Privacy policy

Privacy Policy — UAB “Seeds online” (nojus.shop)

Privacy Policy

UAB “Seeds online” respects your privacy. Your personal data (first name, surname, company name, address, phone number, email address and other information provided in the online store order form) is collected and processed for the following purposes:

  • to process your orders;
  • to prepare financial documents (e.g., invoices);
  • to resolve problems related to product delivery or transportation;
  • to fulfill other contractual obligations;
  • for e-commerce and direct marketing purposes (only with your consent).

I. Terms used

  1. Seller – legal entity UAB “Seeds online”, registered in the Register of Legal Entities of the Republic of Lithuania, company code 306241840, VAT code LT100015795117, registered address: Raudondvario pl. 127, Kaunas.
  2. UAB “Seeds online” – the online store at www.nojus.shop.
  3. Customer
    1. an adult natural person with full legal capacity;
    2. a minor (14–18 years old) with parental or guardian consent, unless emancipated;
    3. a legal entity;
    4. an authorized representative of the above.
  4. Seller’s partner – a legal entity that sells products or provides services through UAB “Seeds online” or fulfills the customer’s order as a contractor.
  5. Nojus.shop – the profile or page(s) on Facebook and other social media channels where UAB “Seeds online” shares information and customers may post content.
  6. Services – all services provided by UAB “Seeds online” to the customer.
  7. Cookie – a small file sent to your device when visiting nojus.shop This includes cookies and similar technologies.
  8. Password – a string of characters created by the customer during registration on nojus.shop, known only to the customer, enabling login.
  9. Browser – the program used to view websites.
  10. Personal data – all information relating to an identifiable natural person, such as name, address, phone number, email address, and other data provided in the order form.
  11. Data controller – UAB “Seeds online”.
  12. Privacy policy – this document, which defines the rules for collecting, storing, processing, and retaining personal data on nojus.shop
  13. Administrator – the person responsible for marketing and maintenance of nojus.shop
  14. IP address – the identifier assigned to each device connected to the internet. It may reveal a geographical location to a certain level.
  15. Rules – the principles for collecting, processing, and storing personal data followed by the data controller.
  16. Direct marketing – activity involving offering goods or services directly by email, phone, or other means, or requesting a person’s opinion about the offered goods/services.

II. General provisions

  1. This privacy policy sets out the main principles for the collection, storage, and processing of personal data when a customer uses the services provided by UAB “Seeds online”.
  2. The purpose of the privacy policy is to protect and ensure the lawful processing of customers’ personal data.
  3. The privacy policy must be read and accepted before submitting personal data in the order form or terms of service.
  4. The customer must provide the following information when ordering: first name, surname, phone number, email address, delivery address, etc. This data is used only for order delivery or product collection. It does not create a permanent account for future orders (unless the customer creates one).

III. Procedure for processing and storing personal data

  1. The customer agrees that their first name, surname, email address, phone number, and IP address may be processed for operational analysis. During registration or order placement, the customer may refuse the use of this data for direct marketing or analytics.
  2. If the customer does not want their data used for direct marketing or newsletters, they must clearly state so. Newsletters are sent only to specified email addresses. Customers can unsubscribe using the “Unsubscribe” link in the email.
  3. The seller confirms that personal data provided by the customer is processed only for providing services (e.g., campaigns, projects). Data for analytics and direct marketing is processed only with customer consent. For direct marketing purposes, data is stored for ten calendar years from the time of consent.
  4. The seller undertakes not to disclose customer data to third parties, except:
  • with the customer’s consent;
  • to delivery service providers for order fulfillment;
  • to the seller’s partners for direct marketing, if the customer has consented;
  • to law enforcement authorities of Lithuania, Finland, or the applicable jurisdiction in accordance with legal requirements;
  • if necessary to prevent or investigate criminal activity.

The customer has the right to:

  • request written access to their personal data;
  • request information on the sources of data, what data is held, its purposes, and to whom it has been disclosed within the past year;
  • request deletion or cessation of processing when data is unlawfully processed;
  • refuse the privacy policy – however, purchasing from the store may then not be possible;
  • prohibit the use of their data for direct marketing, immediately or later.

At product collection, the customer may be asked to present ID; this data is used only for identification. The customer agrees that their personal data may be transferred to the seller’s partners for order fulfillment, analytics, and operational purposes. Customer data may be transferred to other EU or non-EU countries under the same conditions as in Lithuania and only for the purposes set out in this privacy policy. The seller stores personal data as long as the customer uses UAB “Seeds online” services, unless otherwise specified herein. After account deletion, data may be retained for up to ten years unless legal obligations require otherwise. The seller undertakes organizational and technical measures to protect personal data: preventing unauthorized alteration, disclosure, or destruction, identity theft, or fraud. Passwords are encrypted, only authorized persons can access servers, and connections are protected with HTTPS. Data is safeguarded from loss, unauthorized use, and alteration. All passwords are encrypted, and pages requiring personal data operate under a secure HTTPS connection. The customer must keep their login credentials (username and password) confidential and protect them, and not disclose others’ data. Customers are encouraged to report any security breaches to the seller immediately. The customer agrees in advance that their data may be stored in the database as long as the seller has a legitimate reason, e.g., suspected criminal activity, identity theft, complaints received, or other legal requirements. Data may be deleted once the official reason ceases or authorities so decide. All requests and instructions regarding data processing must be submitted in writing either in-store or by email. The seller responds within 30 calendar days and will carry out the request or justify refusal. The response may be requested in writing. The administrator may use customers’ IP addresses when diagnosing system malfunctions.

IV. Personal data rights, modification, and deletion

  1. The customer authorizes the seller to collect, manage, process, and store their personal data in the manner and for the purposes defined in this privacy policy.
  2. Consent or its withdrawal applies only to future activities. The customer may withdraw consent by email or other means specified in this privacy policy. The seller will then stop processing and delete the account, unless otherwise required by law.
  3. The customer has the right to know what data the seller has collected, from which sources, for what purposes, to whom it has been provided, and whether it is complete and accurate. Such requests must be submitted by email, and the seller responds within 30 days. One free request per year.
  4. If the customer notices an error, unlawful source of data, or data used for a purpose other than intended, they may request suspension and correction within 5 working days or correct it through their account (if registered).
  5. If the seller doubts the accuracy of data, processing may be temporarily suspended until the data is verified and corrected.

V. Collection and storage of personal data

  1. The website may store cookies on the device to recognize the user, maintain the shopping cart, collect visitor statistics, and remember user settings. Customers can review stored cookies and delete some or all of them. By accepting this privacy policy, the customer agrees to cookie use. Consent can be revoked in browser settings, but some site features may not function properly.
  2. Cookies used on the website are listed in Annex No. 1.

VI. Final provisions

  1. This privacy policy has been in effect since 2018 and may be amended due to legal changes or operational changes. Updates will be announced on www.nojus.shop and by other means.

Annex: Cookies used on the website

Technical cookies – essential for site operation

Cookie nameSourceDescriptionCreation timeValidity
__atuvc www.nojus.shop AddThis social sharing plugin on page visit 1 year
__atuvs www.nojus.shop Same as above on page visit 1 day
Random session key (e.g., PrestaShop) www.nojus.shop Stores browser session key when adding to cart expires when browser closes
PHPSESSID www.nojus.shop Session key on page visit expires when browser closes
cr_id nojus.shop Cart recovery ID when product added to cart 1 year
CONSENT www.google.com Displays privacy notice on page visit ~199 months
PayPal cookies (e.g., akavpau_ppsd) www.paypal.com For secure payments during payment various

Statistical cookies

Cookie nameSourceDescriptionCreation timeValidity
_ga www.google.com Analytics (2 years) on first visit 2 years
NID google.com Stores preferences like language/search settings on page visit 6 months
_gat www.google.com Limits request rate on page visit 10 minutes
_gid www.nojus.shop Stores user behavior on page visit expires when browser closes
c_user, fr Facebook Session ID, behavior analysis, ads optimization on page visit up to 90 days
soundest views, soundestID nojus.shop Omnisend identification on page visit expires when browser closes
1P_JAR, SID, SAPISID (etc.) google.com Analytics & advertising on page visit / payment various

Commercial cookies

Cookie nameSourceDescriptionValidity
omnisendAnonymousID, omnisendSessionID, omnisendContactID nojus.shop Omnisend identification (session to 1 year) session – 1 year
__Secure-3PSIDCC (etc.) www.google.com Advertising purposes various