MB LUMIUS PRIVACY POLICY

EFFECTIVE DATE: OCTOBER 18, 2021

1. What is this Privacy Policy?

We appreciate your trust and work hard to properly protect your personal data. We respect your privacy and undertake to lawfully process and protect your personal data in accordance with all legal requirements, including those of the EU General Data Protection Regulation 2016/679 (“GDPR”).

In this privacy policy (“Privacy Policy”) we will provide you with information about the ways that MB “Lumius” (“the Company”) processes your personal data obtained in the process of: providing services to you; direct marketing activities; implementing agreements between the Company and counter parties / legal persons; promoting the Company’s publicity; you visiting the Company’s website or social media sites; you sending inquiries. All persons mentioned hereinafter shall be referred to as data subjects.

2. About the Company

The Company is MB “Lumius”, company reg. no. 304227411, office address: A. Goštauto str. 8-136, Vilnius, the Republic of Lithuania. If you have any questions related to personal data protection, contact us at dpo@lumifish.com.

3. What are personal data?

Personal data include any information about a data subject collected by the Company that can be used to identify such data subject and are protected electronically or otherwise.

Personal data includes any information such as the first name / surname and email address of a data subject collected by the Company for the purposes specified in this Privacy Policy or a separate data subject consent form or agreement concluded with the Company.

4. Personal data processed in the process of providing the services of the Company

We must process your personal data to provide you with high-quality services, process your payments for services provided, etc.

We might need to process your first name, surname, email address and residential address for the purposes of service provision. We may also process information about a service plan chosen by you, your payments and the date on which we started providing you with our services.

To process your payments for provided services, we might need to process information about the type of your payment card and the last four digits of the card number. When you use PayPal to pay for our services, we may also process your PayPal ID.

All personal data shall be processed to fulfill our contractual obligations towards you (Art. 6(1)b (Contract) GDPR).

All personal data shall be obtained only from you and disclosed only to service providers chosen by the Company for the purposes of providing you with services or fulfilling legal requirements.

Your personal data shall be processed for the duration of the provision of services and for another 10 years after the end of the provision of services.

If you refuse to provide your personal data, the Company will not be able to provide you with services.

5. Direct marketing

Persons who provided their email address and expressed their willingness to receive information about the services of the Company, its products, newsletters and other promotional material might receive the Company's emails with proposals of our services, newsletters or other promotional material.

The Company will process your email address for the purposes of direct marketing. For the purposes of direct marketing, your data will be processed for 3 years from the time of you providing consent.

You have the right to opt out of direct marketing correspondence by emailing us at the address provided herein or the canceling newsletter subscription. This shall not impose any negative consequences for you.

6. Increasing the Company’s publicity and marketing activities (posting information on the Company's website and social media pages)

To increase the Company’s visibility, we would like to share your success stories on our website and social media pages to demonstrate how our services and products were useful to your business.

To increase the Company’s publicity and carry out marketing activities, we would share information about your commercial operations on our website and social media pages with your permission only. In separate cases we may also disclose your name, surname and image.

We will post the above data for 2 years from the day you provide consent.

You can withdraw your consent to publish the above information by notifying us via an email sent to the address specified in the Privacy Policy. This shall not impose any negative consequences for you.

7. Implementing the Company’s agreements with counter parties / legal persons

To ensure their lawful interest to implement Company’s agreements entered into counter parties / legal persons, including customers, the Company shall process the following personal data of its employees: name, surname, email address, telephone number, content of correspondence, place of employment (position).

The above personal data shall be processed within the duration of an agreement with a legal person and 10 years after its expiration.

8. Contact us

You can contact the Company at dpo@lumifish.com. If you contact us, we may process the data provided by you such as your first name, surname, email address, contact date and content of your inquiry.

The above personal data will be processed to answer your questions and to consider your suggestions, requests or complaints. Your personal data will be processed pursuant to your consent, which is expressed by you by actively contacting us.

Correspondence will be stored for 1 year from the receipt of your email, except for information that is subject to the terms of storage provided for in the Privacy Policy or other laws and regulations.

All personal data provided by you in correspondence will only be used for the above purposes.

9. Website

For us to be able to duly provide you with our services, you will have to create a personal account on our website. To administer and manage such accounts, the Company will have to process your personal account login (email address), password and date of registration. Such data shall be processed for as long as you have a valid account. If you refuse to create a personal account and provide your personal data, the Company will not be able to provide you with services.

Our website www.calconic.com (“Website”) also uses cookies. A cookie is a small file of letters and numbers which is stored in your Internet browser or the hard-drive of your computer with your consent. We use different cookies for different purposes. The cookies help us to distinguish you from other Website users, offer you a better Website user experience and improve the Website.

Most Internet browsers allow you to reject all cookies; some browsers offer the option to reject only third-party cookies. You can choose these options. Please note that blocking all cookies will negatively affect your use of the Website and without them you will not be able to fully enjoy all of the services provided on our Website.

More information is available at AllAboutCookies.org or www.google.com/privacy_ads.html.

We might use the following types of cookies:

Necessary cookies.

These cookies are necessary to ensure the proper functionality of our Website. The grounds for data processing using such cookies are the due agreement implementation when you visit our Website and our ensuring of the quality and safety of your visit. These may be cookies that, for example, allow you to connect and navigate to restricted sections of our Website.

Analytics and/or Performance cookies.

These cookies allow us to identify and count Website visitors and track their behavior while using our Website. This helps us to improve the functionality of our Website and ensure that users will always easily find what they are looking for. Data collected by these cookies is processed pursuant to your consent.

Cookie key Domain Cookie type Expiration Description
_ga .calconic.com First-party 2 years This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.
_gid .calconic.com First-party 1 day This cookie is set by Google Analytics. It stores and update a unique value for each page visited and is used to count and track pageviews.
_hjid .calconic.com First-party 1 year Hotjar cookie. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.

Functionality cookies.

These cookies are used to recognize you when you return to our Website so that we are able to personalize our content based on your needs and remember information that is relevant to you. Data collected by these cookies is processed pursuant to your consent.

Cookie key Domain Cookie type Expiration Description
grav-site-4c268b7 .www.calconic.com First-party 30 minutes -
_ca.5f7b117b960ff80029246a8c www.calconic.com First-party 1 year 12 months -
_ca.5fac0abd1e9945001e636560 www.calconic.com First-party 1 year 12 months -
_ca.5f7b00ce960ff80029246a6e www.calconic.com First-party 1 year 12 months -
_ca.5f7f2379ddd8c7001ed781b5 www.calconic.com First-party 1 year 12 months -
_ca.5f7b1422960ff80029246a91 www.calconic.com First-party 1 year 12 months -
ts_c .paypal.com Third-party 3 years To provide fraud prevention.
enforce_policy .paypal.com Third-party 1 year -
LANG .paypal.com Third-party 8 hours 46 minutes There are many different types of cookies associated with this name, and a more detailed look at how it is used on a particular website is generally recommended. However, in most cases it will likely be used to store language preferences, potentially to serve up content in the stored language.
nsid www.sandbox.paypal.com Third-party Session -
KHcl0EuY7AKSMgfvHl7J5E7hPtK .paypal.com Third-party 20 years -

Targeting cookies.

We use our own and third-party cookies to show personalized ads on our and other websites. This is referred to as “repetitive marketing”, which is based on browsing behavior, e.g. goods you searched for or reviewed.

Cookie key Domain Cookie type Expiration Description
_gat_gtag_UA_92593521_1 .calconic.com First-party 1 minute This cookie is part of Google Analytics and is used to limit requests (throttle request rate).
_fbp .calconic.com First-party 3 months Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers
ts .paypal.com Third-party 3 years This cookie is generally provided by PayPal and supports payment services in the website.

Facebook icon add-ins

This page uses a Facebook icon add-in.

10. Social media sites

Information that you provide via social media sites (including messages, “Likes” and “Follows”, and other communications) is controlled by a controller of a given social network.

Our Website has links to our social media accounts. Currently we have a Facebook account: @calconic.

Information published on our accounts will be processed for the purposes of administration of our accounts, pursuant to your consent.

We recommend reading privacy notices of third parties and contacting service providers directly if you have any questions about their use of your personal data.

11. Data collection and disclosure

We obtain your data from you, your devices and counter parties that are under contract with us.

We can disclose information about you to our employees and service providers if it's necessary for the purposes specified herein, as well as to banks and other recipients indicated in this Privacy Policy.

We might also need to disclose your information:

  • if required to do so by law;
  • when intending to sell the Company’s business, assets, stocks or part thereof and disclosing your personal data to potential buyers of our business or part thereof;
  • after selling the Company’s business or a substantial part of its assets to third parties.

Please note that even though we are a registered company in the Republic of Lithuania, we provide our services and process the personal data of individuals from all around the world. To be able to provide our services, we may process your personal data outside of your country as well as outside the European Union. In any case, the Company will process your personal data in accordance with the laws of the country in which personal data processing and storage take place as well as other applicable laws and regulations. When we process and store your personal data outside of your country of residence, we take all reasonable measures to ensure safety of such data.

If you are a national of a Member State of the European Union, your personal data might be stored outside of the European Union. The Company will ensure in all cases that service providers storing your personal data sign standard agreements or take other measures to ensure the safety of your personal data as required by the GDPR.

The list or categories of recipients specified in the Privacy Policy may change, so it is highly recommended to regularly check for Privacy Policy updates.

12. Safety of your personal data

Your personal data will be processed in accordance with the GDPR and other laws and regulations. When processing your personal data, we implement organizational and technical measures to ensure that personal data is protected against accidental or unlawful destruction, modification, disclosure and any unlawful processing.

13. Your rights

In this section, we provide information about your rights related to our processing of your personal data and cases when you can exercise such rights. If you need more information about your rights or need to exercise such rights, contact us by emailing us at the address specified herein.

The Company shall, without unjustified delay and in any case no later than within 1 (one) month of its receipt of a request, provide you with information about the actions taken after receiving your request to exercise your rights. Depending on the number and complexity of your request(s), the above term may be extended for another 2 (two) months. In such cases, we will notify you within 1 (one) month of receiving your request about such extension of the term and the reasons for said extension. The Company will refuse to exercise your rights only in the cases provided for by law.

14. Right to access your personal data

We want you to fully understand how we use your personal data to avoid any and all inconvenience in relation to such use. You can contact us at any time and enquire whether we are processing any of your personal data. If we store or use any of your personal data, you have the right to access such data. To do so, send us a written request to the email address specified in this Privacy Policy, confirm your identity and, when submitting your request, follow the principles of fairness and common sense.

14.1. Right to withdraw consent

If you have given us explicit consent for the processing of your data, you can withdraw your consent at any time.

14.2. Additional rights

Furthermore, you may also exercise the additional rights as specified below.

(a) You have the right to ask us to correct any inaccuracies in your data. In such case, we may ask you to confirm the corrected data.

(b) You have the right to ask us to delete your personal data. This right shall be fulfilled in cases provided for in Art. 17 of the General Data Protection Regulation (EU) 2016/679.

(c) You have the right to request the restriction of or object to the processing of your data:

  • for a period of time you need to ensure accuracy of your data when you make a claim due to your data being inaccurate;
  • when our collection, storage or use of your personal data is unlawful but you decide not to request that your data be deleted;
  • when we no longer need your personal data but you need them to establish, exercise or defend a legal requirement;
  • for a period of time we need to determine whether there are significant legal grounds to continue processing your personal data if you exercised your right to object such processing.

(d) You have the right to request the transfer of data processed using automated operations and those that we obtained from you with your consent or to conclude an agreement. Once you exercise this right we will transfer a copy of the data you provided at your request.

(e) You have the right to object to our use of your personal data as provided for in Art. 21 of the GDPR. You have the right to object to the processing of your personal data on the grounds of lawful interest (the grounds for data processing are specified for each of the above purposes) or for the purposes of direct marketing.

14.3. Right to request more information

We expect you to understand that it is very difficult to discuss all possible forms of personal data collection and use. We attempt to provide as clear and complete information as possible and undertake to update this Privacy Policy in the event of changes to the way in which personal data are used.

You can read more about your rights as a data subject and exercising them under the Procedure for implementation of rights of the data subjects.

Nevertheless, if you have any further questions about the use of your personal data, we will be happy to answer them or provide you with all addition information we are able to disclose. If you have any specific questions or did not fully understand any of the provided information, contact us at dpo@lumifish.com.

15. Complaints

If you believe that your rights as a data subject were or might be violated, please contact us without delay at the email address provided in this Privacy Policy. We can assure you that after receiving your complaint, we will contact you within a reasonable time frame and notify you about the investigation into your complaint. We will subsequently also inform you of the results of such investigation.

If you are not satisfied with the investigation results, you can lodge a complaint with our supervisory authority, i.e. the State Data Protection Inspectorate of the Republic of Lithuania (www.vdai.lrv.lt).

16. Liability

You are responsible for the confidentiality of data you provide and for ensuring that the data you provide us with are accurate, correct and complete. If your data changes, you must notify us by email without delay. We will not be liable for damages incurred by you due to providing us with incorrect or incomplete personal data or due to failure to notify us of data changes.

17. Changes to the privacy policy

We may update or change this privacy policy at any time. We recommend that you regularly check our privacy policy for updates.





Privacy policy last updated on OCTOBER 18, 2021.