GENERAL PROVISIONS

1.1. UAB ,,ThinkBig LT” (hereinafter referred to as the “Company”), company code 304956632, e-mail: E-mail administration@think-big.lt (to contact, do not use spaces in the e-mail name), tel. No .: +370 641 75893, respecting the right to privacy of visitors to the website https://think-big.lt (the “Site”) (the “Visitor (s)”), undertakes to ensure the protection of their personal data and their, as data subjects.

1.2. This Data Protection Policy regulates the principles and procedure of processing the personal data of the Company’s Visitors when using the services of the Company’s Website, thereby providing the Company with its personal data. Visitors agree to the provisions of this Data Protection Policy, except for data processing activities that will require the separate consent of the Visitor and will be requested by the Company when required.

1.3. Visitors can access the Privacy Policy of the Website by clicking on “Privacy Policy” in the cookie pop-up bar or in the menu of the Website. By violating the Privacy Policy and / or disagreeing with the privacy and / or processing of Personal Data on the Website, or simply not being familiar with the Website Privacy Policy, the Visitor may no longer use the Website and claims related to the privacy and / or processing of Personal Data on the Website. 

1.4. Visitors to the Website may disagree with the cookies used on the Website by clicking the appropriate button in the cookie bar that appears and learn more about cookies and their management in the Privacy Policy. 

1.5. When concluding an agreement with the Customer or providing services not with the help of this Website, the Company has the right to establish additional purposes and conditions of personal data processing, which are not disclosed in this Data Protection Policy. To find out more about the processing of personal data in the Company, please inquire 1.1. the contacts referred to in point. 

1.6. When processing the personal data of the Visitors, the Company complies with the 2016 April 27 Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (hereinafter “the Regulation”) – “ADTAĮ”) provisions of the Law on Electronic Communications (ERĮ) of the Republic of Lithuania and other legal acts regulating the protection of personal data.

1.7. The Company may, in its sole discretion, change these Terms of Data Protection Policy by posting relevant information on the Website. 2. DEFINITIONS USED IN THE PRIVACY POLICY 2.1. Personal data means any information relating to an identified or identifiable natural person (data subject); “identifiable natural person” means a person who can be identified, directly or indirectly, in particular by means of an identifier such as name, personal identification number, location and internet identifier or one or more physical identifiers of that natural person, characteristics of physiological, genetic, mental, economic, cultural or social identity.

2.2. Data subject – a natural person – a customer of the Company, a visitor of the Website, etc., whose personal data is collected by the Company.

2.3. “Data subject’s consent” shall mean any freely given specific and unambiguous expression of the will of the duly informed data subject, either in a statement or in an unambiguous manner, in which he or she consents to the processing of personal data concerning him or her.

2.4. “Processing of data” means any operation or sequence of operations carried out by automated or non-automated means on personal data or sets of personal data, such as collection, recording, sorting, systematisation, storage, adaptation or modification, retrieval, access, use, disclosure by transfer, distribution or otherwise making them available, as well as collating or merging them with other data, restricting, deleting or destroying them.

2.5. Restriction on data processing – marking of stored personal data in order to restrict their processing in the future.

2.6. “Controller” means a natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of data.

2.7. “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. Company employees are not considered data processors.

2.8. A cookie is a small piece of textual information that is automatically generated while browsing the Website and stored on a visitor’s computer or other device.

2.9. Direct marketing is the activity of offering goods and services to individuals and / or seeking their opinion on the goods or services offered by post, telephone or other means.

3. WHAT PERSONAL DATA IS COLLECTED ON THE SITE?

3.1. The Company collects and further processes the following personal data of the Visitors, which the Visitors themselves provide when visiting or inquiring about the Website: name, e-mail address and information the content of which the Company cannot predict and determine and which the Visitor provides in a letter or notification form on its own initiative.

3.2. The Company collects and continues to process automatically collected personal data with the help of analytical cookies (only those that do not object to the use of these cookies) and which are provided indirectly by Visitors when visiting the Website. These are data that are automatically collected from the computers and / or mobile devices used by the Visitors when connecting to the Website: IP addresses and times of connections, the browser used by the user and its version, websites visited by Visitors before accessing the Company’s Website, etc. The data collected with the help of cookies is stored on the servers of the cookie manager (Google Analytics) and the Company is not responsible for the terms of their storage. These data may be stored for up to 20 (twenty) years or more, if there are other legal bases for such storage period.

3.3. You will find more about the personal data that Visitors indirectly provide when visiting the Website in Sections 9, 10 and 11 of this Privacy Policy.

4. FOR WHAT PURPOSES AND GROUNDS IS PERSONAL DATA COLLECTED AND PROCESSED?

4.1. The Company processes the personal data of the Visitor with a legal basis and / or a reasonable and legitimate interest that does not violate the interests, rights and freedoms of the Visitor.

4.2. The Company processes personal data for the following data processing purposes:

4.2.1. For site administration purposes;

4.2.2. for the purposes of the protection and defense of violated rights and legitimate interests, evidence and the settlement of legal disputes;

4.2.3. for the purpose of communication including correspondence with the Website Visitor;

4.2.4. for the purposes of ensuring the rights of rapporteurs in accordance with the Law on the Protection of Rapporteurs of the Republic of Lithuania.

4.3. Personal data is processed on the basis of BDAR (EU) 2016/679: 4.3.1. 6 p. 1 d. point b, i.e. the processing is necessary for the performance of a contract to which the data subject is party or in order to act at the request of the data subject prior to the conclusion of the contract;

4.3.2. 6 p. 1 d. point c, i.e. the processing is necessary for compliance with a legal obligation to which the controller is subject;

4.3.3. 6 p. 1 d. point f, i.e. the processing is necessary for the legitimate interests of the controller or of a third party, unless such interests or fundamental rights and freedoms of the data subject as are necessary to ensure the protection of personal data take precedence, in particular where the data subject is a child.

4.4. By using the services provided by the Website, the Visitor assumes full responsibility for the correctness and accuracy of the provided data.

4.5. If the Visitor does not provide the personal data required for concluding the contract, performing it, providing the services of the Website, etc. or provide incorrect data, the Company will not be able to enter into an agreement with the Visitor and / or fulfill its terms, or will no longer be able to provide the Visitor with the services provided on the Website or general services or simply properly inform the Visitor.

4.6. In the event of a change in your personal data or other related information specified on the Website, the Visitor undertakes to change and / or supplement the personal data or other related information provided by him / her within 10 (ten) working days.

4.7. In individual cases, the Website Administrator has the right to request clarification and / or supplementation of the Visitor’s personal data or other related information, if it is necessary for the provision of the Website services, the Company’s obligations or the performance of the contract.

4.8. If the Company wishes to use the Visitor’s data for other purposes for which it has no contractual or other legal basis, the Company will request the Visitor’s consent. With the consent of the Visitor (which the Visitor may revoke at any time), the Company will only use the data for a specific purpose, such as as specified in the Direct Marketing section.

5. HOW IS THE PERSONAL DATA OF VISITORS PROCESSED?

5.1. The Company ensures that the personal data of the Visitors will be:

5.1.1. processed in a lawful, fair and transparent manner;5.1.2. collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes; 5.1.3. adequate, relevant and not excessive in relation to the purposes for which they are processed; 5.1.4. accurate and, where necessary, kept up to date; 5.1.5. processed in such a way as to ensure adequate security of personal data through appropriate technical and organizational measures, including protection against unauthorized or unlawful processing of the Data and against unintentional loss, destruction or damage.

6. WHO IS THE PERSONAL DATA OF VISITORS PROVIDED FOR?

6.1. Access to the Visitor’s personal data by the Company’s employees and authorized persons is granted only for the performance of official functions in accordance with the Employee’s duties and role in the Company.

6.2. The Company may transfer the Visitor’s personal data to the state, law enforcement authorities, etc. when providing services or fulfilling the requirements of the legal acts of the Republic of Lithuania, its obligations and responsibilities, for the purposes of internal administration or on the basis of the Company’s justified interest and / or legal basis. legal entities, as well as third parties such as law firms, if it is necessary to protect the rights of the Company or simply to fulfill the obligations imposed on the Company by law. 6.3. In order to ensure the services provided on the Website, the personal data of the Visitors are processed by the following Data Processor:

6.3.1. UAB Interneto vizija, which provides server maintenance services for the hosting and e-mail of this website.

6.4. The Company uses only those Data Processors who ensure that the appropriate technical and organizational measures are implemented in such a way that the Data Processing complies with the requirements of the Regulation and the protection of the rights of Visitors as data subjects is ensured.

6.5. The Company notes that the above-mentioned Data Processor has the right to process the personal data of the Visitors only in accordance with the Company’s instructions. QUESTIONS AND CONTACT INFORMATION If you wish to correct or delete your stored personal information, simply contact us at administration@think-big.lt