Privacy policy

WEBSITE http://www.auksakaliugildija.lt PRIVACY POLICY

General information

VšĮ Auksakalių gildija (hereinafter referred to as “we” or the “Data Controller”) is the operator of this https://menonisa.lt/ website (the “Site”). This Privacy Policy (the “Privacy Policy”) determines and explains how we collect and process the personal data of Site’s visitors. The Privacy Policy also provides information on the processing of data of all other data subjects in the course of our activities.

The Privacy Policy applies to anyone who visits the Site and the terms and conditions set forth herein apply each time you access the content and/or service we provide, regardless of the device (computer, mobile phone, tablet, etc.) you use. You may browse this Site without providing your personal data, but if you provide them, we will ask you to confirm that you have read and understood this Privacy Policy.

We process data for all data subjects in a lawful, transparent and fair manner, for pre-defined purposes and only to the extent necessary to achieve them. We comply with the General Data Protection Regulation 2016/679 (GDPR), the Law of the Republic of Lithuania on the Legal Protection of Personal Data and the requirements for the processing of personal data specified in other legislation, as well as recommendations and/or instructions of supervisory authorities.

Persons under the age of 14 cannot provide any personal data. If you are a person under 14, you must obtain the consent of your legal representatives (parents, adoptive parents, guardians, carers) before submitting your personal information.

The terms used in the Privacy Policy are understood as defined in the GDPR.

Click “Learn more” in each section to find details about how we process your personal data and the specifics of our activities.

Data Controller particulars:

VšĮ Auksakalių gildija

Legal entity’s code: 126055987

Registered office: J. Basanavičiaus str. 1/13, LT-01118 Vilnius

Phone: 8 (5) 2313811

E-mail: info@menonisa.lt

How do we collect information about you?

Your personal data, i.e. any information about you that allows us to identify you is received in various ways:

  • You may provide information (personal data) yourself;
  • Information about you can be collected automatically;
  • In some cases, we receive information about you from third parties and we may also collect information about you from publicly available sources.

Learn more…

You can provide us with your personal data directly. This usually happens when:

– You enter into a contract/agreement with us (for purchase and sales, provision of services, etc.);

– Provide us charity, donations, gifts or support us otherwise;

– You use our services;

– You register and/or participate in our exhibitions, auctions, fairs, programmes, seminars, conferences, symposia, lectures, creative camps or other events/projects organised by us;

– You subscribe to our newsletters;

– You submit an inquiry, request and/or claim to us by phone, email or regular mail.

Information about you can be collected automatically. This usually happens when:

– You submit inquiries or make posts on our websites or social networking accounts (such as Facebook, Instagram);

– You use websites operated by us (data collected using cookies and similar technologies. For more information on our use of cookies, see below).

To the extent permitted by applicable laws, we may receive information about you from third parties. This may include information provided by our partners, contractors, service providers, your publicly accessible profiles or databases.

We may link information about you received directly from you or from public and commercial sources to other information we receive from you or about you.

We may also collect information about you in other cases that are not covered by the Privacy Policy, but if we do so, we will inform you in addition to this effect.

What information (personal data) about you do we process?

While we try to collect as little information about you as possible, we collect the following information for our activities:

  • your contact details;
  • information necessary for the conclusion, performance and administration of transactions, contracts and any other agreements;
  • information about your achievements, works, professional or other public activities important in terms of art, education and culture;
  • your image captured in photos;
  • information you provide when calling us, writing to us, submitting inquiries or completing registration forms;
  • information contained in your payment orders to us;
  • information required to protect the interests of our institution in courts or other institutions;
  • information about the device you use;
  • information required for direct marketing.

Learn more

Information that we obtain directly from you usually includes:

– name, surname, personal identification number, gender and other personal data contained in identity documents (passport or identity card), residence address, telephone number, e-mail address, bank account number, workplace/professional activity/business, position, education; also other information that may be necessary for the purchase of goods and/or provision of services.

Information that we collect automatically usually includes:

– information about how you use this Site and/or other our sites (device information: IP address, operating system version, and settings of the device you use to access the content; login information: time and duration of your session and any information stored in cookies that we have set on your device (cookie policy below); location information: your device’s GPS signal or information about nearby WiFi access points and cell towers that may be transmitted to us when you use the content of our Site).

Information that we receive from third parties or publicly available sources usually includes:

– name, surname, workplace/professional activity/business, education, data on achievements important in terms of art, education and culture, place of residence, image captured in photos.

You can choose not to provide us with certain types of information, but then we may not be able to provide you with our service (for example, we will not be able to answer you unless you provide us with the information necessary to respond to your query).

Important: The staff of Auksakalių gildija shall not ask, whether in writing, by phone or by any other means, for your login information, bank card numbers, passwords or any other information that may cause you financial or any other damage.

For what purposes and on what grounds do we process your data?

The information above shall be processed for the following purposes:

  • conclusion, performance and administration of transactions, contracts and any other agreements;
  • exercise of ownership rights of our institution;
  • creation, maintenance and development of business, professional and/or other lawful relations;
  • organisation of our exhibitions, auctions, fairs, programmes, seminars, conferences, symposiums, lectures, creative camps or other events/projects;
  • promotion of prosperity of artistic crafts, as well as promotion of professional and folk art traditions;
  • implementation of our obligations in compliance with the applicable legislation;
  • internal administration and keeping of accounts of our institution;
  • establishment of the quality of internet services provided by our institution;
  • protection of interests of our institution in courts or other authorities;
  • direct marketing.

Please note that we are committed to communicating with our customers and providing them with information about our services. For this purpose, we conduct direct marketing by emailing messages and news about our services, events, exhibitions, conferences we organise, etc.

We have the right to send our customers advertising materials about our goods or services to the e-mail address submitted to us in the course of provision of our services or selling of goods, whereas our customers have the right to refuse, whether now or at any time later, to receive such direct marketing content sent by us by notifying us of their decision in any convenient way: by email to info@menonisa.lt, by post to J. Basanavičiaus str. 1/13, LT-01118 Vilnius, or by using the unsubscribe link in e-mail containing the advertising material. This refusal will have no effect on your personal data processed hitherto.

In all other cases, we will process your personal data for direct marketing purposes only after having obtained your explicit consent for data processing (e.g. by subscribing to our newsletters, etc.) This consent may be revoked at any time by notifying us in the manner above.

Your personal data are processed on the basis of one or more grounds for legitimate data processing:

  • compliance with legal requirements;
  • conclusion and performance of transactions, contracts or other similar agreements with you;
  • public interest (unless your private interests are overriding);
  • our legitimate interests (unless your private interest are overriding);
  • where appropriate, your consent.

Learn more…

Purposes, grounds and personal data processed by us are indicated in the Table below:

Purpose Legal ground(s) Personal data
Conclusion, performance and administration of transactions, contracts and any other agreements Conclusion or performance of contracts with you

Compliance with legal requirements

Legitimate interests of our institution

Name, surname, personal identification number, gender and other personal data contained in identity documents (passport or identity card), residence address, telephone number, e-mail address, bank account number, workplace / professional activity / business, position, education; also other information that may be necessary for the purchase of goods and/or provision of services
Exercise of ownership rights of our institution Compliance with legal requirements Any information relating to the activities of our institution, i.e. any of your personal data controlled by us
Creation, maintenance and development of business, professional and/or other lawful relations Compliance with legal requirements

Public interest

Legitimate interests of our institution

Name, surname, gender, telephone number, e-mail address or other contact details, workplace/professional activity/business, position
Organisation of our exhibitions, auctions, fairs, programmes, seminars, conferences, symposia, lectures, creative camps or other events/projects Compliance with legal requirements

Public interest

Legitimate interests of our institution

Name, surname, gender and other personal data contained in identity documents (passport or identity card), residence address, telephone number, e-mail address, bank account number, workplace / professional activity / business, position, education
Promotion of prosperity of artistic crafts, as well as promotion of professional and folk art traditions Public interest

Legitimate interests of our institution

Name, surname, gender, place of residence, workplace / professional activity / business, position, education, data on your achievements, creations or projects significant for art, education or culture, image captured in photos
Implementation of our obligations in compliance with the applicable legislation; Compliance with legal requirements Depending on the requirements provided in the applicable legislation, content of received requests from authorities or other objective circumstances
Internal administration and keeping of accounts of our institution Compliance with legal requirements

Legitimate interests of our institution

All of your personal data held by us and indicated in this Privacy Policy may be processed for this purpose
Establishment of the quality of internet services provided by our institution (in order to improve them and create new content) Legitimate interests of our institution IP address, operating system version, and settings of the device you use to access the content, time and duration of your session, any information stored in cookies that we have set on your device, your device’s GPS signal or information about nearby WiFi access points and cell towers that may be transmitted to us when you use the content of our site
Protection of interests of our institution in courts or other authorities

 

Compliance with legal requirements

Legitimate interests of our institution

Public interest

Depending on the action or claim brought, all of your personal data held by us and indicated in this Privacy Policy may be processed for this purpose
Direct marketing (only where we have obtained your consent or, respectively, have not received your objection) Consent

Legitimate interests

Name, surname, e-mail address, phone number, residence address, age

In cases where we cannot use any of the legitimate grounds provided in the Table above, we will ask your consent prior to starting processing your personal data (such cases will be determined by circumstances and context).

In cases where we will process your personal data for other purposes than indicated in this Privacy Policy, we will inform you thereof in a separate notice.

To whom do we disclose your personal data?

We may disclose your personal data without your consent only to the following entities:

  • to responsibly selected business partners or entities providing services on our request;
  • to the owner of our institution;
  • to law enforcement and state authorities;
  • to other entities when this is important for the public interest, required under law or necessary for protecting our legitimate interests.

Learn more…

The possibilities of recipients of your personal data (individual data controllers) to use your data are limited; they cannot use this information for purposes other than the performance of an agreement concluded with us. In order to receive their direct marketing offers, you will be asked to give your separate consent.

Also, we may disclose your data to data processors who provide services to us (perform works for us). Data processors have the right to process your personal data only on the basis of a written agreement concluded between us and them, in accordance with our instructions, and only to the extent necessary to duly fulfil obligations set out in the agreement. When engaging data processors, we take all necessary efforts to ensure that our data processors have implemented appropriate organisational and technical safeguards and keep your personal data in confidence.

The list of categories of data recipients is as follows:

banks; advertising agencies and companies providing marketing services; company maintaining the IT system of our institution and other software development, installation and support companies; companies providing communication services; security service; companies keeping accounts of our institution; companies providing postal services and courier services; companies providing legal services; companies providing archiving services; bloggers and representatives of various other media outlets; companies engaged in recreational entertainment and event organising and other activities intrinsically linked to the area of art, education and culture.

Where necessary to protect our legitimate interests or to comply with requirements binding to us, we may disclose information about you held by us to other parties, such as state authorities, pre-trial investigation officers, courts, etc.

For more detailed information about specific companies indicated in this section to whom your personal data may be disclosed to, please contact us using the contact details indicated in this Privacy Policy, in the privacy policies of other websites operated by us, or information notices submitted to you.

To which countries do we transfer your personal data?

Sometimes we may have to transfer your personal data to other countries, which may be applying lower level of protection of personal data. In such cases, we will take all possible efforts to ensure the protection of transferred personal data.

Learn more…

In extremely rare cases, we can send your personal data to countries outside the European Economic Area. In such cases, we will ensure that one of the following safeguards is in place:

  • the agreement signed with the data recipient is based on standard contractual clauses approved by the European Commission;
  • binding corporate rules are applied;
  • the data recipient is based in the country recognised by the European Commission as implementing adequate data protection standards;
  • codes of conduct and certification mechanisms are applied;
  • the permit of the State Data Protection Inspectorate is obtained.

In the absence of the aforementioned appropriate safeguards, derogations in Article 49 of the Regulation may be applied (e.g., transfer of your personal data based on your consent), but only in the cases strictly defined in the Regulation.

What do we do to keep your personal data secure?

We have implemented reasonable and appropriate technical and organisational safeguards to protect information that we collect for the purposes of providing content/services. However, keep in mind that though we are taking appropriate measures to protect your personal data, none of the websites, internet operations, computer systems or wireless connections are completely safe.

How long will we store your personal data?

We determine personal data storage periods pursuant to the requirements provided in laws and regulations, as well as instructions of supervisory and/or other competent authorities. Where such requirements or instructions are absent, we determine data storage periods in consideration of the public interest or our own legitimate interests. In such cases the maximum data storage period will be two years as of the moment of receipt thereof (unless, as mentioned, longer data storage periods are provided for under law).

Please note that, taking into account the extent of personal data we process and ongoing events, conferences, exhibitions or other projects, we will specify certain personal data storage periods for specific categories of data subjects in the relevant privacy policies of other websites operated by us or in information notices given to you when you receive the data.

At the end of data storage periods, your data will be erased in a manner preventing their restoration or anonymised in such a way that you can no longer be identified.

Learn more…

Personal data are usually stored for the following periods:

Personal data Storage period
Data related to the conclusion and performance of transactions, contracts and any other agreements 10 years after of the expiry/termination of the transaction, contract or agreement
Payment data 10 years after the date of payment operation
Data related to registration forms to exhibitions, auctions, fairs, programmes, seminars, conferences, symposia, lectures, creative camps or other events/projects organised by us Up to 2 years after the date of submission of the registration form
Data provided in queries, requests and/or claims submitted to us by phone, e-mail or regular mail Up to 1 year after the date of receipt of the query/request/claim or satisfaction thereof
Information about your achievements, creative works, professional or other public activities important in terms of arts, education and culture Data are regularly reviewed and stored as long as they are relevant for promoting art, education and culture. Data can be erased earlier if we receive your objection to the storage of such data (if your interests are overriding)
Your image captured in photos As long as your consent is valid or, if you are a public person, as long as the publication of your image is significant for the promotion of art, education and culture. Data can be erased earlier if we receive your objection to the storage of such data (if your interests are overriding)
Your data related to potential or existing protection of our interests in courts or other authorities Until the expiration of statutory periods for the submission of claim/complaint or action limitation periods and/or until the final court judgement comes into effect
Personal data processed based on your consent, except for consents to the use of your image captured in photos Up to 2 years as of the moment of receipt of the consent if the consent was not withdrawn earlier
IT system logs 1 year

 

Even in cases where you have expressed a wish to terminate the agreement and refuse of our services, we will have to store some of your personal data until the expiration of storage periods for certain data due to possible future claims. Information will also be stored so that we are able to provide you with the requested information, have appropriately recorded history of relations with you, and can answer all questions related to your cooperation with us.

What rights do you have?

Depending on the situation and additional terms and conditions laid down in the GDPR, you have the following rights:

  • to know (to be informed) about the processing of your data (the right to know);
  • to access your personal data processed by us and find out how they are processed (the right of access);
  • to rectify or, in consideration of personal data processing purposes, have incomplete personal data completed (the right to rectification);
  • to erase personal data related to you (the right “to be forgotten”);
  • to restrict the processing of personal data related to you (the right to restriction);
  • to require to move data provided to us (the right to data portability);
  • to object at any time to the processing of your personal data where such processing is carried out in the public interest, for the purposes of the legitimate interests pursued by us or by a third party, and where personal data are processed for direct marketing purposes including profiling (the right to object);
  • to withdraw your consent to personal data processing where the data are processed based on consent.

We always strive to ensure your rights properly and to react in a timely manner to any possible infringement of fulfilment thereof. Therefore, if you have any questions about your personal data processed by us, please contact us at a first instance. Also, please note that, in any case, you have the right to file a complaint with the State Data Protection Inspectorate at any time.

We provide you with a possibility to fulfil your aforementioned rights in a convenient manner. You can do so by calling 8 (5) 2313811, writing us to info@menonisa.lt or using specific links provided at the bottom of the advertising content submitted by us where we submit such to you.

Learn more…

Your rights will be implemented after the live confirmation of your identity (by submitting an ID document: ID card or passport) or confirmation by electronic means (e.g., by electronic signature).

Your right Certain limitations
Right to know

 

Prior to the commencement of processing of your personal data, you have the right to obtain information about the data processing in a concise, plain and easy to understand language.
Right of access

 

This right means that you can request us to provide you with the following:

–         Confirmation that we process your personal data;

–         List of your personal data that is being processed;

–         List of purposes and legal grounds for the processing of your personal data;

–         Confirmation whether we transfer data to third countries, and if we do, what safeguards have been implemented;

–         Source of your personal data;

–         Information whether profiling is carried out;

–         Indication of data storage period.

We will provide the aforementioned information on a condition that the rights and freedoms of other parties are not thus infringed.

Right to rectification

 

Applicable if the information held by us and related to your personal data is incomplete or inaccurate.
Right “to be forgotten”

 

Applicable in the following cases:

–         Information held by us is not required any more for the achievement of specified purposes;

–         We process data based on your consent and you withdraw it;

–         We process data based on the legitimate interests, and after the submission of your request it is established that they are overridden by your private interests;

–         Information was obtained in an unlawful manner.

Right to restriction

 

This right can be implemented for the period while we analyse the situation, i.e.:

–         If you dispute the accuracy of information;

–         If you object to personal data being processed on the basis of legitimate interests;

–         We use information unlawfully, but you object to its erasure;

–         We do not need information any more, but you require us to store it due to judicial dispute.

Right to data portability This right can be implemented if you provided your data and we process it in an automated manner, based on your consent or agreement concluded with you.
Right to object This right can be implemented when such data processing is carried out in public interest or data processing is necessary for the purposes of the legitimate interests of the Data Controller or a third party. When your personal data are processed on such grounds, we have the burden of demonstrating compelling legitimate grounds for the data processing which override your interests.

Also, you can at any time object to the processing of your personal data for the purposes of direct marketing, which includes profiling to the extent that it is related to such direct marketing.

Right to withdraw consent You can withdraw your consent to personal data processing at any time where the data are processed based on consent.
Right to file complaint to the State Data Protection Inspectorate The data subject has the right to contact the authority responsible for the supervision and control of legal acts regulating personal data protection, i.e. the State Data Protection Inspectorate (A. Juozapavičiaus str. 6, 09310 Vilnius, e-mail ada@ada.lt, phone (8 5) 271 2804).

For more information, please visit: www.ada.lt.

 

We may refuse to ensure you conditions required for the exercise of the aforementioned rights where, in cases provided by laws, it is required to ensure the prevention, investigation and determination of criminal offences or breaches of official or professional ethics, as well as the protection of the rights and freedoms of the data subject or other persons.

Cookies, beacons and similar technologies

In this Privacy Policy, we use the term “cookies” to indicate cookies and other similar technologies, for example, pixel tags, web beacons, or clear GIFs.

Cookies are small text files stored on your web browser. They help us to:

  • recognise you as a returning visitor of the specific website;
  • ensure smooth operation of the Site;
  • monitor the duration and frequency of visits, as well as collect statistical information about the number of Site visitors.

By analysing these data, we can improve our Site and make it more convenient to use.

Learn more…

 

Cookies used on our Site are as follows:

Category Name Period Purpose
Necessary technical cookies wordpress_test_cookie End of browser session Used to check whether your web browser is set to allow

cookies. The cookie does not store any personal information.

Functional cookies pll_language 2 years Language plug-in cookies used for language setting and

content delivery in the necessary language.

Statistical cookies _ga 2 years Used to obtain information on how visitors use the site and

to collect statistical information.

_gat 1 min. Used to throttle request rate.
 

_gid

 

24 hours

 

Used to distinguish users.

 

When you use a browser to access the content provided by us, you can set your browser to accept all cookies, reject all cookies or notify when a cookie is downloaded. Each browser is different; therefore, if you do not know how to change your cookie settings, please read browser help menu. The hardware of your device can have additional cookie controls. If you do not want information to be collected this way, there is a simple procedure available in most browsers that allows you to disable cookies. For more information on cookie management, please visit

Also, you can manage cookies by choosing certain options in our pop-up cookie information banner.

Please keep in mind that some services may be created in a way to function only with cookies, and by disabling all or some of them you will not be able to use those services.

Also, please note that apart from our cookies, the Site allows some third parties (for example, social network controllers) to save and access cookies on your device. Third parties installing such cookies use their own privacy policies and we cannot assume responsibility for them (our Site cannot access the information transferred by them). Therefore, we urge you to additionally read the aforementioned policies provided on the websites of the third parties. Our social network accounts (Facebook, Instagram) are operated under the privacy policies of controllers thereof.

External websites

The Site contains links to external websites, i.e. websites which are intrinsically linked to cultural or artistic activities (for example, websites controlled by artists). When clicking such links, please note that the websites and services accessible through them must have their own separate privacy policies (rules), for which we cannot assume responsibility. Therefore, we recommend reading them thoroughly prior to disclosing any personal data.

Contact us

If you noticed any Privacy Policy irregularities or security gaps on any of the Sites operated by us or if you have any other questions related to the processing of your personal data, please contact us in any way convenient for you at:

VšĮ Auksakalių gildija

Legal entity’s code: 126055987

Registered office: J. Basanavičiaus str. 1/13, LT-01118 Vilnius

Phone: 8 (5) 2313811

E-mail: info@menonisa.lt

Final provisions

The Privacy Policy is reviewed and updated as necessary, but no less than once in two years, or in the case of any amendments to the legislation regulating the processing of personal data. Having updated the Privacy Policy, we will notify you of any changes we find material by publishing a notice on the Site or in any other similar manner. If you continue to use the content and/or services provided by us after such notification, we will consider that you agree with the new requirements laid down in the updated Privacy Policy.

Privacy Policy last revised on 5 December 2018.