top of page

It's M Heels Privacy Policy

It's M Heels (hereinafter referred to as the "Data Controller") respects your privacy and undertakes to protect it in accordance with this Privacy Policy (hereinafter referred to as the "Policy"). With this Policy, the Data Controller aims to inform you in detail about the processing of your personal data, whether you communicate with the Data Controller by meeting in person, by electronic means (for example, using the Data Controller's website or e-mail) or in any other way you choose.

The Data Controller undertakes to be transparent, providing clear information about what your personal data is being processed, the purposes of the processing, the personal data storage period, as well as the legal basis for data processing and other information that the Data Controller must provide in accordance with the applicable legislation.

Please take the time to review this Policy and if you have any questions, please do not hesitate to contact the Data Controller in one of the ways indicated at the end of the Policy.

The Data Controller confirms that your data will be collected in accordance with the requirements of the applicable legislation of the European Union and the Republic of Lithuania and the instructions of the controlling authorities, all reasonable technical and administrative measures will be applied to protect the data collected by the Data Controller from loss, unauthorized use and/or changes . The employees of the data controller are obliged in writing not to disclose or distribute to third parties the information received at the workplace, including information about visitors to the website/social network accounts.

Persons under the age of 14 may not provide any personal data. If you are a person under the age of 14, you must obtain the consent of your parent or other legal guardian before submitting personal information.

The terms used in the policy are understood as they are defined in the General Data Protection Regulation no. 2016/679 (EU).

The data controller is the operator of the website www.itsheelsbym.com. It is very important that you read this Policy carefully, because every time you visit the Data Controller's website, you agree to the terms described here. If you do not agree with these conditions, please do not visit the Data Controller's website, do not use its content and the Data Controller's services.

Your personal data, i.e. any information about you that allows the Data Controller to identify you is obtained in various ways:

• You can provide information (personal data) yourself (for example, by filling out a request form, calling the Data Controller, ordering a newsletter, or contacting the Data Controller yourself in other ways);

• information about you can be collected automatically (when you visit the Data Controller's website (with the help of cookies and similar technologies), when you visit the Data Controller's social accounts (Facebook, Linkedin, Google+, Youtube), when you visit the Data Controller's headquarters, dance studio, events, trips to during events;

You yourself can submit your personal data directly to the Data Controller. This usually happens when:

• You provide your data in order to receive information about the Data Controller's services;

• You submit your requests or claims;

• you subscribe to the Data Controller's newsletter or other communication;

• you participate in surveys.

 

Information about you may be collected automatically. This usually happens when:

• you submit requests through the Data Controller's social network accounts;

• you use the website (data is collected with the help of cookies and similar technologies. More information about the cookies used by the Data Controller can be found below);

• you make public posts on social networking platforms that are tracked by the Data Controller;

 

To the extent permitted by applicable legislation, the Data Controller may receive information about you from third parties.

 

The data controller can link the information received about you from your own, public and commercial sources with other information received from you or about you.

 

Although it tries to collect as little information about you as possible, the Data Controller collects the following information to carry out its activities:

 

• information that is necessary in order to provide you with the services provided by the Data Controller;

• information you provide in requests;

• the information you provide when calling the Data Controller;

• information necessary to identify you and ensure that you have the right to enter into contracts.

• information about your behavior on the website of the Data Controller;

• systematic information about the page usage habits of all page visitors.

Detailed information about how and what data is processed by the Data Controller is provided below.

 

You may choose not to provide the Data Controller with certain information (e.g. information requested in the request form), but in this case the Data Controller will not be able or not fully able to provide you with the services it offers.

 

The above information is processed for the following purposes:

 

• Conclusion and execution of service provision and other contracts;

• Information related to your inquiries, requests for services;

• For marketing purposes1, e.g. to provide individually tailored advertising and sponsor content and to send notifications about promotions, to evaluate and analyze your market, customers, services (including collecting your opinion about services, organizing customer/partner surveys, contests or promotions to the extent permitted by law);

• Learn how people use the Data Controller's website and services in order to improve them and create new content and services;

• To defend one's interests in a court or other institution.

 

Your personal data is processed on the basis of one or more grounds for lawful processing:

 

• Fulfillment of requirements of legal acts;

• Execution of the contract with you;

• Legitimate interests of the Data Controller, unless your private interests prevail;

• In certain cases, your consent.

 

The legal basis for the processing of your personal data with the relevant purpose and the processed personal data are presented below:

 

• Name, surname, personal identification number, telephone, address, e-mail address. Collected for the conclusion and execution of services and other contracts.

The legal basis is the performance of the contract with you; compliance with legal requirements.

 

• Name, surname, telephone, e-mail, payment information, other information that may be required during the provision of services.

 

Collected for marketing purposes, e.g. to provide individually tailored advertising and sponsor content and to send notifications about promotions, events, to evaluate and analyze your market, customers, services (including collecting your opinion about services and organizing customer surveys). Legitimate interest – to inform about observed defects/failures and other services, events, news and other relevant information; Your consent.

 

• IP address, version of the operating system and parameters of the device you use to access the content, the time and duration of your session, and any information stored in cookies that the Data Controller has set on your device, or information about the nearest WiFi access points and mobile communication towers, which may be transferred to the Data Controller when you use the content of the Data Controller's website. Collected to understand how people use the services provided, to improve them and to create new content and services. For this purpose, your personal data is processed with a legal interest in monitoring the quality of the services provided, creating and improving the website content, and ensuring the security of the website.

 

• General information about the candidate: candidate's name, surname, date of birth, place of residence or residential address, e-mail address and/or telephone number, information about the candidate's work experience (job, work period, duties, responsibilities and/or achievements), information about the candidate's education (educational institution, period of study, acquired education and/or qualification), information about upgrading qualifications (attended trainings, obtained certificates), information about language skills, information technology, driving skills, other competencies, other information you provide CV, cover letter or other application documents. Recommendations, feedback from employers: the person recommending the candidate or providing feedback, his contact, the content of the recommendations or feedback. Candidate evaluation information: summary of interview with the candidate, insights and opinions of the person(s) conducting the selection, results of the candidate's testing. Collected for the evaluation and recruitment of candidates for vacant positions. The legal basis is your consent.

 

• The goal is to defend one's interests in a court or other institution. Depending on the filed lawsuit or claim, all your personal data listed in this Policy may be processed for this purpose. The legal basis is the fulfillment of the requirements of legal acts; legal interest - to defend against claims and claims.

 

In cases where the Data Controller cannot rely on one of the above legal bases, it will ask for your consent before starting to process your personal data (such cases will be clear from the circumstances and context).

 

In cases where the Data Controller processes your personal data for purposes other than those specified in this Policy, you will be informed about this by submitting a separate notification.

 

If you provide the Data Controller with the data of other persons related to you, you should inform them and, if necessary, obtain the consent of these persons and familiarize them with this Policy. The Data Controller can also collect your personal data if you are a representative of the Data Controller's client - a legal entity.

 

The data manager can transfer your personal data:

 

• Representations of the Data Controller;

• Credit and other financial institutions operating in Lithuania;

• State, municipal and law enforcement institutions;

• For companies that provide services at the request of the Data Controller;

• To other responsibly selected business partners of the Data Controller;

• To other parties when required by law or necessary to protect the Data Controller's legitimate interests.

 

Companies that provide services at the request of the Data Controller are currently the following: service providers, couriers, advertising agencies, auditors, lawyers. The ability of these companies to use your information is limited, they cannot use this information for purposes other than providing services to the Data Controller. In order to receive direct marketing offers from the Data Controller and/or the Data Controller's business partners, you will be asked for separate consent. Other parties to whom the information held by the Data Controller about you may be disclosed when it is necessary to protect the legitimate interests of the Data Controller are public authorities, pre-trial investigation officers, courts, etc.

 

Sometimes the Data Controller may have to transfer your personal data to other countries where a lower level of data protection policy may be applied. In such cases, the Data Controller would do everything in its power to ensure the security of the transmitted personal data. In very rare cases (for example, when you have special requests regarding the Data Controller's services), the Data Controller may be forced to send your personal data to countries outside the European Economic Area. If the Data Controller provides your personal data to countries outside the European Economic Area, the Data Controller will inform you about this and ensure that one of the following security measures is applied:

 

• The contract signed with the data recipient would be based on the Standard Contractual Conditions approved by the European Commission.

• The data recipient would be located in a country recognized by the European Commission as applying adequate data protection standards.

• Permission from the Data Protection Inspectorate.

 

The Data Controller has implemented reasonable and appropriate physical and technical measures to protect the information that is collected for the purpose of providing the content/services. However, please be aware that although reasonable steps are taken to protect your information, no website, online transaction, computer system or wireless connection is completely secure.

 

Your personal data will be stored by the Data Controller as long as necessary to achieve the set purpose. Once the set goal has been achieved, your personal data is deleted, except in cases where legal acts oblige the Data Controller to store information for tax purposes or the data may be needed to conduct a pre-trial investigation, but in any case the storage period will not be longer than 10 years.

 

After this period, the data will be deleted in such a way that it cannot be reproduced.

 

Generally, personal data is stored in the following terms:

 

• Data contained in payment and service provision and other contracts - 10 years after the payment transaction or contract termination.

• Data submitted by candidates for vacant positions - 6 months after the end of the selection process.

• Personal data used for marketing - while you are an active customer of the Data Controller and for another 2 years after your last visit to

 

Data Controller or active action on the Data Controller's website.

 

• IT system records (logs) – at least one year.

• Analytics data – this data is usually collected automatically during your use of the website and anonymized/aggregated shortly after receipt.

 

You have the following rights, depending on the situation:

 

• Know (be informed) about the processing of your data (right to know).

• Get to know your data and how it is handled (right to access).

• Demand correction or, taking into account the purposes of personal data processing, supplement incomplete personal data of a person (right to correction).

• To destroy your data or stop the processing of your data (except storage) (right to destruction and right to be forgotten).

• The right to demand that the Personal Data Controller restricts the processing of personal data for one of the legitimate reasons (right to restriction).

• The right to transfer data (right to transfer).

• The right to object to the processing of your personal data at any time, when such data processing is carried out in the public interest or processing is necessary to achieve the legitimate interests of the data controller or a third party. In order for the data controller to process personal data, he has the obligation to prove that the data is being processed for compelling legal reasons that are superior to your interests (right to object).

• Submit a complaint to the State Data Protection Inspectorate.

 

The data controller may not provide you with the conditions to exercise the above-mentioned rights when, in cases provided by law, it is necessary to ensure the prevention, investigation and detection of violations of official or professional ethics, as well as the protection of the rights and freedoms of the data subject or other persons.

 

Your rights will be exercised by prior verification of your identity live or by electronic signature.

 

You have the right to:

 

• Know (be informed) about the processing of your data (right to know). You have the right to receive information about data processing in a concise, simple and understandable language before the processing of your personal data begins.

• Get to know your data and how it is handled (right to access). After determining your identity, the Data Controller will provide you with information, provided that it does not violate the rights and freedoms of other persons. This right means:

• Confirmation of whether the Data Controller processes your personal data;

• Submission of a list of personal data processed by you;

• Providing a precise and legal basis for the processing of your data;

• Confirmation of whether the Data Controller sends data to third parties, if so, what security measures have been taken;

• Presentation of the source of your personal data;

• Information on whether profiling is applied;

• Provision of data storage time.

• Demand correction or, taking into account the purposes of personal data processing, to supplement incomplete personal data (right to correction). Applies if available information is incomplete or inaccurate.

• Destroy your data (right to be forgotten). Applies if:

• The information held by the data controller is no longer needed to achieve the set goals;

• the data is processed based on your consent and you withdraw your consent;

• the data is processed on the basis of legitimate interests, and, after your request, it is determined that your private interests prevail;

• information obtained illegally.

• Stop your data processing actions (except for storage). This right can be exercised for the period until the Data Controller analyzes the situation, i.e.:

• if you dispute the accuracy of the information;

• if you object to the processing of personal data, when it is carried out on the basis of legitimate interests;

• The data manager uses the information illegally, but you object to its deletion;

• the information is no longer needed by the Data Controller, but you require it to be stored due to a legal dispute.

• Demand that the Personal Data Controller restricts the processing of personal data for one of the legitimate reasons (right to restriction). You can prevent the Data Controller from using your personal data for direct marketing purposes.

• Right to data portability. This right can be exercised if you have provided your data and the Data Manager processes them automatically based on your consent or a contract concluded with you.

• Right to disagree (right to disagree). This right can be exercised when such data processing is carried out in the public interest or processing data is necessary to achieve the legitimate interests of the data controller or a third party. In order for the data controller to process personal data, he has the obligation to prove that the data is processed for compelling legitimate reasons that are superior to the interests of the data subject.

• Submit a complaint to the State Data Protection Inspectorate www.ada.lt.

 

You can submit a request for the exercise of the above-mentioned rights, as well as complaints, notifications or requests to the Data Controller through the contacts indicated at the end of the Policy. The Data Controller will respond to your request no later than within 30 (thirty) calendar days from the date of receipt of the request. In exceptional cases (requiring additional time), the Data Controller, after notifying you, will have the right to extend the deadline for submitting the requested data or examining other requirements specified in your request up to 60 (sixty) calendar days from the date of your application.

 

Cookies, beacons and similar technologies

 

In this Policy, the term "cookies" is used to describe cookies and other similar technologies, such as pixel tags, web beacons, network data collectors (clear GIF).

 

When you visit the website of the Data Controller, the aim is to provide such content and functions that would be tailored specifically to your needs. This requires cookies. These are small pieces of information stored in your web browser. They help the Data Controller to recognize you as a previous visitor to a certain website, to save the history of your visit to the website and to adapt the content accordingly. Also, cookies help to ensure the smooth operation of websites, allow you to monitor the duration and frequency of visiting websites and collect statistical information about the number of website visitors. By analyzing this data, we can improve the Data Controller's websites and make them more convenient for your use.

 

When you use a browser to access content provided by the Data Controller, you can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is being sent. Every browser is different, so if you don't know how to change your cookie settings, check its help menu. Your device's operating system may have additional cookie controls. If you do not want information to be collected with the help of cookies, use the simple procedure available in most browsers that allows you to refuse the use of cookies. To learn more about how to manage cookies, visit: http://www.allaboutcookies.org/manage-cookies/.

 

However, keep in mind that some services may be designed to work only with cookies, and if you disable them, you will no longer be able to use them or certain parts of them. In addition to the cookies used by the Data Controller, the Data Controller's websites allow certain third parties to set and access cookies on your computer. In this case, third party privacy policies apply to the use of cookies. We draw your attention to the fact that the cookies policy of the relevant social network applies to the Data Controller's social network accounts.

 

When collecting and using your personal data entrusted to the Data Controller, as well as received from other sources, the Data Controller adheres to the following principles:

 

• Your personal data is processed in a legal, fair and transparent manner (principle of legality, fairness and transparency).

• Your personal data is collected for established, clearly defined and legitimate purposes and is not further processed in a manner incompatible with those purposes (principle of purpose limitation).

• Your personal data is adequate, appropriate and only necessary to achieve the purposes for which it is processed (principle of reducing the amount of data).

• Personal data processed are accurate and updated when necessary (principle of accuracy).

• Your personal data is stored in such a form that personal identity can be determined no longer than is necessary for the purposes for which your personal data is processed (principle of storage duration limitation).

• Your personal data is processed in such a way that adequate security of personal data is ensured by applying appropriate technical or organizational measures, including protection against unauthorized or illegal data processing and against accidental loss, destruction or damage (principle of integrity and confidentiality).

 

If you notice a discrepancy with this Policy, a security gap on the Data Controller's website or have other questions related to the processing of your personal data, please contact the Data Controller using the contacts indicated at the end of the Policy.

This Policy is reviewed at least once every two years. After updating the Policy, you will be informed about, in the opinion of the Data Controller, material changes by publishing a notice on the website of the Data Controller. If you access or use the content and/or services provided by the Data Controller after the publication of such notification, you will be deemed to agree to the new requirements specified in the update.

 

Details of the data controller:

It's M Heels Address: J. Balčikonios str. 3, Vilnius

Studio address: Žemaitės st. 21, Vilnius

Email: itsheelsbym@gmail.com

Phone number: +370 629 65756

1 We inform you that the Data Controller has the right to send advertising information by e-mail to its customers/potential customers or persons who have filled out the order form about other similar services, and you have the right now or at any time later to refuse to receive direct marketing content sent by notifying your decision at the end of the Policy contacts or by using the opt-out link in the newsletter itself.

© MHeels studio 2024

Privacy policy

Contacts

Service contracts

  • Instagram - Negative
  • Facebook - Negative
  • TikTok
  • YouTube - Negative
bottom of page