PRIVACY POLITICS
1. General concepts
1.1. The manager of data / Manager is Joint Stock Company “Atomis”, company number 300091017, address at Taikos pr 127 C, 50472 Kaunas, the Republic of Lithuania, e-mail address info@atomis.lt., the information regarding it is collected and stored in the Register of Legal Entities of the Republic of Lithuania.
1.2. The data subject is a natural entity, whose personal data is managed by the Manager.
1.3. Personal data means any information related to the natural entity - the subject of data, whose identity is known or can be directly and indirectly determined by using such data as personal identification number, one or several features of the physical, psychological, economic, cultural or social nature.
1.4. Management of personal data means any action performed with personal information: collection, recording, storing, classification, grouping, connecting, changing (supplement or correction), provision, publication, logical and / or arithmetical operations, search, dissemination, deletion or other action or a set of actions.
1.5. Automatic manner means the actions of the management of the data, completely or partly performed by automatic measures.
1.6. Employee means a person, who has concluded a labour or similar kind of contract and has been appointed for the management the personal data to the decision by the Manager of the Company, or whose personal information is to be managed.
1.7. Privacy policy is this policy approved to the order by the Director of the Manager.
2. General provisions
2.1. This Privacy policy regulates the principles and order of the management of Personal data performed by the Manager, the actions of the Manager and Employees during the management of the Personal data by using automatic measures of the management of the Personal data, the rights of the data subjects, the factors of the risk of infringement of the protection of the Personal data, the measures of implementation of the protection of the Personal data and other issues related with the management of the Personal data.
2.2. The Personal data must be correct, appropriate and of the scope which is necessary for their collection and further management. If there is a need for the management of the personal data, the personal data is constantly updated.
2.3. The purposes of the management of the Personal data are the conclusion of the agreement of the sale and purchase in the electronic store and direct marketing. The Personal data is to be managed in accordance with the principles of legality, honesty and precision.
2.4. The Manager is here to manage the following Personal data of the data subjects to the purpose of trade:
(a) Name;
(b) Surname;
(c) Address of the delivery of the goods;
(d) E-mail address:
(e) Telephone number;
(f) IP address;
(g) VAT number;
(h) Skype name.
and in the purpose of direct marketing:
(a) E-mail address:
2.5. There is a law of the legal protection of the personal data of the Republic of Lithuania to be followed, other laws and regulations, which regulate the management and protection of the data (including the General requirements for the organisational and technical data protection measures approved to the order No. 1T-71 (1.12) made on 12 November 2008 by the Director of the State data protection inspectorate), as well as this Privacy policy.
2.6 The employees may provide the personal data of the data subject to the companies which provide the courier services, to the extent which is related with the delivery to the address indicated by the customer. The Personal data are to be provided in accordance with the data provision contract concluded by the data Manager and data receiver (in case of multi provision) or the application prepared by the receiver of the data (in case of single provision). The contract includes the purpose of the usage of the Personal data, the legal basis of the provision and reception, conditions, order and the scope of the provided personal data. The application includes the purpose of the usage of the Personal data, the legal basis of the provision and reception and the scope of the personal data to be requested for the provision.
3. Management of the Personal data
3.1. The Personal data is to be managed by the automatic method using the measures of the management of the personal data installed by the Manager.
3.2. The management of the Personal data is allowed only for those Employees of the Manager, which are necessary rot he execution of the working functions. The employee of the Manager (duties) and the employees (duties) have a right to use Personal data only to the purposes of the management of the personal data provided in the Privacy policy.
3.3. Each Employee, which is appointed to for the management of the Personal data, must preserve the secret of the Personal data and follow the requirements of the protection of personal data.
3.4. The employee must: (a) preserve the secret of Personal data, (b) manage Personal data in accordance with the legislation of the Republic of Lithuania, other laws and these Rules; (c) do not disclose, transfer and allow any of the measures to get acquainted with Personal data not for any person, who is not authorised to manage Personal data; (d) immediately inform the Manager or his appointer person about any suspected situation, which could endanger the safety of the Personal data.
3.5. The personal data of the data subject collected to the purposes of the direct marketing are stored in the database. The personal data in the database is a subject to correction when: (a) at the time of the ordering of the goods or services upon the correction of the Personal data, there are inconsistencies to be determined (for instance, upon the change of the address, name, etc.); (b) the person himself (herself) contacted the Manager and informed about the changed and incorrectly recorded Personal data.
3.6. The protection of the Personal data is organised, ensured and performed by the Manager or his (her) appointed Employee.
3.7. The Employee gives up the right to manage Personal data upon the ending of the Employee labour or similar kind of contract with the Manager, or when the Manager withdraws the appointment of the Employee for the management of the Personal data.
3.8. Personal data may be transferred to the third parties only in cases and order foreseen in the legislation of the Republic of Lithuania.
4. Implementation of the rights of the data subject
4.1. The Manager, upon the receiving of the inquiry of the Data subject due to management of the Personal Data, responds, whether the Personal data which is related to him (her) are managed, and provides the requested data to the Data subject not later than in 30 calendar days from the date of inquiry of the Data subject. Upon the request of the Data subject, such documents in a written form to the indicated address or e-mail address. Once in a year Data subject has a right to receive all information about data for free.
4.2. The opportunity to correct, shred own Personal data or stop the actions of management of the own Personal data to the Data subject is offered upon the submission of the written application to the Manager personally, my mail, fax or means of electronic equipment. The Manager, upon receiving such an application, checks Personal data and not later than within 5 calendar days corrects incorrect, false Personal data to the request of the Data subject or stops the actions of management of the personal data.
4.3. The Manager not later than within 5 calendar days informs Data subject about the performed or unperformed correction, shredding of the personal data or the termination of the actions of the management of the personal data by his (her) request.
4.4. Data subject has a right to disagree with no indication of any motives for the Manager to manage his personal data for the provision of the services and to the purposes of the direct marketing. Data subject expresses to the disagreement for the management of his (her) personal data to the purposes of the direct marketing at the time of the direct contact with the Employee or in a written form personally, by mail, fax or means of e electronic equipment.
4.5. The Manager ensures all the other rights of personal data subjects guaranteed by the legislation and other legislative acts of the Republic of Lithuania, as well as the guarantees and interests
5. Infringement of the protection of personal data
5.1. The infringement of the protection of the personal data include the actions and the inaction which may cause or cause the unwanted consequences, as well as are in contradiction of the imperative norms, which regulate the protection of the personal data.
5.2. There are the following risk factors of the infringement of the protection of Personal data: (a) unintentionally, when the protection of the Personal data is infringed due to the accidental reasons (the errors of the management of the personal data, the erasure of the data entries, etc., or the failures of the system due to the termination of the power supply, computer virus, etc., infringement of the internal rules, the shortage of the maintenance of the system, improper maintenance of the data files and other); (b) intentional, when the protection of the Personal data is infringed consciously (illegal break in into the premises, the storages of the data files, information systems, computer network, intentional infringement of the determined regulations in the management of the infringements of the personal data, conscious dissemination of the computer virus, the theft of the personal data, illegal usage of the rights of the other Employee and etc.); (c) imminent accidental events (lightning strike, fire, flood, storms, burning of the electrical installation, the impact of the change of temperature and (or) humidity, mud, dust and magnetic fields, accidental technical disasters, other force Majeure factors and etc.). The Manager and Employees, while performing the activity, constantly consider the existent risk factors and do their best to maximally reduce them or avoid.
6. Measures of implementation of the protection of Personal data
6.1. In order to ensure the protection of the Personal data, the Manager implements / foresees the implementation of the following measures of Personal protection: (a) administrative (safe acquaintance of the personnel with the safe management of the documents and computer data and other); (b) protection of technical and software equipment (the administration of the information systems and data bases, maintenance of the work places, and the premises of the Manager, protection of the operative systems, protection against computer viruses and other); (c) protection of communications and computer networks.
6.2. The access to the Personal data is granted only to those Employees, who need it for the implementation of their working functions. The concrete Employees may perform such actions with the Personal data, which are permitted in accordance with their duties and performed work functions.
6.3. There are unique passwords provided for his access to the data base, which confidentiality is ensured. The passwords must be periodically changed, and only in case of the certain circumstances (for instance, upon the change of the Employee, the risk of a break in, and the doubt whether the password became known to the third persons, etc.) The employee, working by the concrete computer, may know his own password only.
6.4. The database contains the performed actions with Personal data (the input and shredding of the Personal data). The database may be accessed only from the concrete computers, which are identified to the external IP addresses.
6.5. There is the safety of the premises which preserve the Personal data, guaranteed.
6.6. The Employee which is responsible for the maintenance of the computers must ensure that the files of the personal data located in one computer cannot be seen from the other computers; there are periodically updated anti-virus programs used in the computerised work places.
6.7. The testing of the information systems is never performed with actual Personal data.
6.8. The server, which contains the data of the database, is located in the other premise than the premises of the office of the Manager, i.e., even though the access to the database is gained through the computers located at the office of the Manager, the data is not preserved in the computers of the office of the Manager. The backups of the data are made from the database periodically and are saved in separate digital files (in other premise than the office of the Manager, ensuring the opportunity of the recovery of the backup in case of the loss.
7. Cookies
7.1 The websites of the Manager http://codecard.eu; http://www.tuning-data.com/, http://www.radio-code.lt, http://obdworm.com. There are cookies to be used. Cookies are small files, which are to be sent to the web browser of the data subject or other equipment which is used for the access to the website and saved in the equipment of the data subject. Currently, the Manager uses PHPSESSID and Goggle Analytics cookies.
7.2 Cookies are used for the collection of the statistic information about the attendance of the website and the identification of the data subject of the equipment and ease the access of the Data subject to this website and the information contained herein and ensures the fluent performance of the website Cookies are not used for the collection of the Personal data.
7.3 The Manager uses the cookies only upon having a preliminary and voluntary consent from the data subject. The data subject gives the approval for the cookies by the manner indicated in the website.
7.4 Data subject may withdraw his (her) provided consent at any time and erase the cookies. Data subject may withdraw his (her) consent by changing the parameters of his (her) equipment, so it will not accept cookies, or by informing the Manager about it by e-mail at info@atomis.lt. In case if the data subject cancels the consent for the usage of the cookies, the functionality of the website can deteriorate and it may work improperly.
8. Term of the management of the Personal data
8.1. The Manager manages the collected Personal data to the purpose of the provision of the services for 3 (three) years, the term is started to be counted from moment of the provision of the Personal data by the data subject, except the cases when the longer preservation of the current data is mandatory in accordance with the legislation of the Republic of Lithuania.
8.2 The Manager manages the collected Personal data to the purpose of the direct marketing for 2 (two) years, the term is started to be counted from the provision of the consent from the data subject (the order foreseen in the point 4.4) to manage the personal data to the purpose of the direct marketing, except the cases, when the longer preservation of the current data is mandatory in accordance with the legislation valid in the Republic of Lithuania.
8.3. When the Personal data are not necessary for their management purposes, they are to be disposed of, except those which must be transferred to the state archives in cased determined by the law.
9. Liability
9.1. The employees who infringe the management of the Personal data foreseen in the law of legal protection of the personal data and other legislation or this Privacy policy, are subject to the measures of liability foreseen in the law of the Republic of Lithuania.
10. Final provisions
10.1. The order of the following of the Privacy policy and, in case of the necessity, maintenance, is to be attributed to the Manager or his authorised person. The privacy policy is to be reviewed, and in case of the necessity, is to be updated not rarer than once per calendar year.
10.2. The responsible employees are to be acquainted with the Privacy policy in signing.