Tvidler PRIVACY POLICY

Version applicable as of 10 June 2021

  1. Why should I read this Privacy Policy?

This Privacy Policy (‘policy’) describes how UAB BeWell EU (trading as Tvidler, hereinafter referred to as the “Company”, “we”, “us”, “our”) collects, uses, discloses, and stores your personal information and what statutory rights do you have. We protect your personal information under the EU General Information Protection Regulation (2016/679) (‘GDPR’) and other applicable laws. We may amend this policy unilaterally from time to time. Any such amendments will be effective immediately upon publication; therefore, please visit our website regularly for the latest version of this policy.

  1. Who is responsible for protecting my information?

We are: UAB BeWell EU, trading as Tvidler;

Our company number is: 305788600

Our address: Gynėjų g. 4-333, LT-01109 Vilnius, Lithuania

Our email address: [email protected]

  1. Why and how do you collect my information?
  1. 1. To process your orders on our webshop, receive payments and deliver purchased goods.
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
When you purchase our products First name, last name, delivery address, phone number, email address, information about your paid purchase price and currency, your credit card brand, type, BIN number, and credit card issuer country, IP address, language, device type, payment history Contract (Art. 6 (1) (b) of GDPR). From yourself It is a requirement necessary to enter into a contract. If you do not provide this information, you will not be able to purchase and receive our products. 10 years
  1. 2. To ensure the security of, and to improve, our website
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
When you use our website or violate our Terms of Service IP address, device information, and ID, web browser information, information on your activity at our website, country, information about violations of Terms of Service, and inclusion into a blacklist Legitimate interest (security and improvement of our website) (Art. 6 (1) (f) of GDPR) From yourself No One month after your last use of the website; 10 years for information on violations of Terms of Service and blacklist
  1. 3. To provide you with customer support
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
When you submit an inquiry or file a complaint to our customer support First name, last name, email address, country, telephone number, subject of your inquiry, date of your inquiry, the content of your inquiry, attachments to your inquiry, reply to your inquiry, customer contact history, order ID Consent (Art. 6 (1) (a) of GDPR)) From yourself

Customer support service providers
No 10 years from the moment your last inquiry was received
  1. 4. To inform you about our products or show you internet ads
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
When we want to inform you or ask your opinion about our products or show you internet ads Full name, email, telephone number, IP address, order information, country, postback information, the website that directed the company’s website, your interaction with the internet add Consent (Art. 6 (1) (a) of GDPR))

Customer relationship

Legitimate interest (direct marketing and internet ads) (Art. 6 (1) (f) of GDPR)
From yourself

Social media service providers

Marketing service providers

E-commerce providers
No Five years unless you opt-out
  1. 5. To interact with you via social media
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
If you interact with our social media profiles (e.g., send a message, follow our profiles, share a post, react to a post) Name and surname, email address, gender, country, picture, message, time and date the message was received, the contents of the message, message attachments, response to the message, time of response to the message, information about the Company’s rating, comments on a post, post shares, information about post reactions. Consent (Art. 6 (1) (a) of GDPR)) From yourself and social media service providers No Ten years from your last interaction with our social media profiles
  1. 6. To carry out the selection of potential employees
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
When we receive your application for a job position, when you give us your consent for storing your CV, or we contact you based on the information you publicly disclose on professional social media platforms Full name, email, phone number, CV, work experience, and other information you provide us with Consent (Art. 6 (1) (f) of GDPR)

Contract (Art. 6 (1) (b) of GDPR).

Legitimate interest (to contact you if you made your information public) (Art. 6 (1) (f) of GDPR)
From yourself

Professional social media service providers

HR agencies
It is a requirement necessary to enter into a contract only where we intend to enter into an employment contract with you. If you do not provide this information, we will not be able to enter into an employment contract with you. Six months after the end of the relevant recruitment process

Five years after you give us your consent or publicly disclose your information on professional social media platforms
  1. 7. To fulfill statutory accounting requirements
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
When you order our products Full name, email address, telephone number, bank account number, address, signature, invoices, reports, accounting documents, payments, paid amounts, and other information we are statutorily required to collect Legal obligation (Art. 6 (1) (c) of GDPR) From yourself

Audit service providers
It is a statutory requirement. If you do not provide this information, you will not be able to buy goods or services from us Ten years following a transaction
  1. 8. To defend our rights and interests
When is this relevant to me? What information do you collect about me What is your legal basis for collecting my information? Where do you collect the information from? Am I obliged to provide this information? How long do you store information about me?
In case we become a party to a legal process that you are subject to or we are statutorily required to collect information about you All of the aforementioned information, accounting and legal case files, legal documents, other information you provide us with, other information that we are statutorily required to collect or provide Legal obligation (Art. 6 (1) (c) of GDPR)

Legitimate interest (to protect our rights and interests) (Art. 6 (1) (f) of GDPR).
From aforementioned sources, law enforcement authorities, parties that are subject to legal process, courts Yes, where we are statutorily obliged to collect personal information Ten years following the end of the contractual relationship with us or, whichever is longer, for the duration of the legal process and three years after a final authority decision came into full force
If the case arises - information about criminal offenses and convictions Establishment, exercise, or defense of legal claims (Art. 9 (2) (f) of the GDPR)
  1. Who do you share my information with?

We share your information with information recipients, both within and outside European Economic Area (EEA), in cases where necessary for the above-described purposes and allowed in accordance with applicable laws.

Information recipient or category of the information recipient Purpose of information transfer Country of the recipient European Commission decision on whether a non-EEA country has an adequate level of information protection Suitable safeguards that protect my information when it is transferred to non-EEA countries
Accounting and audit service providers To fulfill statutory accounting requirements EU N/A N/A
Archiving service providers To keep our archive EU N/A N/A
Electronic communication service providers To operate our electronic communications EU N/A N/A
Attorneys, notaries, bailiffs, auditors, data protection officers, consultants To ensure our compliance, defend our rights and interests EU N/A N/A
email and cloud hosting service providers To operate IT resources Worldwide No EU Standard Contractual Clauses
Banking, payment processing, and other financial service providers To process payments Worldwide No EU Standard Contractual Clauses
Marketing and telemarketing service providers To market our products Worldwide No EU Standard Contractual Clauses
Shipping service providers and fulfillment centers To ship our products Worldwide No EU Standard Contractual Clauses
Customer support service providers To provide customer support Worldwide No EU Standard Contractual Clauses
Social media service providers To manage our social media profiles Worldwide No EU Standard Contractual Clauses
  1. What statutory rights do I have regarding my information?

Subject to conditions and limitations established by applicable laws, you have a right (i) to receive a confirmation as to whether we collect the information related to you and to request access to that information; (ii) to correct inaccurate or incorrect information, or to supplement it when it is incomplete; (iii) to delete the information we have about you; (iv) to restrict the use of your information where you challenge the accuracy of the information, object to the processing of the information or need your information for legal purposes; (v) to request your information in a structured, commonly used and machine-readable format (vi) to object to the processing of the information; (vii) to withdraw any consent given to us regarding the processing of your information; (viii) to file a complaint with supervisory authorities; and (ix) not to receive discriminatory treatment while exercising your rights. More detailed information on your rights and the cases where they are applicable are provided in the sections below.

  1. What is my right to request access to my information?

You have the right to request that we disclose certain information to you about our collection and use of your information. Once we receive and verify your request, we will disclose to you the categories of personal information we collected about you, the categories of sources for the personal information we collected about you, our business or commercial purposes for collecting that personal information, the categories of third parties with whom we share that personal information, the specific pieces of personal information we collected about you and other information that we are obliged to provide under the applicable laws. We have disclosed the information to third parties for business or commercial purposes as described in Section 4 of this policy.

  1. What is my right to rectification?

You have the right to obtain the rectification of inaccurate personal information concerning you. Taking into account the purposes of the processing, you have the right to have incomplete information completed, including by means of providing a supplementary statement.

  1. What is my right to request the deletion of the information?

You have the right to request the deletion of your information collected and maintained by us in the cases where (i) information is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) you withdraw consent on which the processing is based, and there is no other legal ground for the processing; (iii) when you object to the processing, and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes; (iv) the information has been unlawfully processed; (v) where the information has to be erased for compliance with a legal obligation; (vi) the information has been collected in relation to the offer of information society services directly to a child and subject to a consent. Once we receive and verify your request, we will delete (and direct our service providers to delete) your information from our records unless applicable laws do not provide for the deletion of the information in a particular case (for instance, retaining the information is necessary for us or our service provider(s) to complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you, detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, comply with a legal obligation, make other internal and lawful uses of that information that are compatible with the context in which you provided it).

  1. What is my right to restrict the processing of information?

You have the right to restrict the processing of your information in the cases where (i) the accuracy of the personal information is contested by you; (ii) the processing is unlawful, and you oppose the erasure of the personal information and request the restriction of their use instead; (iii) where we no longer need the personal information for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; (iv) where you have objected to processing.

  1. What is my right to information portability?

You have the right to information portability in the cases when you seek to receive the information you have provided in a structured, commonly used and machine-readable form or to transmit that information to another controller where the processing is based on consent or on a contract and is carried out by automated means.

  1. What is my right to object to the processing of my information?

You have the right to object to the processing of your information where the collection and use are based on a task carried out in the public interest or in the exercise of official authority vested or legitimate interest, including profiling, as explained in Section 3 of this policy, or where you object to the collection of your personal information for direct marketing purposes.

  1. What is my right to withdraw consent?

You have the right to withdraw any consent given regarding the processing of your information where the processing is based on consent, as explained in Section 3 of this policy, and you seek to withdraw it at any time.

  1. What is my right to file a complaint with supervisory authorities?

You have the right to file a complaint with supervisory authorities where you want to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or of an alleged infringement of the GDPR.

  1. What is my right not to receive discriminatory treatment while exercising my rights?

When you exercise your rights enshrined in applicable laws, you also have the right to non-discrimination. For example, because you exercised your rights under applicable laws, you will not be denied of any goods or services, charged with a different price, provided a different quality of goods and services, etc.

  1. How do I submit a request?

If you would like to exercise your rights described above, please submit a request to us via email at [email protected] or our toll-free telephone number: +1 (205) 782-7133 (US).

  1. Can I use an authorized agent?

Sure. you may use an authorized agent to submit a request to opt out on your behalf if you provide us with the authorized agent written permission to do so. If this is the case, please provide us with a copy of the said permission as instructed under Section 18 of this policy below. We may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf. You may also make a request on behalf of your minor child.

  1. Do you engage in automated individual decision-making, including profiling?

No, we do not make decisions based solely on automated processing, including profiling, which would produce legal effects concerning you.

  1. Does your website place cookies on my device?

Yes, our website places the following cookies on your device

Cookie Name Cookie Description Cookie Expiry
Strictly Necessary and Statistics Cookies
_fbp Used to distinguish and keep track of unique users 3 months
_ga This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included on each page request in a site and used to calculate visitor, session, and campaign data for the site's analytics reports. 2 years
_gat This cookie is used by Google Analytics to throttle the request rate. One day
_gid This cookie stores and update a unique value for each page visited and is used to count and track page views. One day
__cfruid Cookies associated with sites using CloudFlare are used to identify trusted web traffic. During your session only
_fw_crm_v Used to track Visitor/User identity and chat sessions performed by the user One year
_hjid Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. One year
_uetvid This is a cookie utilized by Microsoft Bing Ads. It allows us to engage with a user that has previously visited our website. One year
XSRF-TOKEN This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks. One day
enence_session This is used to hold information about your current visit with us. This cookie is essential to the functionality of the site. While visiting the website, only
c This cookie is used in order to detect spam and improve the website's security. Does not store visitor-specific data. 2 years
soundestID This cookie is used to determine if the visitor has visited the website before, or if it is a new visitor to the website. While visiting the website, only
soundtest-views Assigns a specific ID to the visitor - This allows the website to determine the number of specific user visits for analysis and statistics. While visiting the website, only
Marketing Cookies
ads/ga-audiences This cookie is used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behavior across websites. While visiting the website, only
REST/webTracking/v1/event This cookie measures the efficiency of the website’s marketing. The cookie is used to measure the conversion rate between website marketing and telephone response. While visiting the website, only
Targeting Cookies
_gat_gtag_UA_136786017_1 This cookie is part of Google Analytics and is used to limit requests (throttle request rate). One minute
  1. How can I manage cookies?

You can configure your browser to decline some or all cookies or to ask for your permission before accepting them. Please note that by deleting cookies or disabling future cookies, you may be unable to access certain areas or features of our website. You can control the use of functionality cookies, targeting cookies, or advertising cookies by adjusting your browser settings. To find out how to manage cookies in your browser, please visit one of the links below:

  1. How can I contact your data protection officers?

If you have any questions, comments, or complaints regarding how we collect, use, and store your personal information, our data protection officers are ready to help you. If you need their help, you may contact them at any time via [email protected].