Skip to main content

UK / EU WAREHOUSES - CONTACT US FOR ITEM LOCATION

Privacy Policy

In this Privacy Policy (the Privacy Policy) we will provide information on how UAB FIDUS ARS, registration number 304226715, registered domicile at Veiveriu g. 151, Kaunas,46417, Lithuania (the Data Controller), processes your personal data in https://carxtras.com online store.

You may communicate with the Data Controller using the following contact information:

Email address:     info@carxtras.com
Address:                Veiveriu g. 151, Kaunas,46417, Lithuania

What kind of your personal data do we process?

  • Purpose: For making and carrying our agreements with legal persons
    • Personal data processed: First name, last name, contact information, contents of correspondence, other details contained in the agreement, IP address (of the device on which the order was made), type of device on which the order was made (computer, tablet or mobile device).
    • Legal basis: Legitimate interest to pursue activities.
    • Storage period: Ten years after the agreement expires.
  • Purpose: For making and carrying out agreements with natural persons
    • Personal data processed: First name, last name, address, phone number, email address, IP address (of the device on which the order was made), type of device on which the order was made (computer, tablet or mobile device).
    • Legal basis: Contract.
    • Storage period: Ten years after the agreement expires.
    • Personal data may be transferred to payment service providers.
  • Purpose: For delivering orders
    • Personal data processed: First name, last name, phone number, email address, address, pick-up point data, shipment number.
    • Legal basis: Contract.
    • Storage period: Ten years after the agreement expires.
    • Personal data may be transferred to courier, delivery, postal service providers.
  • Purpose: For making refunds
    • Personal data processed: First name, last name, bank account number, other details, any information directly related to the original payment that is necessary to offset the payment or return the payment to the original payer.
    • Legal basis: Contract, legal obligation.
    • Storage period: Ten years after the refund.
    • Personal data may be transferred to payment service providers.
  • Purpose: For creating and managing website user accounts
    • Personal data processed: First name, last name, account name and password, phone number, email address, address.
    • Legal basis: Contract.
    • Storage period: Two years after the last sign-in to the account.
  • Purpose: Communication with website visitors
    • Personal data processed: First name, last name, phone number, email address.
    • Legal basis: Taking steps at the request of the data subject prior to entering into a contract / legitimate interest to pursue activities and/or ensure quality.
    • Storage period: One year after the enquiry is solved.
  • Purpose: For direct marketing (to send newsletters/ invitations to events, to offer similar goods/ services)
    • Personal data processed: First name, last name, email address, phone number.
    • Legal basis: Consent, legitimate interest to offer similar goods or services to clients.
    • Storage period: Two years after the consent or two years after the goods or services have been purchased.
    • Personal data may be transferred to newsletter sending solutions.
  • Purpose: For managing social media accounts
    • Personal data processed: Unique ID, IP address, hardware information.
    • Legal basis: Consent / legitimate interest to communicate with clients.
    • Storage period: For as long as site visitors are such media account followers.
    • Information communicated to us when visiting our social media sites (including notifications, use of “Like” and “Follow” buttons or other communication) will be controlled by us jointly with social media managers as joint controllers.
    • Currently, we maintain the following social media accounts:

-            [●] on Facebook; their privacy policy is available at https://www.facebook.com/privacy/explanation

-             [●] on Instagram; their privacy policy is available at https://help.instagram.com/519522125107875

-             [●] on Pinterest, their privacy policy is available at https://policy.pinterest.com/en/privacy-policy

-             [●] on Linkedin; their privacy policy is available at https://www.linkedin.com/legal/privacy-policy

-             [●] on Youtube; their privacy policy is available at https://policies.google.com/privacy

-             [●] on TikTok; their privacy policy is available at https://www.tiktok.com/legal/page/row/privacy-policy/en

Please read the third-party privacy policy and contact the service provider directly if you have questions on how they use your personal data.

Whom can we transfer your personal data to?

We may transfer information about you to our employees, agents and such service providers as debt administration/collection companies or companies providing archiving services, also to legal/marketing/IT service providers or subcontractors if it is reasonably required for the purposes stated in this Privacy Policy.

In addition, we may disclose your personal information in cases when required to do so by law or seeking to protect our rights or interests (including the case when your personal data is transferred to others for debt recovery purposes), also when intending to sell part of the company’s business or assets, or to reorganize the company (and during such processes) we are asked to disclose your personal data to any (potential) buyer of such business or assets, or to other participants in the reorganization.

How is your personal data processed?

Your personal data will be processed in accordance with the General Data Protection Regulation (the GDPR), the Law of the Republic of Lithuania on Legal Protection of Personal Data, and other legal requirements. When identifying personal data processing measures and during such processing, the Data Controller should implement appropriate technical and organizational measures envisaged in the laws for the protection of personal data against accidental or unlawful destruction, damage, modification, loss, disclosure, or any other kind of illegal handling and will adopt proper measures considering the risks involved in such personal data processing.

What are your rights?

Below, please find information about your rights associated with the processing of your personal data by the Data Controller and about how such rights may be exercised. If you want more information about your rights or want to exercise them, please contact us at the email address given in this Privacy Policy.

  • You may contact us at any time to ask whether any of your personal data is being processed by us. If your personal data is stored or used by us in whatever way, you have the right of access to such data. In order for you to exercise such right, please send us a written request at the email address given in this Privacy Policy. We may ask you to confirm your identity so that your request could be granted. Please observe the principles of reasonableness and good faith when submitting such request.
  • If you have given us consent to process your personal data, you may withdraw such consent at any time by sending us an email letter to the email address given in this Privacy Policy.
  • You have the right to request us to correct any inaccuracies in your personal data. In that case, we may ask you to confirm the information corrected.
  • You have the right to request us to erase your personal data. This right may be implemented in the cases described in Article 17 of the GDPR.
  • You have the right to request us to restrict/refrain from processing your personal data.
  • You have the right to data portability if processing of such data is carried out by automated means and we have obtained such data from you based on your consent or for the purpose of concluding an agreement. If you opt to exercise this right, we will transmit at your request a copy of the data submitted by you.
  • You have the right to object to processing of your personal data pursuant to Article 21 of the GDPR.

How can you exercise your rights?

To enforce your rights, you may submit requests, complaints or claims to us in writing by using the contact information given in this Privacy Policy.

We will respond to your request, complaint or claim in writing in accordance with the applicable laws and will do our best to provide you with the necessary information within the shortest time possible but in no event later than within 30 (thirty) days after receiving your request.

If having received your request, complaint or claim we have doubts about your identity, we may ask the applicant to produce an identity document.

Complaints

If you believe that your rights as the data subject have been and/or may be violated, please immediately contact us at the email address given in this Privacy Policy. We assure you that having received your complaint, we will inform you within a reasonable time about the progress of the complaint investigation, and later about its outcome. If you are not satisfied with such investigation outcome, you may file a complaint with the supervisory authority – the State Data Protection Inspectorate (https://vdai.lrv.lt/).

Responsibility

You are responsible for ensuring that the information provided by you is accurate, correct, and complete. You should immediately notify us by email if changes are made to the data you have submitted. Therefore, we will not be held liable for any damage resulting from your failure to provide correct or complete personal data or to give us notice of changes made to such data.

This Privacy Policy was last updated on 25 March 2024

!