Privacy Policy

This Privacy Policy outlines how customer personal data is collected, processed, and protected.

Privacy Policy

Last updated: [2026-02-22]

1. General Provisions

This Privacy Policy explains how the online store “VINautodalys” (hereinafter – the Data Controller) collects, uses, stores, and processes personal data when you visit our website, submit a VIN request, or purchase products.

Personal data is processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), applicable Lithuanian laws, and this Privacy Policy.

Data Controller: [Company name / currently: VINautodalys]
Company registration number: [—]
Address: [—]
Email: [info@vinautodalys.lt]
Phone: [+370…]

2. What Personal Data We Collect

  • First name and last name
  • Phone number
  • Email address
  • Delivery address
  • Company details (company name, registration number, VAT number) if the customer is a legal entity
  • Vehicle VIN number and related information (e.g., vehicle data, selected parts)
  • Order history and communication related to orders
  • Payment information (payment confirmations; we do not store full card details)
  • IP address, device/browser technical data, and cookie information

3. Purposes and Legal Bases for Processing

3.1. Order Processing and Fulfillment

Purpose: To accept, manage, and fulfill orders (payment processing, invoicing, delivery, returns, warranty handling).
Legal basis: Performance of a contract (GDPR Art. 6(1)(b)).

3.2. VIN Request Processing and Parts Selection

Purpose: To select (or assist in selecting) suitable parts based on the VIN number you provide, verify compatibility, and prepare a quote.
Legal basis: Performance of a contract and/or legitimate interest in providing accurate offers (GDPR Art. 6(1)(b) and (f)).

3.3. Compliance with Legal Obligations

Purpose: Accounting, taxation, document retention, and protection of legal rights.
Legal basis: Legal obligation (GDPR Art. 6(1)(c)).

3.4. Website Functionality and Security

Purpose: To ensure proper website operation, protect against misuse, and diagnose technical issues.
Legal basis: Legitimate interest (GDPR Art. 6(1)(f)).

3.5. Direct Marketing (if applicable)

Purpose: Newsletters, offers, promotions.
Legal basis: Your consent (GDPR Art. 6(1)(a)). You may withdraw your consent at any time.

4. Data Recipients

Personal data may be shared only to the extent necessary for service provision:

  • Payment service providers (e.g., banks, payment operators)
  • Courier and logistics companies (for delivery purposes)
  • Suppliers / warehouses (for order fulfillment or compatibility verification when necessary)
  • Accounting service providers
  • IT service providers (hosting, website maintenance, WooCommerce/WordPress plugins)

We do not sell your personal data to third parties.

5. Data Retention Periods

  • Order and accounting documents – up to 10 years (where required by law)
  • Marketing data (newsletters) – until consent is withdrawn
  • VIN request data – as long as necessary for processing the request/order and protecting legitimate interests
  • Technical data (cookies) – according to cookie validity periods

6. Data Transfers Outside the EU/EEA

If IT services or solutions with servers located outside the EU/EEA are used, data transfers are carried out only with appropriate safeguards in accordance with GDPR (e.g., Standard Contractual Clauses or other lawful mechanisms).

7. Your Rights

You have the right to access your data, request correction, erasure, restriction of processing, object to processing, and request data portability (where applicable). You also have the right to lodge a complaint with a supervisory authority.

Contact for exercising your rights: info@vinautodalys.lt

Supervisory Authority: State Data Protection Inspectorate of Lithuania.

8. Cookies

The website uses cookies that may be:

  • Essential – necessary for website functionality (e.g., cart, login)
  • Functional – for user convenience (e.g., language selection)
  • Analytical – for website usage analysis
  • Marketing – for personalized advertising (if applicable)

You can manage cookie settings in your browser and (if installed) via the cookie management banner.

9. Data Security

We implement technical and organizational measures (e.g., SSL encryption, access control, updates) to protect personal data against unauthorized access, loss, or disclosure.

10. Policy Updates

This Privacy Policy may be updated. The latest version is always published on our website.