Privacy & Cookie policy

This Privacy Policy (hereinafter the “Privacy Policy” or the “Policy”) explains how UAB “Envirolla” (hereinafter the “Company”) collects and uses information when you use any services offered on our website www.envirolla.com (hereinafter the “Website”) or any other services we provide (hereinafter the “Services”).

UAB “Envirolla” is committed to managing your personal data responsibly and securely. Following this core principle, we always aim to ensure a sufficient level of protection for your data and safeguard your rights.

We process Personal Data in accordance with this Privacy Policy and applicable legal acts, including the General Data Protection Regulation (2016/679) (the “GDPR”) and applicable Lithuanian national data protection laws. In this Policy, “Your Personal Data” refers to any information that can identify your identity (hereinafter “Personal Data”).

We are the controllers of the Personal Data covered by this Policy. We use your personal data in the course of our operations and when providing services to you. Our goal is to process only the personal data that you voluntarily provide after receiving detailed information about the purposes of processing, and the data necessary for fulfilling contracts, complying with legal obligations and conducting our operations.

Please take a moment to read this Privacy Policy to learn how we collect, use, transfer, and protect your personal data.

1. PERSONAL DATA COLLECTION AND USE

1.1. WHAT INFORMATION WE COLLECT

We process your personal data if you voluntarily provide it to us, for example, when sending us an email, ordering our services, filling out a form on the website, or contacting us by phone/SMS. In certain cases, we may already process personal data you have previously provided — for instance, if you are a current or former client.

We will process the personal data you provide in accordance with this Policy and the applicable laws. Your data will not be used for purposes other than those specified at the time of collection unless we receive your additional consent or the law allows such use.

If you send us your CV, we will use the information you provide to offer you the most suitable job position in our company.

1.2. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA

We generally collect your personal data only to the extent necessary to provide services to you. EU law requires us to inform individuals whose data we process about the legal basis for that processing. We rely on one of the following legal grounds:

Contract performance basis – applies when data processing is necessary to fulfill our contractual obligations to you, e.g. issuing a loyalty card or handling payments.
Legal obligation basis – applies when laws or regulations require us to process your data, such as client identification, anti-money laundering, accounting, or providing information to public authorities or the police.
Consent basis – applies when we process your data only after obtaining your consent. You may withdraw consent at any time by contacting us via email at info@envirolla.lt with the subject “withdrawal of consent”.
Legitimate interest basis – applies when we have a legitimate interest and such processing does not override your rights or interests. For example:
- Providing website visitors with information about our services or job openingPreventing fraud and protecting our assets and IT systems
- Managing and monitoring advertising solutions we use
- Ensuring fulfillment of the Company’s corporate and social commitments
- Exercising rights under Articles 16 and 17 of the EU Charter of Fundamental Rights (freedom to conduct a business and right to property) In some cases, we may also process special categories of personal data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health information, or data about sex life or sexual orientation — only with your explicit consent or if required by law.

1.3. AUTOMATED PERSONAL DATA COLLECTION

In certain cases, we or our service providers use cookies, web beacons and other smart technologies to automatically collect certain information about you when you visit our website or send us emails. This information helps us tailor our website to your needs, increase awareness and effectiveness of our messaging and monitor the performance of our advertising tools.

1.3.1. IP ADDRESSES

An IP address is a number assigned to your computer when connecting to the internet. It enables computers and servers to recognize each other and share data. When you visit our website, your IP address is recorded and used for diagnostics and security purposes. It is also used to compile statistics that help us measure website traffic and usefulness.

1.3.2. COOKIES

Cookies are typically stored on your computer or other device each time you access our website. This allows us to distinguish your device from others. In some cases, you will be shown a notification asking for consent to use cookies. If you do not give consent, your device will not be tracked for direct marketing purposes.

Essential cookies (for user input and site functionality) will still be used to ensure the website works properly. Your choice about cookies is saved in a separate cookie valid for 90 days. If you wish to withdraw consent, you can clear cookies in your browser.

Most browsers accept cookies by default, but you can change your browser settings to block them. These settings are typically found under “Tools” or “Preferences.” You can delete all or selected cookies at any time. Note that refusing cookies may limit some website functionalities.

To expand our website’s features, we sometimes use third-party tools and widgets. These may place cookies to function correctly. Cookies alone do not provide us with your email address or identify you. We may use identifiers, including IP addresses, only to count unique visitors and analyze geographical distribution — not to identify specific users.

BY BROWSING OUR WEBSITE, YOU CONSENT TO THE STORAGE OF NECESSARY COOKIES ON YOUR DEVICE.

1.3.3. WEB BEACONS

A web beacon is a small image file embedded in a website that collects information about a visitor’s device, including IP address, visit time, browser type, and cookies previously set by the same server.

We and our service providers use web beacons strictly in accordance with legal requirements, for managing cookies and evaluating third-party services — like advertising, communication, or recruitment tools.

You can limit beacon functionality by blocking cookies. In such cases, beacons may still record anonymous visits via IP, but cookie information will not be stored.

Some of our newsletters and communications use web beacons to track actions like email opens. We use this data to assess user interest and improve satisfaction.

1.3.4. GEOLOCATION TOOLS

When you use our services, we may collect data about your device’s location. This helps us better customize the services we provide to you.

1.4. SOCIAL MEDIA TOOLS AND APPLICATIONS

Our website may include features that allow you to share information via third-party platforms like Facebook (e.g., “like” or “share” buttons). These platforms may collect data about your interaction with our website. Any personal data you submit through such platforms may also be accessible to other users of those platforms. This data sharing is governed by the platform’s own privacy policy. We do not control how your data is processed there and cannot accept responsibility.

1.5. CHILDREN’S PERSONAL DATA

We understand the importance of protecting children’s privacy. Our website and services are not intended for children under 16. We never knowingly collect or store data about children under 16 unless required to provide services to you.

2. SHARING PERSONAL DATA WITH THIRD PARTIES

We do not share your personal data with third parties unless it is necessary to provide services to you, fulfill your requests, serve our legitimate business interests, or if required by law. More detailed information about third-party data use can be found by clicking on the link provided.

WE DO NOT TRANSFER YOUR PERSONAL DATA TO ANY THIRD PARTIES FOR DIRECT MARKETING PURPOSES (Annex 1).

3. YOUR CHOICES

Usually, using our services does not require you to provide personal data, unless necessary for service delivery — such as contract execution or maintaining contact. When you request information about our services, we may ask for additional data.

In some cases, we may request your additional consent to process your data and you have the right to refuse it. If you give consent for specific services or to receive informational messages, we will provide an option to withdraw it at any time.

If you withdraw consent, we will try to cease use of your personal data for the specified purposes as soon as reasonably possible.

As mentioned in the “Cookies” section, if you want to block tracking via cookies, you may delete cookies from your browser and disable further storage. Note that this may limit website functionality.

4. YOUR RIGHTS

If we process your personal data, you have the right to exercise the following:

Access and Correction

You have the right to access your personal data that we process. To do so, you can submit a request.

If we determine that we must provide the data, it will be shared free of charge. To protect others’ rights and respond properly, we may ask for proof of identity and your relationship with us.

If your data is inaccurate, you have the right to request correction.

Right to Object

You have the right to object to our processing of your data if we no longer have the right to do so.

Other Rights

If you believe your data should not be processed or is being stored for too long, you can request deletion or restriction of processing. In certain cases, you may also request an electronic copy of your data.

To exercise your rights, contact us at info@envirolla.com with the subject “regarding personal data processing”. Upon receiving your request, we will take all reasonable steps to support your rights in line with legal and professional standards.

5. DATA SECURITY AND INTEGRITY

When processing your personal data, we implement organizational and technical security measures and procedures to protect your data from unauthorized loss, misuse, alteration, or destruction.

Despite our efforts, it is impossible to anticipate all potential threats and guarantee absolute data security. To ensure maximum protection:

Access to your data is restricted to our staff on a “need to know” basis;
Data handlers are bound by strict confidentiality and data protection requirements.

We strive to retain your data only:

i) for as long as it is needed to provide services or information to you;

ii) for as long as required by law or business necessity; or

iii) until you request deletion of your data.

The specific retention period depends on the circumstances under which the data was collected and the intended use, but in any case, personal data will not be stored for more than 2 years, in accordance with the above criteria.

6. LINKS TO OTHER WEBSITES

Please note that our website contains links to other websites, including third-party sites, which are not governed by this Privacy Policy. Their privacy rules may differ significantly. We encourage you to review each site’s privacy policy before submitting any personally identifiable information.

7. CHANGES TO THIS POLICY

We may revise and update this Privacy Policy in line with changes to our data protection practices. Each time we update the Policy, we will change the “Last Updated” date at the top of the page. You will be informed of changes to the Policy through our usual communication methods.

8. PRIVACY POLICY ENFORCEMENT

We are committed to protecting your personal data. If you have any questions or comments regarding how we process your data, please contact us at info@envirolla.com, using the subject line “regarding personal data processing.” You can also send any feedback on this Privacy Policy to that address.

Once we receive your request, we will confirm receipt within 14 days and aim to respond within one month. If your request is complex or we have received a large volume of requests, we may extend the response time to up to three months, with prior notice.

Finally, you always have the right to lodge a complaint with the State Data Protection Inspectorate if you believe your data is being misused.

Annex No. 1 – DATA TRANSFER TO THIRD PARTIES

We do not share your personal data with third parties unless required to deliver services to you, fulfill your requests, serve legitimate business purposes and/or if such sharing is required by law. This includes:

Our service providers: We share data with third parties that provide services to us, such as IT maintenance, web hosting, accounting, legal, consultancy and other goods or service providers. These parties may process your personal data only if they meet our strict data protection and security requirements and only to the extent necessary to deliver their services.
In case of business sale, reorganization, or transfer: If our operations are sold, reorganized, or transferred to another company, related personal data will be transferred to the extent necessary for the continuity of operations.
Authorities: We will share personal data with courts, law enforcement, or other state-authorized institutions if necessary to meet our legal obligations or if required by law.
Audits: We will share personal data if needed to conduct a financial, privacy, or security audit, or to investigate and appropriately respond to a complaint or security threat.