Privacy Policy

We, UAB “Agrokoncerno grupė” (hereinafter referred to as the “Data Controller” or the “Company”), are the managers of the www.agrokoncernogrupe.lt website. This privacy policy (the “Policy”) of the website and of the companies affiliated with the Data Controller (a list of which can be found on the website https://www.agrokoncernogrupe.lt/lt/kontaktai/ under the section “Contact Us”) sets out the rules on how we collect and process your personal data.

We understand that the protection and confidentiality of your personal data is of the utmost importance to you, which is why the companies in our group have strict requirements in place to maintain the protection and confidentiality of your personal data. We emphasize that we make every effort to ensure compliance with the requirements of the General Data Protection Regulation and other legal acts of the European Union and the Republic of Lithuania regulating the protection of personal data. Taking into account that the protection of personal data is an exceptionally dynamic area, which requires us to continuously monitor the applicable Personal Data processing activities and their compliance with the requirements of personal data protection, therefore, when processing your personal data, we are also guided by the recommendations and conclusions of the State Inspectorate for Data Protection and other European Union responsible authorities.

In order to ensure compliance with applicable legal requirements, we apply all necessary and advanced technical and organisational measures to protect personal data. We emphasize that the terms of this Policy may be amended, updated and supplemented from time to time in order to ensure the highest possible level of protection of your personal data and the quality of our services. At the bottom of this Policy, you will find information regarding updates to this Policy and the date of the last revision.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). ADTAĮ – Law on Legal Protection of Personal Data of the Republic of Lithuania. Applicable law – GDPR, the GDPR, the GDPR or any other EU legislation published at the relevant time, as well as any data protection laws or regulations that are binding nationally or internationally. Personal data – any information that can be used to identify an individual, as well as any information about an individual who has already been identified. We aim to ensure that our processing of Personal Data complies in all cases with the requirements of Applicable Law, this Policy and our Company’s internal Personal Data Processing Rules. To ensure your trust in our Company, if you have any questions regarding the protection of your Personal Data, please contact us using the contact details provided in this Policy.

We receive almost all of your Personal Data directly from you, but in certain cases Personal Data may also be obtained in other ways. Below we provide you with some possible sources of your Personal Data:

– Most of the personal data is provided by you, e.g. by contacting us for the provision of certain services or the purchase of goods by phone, e-mail, subscribing to a newsletter, participating in events organised by companies of the Agrokoncerns group of companies, or concluding contracts for the provision of services and/or the supply of goods or other contracts with us;

– In some cases, we may obtain data about you (as an individual or as your company’s representatives, employees, etc.) from publicly available sources such as Public announcements on your company’s website (lists of employees, representatives), etc;

– We may also receive your Personal Data from third parties such as The tax authorities of your employer (our partner in mutual orders, contracts, etc.);

– We also receive your personal data automatically, e.g. when you come to the areas and/or premises monitored by our CCTV cameras (in this case, we receive your image, car registration number, etc.); Please note that, taking into account the existing contractual relationship between us and you, your wishes, the nature of the orders you have placed with us, and the nature of any other specifics of the cooperation with you, there is a likelihood that we may also collect different types of information about you from the information set out in this policy as it is relevant for the execution of a contract, the intention of the conclusion of a contract and similar. We will additionally inform you about the processing of your relevant Personal Data as our customers and/or partners, suppliers, in accordance with the Applicable Laws.

We process the Personal Data listed in this Policy and the Personal Data you provide to us on the legal grounds set out below (in accordance with the provisions of the Applicable Laws, the relevant Personal Data may be processed on the basis of more than one legal basis):

– Your consent (in certain cases and only with your free choice);

– Our Company’s legitimate interests, unless your interests prevail;

– Establishing and enforcing a contract with you;

– Our Company is subject to legal obligations arising from statutory provisions. To the extent and under the conditions provided for by the applicable law, one or more of the above legal bases may apply to the processing of the same of your personal data. Your personal data may be processed for one or more purposes. Below is a list of key objectives:

– For the purpose of selling goods or services to you, or for the purpose of obtaining goods or services from you (or from your employer or principal);

– To keep you informed about our activities, services, products, etc;

– Where appropriate, we may process your personal data to protect our legitimate interests in the event of a legal or other dispute.

We are guided by the principles of personal data protection set out in the GDPR, including the principle of data minimisation, and we aim to minimise the amount of Personal Data we process when processing your data. The most common types of Personal Data we process are: – Personal Data that is necessary for the conclusion and performance of the relevant contract with you, for the fulfilment of orders or other contractual obligations. In this case, we usually process your personal name, surname, date of birth (in exceptional cases your personal identification number), address, telephone number, email address, bank account number. In certain cases, depending on the content of the contractual relationship, data relating to your economic – commercial activity and its characteristics may be processed. You provide us with your data by email, in writing on the relevant order and/or enquiry forms, by telephone, etc. In certain cases, your personal data may be processed in the course of the performance of a contract or an order, in order to maintain communication, to respond promptly and to provide a service, or to sell or purchase goods – Personal data that is necessary for the purpose of establishing your identity. Your identity may need to be established when entering into or executing a contract, when accepting goods or orders from the company concerned, or when handing over the relevant equipment. In some cases, we collect data from employees and representatives of our partners, customers or other third parties to ensure that we are working with an authorised person. Below is information that summarises the main types of personal data we process about you, the grounds on which we process it and the purposes for which we process such personal data:

We will process your request, letter or other enquiry and the data submitted in relation to it and the data relating to it until we have dealt with your enquiry, provided a response and fulfilled the relevant requests, and for a further period of 1 year after the fulfilment of the relevant request. If there is a legal or other dispute between you and us, or if there is a likelihood of such a dispute arising in the future, we will retain your data for a longer period of time, i.e. until the expiration of the statute of limitations for filing the relevant complaint, lawsuit, or claim, and/or until a final and unappealable judgement has been entered. After the expiry of the processing and retention period set out in this Policy, we will destroy or reliably and irretrievably depersonalize your data as soon as possible within a reasonable and prudent period of time for such action. Below is a summary of the terms used for the processing of Personal Data:

We receive almost all of your personal data directly from you. Where applicable, you also provide us with personal data at the time of purchasing goods or placing an order. As stated above, you also provide us with certain personal data in the course of communicating with us, i.e. by submitting requests, complaints or other enquiries by email, post or telephone.

Where appropriate, we may receive your data from our partners, suppliers (e.g. Your employer or the legal entity you represent), public administration bodies, tax administrations, public registers (the Real Estate Register, the Register of Legal Entities, etc.), third parties managing joint debtor files (e.g. UAB “Creditinfo Lietuva”, UAB “Scorify”, COFACE, etc.). We would inform you of the receipt of such personal data in the manner required by Applicable Law.

The Company is committed to a duty of confidentiality in relation to the Personal Data of its customers. Personal data may be disclosed to other parties if this is necessary for the conclusion of a contract or for the performance of a contract with a client or for other legitimate reasons. The information may also be provided to other parties at your request or in connection with your contractual obligations to other parties such as banks, other financial institutions or partners.

We may provide your data to sub-processors who provide services to us (perform work) and process your data on behalf of our Company as the Data Controller. The sub-processors have the right to process Personal Data only on our instructions and only to the extent necessary for the proper performance of their contractual obligations. When we use sub-processors, we take all necessary measures to ensure that our sub-processors also implement appropriate organisational and technical security measures and maintain the confidentiality of Personal Data. We enter into personal data processing agreements with the relevant data processors, which define the requirements for processing personal data. Here is a sample (non-exhaustive) list of categories of processors:

– Tax authorities;

– Banks and other financial institutions that facilitate settlement of transactions;

– Partners who are related to the services or goods provided to you, ensuring that only the necessary data is transferred to such entities;

– Entities that organise exhibitions, events or competitions, if you participate or may participate;

– IT infrastructure maintenance and security companies that ensure the functionality and protection of the information systems used;

– To other parties where required to do so by law or as necessary to protect our legitimate interests.

In certain cases, in order to provide you with services or to sell you goods, or to ensure the warranty or technical support of goods purchased by you, your relevant data may be provided to third parties that ensure an adequate level of data protection as set out in the Applicable Laws. When transferring data to third countries, we ensure that one or more of the following security measures are in place:

– A data processing contract or a service contract shall be concluded with the third-country economic operator (data recipient) concerned, incorporating the standard contractual clauses approved by the European Commission;

– The entity is located in a country recognised by the European Commission as having an adequate level of protection for personal data;

The applicable legislation, including the GDPR, gives you a wide range of options that you can use at any time. The following is a list of your rights as a data subject: – The right to access your personal data processed by us You have the right to obtain our confirmation as to whether or not we are processing your personal data and, if we are processing your data, the right to access the personal data we are processing about you and the information about the purposes of the processing, the categories of data processed, the categories of recipients of the data, the duration of the processing, the source of the processing, and the significance of the data processing and its consequences for you. – Right to rectification of personal data If you believe that we are processing inaccurate, incomplete or incorrect personal data, you have the right to request that we amend, clarify or rectify such information. – Right to withdraw consent to processing If we process certain of your personal data on the basis of your consent, you have the right to withdraw your consent at any time, on the basis of which we will cease further processing of the data processed on the basis of your consent. We stress that in some cases, this may mean that you will no longer receive communications from us with offers to participate in events, exhibitions, etc. – Right to lodge a complaint If you believe that we are processing your data unlawfully in violation of the requirements of the Applicable Laws, we encourage you to contact us directly, setting out your complaints, so that we can find a common compromise and a way of resolving any dispute. However, if you are not satisfied with our efforts to resolve the situation amicably and as quickly as possible, you have the right to lodge a complaint with the State Inspectorate for the Protection of Personal Data – Right to object to processing where processing is based on a legitimate interest Applicable law provides that you have the right to object to the processing of your personal data where the personal data in question are processed on the basis of a legitimate interest. In some cases, depending on the nature of the services we provide, this may mean that our services to you may be limited or not available at all. To exercise this right, please submit a written request to us using the contact details set out in this Policy – Right to erasure (right to be forgotten) You have the right to request that we erase your data. This right can be exercised if:

• We no longer need the personal data we hold about you in order to achieve our objectives;
• We have processed your personal data on the basis of your consent and you have withdrawn it;
• We determine that your interests override our legitimate interests (processing on the basis of legitimate interest);
• Your personal data processed by us has been unlawfully obtained. To exercise this right, please submit a written request to us using the contact details provided in this Policy.

– Right to restrict data processing You have the right to request us to restrict the processing of your personal data in the circumstances set out in the Applicable Laws (where the processing of your personal data is unlawful, where you as a data subject contest the accuracy of the data, where you object to processing of your personal data on the basis of the legitimate interest of our Company etc.). To exercise this right, please submit a written request to us using the contact details set out in this Policy.- Right to data portability You have the right to request that we transfer your personal data that we process using automated means to another controller. Subject to technical feasibility, we will transfer the data you request to be transferred to another entity in a format that is normally readable by a computer. Where technically feasible and if it does not cause us disproportionate time or financial costs, we will transmit the relevant data, together with the necessary metadata, directly to the data controller indicated by you. To exercise this right, please submit a written request to us using the contact details provided in this Policy.

Taking into account that our Company seeks to protect your interests as a data subject and the protection of your personal data, the Company has implemented appropriate organisational and technical security measures for the processing of your personal data, which help to protect your personal data against accidental or unlawful destruction, alteration, disclosure, as well as against any other unauthorised processing. The Company’s security and confidentiality of personal data includes, but is not limited to, the protection of personnel, IT infrastructure, internal networks, as well as office buildings and technical facilities. In any case, before using your personal computer equipment, we recommend that you make sure that the internet connection you are using, as well as your computer equipment, is protected by certified anti-malware software, and that firewalls and other security measures are activated on your computer equipment.

If you would like to learn more about the personal data protection measures applied by the Company, if you have any complaints, or if you would like to exercise your rights as a data subject, please contact us by phone +370 37 490490, by e-mail bdar@agrokoncernas.lt, or by writing to the following address: Vėrupės g.1, Babtai, Kaunas district.

There are currently no new changes.