Privatumo politikos tikslas – informuoti kaip yra renkami ir tvarkomi duomenų subjektų asmens duomenys, paaiškinti, kiek laiko saugomi, kam teikiami, kokias teises turi duomenų subjektai bei kur kreiptis dėl jų įgyvendinimo ar kitais su asmens duomenų tvarkymu susijusiais klausimais.

The purpose of the Privacy Policy is to inform how the personal data of data subjects is collected and processed, explain how long it is stored, to whom it is provided, what rights data subjects have, and where to apply for the implementation of these rights or for other issues related to the processing of personal data.

Personal data is processed in accordance with the European Union General Data Protection Regulation (EU) 2016/679 (hereinafter – the Regulation), the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other legal acts regulating the protection of personal data.

UAB „Technogaja“ follows these basic principles of data processing:

personal data is collected only for clearly defined and legitimate purposes;
personal data is processed only lawfully and fairly;
personal data is regularly updated;
personal data is stored securely and no longer than required by the established data processing purposes or legal acts;
personal data is processed only by those employees of UAB „Technogaja“ who are granted such rights according to their job functions or by properly authorized data processors.

1. DEFINITIONS

1.1. Data Controller – UAB „Technogaja“ (hereinafter – the Company), legal entity code 300581327, registration address Sėmenos g. 52A, Patamulšėlio village, Rokai eldership, Kaunas district municipality.

1.2. Data Subject – any natural person whose data is processed by the Company. The Data Controller collects only the data of the data subject that is necessary for carrying out the Company’s activities and/or when visiting, using, or browsing the Company’s websites, “Facebook”, and other social network accounts, etc. (hereinafter – the Website). The Company ensures that the collected and processed personal data will be secure and used only for a specific purpose.

1.3. Personal Data – any information directly or indirectly related to a data subject whose identity is known or can be directly or indirectly identified using relevant data. Processing of personal data means any operation performed on personal data (including collection, recording, storage, editing, modification, granting access, submitting queries, transfer, archiving, etc.).

1.4. Consent – any freely given and informed confirmation by which the data subject agrees that their personal data will be processed for a specific purpose.

2. SOURCES OF PERSONAL DATA

2.1. Personal data is provided by the data subject themselves. The data subject contacts the Company, purchases goods sold by the Company, leaves comments, asks questions, contacts the Company requesting information, etc.

2.2. Personal data is obtained when the data subject visits the Company’s website. The data subject fills in the forms available there or for some reason leaves their contact details, etc.

2.3. Personal data is obtained from other sources. Data is obtained from other institutions or companies, publicly available registers, etc.

3. PROCESSING OF PERSONAL DATA

3.1. By providing personal data to the Company, the data subject agrees that the Company may use the collected data in fulfilling its obligations to the data subject and providing the services expected by the data subject.

3.2. The Company processes personal data for the following purposes:

3.2.1. Sale of goods sold by the Company to clients (legal entities). The following data is processed for this purpose:

When selling goods offered by the Company, personal data of client (legal entity) representatives may be processed: first name(s), last name(s), phone number, email address, workplace name, and other data related to the sale of goods.
Contracts, VAT invoices, and other related documents are stored in accordance with the time limits specified in the General Document Retention Schedule approved by the order of the Chief Archivist of Lithuania.
The legal basis for data processing – necessity to pursue the legitimate interests of the Company (GDPR Article 6(1)(f)).

3.2.2. Ensuring and maintaining the continuity of the Company’s activities. The following data is processed for this purpose:

For the purpose of concluding and executing contracts, personal data of suppliers (natural persons) may be processed: first name(s), last name(s), personal identification number or date of birth, place of residence (address), phone number, email address, workplace, position, signature, data contained in a business certificate (type of activity, group, code, name, activity periods, issue date, amount), individual activity certificate number, data on whether the data subject is a VAT payer, bank account and bank name, service/product amount, currency, and other data provided by the individual, data received by the Company according to legal acts while carrying out its activities, and/or data that the Company is required to process by law and/or other legal acts.
For the purpose of concluding and executing contracts, the following data of supplier representatives is processed: first name(s), last name(s), phone number, email address, company name, address, position, authorization data (number, date, authorized person’s date of birth, signature).
Contracts, VAT invoices, and other related documents are stored in accordance with the time limits specified in the General Document Retention Schedule approved by the order of the Chief Archivist of Lithuania.
The legal basis for data processing – the necessity to perform a contract to which the client as the data subject is a party or to take steps at the request of the client prior to entering into a contract (GDPR Article 6(1)(b)), as well as when certain personal data must be processed according to legal acts (GDPR Article 6(1)(c)).

3.2.3. Administration of the database of job candidate CVs. The following data is processed for this purpose:

First name(s), last name(s), date of birth (age), residential address, contact information (phone number, email address), information about the candidate’s education (educational institution, study period, obtained education and/or qualification), information about professional development (completed training, obtained certificates), information about the candidate’s work experience (workplace, employment period, position, responsibilities and/or achievements), information about language skills, IT skills, driving skills, other competencies, other information provided in the CV, cover letter, or other application documents, employer recommendations, feedback: persons recommending the candidate or providing feedback, their contacts, and the content of the recommendation or feedback.
After the recruitment process for a specific position has ended and the candidate has not been selected and an employment contract has not been concluded with the data subject, the Company deletes the CVs and other data submitted by candidates, unless the Company has received the candidate’s consent to process their personal data for a longer period in order to offer them a job position. In such a case, the data subject’s data processed automatically will be stored for six months from the date of submission. After the specified data processing and storage period expires, the persons responsible on behalf of the data controller will destroy the data within 1 (one) week. A longer retention period of personal data may be applied when personal data is necessary in the event of a dispute/complaint or when other legal grounds provided in legal acts exist.
The legal basis for data processing – the consent of the data subject (GDPR Article 6(1)(a)).

3.2.4. Inquiries, comments, and complaints The following data is processed for this purpose:

First name(s), last name(s) and/or username, email address, phone number, address, subject of the inquiry, comment or complaint, and the text of the inquiry, comment, or complaint.
Data related to inquiries, comments, and complaints is stored for 1 year from the date of submission.
The legal basis for data processing – processing is necessary for the purposes of the legitimate interests pursued by the data controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject requiring protection of personal data, especially where the data subject is a child (GDPR Article 6(1)(f)), and the consent of the data subject (GDPR Article 6(1)(a)).

3.2.5. Ensuring the security of the Company’s employees, other data subjects, and property (video surveillance). The following data is processed for this purpose:

Video image. Video surveillance systems do not use facial recognition and/or analysis technologies; the recorded video data is not grouped or profiled according to a specific data subject (person). Data subjects are informed about video surveillance through informational signs with a camera symbol and the Company’s details placed before entering the monitored territory and/or premises. Areas where a data subject expects absolute privacy are not included in the field of view of the cameras.
Personal data (video data) obtained through video surveillance cameras is stored for up to 30 (thirty) days from the moment of recording and is then automatically deleted, except in cases where there is reason to believe that a violation, criminal act, or other illegal activity has been recorded (until the completion of the relevant investigation and/or court proceedings).
The legal basis for data processing – processing is necessary for the purposes of the legitimate interests pursued by the data controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject requiring protection of personal data, especially where the data subject is a child (GDPR Article 6(1)(f)).

3.2.6. For other purposes for which the Company has the right to process the personal data of the data subject when the data subject has given consent, when the data must be processed for the Company’s legitimate interest, or when the processing of data is required by applicable legal acts.

4. USE OF SOCIAL NETWORKS

4.1. All information you provide through social media (including messages, the use of “Like” and “Follow” fields, and other communication) is controlled by the operator of the respective social network.

4.2. Currently, our Company has an account on the social network “Facebook”, whose privacy policy is available at https://www.facebook.com/privacy/explanation;

4.3. Currently, our Company has an account on the social network “LinkedIn”, whose privacy policy is available at https://www.linkedin.com/legal/privacy-policy.

4.4. We recommend reading the privacy notices of third parties and contacting service providers directly if you have any questions about how they use your personal data.

5. DISCLOSURE OF PERSONAL DATA

5.1. The Company undertakes to comply with the obligation of confidentiality towards data subjects. Personal data may be disclosed to third parties only if it is necessary for concluding and executing a contract for the benefit of the data subject or for other legitimate reasons.

5.2. The Company may provide personal data to its data processors who provide services to the Company and process personal data on behalf of the Company. Data processors have the right to process personal data only in accordance with the Company’s instructions and only to the extent necessary to properly fulfill the obligations set out in the contract. The Company uses only those data processors who provide sufficient guarantees that appropriate technical and organizational measures will be implemented to ensure that data processing complies with the requirements of the Regulation and ensures the protection of the rights of the data subject.

5.3. The Company may also provide personal data in response to requests from courts or public authorities to the extent necessary to properly comply with applicable legal acts and instructions of public authorities.

5.4. The Company guarantees that personal data will not be sold or rented to third parties.

6. PROCESSING OF PERSONAL DATA OF MINORS

6.1. Persons who are younger than 14 years old may not provide any personal data through the Company’s website. If a person is younger than 14 years old, in order to use the Company’s services, written consent from one of the representatives (father, mother, guardian) for the processing of personal data must be provided before submitting personal information.

7. PERSONAL DATA RETENTION PERIOD

7.1. Personal data collected by the Company is stored in printed documents and/or in the Company’s information systems. Personal data is processed no longer than necessary to achieve the purposes of data processing or no longer than required by the data subjects and/or provided by legal acts.

7.2. Although the data subject may terminate the contract and refuse the Company’s services, the Company must continue to store the data subject’s data due to possible future claims or legal requests until the data retention periods expire.

8. RIGHTS OF THE DATA SUBJECT

8.1. The right to receive information about data processing.

8.2. The right to access processed data.

8.3. The right to request correction of data.

8.4. The right to request deletion of data (“Right to be forgotten”). This right does not apply if the personal data requested to be deleted is processed on another legal basis, such as when processing is necessary for the performance of a contract or for compliance with obligations under applicable legal acts.

8.5. The right to restrict data processing.

8.6. The right to object to data processing.

8.7. The right to data portability. The right to data portability must not adversely affect the rights and freedoms of others. The data subject does not have the right to data portability regarding personal data that is processed in non-automated structured files, such as paper records.

8.8. The right to request that a decision based solely on automated processing, including profiling, is not applied.

8.9. The right to lodge a complaint regarding the processing of personal data with the State Data Protection Inspectorate.

9. The Company must enable the data subject to exercise the above-mentioned rights of the data subject, except in cases established by law when it is necessary to ensure state security or defense, public order, prevention, investigation, detection or prosecution of criminal activities, important economic or financial interests of the state, prevention, investigation and detection of violations of official or professional ethics, or protection of the rights and freedoms of the data subject or other persons.

10. PROCEDURE FOR EXERCISING THE RIGHTS OF THE DATA SUBJECT

10.1. The data subject may contact the Company regarding the exercise of their rights:

10.1.1. by submitting a written request in person, by mail, through a representative, or by electronic communication – by email: [email protected];

10.1.2. verbally – by phone: +370 372 08554;

10.1.3. in writing – at the address: Sėmenos g. 52A, Patamulšėlio village, Rokai eldership, Kaunas district municipality.

10.2. In order to protect data from unlawful disclosure, upon receiving a request from the data subject to provide data or exercise other rights, the Company must verify the identity of the data subject.

10.3. The Company shall provide a response to the data subject no later than within one month from the date of receiving the data subject’s request, taking into account the specific circumstances of personal data processing. This period may be extended by an additional two months if necessary, depending on the complexity and number of requests.

11. RESPONSIBILITY OF THE DATA SUBJECT

11.1. The data subject must:

11.1.1. inform the Company about changes to the information and data provided. It is important for the Company to have correct and valid information about the data subject;

11.1.2. provide the necessary information so that, upon the data subject’s request, the Company can identify the data subject and ensure that it is communicating or cooperating with the specific data subject (provide an identity document or identify themselves in accordance with legal acts or through electronic communication means that allow proper identification of the data subject). This is necessary to protect the data of the data subject and other persons, ensuring that information about the data subject is disclosed only to the data subject without violating the rights of others.

12. FINAL PROVISIONS

12.1. By providing personal data to the Company, the data subject agrees to this Privacy Policy, understands its provisions, and agrees to comply with it.

12.2. As the Company develops and improves its activities, it has the right to unilaterally modify this Privacy Policy at any time. The Company has the right to partially or fully amend the Privacy Policy by announcing it on the website tgfilters.com.

12.3. Additions or amendments to the Privacy Policy come into effect from the day of their publication, i.e., from the day they are posted on the website tgfilters.com.

Pocket filters

Cassette filters

EPA, HEPA filters

Panel filters

Compact filters

Pre-filters

Gas phase filtration

Emission control filters

Filtration materials

OEM