Privacy Policy
Last updated: November 26, 2023
This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Website, and tells You about Your privacy rights and how the law protects You.
This Privacy Policy is designed to provide you with a clear understanding of how we handle your information when you visit our online store, www.sky-shop.eu. It outlines the types of data we collect, our data processing practices, data retention periods, and the parties with whom we may share your information. You will also find here important information about your rights related to the processing of your data.
We process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter – GPDR), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts applicable to the processing of your personal data. You can contact our data protection officer by e-mail security@sky-shop.eu or write to UAB Pikstipa, Vokieciu st. 11-18, LT-01130 Vilnius.
We use Your Personal data to provide you an ability to use the Website and to constantly improve the Website and Your experience using it. By using the Website, You agree to the collection and use of information in accordance with this Privacy Policy.
We are firmly committed to protecting the secrecy of your online data. It is our goal to develop an online environment that is easy to operate and is at all times considerate of the rights and expectations of our customers and other visitors of the Website.
The controller of your personal data is UAB Pikstipa, Vokieciu st. 11-18, LT-01130 Vilnius, +37068689386, sales@sky-shop.eu.
Definitions
For the purposes of this Privacy Policy:
- Account means a unique account created for You to access our Website or parts of our Website.
- Company, Sky-shop.eu, Sky-shop, We, Our, or Us refers to UAB Pikstipa, Vokieciu st. 11-18, LT-01130 Vilnius.
- Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
- Data Subject means the natural person to who the Personal Data refers.
- Data Processor (or Data Supervisor) is the natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this Privacy Policy.
- Data Controller (or Owner) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.
- Device means any device that can access the Website, such as a computer, a cellphone or a digital tablet.
- Personal Data (or Data) is any information that relates to an identified or identifiable individual; it is any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
- Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Website, to provide the services on behalf of the Company, to perform services related to the Website or to assist the Company in analysing how the Website is used.
- Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Website.
- Usage Data is information collected automatically through this Website (or third-party services employed in this Website) or from the Website infrastructure itself (for example, the duration of a page visit) and can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI (Uniform Resource Identifier) addresses, the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Website) and the details about the path followed within the Website with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
- User is the individual using this Website who, unless otherwise specified, coincides with the Data Subject.
- Website refers to Sky-Shop Skydiving Gear Store Europe, accessible from https://www.sky-shop.eu
- You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Personal Data
While using Our Website, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code
- Usage Data
Usage Data
Usage Data is collected automatically when using the Website.
Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Website that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Website by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Website or when You access the Website by or through a mobile device.
We welcome anybody to visit and use our website free of charge and to look at the products on offer. When you visit our website, we record your IP address (i.e., the internet address of your computer – not your email address) and other general usage data to assess which parts of our website you visit and how long you stay there.
Such data will be combined with the usage data of all visitors to our website to measure the number of visitors, the average time of the visits, pages visited, etc. The data we collect is combined and used for internal purposes only. This does not enable any identification of you as a person.
We use this combined data for evaluating our products, services, and the news we make available via our website, as well as for monitoring the use of our website and generally improving its content.
Use of Your Personal Data
Upon creating an account and subsequently placing orders for products on our website, we engage in the processing of your contact and order-related information. This information includes your name, surname, address, telephone number, email address, product details (including names, quantities, and prices), payment information, delivery preferences, order fulfillment details, return transactions, and, where necessary for product warranties, your date of birth, data pertaining to any legal entities you may represent, or invoicing details.
The security of personal data, such as name, address, telephone number, or email, is a serious concern for our company. We conduct our online activities in compliance with the respective statutory provisions relating to data protection and data security.
The Company may use Personal Data for the following purposes:
- To provide and maintain our Website: This includes monitoring the usage of our Website.
- To manage Your Account: To manage Your registration as a user of the Website. The Personal Data You provide can give You access to different functionalities of the Website that are available to You as a registered user.
- For the performance of a contract: The development, compliance, and undertaking of the purchase contract for the products, items, or services You have purchased or of any other contract with Us through the Website.
- To contact You: By email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products, or contracted services, including the security updates when necessary or reasonable for their implementation.
- To provide You with news, special offers, and general information: About other goods, services, and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
- To manage Your requests: To attend and manage Your requests to Us.
- For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or a similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
- For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and to evaluate and improve our Website, products, services, marketing, and your experience.
We may share Your personal information in the following situations:
- With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Website, to contact You.
- For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
- With business partners: We may share Your information with Our business partners to offer You certain products, services, or promotions.
- With other users: When You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, Your contacts on the Third-Party Social Media Service may see Your name, profile, pictures, and description of Your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your profile.
- With Your consent: We may disclose Your personal information for any other purpose with Your consent.
Retention of Your Personal Data
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Website, or We are legally obligated to retain this data for longer time periods.
We diligently process your personal data for a duration no longer than what is necessary for the specific purposes for which the data were initially collected or as stipulated by relevant legal regulations. The designated periods for retaining personal data are explicitly outlined in this Privacy Policy.
Statistical data acquired through tools such as Google Analytics and other cookies typically undergo retention for up to 3 years. It is important to note that some of this data may only be removed by our trusted partners, and they are responsible for setting their own retention periods.
Cookies, on the other hand, generally remain on your devices for a duration of up to 2 years. We remain committed to adhering to these retention periods in order to maintain the security and integrity of your data.
Transfer of Your Personal Data
Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.
The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of Your data and other personal information.
Delete Your Personal Data
You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.
You may update, amend, or delete Your information at any time by signing in to Your Account, if you have one, and visiting the account settings section that allows you to manage Your personal information: GDPR Tools. You may also contact Us to request access to, correct, or delete any personal information that You have provided to Us.
Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.
Disclosure of Your Personal Data
Business Transactions. If the Company is involved in a merger, acquisition, or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law Enforcement. Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
Other Legal Requirements. The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
- Comply with a legal obligation
- Protect and defend the rights or property of the Company
- Prevent or investigate possible wrongdoing in connection with the Website
- Protect the personal safety of Users of the Website or the public
- Protect against legal liability
Security of Your Personal Data
Sky-Shop.eu takes precautions to ensure the security of your personal data. Your data will be diligently protected against loss, destruction, manipulation and unauthorised access or unauthorised disclosure and transmission. We protect collected customer data by saving it on servers protected by passwords and firewalls that use encryption technologies to prevent unauthorised access.
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
You decide whether or not you wish to make Personal Data known to us, for example in the course of any registration, survey or the like. Such information on your part is relevant for your enquiry, but you provide it on a voluntary basis.
For certain operations (e.g. the shipment of parcels) it is necessary to transmit personal data to third parties (e.g. UPS carriers).
We save and process your personal data only to the extent required to fulfil our contractual and legal obligations to you. Where we wish to use your data for further purposes, such as informing you of current offers, we will obtain your explicit consent. You may revoke such consent at any time without any formal requirements. For example, you may send your revocation to the following e-mail address security@sky-shop.eu or you can revoke it by visiting GDPR Tools section in your account.
In the event of your revocation, we will immediately discontinue any additionally permitted use of your data. Please understand that the processing of your revocation may in individual cases take up to 4 working days after receiving it.
We ask you to take every available precaution to protect your personal data when online. We encourage you to at least change your passwords on a regular basis, to use a combination of letters and numbers, and to ensure you use a secure browser when surfing the internet.
Accessing Your Personal Data and Exercising Your Rights
Access to your data is restricted solely to authorized personnel bound by confidentiality agreements. Such access is granted only when strictly necessary and includes the following entities:
- Employees of UAB Pikstipa responsible for overseeing the website's operation and content.
- Providers of the website's content management system and hosting services, as well as remote communication software providers.
- Google LLC (United States of America), the service provider for website analytics, to the extent required for the purpose of website data analysis. The transfer of analytics data is conducted in accordance with contractual data protection obligations.
- Service providers responsible for website content marketing and advertising campaign management, to the extent necessary for organizing advertising and marketing activities.
- In the event that you have supplied personal data to receive an individualized commercial offer, authorized employees of UAB Pikstipa who handle such offers, as well as other employees and service providers involved in overseeing the system for providing individualized commercial offers, may access your data.
- Cookies used for personalized online advertising may be established and accessed by the following service providers:
- Facebook, Inc. You can access the privacy policy for this provider here: Facebook Privacy Policy.
- Google, LLC. The privacy policy for this provider can be found here: Google Privacy Policy.
We want to assure you that under no circumstances do we sell your data. Your privacy and the safeguarding of your information remain our top priorities.
If you wish to inquire about the data we have collected regarding you or exercise any of your rights, you can do this in the GDPR Tools section in your account or by contacting us via email at security@sky-shop.eu or by postal mail. You may also use these methods to request data corrections, deletions, restrictions on data processing, withdrawal of previously granted consents, or to raise objections to data processing based on our legitimate interests. Additionally, you can object to data processing for direct marketing purposes, if applicable, and exercise your right to data portability.
Upon receiving your request or a request to exercise any other rights, we are obligated to verify and authenticate your identity. To facilitate this verification process, we may request certain details, such as your name, surname, email address, or phone number, and will cross-check this information with our records to ensure accuracy.
We are committed to providing you with a response within a maximum of 1 calendar month from the date of receiving your request, taking into consideration the complexity and volume of requests. In cases where exceptional circumstances necessitate an extension beyond this initial period, we reserve the right to extend the response timeframe by an additional 2 months. In such instances, we will notify you of the extension before the initial 1-month period concludes and specify the reasons for the delay. If you submit your request electronically, we will respond in kind, unless such an approach proves unfeasible (e.g., due to an exceptionally large volume of information) or if you request a different mode of communication.
Scope of Application of the Privacy Policy
This Privacy Policy shall be valid for all online direct services offered by Sky-Shop.eu that can be accessed or retrieved under www.sky-shop.eu. It shall not apply if you leave our website (online direct services) via a link (Links) and access a website over which we have no control (see information under Links in the Privacy Policy). If you do not agree with this Privacy Policy, we would like to ask you to cease using our website. We reserve the right to amend, augment or delete parts of this Privacy Policy at any time.
Children's privacy
Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.
If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.
Children/teenagers should not communicate any personal data to websites without the consent of parents or supervising adults. Sky-Shop.eu recommends all parents and supervising adults to instruct their children about the safe and responsible handling of personal data on the internet.
In any case, Sky-Shop.eu will not knowingly collect or in any way use or without authorization disclose or make available to third parties any personal data of children.
Click-Through URL
In some email messages to our customers, we use Click-through URLs. If you click on one of these links, you will arrive at the website you actually wanted to reach but via our computer system. Sky-Shop.eu uses these click-throughs to determine the degree of interest in certain subjects and to measure the efficiency of our communication measures. We do not exchange such data with anybody, nor do we make any attempt to associate the click-throughs with individual email addresses.
Communication via Email
We use email for services or in connection with information regarding our products/services. In these cases, we keep your email address in our files.
Information from Third-Party Social Media Services
The Company allows You to create an account and log in to use the Website through the Third-party Social Media Services such as Google and Facebook.
If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collect Personal data that is already associated with Your Third-Party Social Media Service's account, such as Your name, Your email address, Your activities or Your contact list associated with that account.
You may also have the option of sharing additional information with the Company through Your Third-Party Social Media Service's account. If You choose to provide such information and Personal Data, during registration or otherwise, You are giving the Company permission to use, share, and store it in a manner consistent with this Privacy Policy.
Links to Other Websites
Our Website may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. Sky-Shop.eu is not responsible for the fulfillment of orders or services that have been ordered via such a website; nor is Sky-Shop.eu responsible for the privacy policies of such websites or the data explicitly or automatically collected on such websites.
In the event of any difficulty or other problem in connection with third-party websites, we ask you to contact the respective service provider directly. The sites operated by third parties will share with Sky-Shop.eu any data collected in relation to you. Any information Sky-Shop.eu receives in such a manner will be processed in accordance with this Privacy Policy and the relevant, valid data protection laws.
Privacy Policy, Terms of Use, and Terms of Sale
This Privacy Policy shall apply together with our Terms and Conditions and the Cookie Policy. Collectively, these terms govern the use of our website. We encourage all users to familiarize themselves with these terms.
Communication and Personalised Offers
Periodically, we will send you updates, special offers, and invite you to participate in surveys related to our products and services. We may also contact you regarding participation in promotions or games, provided that you have given your consent.
- During the registration or purchase process on our website.
- When subscribing to our newsletter.
- When you registered for a promotion, game, or other mechanisms designed to offer discounts or benefits.
We leverage the information stored in your account and your purchase history to better understand your preferences and needs. This enables us to offer you discounts on products that may align with your interests. This process, known as profiling, is conducted automatically. We create customer profiles by considering various demographic factors and purchase patterns. For instance, if you have previously purchased a helmet from our website, we may categorise you into a user group to receive promotions on helmet accessories or related products. Our selections are based on the general interests of customers who have made similar purchases.
For direct marketing purposes, your personal data will be retained and processed for a duration of 3 years from the date of your consent or the last communication with you. After this specified period or upon withdrawal of your consent, your personal data will be promptly deleted or no longer utilised for direct marketing purposes.
Newsletter
If you opt to subscribe to our newsletter, we will process information concerning your website account and extend it to include details regarding discounts or other benefits afforded to you and their utilization. Additionally, we will maintain records of the aggregate value of discounts granted over specific periods and, if provided within your member account, your date of birth.
Contractual Relationships with Partners/Third Parties
Sky-shop.eu collaborates with various service providers (e.g. UPS Standard, UPS Express Saver, DHL, Inpost, GLS, PostNL, Omniva, BRT, CTT, Austrian Post, Colis Prive for shipping, PayPal, and Stripe for safe payments). Via the website referred to, our customers can, for example, access the online products and services of partner companies.
By using the services of the service providers, users of the Website enter into a contractual relationship with the respective service provider that is governed by the corresponding contractual terms and conditions of the service provider. The sole responsibility for the legality and content of the services offered on the websites of the partner companies lies with the respective partner company whose contents are accessed via our website.
By using the services of a service provider, contractual relationships are created only between the respective partner company and the user, following the terms and conditions applicable to such a contractual relationship.
In addition to the types of use described above, Sky-Shop.eu will transfer your data to third parties that are involved in the processing of your order or that participate in contracts. For example, if you place an order via our website, we will transmit your order information to Sky-Shop.eu partner companies and contractors who process and deliver your order to you. Data will only be transmitted to the extent required to fulfill or deliver your order or to process an inquiry. We will also transmit personal data to third parties where we are required to do so by law.
Sky-Shop.eu will not transmit any personal data relating to the users of our website if we do not have specific permission to do so. We do not sell user names or email addresses to any other companies that may send you unwanted advertising material or mail.
Third-party advertisements or links to other websites displayed on our website may collect user data if you click on them or otherwise follow their instructions. We have no control over the data collected either voluntarily or involuntarily via advertisements or websites of third parties. We recommend that you read the privacy policies of the promoted websites if you have any concerns regarding the collection and use of your data.
GDPR
Key Points of the GDPR (General Data Protection Regulation)
The GDPR provides individuals with eight rights:
1. The right to be informed: Organisations need to tell individuals what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties. This information must be communicated concisely and in plain language.
2. The right to access: Individuals can submit subject access requests, which oblige organisations to provide a copy of any personal data concerning the individual. Organisations have one month to produce this information, although there are exceptions for requests that are manifestly unfounded, repetitive or excessive.
3. The right to rectification: If the individual discovers that the information an organisation holds on them is inaccurate or incomplete, they can request that it be updated. As with the right to access, organisations have one month to do this, and the same exceptions apply.
4. The right to erasure (also known as ‘the right to be forgotten’): Individuals can request that organisations erase their data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed or it no longer meets the lawful ground for which it was collected. This includes instances where the individual withdraws consent.
5. The right to restrict processing: Individuals can request that organisations limit the way an organisation uses personal data. It’s an alternative to requesting the erasure of data, and might be used when the individual contests the accuracy of their personal data or when the individual no longer needs the information but the organisation requires it to establish, exercise or defend a legal claim.
6. The right to data portability: Individuals are permitted to obtain and reuse their personal data for their own purposes across different services. This right only applies to personal data that an individual has provided to data controllers by way of a contract or consent.
7. The right to object: Individuals can object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest/exercise of official authority. Organisations must stop processing information unless they can demonstrate compelling legitimate grounds for the processing that overrides the interests, rights and freedoms of the individual or if the processing is for the establishment or exercise of defence of legal claims.
8. Rights related to automated decision making including profiling: The GDPR includes provisions for decisions made with no human involvement, such as profiling, which uses personal data to make calculated assumptions about individuals. There are strict rules about this kind of processing, and individuals are permitted to challenge and request a review of the processing if they believe the rules aren’t being followed.
Breach Notification Requirements: Along with the requirements around keeping users’ data safe, the GDPR also includes mandatory and stringent data breach notification rules. In the event of a data breach of Personal Data, the breach must be reported to the Supervisory Authority of the EU member states affected within 72 hours of the breach’s discovery. Depending on the severity of the data breach, the organization may also need to notify the affected users as well.
Owner and Data Controller
UAB Pikstipa
Vokieciu str 11-18
Vilnius, Lithuania 01130
The controller of your personal data is UAB Pikstipa, Vokieciu st. 11-18, LT-01130 Vilnius, +37068689386, sales@sky-shop.eu.
If you have any questions about how we protect or use your data, please email us to: security@sky-shop.eu. You can also look for other contacting options in Contact Us page.
Governing Law
Any information or data, the use thereof, and the registration on the Sky-Shop.eu website, as well as any and all acts, tolerations, or omissions in relation to Sky-Shop.eu website shall be exclusively governed by Lithuanian law. The place of jurisdiction shall be Vilnius.
Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page. We will let You know via email and/or a prominent notice on Our Website and update the "Last updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. If you have any comments or questions regarding this Privacy Policy or any other guidelines on this website, please contact us in writing via security@sky-shop.eu.
Contact Person for Queries or Information Requests
Should you have any inquiries or concerns regarding our data processing practices, please do not hesitate to get in touch with our Data Protection Officer via email at security@sky-shop.eu, phone number +37068689386 or by sending a written communication to our address at Vokieciu Street 11-18, LT-01130 Vilnius.