks to open a page from the server. This allows the server to set and watch the internet browser.
More information on the cookies used on the website is available here:
| Cookie’s name
|
Cookie’s purpose
|
Creation moment
|
Validity period
|
Used data
|
| laravel_session
|
Used as an identifier of the system’s session of the system php laravel (https://laravel.com/)
|
On entrance to the website
|
Until the website’s window is closed
|
Unique ID
|
| _ga
|
Used to collect statistical information on the website’s visiting
|
On entrance to the website
|
2 years
|
Unique ID
|
| _gat
|
Used to restrict number of referrals to doubleckick.net
|
On entrance to the website
|
1 minute
|
Integer number
|
| _gid
|
Used to collect statistical information
|
On entrance to the website
|
24 hours
|
Unique ID
|
| XSRF-TOKEN
|
CSRF / XSRF safety marker used to protect the website from attacks of type CSRF
|
On entrance to the website
|
Until the website’s window is closed
|
Unique ID
|
To whom can we disclose your personal data?
We may disclose your personal data to any company of the AB Grigeo group of companies.
We may also disclose your personal data to personal data processors who are providing services or carrying out works for us (providers of information technologies, software maintenance and administration services, security services, document archiving services, etc.) and are processing your data on behalf of the Company that acts as your data controller. The data processors have a right to process personal data only according to our instructions and only within the necessary scope. When we use the services of data processors, we undertake all the necessary measures to ensure that our data processors have implemented appropriate organizational and technical means that guarantee personal data safety and preservation of confidentiality of personal data.
Your personal data will not be transferred to any third country and/or international organization.
How are the personal data provided through social media sites used?
The manager of the social network controls all the information provided through social media sites (including messages, usage of fields “Like” and “Follow”, and other communication).
At present we have the following accounts in social media sites:
In the network “Facebook” –_@Grigeo.grupe, @grite.lt, the privacy notice of which is available at https://www.facebook.com/privacy/explanation
In the network “LinkedIn” – Grigeo, the privacy notice of which is available at https://www.linkedin.com/legal/privacy-policy
In the network “YouTube” – Grite video, the privacy notice of which is available at https://policies.google.com/privacy?hl=en#application
We recommend that you read the privacy notices of third parties and to contact service providers directly if you have any questions about your personal data usage.
How are your personal data processed?
Your personal data will be processed in accordance with the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts.
We are processing your personal data only on the lawful grounds defined in the legal acts regulating personal data protection – your consent and when personal data have to be processed for the lawful interest of the company (video surveillance).
While processing your personal data, we are using organizational and technical means that guarantee protection of personal data from accidental or unlawful destruction, modification, disclosure and any other unlawful processing.
How long do we store your data?
We will store your personal data during the terms specified in this Privacy Policy. When these terms expire, the data will be deleted or destroyed.
When your personal data are contained in the texts of certain documents (contracts, orders, applications, etc.), we will archive and store them for the terms specified in General Index of Storage Terms of Documents approved by the order of the Chief Lithuanian Archivist.
We promise to store your personal data in all cases for not longer than needed for data processing purposes or required by legal acts, if a longer data storage term is provided in such legal acts.
What rights do you have?
You have the right:
to submit a written request to us to provide you with information on whether we are processing data related to you and if the data are processed, you have a right to access your personal data and the following information: purposes of data processing; categories of certain personal data; data recipients or their categories, to whom your personal data were or will be disclosed; when possible, planned storage period of personal data and, if impossible, criteria used to determine such a period;
to demand to correct inaccurate personal data or to supplement incomplete personal data;
to demand to delete your personal data. Although this right is not absolute, it can be justified by one of the following reasons: personal data are no longer needed to achieve the purposes, for which they were collected or otherwise processed; you decide to withdraw your consent for personal data processing when such processing is based exclusively on the ground of consent and there is no other ground for processing your personal data are present; your personal data were processed unlawfully; your personal data have to be deleted when we are obliged to do so;
to demand to restrict processing of your personal data in one of the following cases: you contest data accuracy for the period, during which we can verify that accuracy; the processing of your personal data is unlawful and you do not agree to their deletion and thus you ask to restrict their usage instead; we do not need your data for processing purposes any more, but you need them in order to lodge, execute or defend legal demands. When processing of your personal data is restricted, we may process such data (save for storage) only upon receipt of your consent or if we want to lodge, execute or defend legal demands and/or protect your or another person’s rights, or because of public interest;
to ask to forward the processed personal data to another data controller if it is technically possible;
to lodge a complaint if you believe that your rights of the data subject were and/or could have been violated.
How can you implement your rights?
In order to implement your rights, you may submit applications, complaints or demands to us in writing:
by email: info@grigeo.lt
by post to 10 Vilniaus str., Grigiškės, 27101 Vilnius city municipality, Lithuania
in person at the office of AB Grigeo at 10 Vilniaus str., Grigiškės, 27101 Vilnius city municipality, Lithuania
We will reply to all applications, complaints or demands received in writing according to the terms and conditions provided in the legal acts and we will try to provide information to you as soon as possible, but within not later than 30 days after receipt of your application.
If we have any doubts about the identity of the person submitting an application, complaint or demand, we have a right to ask for the applicant’s personal identity document.
If we are not able to provide the information you need, and/or you have complaints about the mode of how your personal data are processed, you may appeal to the State Data Protection Inspectorate.
How will we inform you about changes to our Privacy Policy?
We may update or modify this Privacy Policy at any time. The updated or modified Privacy Policy comes into effect when it is posted on our website. You should check it occasionally and make sure that the current version of the Privacy Policy suits you.
When we update the Privacy Policy, we will inform you about the essential changes (in our opinion) by posting them on the website. You may look at the “Updated on” date on the bottom if you want to know when the Privacy Policy was last updated.
How to contact us?
If you have any questions about the conditions of this Privacy Policy, you are welcome to contact us using the particulars below, by calling the phone number provided below or by sending your inquiry by email or registered mail:
AB Grigeo
Code of legal entity 110012450
Registered address: 10 Vilniaus str., Grigiškės, 27101 Vilnius city municipality, Lithuania
Phone: +370 5 243 5801
Email: info@grigeo.lt
The law of the Republic of Lithuania shall be applicable to this Privacy Policy. All disputes arising from the provisions of the Privacy Policy shall be settled by means of negotiations, and if agreement is not reached, they shall be referred to the courts of the Republic of Lithuania in Vilnius.
This Privacy Policy was last updated on 24 May 2018.