Privacy Policy

Last Updated on

Definitions

Data: All information directly or indirectly related to the User, by which the User’s identity can be determined. This concept also includes those interpretations of the term “data” that apply in the relevant Data Protection legislation.
Cookies: Small text documents with a unique identification number that are transferred from the Website to the memory of the visitor’s device so that the Administrator can distinguish the visitor’s device.
GDPR: General Data Protection Regulation.
Data protection legislation: Any applicable legislation covering the protection of personal data (including GDPR).
User: Any third party connecting to the Website who is not: (i) an employee of the Administrator or another person directly related to the Administrator by employment or other legal relationship; (ii) Consultant of the Administrator and providing services to the Administrator on another basis and connecting to the Website for the purpose of providing services.
Website: The website you are connecting to, i.e. https://www.irp.lt/, as well as any sub-domains of this website.
Administrator: The website is administered by Individual Racing Parts, UAB, legal entity code 304034152, address Vyčio Kryžiaus st. 165A, Jonučiai, LT-53305 Kaunas district, Republic of Lithuania.
Privacy policy: The privacy policy of the website you are currently reading.

2. General Provisions

2.1. Prior to using the Website, it is mandatory to familiarize oneself with the Privacy Policy. Therefore, Users of the Website, by browsing or performing other actions on the Website, automatically confirm that they have acquainted themselves with the Privacy Policy.
2.2. For the purposes of applicable Data Protection legislation, the Administrator is considered a “data controller”. This means that the Administrator determines the purposes and methods of Data management.

3. How Data is Collected

3.1. Data collection is facilitated through multiple channels to ensure comprehensive and user-centric service delivery. These methods are categorized as follows:
3.1.1. Direct from the User:

  • Users are the primary source of data collection, wherein they voluntarily provide information through various interactions with our services. This encompasses:
  • Account Registration: Users submit personal details such as names, last names, phone number, email address, address to create and manage their accounts and payments;
  • Transactions and Services: Information related to purchases, orders, customer service interactions, and service provisions are collected to fulfill contractual obligations.
  • Communications: Data received from users contacting us via email, social media, or other digital channels for inquiries, feedback, or support.
  • Consent-Based Activities: Participation in competitions, surveys, and marketing preferences requires user consent, where personal data is collected based on the expressed interests and permissions of the user.

3.1.2. Automatically Collected Data. In addition to the data provided directly by the users, certain information is collected automatically through their interaction with our website and services:

  • Device Information: Data concerning the user’s device, including IP addresses and device types, is collected to optimize user experience and enhance website functionality.
  • Usage Data and Cookies: Our system gathers information on how users navigate and interact with our website, including browsing activities, preferences, and location data, guided by the user’s cookie settings.

4. Purposes of Data Processing

4.1. The collected data serves multiple purposes, ensuring both contractual obligations and user experience enhancements:

  • Contractual Necessities: Data processing is essential for executing contracts with customers, including the sale and supply of goods and services, customer management, and identity verification (GDPR Article 6 (1) (b))
  • Legitimate Interests: Our legitimate interests, such as marketing, product and service improvement, customer insights, and operational management, guide further data processing activities. (GDPR Article 6 (1) (f))
  • Legal Obligations: Compliance with legal, accounting, and reporting requirements necessitates specific data processing activities. (GDPR Article 6 (1) ©)

5. Data Provision and Disclosure

5.1. Data confidentiality is paramount, with provisions for disclosure under specific conditions:

  • Third-Party Services: Data may be shared with trusted data processors and service providers acting under our instructions for services like hosting, analytics, and customer service, ensuring data protection and privacy.
  • Legal and Regulatory Requirements: In certain cases, data might be disclosed to comply with legal obligations, court orders, or requests from state institutions.

6. Data Storage and Retention

6.1. The storage and retention of collected data are guided by the necessity and legal compliance:

  • Storage Solutions: Collected data is stored in secure information systems and, where necessary, as paper copies, protected with appropriate technical and organizational measures.
  • Retention Period: Data is retained no longer than required for the processing purposes, legal, accounting, or reporting requirements, and is securely disposed of once it is no longer necessary.

6.2. Additional Notes:

  • Child Protection: Our services do not target, nor do we knowingly collect data from minors, except for the cases indicated in this Privacy policy and/or Terms of use.
  • User Rights: Users have the right to withdraw consent at any time, access their data, request correction, or deletion under applicable data protection laws.

This structured approach ensures that users are informed about how their data is handled, reflecting our commitment to transparency, accountability, and user privacy.

7. Cookie Policy

7.1. Our website employs cookies to enhance user interactions and provide a seamless browsing experience.
7.2. Cookie Utilization for Improving User Experience. We implement cookies to personalize and improve the overall user experience on our platform

  • Types of Cookies Deployed
    • Essential Cookies: Necessary for the website’s core functions, these cookies ensure users can navigate and access the website’s features without requiring user consent.
    • Functional Cookies: These cookies offer added convenience and features, enhancing usability without being critical for the website’s operation.
    • Analytical Cookies: Employed to gather insights on user interaction with the website, these cookies help in the optimization and refinement of the website by tracking user visits, navigation patterns, and engagement.
  • Cookies on our website are deployed by:
    • Internal Systems: For essential website functionalities.
    • Google Analytics: For comprehensive website usage analytics.
    • Facebook Pixel: For targeted advertising and user behavior analysis.
    • Remarketing Tools: To re-engage visitors with personalized advertising based on their site interactions.
    • MailChimp: For email marketing and user engagement analysis.
    • Fast Secure Contact Form Plugin: To ensure secure user contact forms.
    • Cookie Notice & Compliance Plugin: To manage cookie consent and compliance efficiently.

By leveraging these cookies and tools, we aim to provide a tailored and efficient browsing experience, ensuring users can benefit from the full functionality of our services while respecting privacy and consent preferences.

8. Data Sharing and Third-Party Disclosure

8.1. Engaging Third-Party Services for:

  • Service Enhancement: To augment our service offerings and enhance user understanding, we collaborate with third-party service providers. These partnerships are instrumental in refining our services, products, and overall user experience.
  • Security and Data Protection: Our third-party partners are mandated to employ stringent security measures that align with our data protection policies. Their access to user data is strictly limited to the provision of services to us and our users, barring any unrelated uses.

8.2. Aggregated and Anonymized Data Sharing
Analytics and Insights: We may share aggregated and anonymized data with external entities to offer insights and analytics. This data is meticulously processed to ensure individual users cannot be identified, safeguarding user privacy.

  • In certain scenarios, we might share user data with third parties as a legal requirement or to safeguard the rights, property, or safety of our platform, our users, and the public. This includes but is not limited to, complying with legal processes, enforcing our terms, or addressing fraud, security, or technical issues.
  • In instances where user data is shared with third parties, our approach is to share the least amount of data necessary. This principle underscores our commitment to privacy and data protection, ensuring only essential data is disclosed in alignment with our objectives and legal obligations.

9. Communication and Marketing

  • Subject to user consent, we send emails (newsletters or promotional communication) to keep our customers informed about the latest offers, events, and analyze interactions with these communications.
    • User Consent: With the user’s explicit opt-in, we engage in sending newsletters to share updates and relevant information about our services.
    • Third-party Service: To distribute our newsletters, we partner with MailChimp, ensuring the use of only the recipient’s email address for delivery purposes. For detailed privacy practices, visit MailChimp’s Privacy Policy.
    • Unsubscription Option: Recipients can easily unsubscribe by selecting “Unsubscribe” at any newsletter email’s footer.
    • Direct Contact: Emailing info@irp.lt to update marketing preferences.

Note: Opting out from promotional communications does not affect the receipt of essential service messages, such as order confirmations or updates.

10. Profiling and Automated Decision-Making Explained

10.1. Our data management strategy avoids automated individual decision-making, focusing instead on profiling to assess specific user characteristics. This process aims to refine the relevance of our marketing communications, ensuring users receive offers tailored to their interests, based on prior service usage and more. Importantly, these practices are designed to enhance user experience without legal ramifications or significant impacts.

10.2. We utilize cookies and similar technologies, managed by external entities such as Meta Pixel, Meta Conversions API, and Google Analytics, alongside advertising tools like Meta and Google Ads. These services collect data on our website usage, crucial for optimizing performance, user interface, and personalized advertising content.

10.3. Users may encounter our ads on various platforms beyond our website, thanks to collaborations with third-party advertising networks. These ads are tailored based on users’ browsing history, purchasing behavior, and interactions with our communications, collected across devices and online activities.

10.4. We deeply respect our users’ rights, especially regarding profiling and automated data processing. Users can withdraw from these processes at any time by contacting us at info@irp.lt to opt-out.

10.5. This procedure underscores our commitment to user autonomy, allowing individuals to customize their interaction with our services according to their privacy preferences. With a straightforward opt-out mechanism, we strive to foster transparent and trust-based relationships, ensuring user data is handled with utmost respect.

International Data Transfers

  • Safeguarding user data integrity is paramount, especially when sharing beyond the European Economic Area (EEA). Transfers may occur for collaboration with non-EEA service providers or with users outside this jurisdiction. To ensure privacy and comply with data laws, transfers adhere to strict regulations.
  • Conditions for international data transfers include:
    • European Commission Approval: If the recipient country offers adequate data protection, transfers are permitted.
    • Data Processing Contracts: Transfers are allowed with robust contracts following standardized terms endorsed by the European Commission.
    • Compliance with Codes of Conduct: Adhering to regulatory safeguards facilitates lawful transfers, maintaining data protection standards.
  • By meeting these conditions, we ensure user data protection across all destinations.

User Rights

Empowering users with control over their personal data is fundamental to our commitment to data protection. Here’s a detailed outline of the rights afforded to users:

  • Information Transparency: Users have the right to be fully informed about the processing of their data, ensuring transparency and accountability in our practices.
  • Data Access: Users can access their personal data processed by the Administrator at any time, enabling them to verify its accuracy and legality.
  • Data Correction: Should users identify inaccuracies, incompleteness, or errors in their data, they can request correction or supplementation, ensuring the integrity of their information.
  • Data Deletion: Users reserve the right to request the deletion of their data when it’s no longer necessary for its original purpose or if processed unlawfully or with revoked consent.
  • Objection to Data Processing: Users can object to the processing of their data or withdraw previously given consent, asserting control over their preferences.
  • Data Processing Suspension: Users may request the suspension of specific data processing actions (excluding storage) to address concerns or clarify aspects related to their data.
  • Data Portability: In cases where technically feasible, users can request to receive their data in an easily readable format or transfer it to another data controller, promoting data mobility and interoperability.
  • Protection Against Automated Data Processing: Users have the right to demand that automated data processing, including profiling, not be applied, safeguarding against potential adverse effects.
  • Complaint Lodging: Users retain the ability to lodge complaints about data processing with the State Data Protection Inspectorate of the Republic of Lithuania, ensuring recourse in cases of non-compliance.

Dispute Resolution

Efficient resolution of disputes is vital for maintaining trust and integrity. Here’s how disputes related to the Website or the Administrator’s activities are handled:

  • Negotiation: Disputes are initially resolved through negotiations, aiming for an amicable resolution between parties.
  • Legal Recourse: If disputes remain unresolved, they are further addressed in accordance with established procedures in the courts of the Republic of Lithuania, ensuring fair and equitable resolution.

Contact Information

For any inquiries or communication, users can reach out to the Website administrator via email at info@irp.lt or through other contact details provided on the Website. We are committed to addressing user concerns promptly and transparently.