1. What Does This Privacy Policy Mean?
This Privacy Policy (hereinafter referred to as the “Policy”) provides information about how UAB “Maisto namai” (hereinafter referred to as the “Company”) processes your personal data obtained through: the Company’s commercial activities, trading operations, contract fulfillment between the Company and counterparties (legal entities), brand awareness activities, inquiries, and other interactions. All individuals whose data is processed by the Company are referred to as “Data Subjects”.
2. About the Company
The Company refers to UAB “Maisto namai”, legal entity code 301656551, operating at Beržų g. 44, Panevėžys, Republic of Lithuania. Data about the Company is collected and stored in the Lithuanian Register of Legal Entities. For questions regarding personal data protection, contact: hello@donecookin.com.
3. What Are Personal Data?
Personal data is any information collected by the Company about a Data Subject that can be used to identify the individual and is stored electronically or otherwise.
Personal data includes any information such as name, surname, address, phone number, and other details collected for the purposes specified in this Policy or in a separate consent or agreement with the Company.
4. Trade in Food Products
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Wholesale Trade | |||||
| Buyer | Article 6(1)(b) (Contract) | Name, surname, personal code, address, bank account number, other information related to contract execution | None | Business administration software providers | 10 years after contract expiration |
| Employee of counterparty (legal entity) | Article 6(1)(c) (Legitimate interest) | Name, surname, position, basis of representation, email address, phone number, correspondence content | None | Business administration software providers | 10 years after contract expiration |
| Retail Trade | |||||
| Buyer | Article 6(1)(b) (Contract) | Name, surname, personal code, address, bank account number, other information related to contract execution | None | Business administration software providers | 10 years after contract expiration |
5. Provision of Services Related to Events, Tastings, and Administration
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Provision of Services Related to Events, Tastings, and Administration | |||||
| Client | Article 6(1)(b) (Contract) | Name, surname, personal code, address, bank account number, other information related to contract execution | None | Business administration software providers | 10 years after contract expiration |
6. Increasing Company Awareness and Publicity (Marketing)
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Increasing Company Awareness and Publicity (Marketing) | |||||
| Person who consents to data publicity | Article 6(1)(a) (Consent) | Name, surname, contact details, image, other information requested by the Data Controller or provided by the individual | None | Business administration software providers | 5 years from the date of consent |
7. Video Surveillance in Company Premises for the Protection of Company Property and Individuals
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Video Surveillance in Company Premises for the Protection of Company Property and Individuals | |||||
| Company Visitors | Article 6(1)(a) (Consent) | Location and time of presence, visual image | None | None | 20 days from the date the video recording is created |
8. Accounting Management
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Accounting Management | |||||
| Employees, clients, suppliers (physical persons), employees of clients, suppliers, and partners (legal entities) | Article 6(1)(c) (Legal obligation) | Name, surname, information about services provided/received and goods sold, other personal data indicated in invoices and accounting documents | None | Business administration software providers | Data retained according to accounting regulations and the General Document Retention Index |
9. Candidate Selection
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Candidate Selection | |||||
| Candidates | Article 6(1)(a) (Consent), (f) (Recommendation provider) | Name, surname, contact details (email, phone), desired position, work experience (employer, position, reference provider), education, other data in CV, application, or motivation letter | None | Business administration software providers | 3 days after signing contract with selected candidate or decision to end selection, unless separate consent for longer retention is given |
10. Execution of Contracts with Legal Entities
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Execution of Contracts with Legal Entities | |||||
| Employees, employees of counterparty (legal entity) | Article 6(1)(f) (Legitimate interest for counterparty employees), Article 6(1)(b) (Contract for employees) | Name, surname, email address, phone number, correspondence content | Supplier (legal entity) | Business administration software providers | 10 years after contract expiration |
11. Protection of Legitimate Interests
| Data Subject Category | Legal Basis (GDPR Article 6) | Categories of Personal Data | Data Recipients (Controllers) | Data Recipients (Processors) | Data Retention / Deletion Period |
| Protection of Legitimate Interests | |||||
| Other party to dispute, employees of the disputing party | Article 6(1)(f) (Legitimate interest) | Name, surname, position, date, circumstances of dispute, other information related to the dispute | Law enforcement authorities, lawyers, courts, bailiffs | Business administration software providers | 5 years from the date the court decision becomes final |
12. Contact Us
You can contact the Company by phone or email. All messages are received, reviewed, and responded to directly by us. If you contact us, we may process the data you provide, such as your name, surname, email address, phone number, and the content of your inquiry (information you choose to provide).
Such data will be processed to respond to your questions and review your suggestions. If you do not provide contact details, we will not be able to contact you or respond.
Data is retained for 1 year from the date of inquiry or request, unless otherwise specified in this Policy or by law.
Please note that we may need to contact you by mail, email, or telephone. Therefore, we kindly ask you to inform us of any changes to your personal data.
13. Website
Our website www.donecookin.com uses cookies. A cookie is a small file consisting of letters and numbers that, with your consent, we store in your browser or on your computer’s hard drive. We use different cookies for different purposes. Cookies help us distinguish you from other website users, ensuring a better user experience and allowing us to improve the website.
Most browsers allow you to reject all cookies, and some allow you to reject only third-party cookies. You may use these options, but blocking all cookies may negatively affect your website experience, and you may not be able to use all services provided on the website. More information is available at AllAboutCookies.org or www.google.com/privacy_ads.html.
Types of Cookies Used:
| Cookie Name | Purpose of data processing | Validity period |
| _ga | Used to collect statistical information about website traffic. | 2 years |
| _gat | Used to limit the number of calls to doubleclick.net. | 1 minute |
| _gid | Used to collect statistical information. | 24 hours |
Necessary Cookies.
These cookies are essential for the website to function. The processing of data by these cookies is based on proper contract performance when you visit the website and we ensure the quality and security of your visit.
Analytical and (or) Performance Cookies.
These cookies allow us to recognize and count website visitors and monitor how visitors navigate the site. This helps us improve website performance, for example, by ensuring users can easily find what they are looking for. The processing of data by these cookies is based on your consent.
14. Data Collection and Disclosure
We obtain your data from you, your legal representatives, your devices, our employees, banks, and our contractual counterparties.
We may disclose your information to our employees, service providers (such as IT specialists, website administrators, etc.), if reasonably necessary for the purposes specified in this Policy, as well as to banks and other recipients listed in the Policy.
Additionally, we may disclose your information:
To provide services, we may process your personal data outside your country. In all cases, the Company will process your personal data in accordance with the laws of the country where the data is processed and stored. If we process and store your personal data outside your country, we will implement all necessary measures to ensure the security of your personal data.
If you are a citizen of an EU Member State, your personal data may be stored outside the EU. In all cases, the Company will ensure that service providers storing your personal data have signed standard contractual clauses or other safeguards in accordance with GDPR requirements.
The list or categories of recipients specified in this Policy may change, so we recommend regularly checking for updates to the Privacy Policy.
15. Security of Your Personal Data
Your personal data will be processed in accordance with the General Data Protection Regulation (EU) 2016/679, the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other applicable legal requirements. We implement organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, and any other unlawful processing.
16. Your Rights
This section provides information about your rights regarding the processing of your personal data and the circumstances under which you may exercise these rights.
The Company will provide information about actions taken in response to your request regarding your rights without undue delay, but no later than within one (1) month of receiving your request. Depending on the complexity of the request and the number of requests received, this period may be extended by two (2) months. In such cases, we will inform you within one (1) month of receiving your request about the extension and its reasons. The Company will refuse to exercise your rights only in cases provided by law.
17. Right to Access Your Personal Data
You may contact us at any time to inquire whether we process any of your personal data. If we store or otherwise use your personal data, you have the right to access it. To do so, submit a written request to the email address specified in this Policy and confirm your identity; please act honestly and reasonably when making such requests.
17.1. Right to Withdraw Consent
If you have given explicit consent for the processing of your data, you may withdraw it at any time by contacting us at the email address specified in this Policy.
17.2. Additional Rights
Below is information about your additional rights, which you can exercise by following the procedure described below.
17.3. Right to Request More Information
We strive to provide clear and comprehensive information and commit to updating this Policy as data processing practices change.
For more details about your rights and their implementation, refer to the Data Subject Rights Implementation Procedure.
If you have any questions about the use of your personal data, we will be happy to answer or provide any additional information we can disclose. If you have specific questions or do not understand the information provided, please contact us.
18. Complaints
If you believe your rights as a Data Subject have been or may be violated, please contact us immediately at the email address specified in this Policy. We will ensure that, upon receiving your complaint, we contact you within a reasonable time and inform you about the progress and outcome of the investigation.
If you are not satisfied with the investigation results, you may submit a complaint to the supervisory authority – the State Data Protection Inspectorate (www.vdai.lrv.lt).
19. Responsibility
You are responsible for the confidentiality, accuracy, correctness, and completeness of the data you provide. If your data changes, you must immediately inform us by email. We are not liable for any damage resulting from incorrect or incomplete personal data provided by you or failure to inform us of changes.
20. Changes to the Privacy Policy
We may update or amend this Privacy Policy at any time. The current version of the Policy is always available on our website www.donecookin.com.
The Privacy Policy was last updated on 2025-08-26.