Privacy Policy of AB “Ortopedijos technika” (en. orthopaedic AIDS ltd)

 

The Privacy Policy (hereinafter referred to as the Policy) governs the principles of collection, processing and storage of personal data of partners of AB “Ortopedijos technika” (hereinafter referred to as the Company), of persons submitting enquiries on the Company’s website, and of persons visiting the Company’s website at https://www.orthopedic-pro.com (hereinafter referred to as Persons visiting the Company’s website), and establishes the purposes and means of processing their personal data.

This Policy was prepared in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the Regulation).

The Company’s partners, the persons submitting enquiries on the Company’s website, and the persons visiting the Company’s website are informed hereby about processing of their personal data.

 DEFINITIONS USED

 Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Data subject means a natural person – a partner (natural person), a partner’s (legal person’s) representative and/or employee, a person submitting an enquiry on the Company’s website, as well as a person visiting the Company’s website, whose personal data is collected and processed by the Company.

Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Rights of the data subject mean the data subject’s ability to participate in and control the activities of the data controller and/or processor when processing his or her personal data: to know, to be informed about the processing of his or her personal data in the Company; to access his or her personal data processed in the Company and to learn how it is processed; to request rectification, erasure of his or her personal data or suspension of processing operations concerning his or her personal data, except storage, where data is processed in breach of legal provisions; to object to the processing of his or her personal data; to request erasure of his or her personal data; to receive data related to him or her which he or she has provided to the data controller; to lodge a complaint with a supervisory authority (State Data Protection Inspectorate).

Data processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Automated data processing means data processing operations performed wholly or partially by automated means. These include any information and communication technologies that can be used to carry out personal data processing operations, for example, computers, communication networks, etc.

Data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. In this case, AB “Ortopedijos technika”, code of legal person 132150379, address: Partizanų St. 17, LT-49476 Kaunas.

Data processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Data recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

Partner means the Company’s social or business partner. With whom the Company maintains contractual relations.

Cookie means a small text file saved by a website on your computer or mobile communication device when you visit it.

Other terms used in this Policy shall be understood as they are defined in the Regulation and other legal acts governing personal data processing.

SECTION I

PRINCIPLES OF PERSONAL DATA PROCESSING

  1. While processing your personal data, the Company shall follow the following principles:
    • The Company shall process personal data only for legitimate purposes specified herein and shall not process it further in a manner that is incompatible with those purposes (principle of purpose limitation);
    • Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject (principle of lawfulness, fairness and transparency);
    • The Company shall process personal data so that personal data were accurate and, where necessary, kept up to date (principle of accuracy);
    • The Company shall process personal data only in the scope necessary in relation to the purposes for which personal data are processed (principle of data minimisation);
    • Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are collected and processed (principle of storage limitation);
    • When processing personal data, the Company shall implement appropriate technical and organisational measures to ensure appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage (principle of integrity and confidentiality);
    • The Company shall be responsible for, and be able to demonstrate compliance with the principles defined herein (principle of accountability).

SECTION II

PURPOSES AND LEGAL GROUNDS FOR PERSONAL DATA PROCESSING

  1. The Company shall process your personal data:
    • for the purposes of concluding and performing purchase-sale and/or cooperation agreements and internal administration, including but without limitation to purposes of maintaining records and proper communication with the Company’s Partners;
    • for the purposes of administration of enquiries received in the Company’s website, including but without limitation to their examination and providing responses to them;
    • for the purpose of ensuring proper functioning of the Company’s website, including but without limitation to ensuring its security, marketing, browsing experience analysis, and collection of statistical information;
  2. For the purposes specified in paragraph 2 of this Policy, the Company shall collect and process the following personal data::
    • for the purposes of concluding and performing purchase-sale and/or cooperation agreements and internal administration, including but without limitation to purposes of maintaining records and proper communication with the Company’s Partners:
      • on the basis of a contract and/or legitimate interest, the Company shall process the following personal data of you as a Partner (natural person): name, surname, personal number, place of work (address), e-mail address, telephone number, VAT payer code, bank account number, other personal data provided by the person himself/herself and/or which the Company is required to process by legal acts;
      • on the basis of legitimate interest, the Company shall process the following personal data of you as a Partner’s (legal person’s) representative and/or employee: name, surname, position, business e-mail address and business telephone number, signature and other personal data provided by the person himself/herself and/or which the Company is required to process by laws and other legal acts.
    • for the purposes of administration of enquiries received in the Company’s website, including but without limitation to their examination and providing responses to them, on the basis of consent, the Company shall process the following personal data of you as a person submitting an enquiry via the Company’s website: name, e-mail address and other personal data provided in the enquiry, depending on the data provided by the person submitting the enquiry on the Company’s website;
    • for the purpose of ensuring proper functioning of the Company’s website, including but without limitation to ensuring its security, marketing, browsing experience analysis, and collection of statistical information, on the basis of consent and/or legitimate interest, the Company shall process the following personal data of you as a person visiting the Company’s website: unique randomly generated identifier, login time, network and location data, latest searches and previous interactions of the visitor, information about how visitors use the website, how the website manages to load content on the visitor’s device and browser, information about the language selected by the visitor, how many search results the visitor wants to see per page, from which region, resolutions, screens the browsing takes place, information about the visitor’s preferences profile, information about pages visited by the visitor or the number of error messages displayed to him/her, about the roles of logged-in visitors and/or data which the Company must process in order to achieve the specified purposes, and/or data which the Company is required to process by laws or other legal acts.

SECTION III

COLLECTION AND PROCESSING OF PERSONAL DATA

  1. Personal data shall be collected directly from you and/or from the Company’s Partner (legal person) (when you are its representative and/or employee) at the time of entering into a purchase-sale and/or cooperation agreement; when you submit an enquiry on the Company’s website; or when you visit the website.
  2. Where your consent is required for processing of your personal data, it shall be expressed by your active actions, i.e. by contacting the Company with an enquiry, by ticking the consent box before providing personal data by electronic means or by pressing the consent button.
  3. Where the Company is processing your personal data on the basis of consent, you have the right to withdraw your consent to process personal data at any time, without affecting the lawfulness of processing based on consent before its withdrawal. The given consent may be withdrawn by contacting the Company by e-mail at info@ortopedija.lt.
  4. You may always choose not to provide the Company with certain personal data, but in such a case your ability to purchase products supplied by the Company may be restricted.
  5. Your personal data processed by the Company may be processed in the Company only by those persons who need them for performance of their work functions and/or contractual obligations, and only when such processing is necessary to achieve the purposes specified in this Policy.
  6. Regardless of the manner in which your personal data have been collected, they shall be stored only to the extent and for as long as is necessary to achieve the specified purposes, however, not less than for the periods specified in the current version of the Index of General Terms of Document Storage approved by Order No. V-100 of the Chief Archivist of Lithuania on 09 March 2011, in other legal acts governing the Company’s internal procedures, and in the Company’s internal documents:
    • Your personal data as a Partner (natural person) and a Partner’s (legal person’s) representative and/or employee shall be stored for the entire period of performance of the purchase-sale or cooperation agreement and/or provision of services and for 10 (ten) years after expiry of respective agreement and/or provision of services. Other data, depending on the document containing such data, shall be stored for the periods established by the Law of the Republic of Lithuania on Documents and Archives and the current version of the Index of General Terms of Document Storage.
    • When you contact the Company with an enquiry, personal data shall be stored for 3 (three) months after the enquiry has been examined and/or response to it has been given.
    • The storage terms of your personal data collected through cookies are defined in the “Use of Cookies” section of this Policy.
  7. Your personal data may be stored for periods exceeding the ones specified in Paragraph 9 when:
    • it is necessary to protect the rights and legitimate interests of the Company (to defend against claims or lawsuits and to exercise its rights);
    • there are reasonable suspicions of illegal activity in respect of which an investigation is being conducted;
    • personal data are necessary for proper resolution of a dispute or complaint;
    • there are other grounds established by legal acts.
  8. Upon expiry of the storage term of your personal data or a document containing your personal data, the personal data and/or documents shall be destroyed in such a way that it would be impossible to recover or identify their content.

 

SECTION IV

PROVISION OF PERSONAL DATA AND DATA RECIPIENTS

  1. Your personal data may be provided to third parties only if there is at least one condition for lawful processing of personal data provided for in Article 6(1) of the Regulation, having assessed the purpose of personal data processing and the scope of personal data provided.
  2. Your personal data as a Partner (natural person) and a Partner’s (legal person’s) representative and/or employee may be provided to the data subject himself/herself, other persons to whom the Company has a legitimate interest in transferring this data or other persons who have the right to access this personal data, as well as to law enforcement agencies and data processors.
  3. Your personal data as a person submitting an enquiry on the Company’s website may be provided to the data subject himself/herself and to data processors.
  4. Your personal data as a person visiting the Company’s website may be provided to the data subject himself/herself, data processors, and to Google Inc. (statistical data).
  5. Your personal data processed by the Company may be also disclosed to the Company’s data processors who process your personal data on behalf of the Company.
  6. Your personal data shall be provided to recipients located in the European Union Member States and other European Economic Area states under the same terms and conditions as to recipients located in the Republic of Lithuania.
  7. Transfer of your personal data processed by the Company to third countries outside the European Union and the European Economic Area shall be carried out only by ensuring an adequate level of personal data protection, i.e. in accordance with standard contractual clauses approved by the European Commission, with the adequacy decisions adopted by the European Commission, provisions of other applicable legal acts and on the grounds for data transfer provided for therein and/or with your consent

SECTION V

RIGHTS OF PERSONAL DATA SUBJECT

  1. You as a data subject shall have the right:
    • to know/ to be informed about own personal data processing;
    • to access own personal data processed in the Company and to learn how it is processed. You have the right to request the Company to provide information about what personal data of yours and for what purpose is being processed;
    • to request rectification of your personal data. If it is determined that inaccurate or incomplete personal data of yours is being processed in the Company, you have the right to request rectification or completion of such personal data;
    • to request erasure of your personal data s(‘right to be forgotten’). You shall have the right to obtain from the Company the erasure of personal data concerning him or her where one of the following grounds applies:
  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • you have withdrawn consent on which the processing is based and there is no other legal ground for the processing of your personal data;
  • you object to the processing and there are no overriding legitimate grounds for the processing;
  • the personal data have been unlawfully processed.
    • to request restriction of your personal data processing. You shall have the right to obtain from the Company restriction of processing where one of the following applies:
  • the accuracy of the personal data is contested by you for a period enabling the Company to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
  • the Company no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
  • you have objected to processing pending the verification whether the legitimate grounds of the Company override those of the data subject.
    • to object to processing of your personal data. You have the right to object to processing of certain non-mandatory personal data of yours. Such objection may be expressed by not completing certain sections of documents, as well as by subsequently submitting a request to cease processing your non-mandatory personal data. At your request, the Company shall provide you with information about which of your data is processed on a non-mandatory basis. Upon receipt of a request to cease processing non-mandatory personal data, the Company shall immediately cease such processing unless it is contrary to legal requirements, and shall inform you accordingly;
    • the right to data portability, meaning that you shall have the right to receive the personal data concerning you, which you have provided to the Company, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Company;
    • to lodge a complaint with a supervisory authority. If you believe that the Company is processing your personal data in breach of the requirements of the Regulation, you have the right to lodge a complaint with the State Data Protection Inspectorate.
  1. The rights of you as a data subject specified in this Policy shall be implemented in accordance with the procedure established by the Regulation and the Rules for Implementation of Data Subject Rights approved by the Company’s general manager.
  2. In order to exercise the rights specified in Paragraph 19 above (except for the right to know / be informed about processing of your personal data in the Company), you should submit a written request to the Company in person, through a representative, by registered post or by electronic means of communication. Please note that when submitting a request to the Company, you must confirm your identity.
  3. Your rights as a data subject shall be exercised in the Company free of charge. The exercise of your rights as a data subject in the Company is free of charge. However, if your requests are evidently unfounded or disproportionate, in particular because of their repetitive nature, the Company may charge a reasonable fee, taking administrative costs into consideration.

SECTION VI

MEASURES TO ENSURE PERSONAL DATA SECURITY 

  1. In order to protect your personal data, the Company implements and ensures appropriate organisational and technical measures designated to protect your personal data from accidental or unlawful destruction, alteration, disclosure, as well as from any other unlawful processing.
  2. Personal data security measures in the Company are established in consideration to the Regulation, other legal acts governing personal data processing, and requirements set by the supervisory authority.
  3. Employees of the Company or other persons responsible for personal data processing in the Company who have been granted the right to process your personal data collected by the Company and/or access to such personal data, shall comply with the principle of confidentiality and keep confidential any information related to your personal data with which they became acquainted while performing their duties, unless such information is public under applicable laws or other legal acts. The obligation to preserve confidentiality of personal data shall also apply after taking up other positions and after termination of employment and/or contractual relations.
  4. The Company shall ensure security of premises where personal data are stored, proper layout and maintenance of technical equipment, compliance with fire safety standards, proper management of the network (LAN, wireless), internet security, monitoring of e-mail programmes, databases of information systems and file storage, timely updating of antivirus programmes and firewalls, and implementation of other technical measures necessary to ensure protection of personal data.
  5. The Company shall engage only such data processors for processing of your personal data who ensure implementation and compliance with appropriate organisational and technical data protection measures. The Company shall always sign a contract or additional agreement on personal data protection with such data processors, in which it would define the scope of personal data processing and clearly specify the duties and responsibilities of the data processor.

SECTION VII

USE OF COOKIES 

  1. Information collected through cookies allows the Company to improve operation of its website, including but without limitation to ensuring of its security, marketing, browsing experience analysis, collection of statistical information, and convenient and efficient information search.
  2. Main cookies used on the Company’s website:

 

Cookie’s name Purpose/ aim of data processing Used data Moment of creation Validity period
IDE This cookie is used to collect Google Ads statistical information about visits to the website. Unique ID number Upon the first entry to the site 1 (one) year
1P_JAR This cookie is used to collect Google Ads statistical information about visits to the website. Data Upon the first entry to the site 1 (one) month
_gid This cookie is used to collect Google Analytics statistical information about visits to the website. Unique ID number Upon the first entry to the site 2 (two) years
_ga This cookie is used by Google Analytics to assess the purposes of the user’s visits, to prepare reports on the website’s activity for website operators, and to improve the users’ experience when visiting the website. Unique ID number Upon the first entry to the site 2 (two) years
wplc_chat_statuswplc_cid This cookie is used for chat functionality on the website. Unique ID number Upon visit to the website 1 (one) day before the end of the session
wplc_emailwplc_name This cookie is used for chat functionality on the website. Unique ID number
CONSENT This is the visitors’ consent with the cookies, when they give consent to the website to activate its cookies. Unique ID number Upon the first entry to the site 19 (nineteen) years
NID This cookie is used to store information on website settings by Google Analytics. Unique ID number Upon the first entry to the site 6 (six) months
FR This cookie is used to collect statistical information about Facebook visits. Unique ID number Upon the first entry to the site 3 (three) months

 

  1. Personal data of persons visiting the Company’s website are obtained from applications “Google Analytics”, “WordPress”, “WooCommerce” and specialised social network plugins.
  2. The consent to record cookies is expressed by clicking the “I AGREE” button on the Company’s website at https://www.orthopedic-pro.com when the following message appears: “We inform you that in order to ensure proper quality of your browsing, for statistical and marketing purposes, i.e. to personalise content and advertisements, to provide social media functions and to analyse traffic, we use cookies on this website. If you agree, click “Allow all” or “Allow selection” and select which cookies you consent to using. You can withdraw your consent at any time by changing your internet browser settings and deleting saved cookies. More information about the use of cookies can be found in the Privacy Policy.”
  3. The given consent may be withdrawn at any time by changing your internet browser settings and deleting saved cookies. How to do this depends on your operating system and internet browser.
  4. If you delete saved cookies, some of the Company’s website functions may not work as intended.

SECTION VIII

SOCIAL NETWORKS

  1. The information that you provide to the Company through social media (including messages, use of “Like” and “Follow” buttons and other communication) is controlled by the social network operator.
  2. At present, the Company has an account in social network “Facebook”, which privacy policy is available on the website at https://lt-lt.facebook.com/privacy/explanation, “LinkedIn”, which privacy policy is available on the website at https://www.linkedin.com/legal/privacy-policy, “Instagram”, which privacy policy is available on the website at https://help.instagram.com/519522125107875, and on “Youtube” platform, which privacy policy is available on the website at https://policies.google.com/privacy.
  3. As the Company cannot control content of third-party websites or the cookies used, it is recommended to read their privacy policies and contact them directly if you have any questions about the use of your personal data.

SECTION IX

AMENDMENTS OF THE PRIVACY POLICY

  1. This Policy is regularly reviewed and updated, while its amendments are published on the website at https://www.orthopedic-pro.com..
  2. The Privacy Policy was last updated on __ November 2025.

 

SECTION X

CONTACT INFORMATION

  1. If you have any questions, comments or complaints related to your personal data collected, used and stored by the Company, you are welcome to contact us by e-mail at info@ortopedija.lt.

 

Orthopedic logo

Feel the freedom of movement!

+370 (37) 312686

+370 (665) 28542

info@orthopedic-pro.com

AB „Ortopedijos technika“
Registration code: 132150379
VAT: LT321503716

Client Area

Certificates

Catalogs

Privacy Policy

Cookie settings