COOKIE POLICY

As required by Regulation (EU) 2016/679 and data protection legislation in general, the user (hereinafter also the "Data Subject") receives information about the use of cookies.

CONTACT INFORMATION OF THE DATA CONTROLLER AND OF THE DATA PROTECTION OFFICER (DPO)

The Grafton Lithuania website (hereinafter the "Site") uses cookies. The data collected through cookies are processed by UAB Gi Group Lithuania ("Company") with registered address at Manufaktūrų g. 20, LT-11342 Vilnius, in the person of the Legal Representative.

The Data Protection Officer [DPO] can be contacted at dpo@gigroup.com.

 

What personal data is processed?

The Site processes navigation data. By way of example, this category of data includes: the IP addresses or computer names used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the requests, the method used when sending requests to the server, the size of the file obtained in response, the numerical code indicating the status of the response provided by the server (successful, error, etc.) and other parameters related to the user's operating system and IT environment .

 

What is a cookie?

Cookies are small text strings. They are created by a server and stored on the hard drive of the computer, or any other device used by the user to access a website (smartphone, tablet, etc.) and then be retransmitted to the website on the user's next visit. Cookies allow, for example, activation of functionalities and personalisation designed to facilitate user interaction with a website, to track items in a shopping cart or information for filling in a computer form.

With regard to duration, cookies can be classified as session cookies and persistent cookies.

Session cookies disappear when the browser is closed or have a limited duration. Persistent cookies they are stored permanently on your computer or other user device and have a variable duration. Cookies that expire at the end of a session (usually when the user closes the browser) are useful, for example, for security purposes, such as when the user accesses their email inbox or a reserved area of a website. Instead, cookies that are stored for a longer period (between one session and another) are used, for example, to remember user preferences (such as the language of navigation on the site) or to offer targeted advertising.

With reference to their origin, cookies can be classified as either first party cookies or third-party cookies. First Third-party cookies are installed directly from the website the user is visiting, whereas third-party cookies are installed by a different domain than the one the user is visiting, for example, if the website incorporates elements from other websites, such as images or social media plug-ins.

 

What cookies does this site use and for what purposes?

The use of third-party cookies is governed by the rules established by the third parties themselves, and the user is therefore invited to read the information on the processing of personal data of third parties indicated in the illustrative tables of the cookies used by the Site.

The Site uses Google Analytics to collect information in aggregate form on the number of users visiting the Site and on the methods of use of the Site in order to develop general statistics on the service and its use, without the possibility of tracking unique user identification. The Google Analytics settings provide for the sharing of data with Google to use the following services: i) Benchmarking, i.e., participation in the collection of anonymous data that helps to better understand data trends; ii) Technical assistance, to enable Google to provide assistance and iii) Account experts, to enable Google's marketing experts to provide suggestions to improve configuration and analysis.

For more information, you can visit the supplier's page here

The user can disable Google Analytics cookies by downloading a specific browser plug-in available here

 

How do you manage your cookie preferences?

At the moment of first access to any page of the Site, there is a banner containing brief information and the cookie preference management panel. The user has the possibility to select and deselect the cookies grouped by homogeneous categories. The consent to the use of cookies is registered with a specific "technical cookie". By closing the banner by selecting a button marked with an X, positioned within the banner in the top right corner, the user will keep the default settings and therefore continue browsing without cookies other than the strictly necessary technical ones. A special command is also available through which the user can express his/her consent by accepting the placement of all cookies.

In any case, you can easily change the choices made in relation to the cookies used by the Site at any time by clicking on the button that appears on each page of the Site in the bottom left-hand corner.

In any case, the user can express their preferences about cookies also through the settings of the browser used. Most browsers automatically accept cookies by default, however, if you set your browser preferences appropriately, you can reject or accept them.

Disabling, blocking or deleting cookies may compromise the optimal use of some areas of the Site or prevent some features, and may affect the functioning of third-party services.

For information regarding the use of cookies by Facebook , Instagram, YouTube , Twitter and LinkedIn , see the websites of Facebook , Instagram , Google , Twitter and LinkedIn , respectively.

To monitor the collection of data for analysis purposes carried out by Google Analytics cookies, the user is invited to visit the page of the browser add-on for the disabling of Google Analytics where, if he wishes, he can proceed to disable these cookies by downloading the specific browser plug-in available there.

 

Is acceptance of cookies compulsory?

The technical cookies that are strictly necessary are used to ensure correct browsing on the Site and to provide the service requested by the user, and therefore the prior consent of the user is not required for their installation, as indicated in the respective paragraph.

As for the remaining types of cookies, they are only installed after obtaining the user's consent. This consent is optional. However, the denial of consent may result in parts of the Site not functioning properly.

 

Who are the authorised subjects of the processing? Who are the recipients of the data?

The data may be processed by employees of the corporate functions responsible for the pursuit of the above-mentioned purposes, who have been expressly authorised to process them and have received appropriate operating instructions.

User data may be processed by third parties acting as Controllers, such as supervisory control authorities and bodies and, in general, by subjects, including natural persons entitled to request data, Public Authorities expressing requests to the Controller for processing for administrative or institutional purposes, in accordance with the provisions of national and Union law, as well as persons, companies, associations or professional firms providing assistance and advice.

Data may also be processed, on behalf of the Controller, by third parties designated as Processors, who receive appropriate operational instructions. Such matters essentially fall under the following categories:

(a) undertakings providing communication courier services;

b) companies providing website and information systems maintenance services;

c) companies that offer support in the implementation of marketing initiatives and market research.

Your personal data may be processed, with your consent, by third parties to whom they are disclosed.

 

Is personal data transferred to countries outside the European Economic Area?

Data collected through cookies may be transferred to countries outside the European Economic Area (EEA) whose level of data protection has been deemed adequate by the European Commission under art. 45 of the GDPR.

In addition, personal data may be transferred abroad to countries outside the EEA and in particular to the United States (e.g., Google, social networks, etc.) after signing the standard contractual clauses (standard contractual clauses) adopted and approved by the European Commission under Art. 46 of the GDPR.

 

What are the rights of the data subjects?

Data Subjects may request from the Controller access to their personal data, their correction or cancellation, the integration of incomplete data, the limitation of processing in the cases provided for in Art. 18 GDPR, as well as the opposition to processing in the case of data processed for direct marketing purposes or legitimate interests.

In addition, for cases where the processing is based on consent or contract and is carried out with automated tools, data subjects have the right to exercise the right to data portability, receiving their personal data in a structured, commonly used and device-readable format, as well as, if technically feasible, transmitting it to another Controller without hindrance.

These rights can be exercised by sending an email to lt.privacy@gigroup.com.

Data subjects have the right to lodge a complaint with the competent Supervisory Authority (in particular in the Member State where they usually reside or work or in the State where the alleged breach has taken place).