Privacy Policy

1. General provisions

1.1. This Privacy Policy governs how UAB “Ener-G Design” (hereinafter – the Data Controller) processes, collects, uses, discloses, and protects your personal data when visiting the website www.energdesign.lt (hereinafter – the Website).
1.2. The Data Controller is responsible for the collection, use, and disclosure of your personal data and ensures its protection in accordance with the General Data Protection Regulation (2016/679) (hereinafter – “GDPR”) and other European Union and Lithuanian national data protection laws.
1.3. Information about the Data Controller:
Data Controller details:
UAB “Ener-G Design”
Company code: 305987794
VAT number: LT100014708918
Registered office: 67 Islandijos Ave, Kaunas
Email: info@energdesign.lt

2. Privacy policy definitions

2.1. Personal data – any information relating to a natural person whose identity is established or can be established (data subject); a natural person whose identity can be determined is an individual whose identity can be directly or indirectly established, primarily by an identifier such as name and surname, personal identification number, location data, and online identifier, or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that individual.
2.2. Processing of data – any operation or set of operations performed on personal data or sets of personal data, whether by automated or non-automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination with other data, restriction, erasure, or destruction.
2.3. Data controller – a natural or legal person, public authority, agency, or other body that alone or jointly with others determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the data controller or the specific criteria for its designation may be provided by Union or Member State law.
2.4. Data processor – a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the data controller.
2.5. Consent of the data subject – any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by statement or by a clear affirmative action, signifying agreement to the processing of personal data relating to them.
2.6. Cookie – a small piece of textual information automatically created while browsing the Website and stored on your computer or other terminal device.
2.7. Direct marketing – any activity aimed at offering goods or services to individuals or requesting their opinion on offered goods or services by mail, telephone, or other direct means.

3. Collection and Use of Personal Data

3.1. The Data Controller collects information you voluntarily provide through the Website’s contact form (name, surname, email, phone number).
3.2. Information about your experience on the Website is obtained using cookies implemented on the Website. This information collection helps tailor the Website for more convenient use, increase the visibility and dissemination of content on the Website, and monitor the effectiveness of advertising (if used).
3.3. When visiting the Website, you will receive a notice about the cookies used. You may consent to the use of cookies or decline. If you do not consent, your personal data will not be used for marketing purposes. However, cookies that are necessary to ensure the proper functioning of the Website will still be used regardless of your consent.
3.4. The collected information is used by the Data Controller for direct marketing purposes – sending newsletters, notifications about promotions or special offers, and conducting market analysis. Additionally, as mentioned above, the collected information is used to improve the user experience on the Website, i.e., to ensure convenient use of the Website.

4. Data Subject Rights

4.1. The data subject has the right to obtain from the Data Controller confirmation as to whether personal data concerning them are being processed, and if such data are being processed, the right to access those personal data.
4.2. The data subject has the right to request that the Data Controller promptly rectify any inaccurate personal data concerning them. Depending on the purposes of the processing, the data subject has the right to request that incomplete personal data be completed, including by providing an additional statement.
4.3. The data subject has the right to request that the Data Controller promptly erase personal data concerning them, and the Data Controller is obliged to erase such personal data without undue delay if justified by certain legal grounds.
4.4. The data subject has the right to request that the Data Controller restrict the processing of personal data in specific cases provided by law.
4.5. The data subject has the right to receive the personal data they have provided to the Data Controller in a structured, commonly used, and machine-readable format, and the right to transmit those data to another Data Controller. The Data Controller to whom the personal data have been provided must not hinder this process.
4.6. When personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of their personal data for such marketing purposes, including profiling to the extent that it is related to such direct marketing.
4.7. The data subject has the right to lodge a complaint with a supervisory authority.

5. Data Security

5.1. The Data Controller has implemented various technical and physical measures to protect personal data from loss, unauthorized use, or any alteration. However, although the Data Controller takes all necessary steps to safeguard your personal data, it cannot guarantee complete protection, as browsing the Internet is not entirely secure.
5.2. Your personal data are retained by the Data Controller for 5 years. This period begins from the date of your last use of the Data Controller’s service or content.
5.3. The Data Controller undertakes not to disclose personal data to third parties. However, personal data may be disclosed in certain cases: to a Data Processor providing services to the Data Controller and processing data on behalf of the Data Controller, to law enforcement authorities in accordance with the laws of the Republic of Lithuania, or to other third parties with your consent.

6. Final Provisions

6.1. If you have any questions, requests, or observations regarding the modification, processing, use, or storage of personal data, please contact the Data Controller by email at info@energdesign.lt.
6.2. Upon receiving your request, the Data Controller will provide a response within 30 calendar days.
6.3. If you believe that your personal data have been improperly processed or protected, you have the right to file a complaint with the State Data Protection Inspectorate.