Version 2.0 · Updated 2025
Privacy Policy
This Privacy Policy describes how my E-Store https://balticlocalize.com (hereinafter – Website) collects, uses, and stores your personal data. This Policy is based on the General Data Protection Regulation (GDPR, EU 2016/679).
📋 Table of Contents
- Who I Am
- Processing of Data Collected During Purchase
- Payment Data Security and Sharing
- Email Communication and Automated Messages
- Analytics and Tracking
- Cookies
- Comments and Gravatar
- Embedded Content from Other Websites
- Data Security Measures
- How Long I Retain Your Data
- Your Rights Under the GDPR
- Changes to This Policy
1. Who I Am
| Detail | Information |
|---|
| Website Address | https://balticlocalize.com |
| Data Controller | ŽYDRŪNAS RUPŠLAUKIS |
| Business Address | Gabijos g. 68, Kaunas, LT-47103, Lithuania |
| Data Protection Contact | info@balticlocalize.com |
| Response Time | Within 30 calendar days of receiving your request (GDPR Art. 12) |
2. Processing of Data Collected During Purchase
I collect information necessary to process your order, grant access to digital goods, and comply with legal obligations.
Data Collected:
- Contact Information: Name and email address.
- Billing Information: Address – required for invoicing and legal compliance.
- Purchase Information: Date of purchase, name and price of the goods purchased.
- Technical Data: IP address and browser user agent – logged automatically for fraud prevention purposes.
Purpose and Legal Basis:
This data is processed to execute the contract with you (GDPR Art. 6(1)(b)) and to comply with the accounting and tax laws of the Republic of Lithuania (GDPR Art. 6(1)(c)).
3. Payment Data Security and Sharing
Your payment information is processed directly through third-party payment gateways (Stripe and PayPal).
I DO NOT store any credit card information on my servers. All payment data is encrypted and transferred directly to these operators. These entities act as independent data controllers and process your data according to their own privacy policies.
4. Email Communication and Automated Messages
Upon completing a purchase, the following emails are sent automatically:
- Purchase Confirmation – an order receipt with your download link. Sent on the basis of contract performance (GDPR Art. 6(1)(b)).
- Technical Notifications – e.g., notifications about file updates. Sent on the basis of legitimate interest (GDPR Art. 6(1)(f)).
Marketing:
Marketing emails (e.g., newsletters, promotional offers) are sent only with your explicit consent (GDPR Art. 6(1)(a)). You may unsubscribe at any time using the "Unsubscribe" link in every email, or by contacting info@balticlocalize.com.
5. Analytics and Tracking
To understand how visitors use the Website and to improve it, I use the following analytics tools:
| Tool | Purpose | Legal Basis | Privacy Policy |
|---|
| Google Analytics | Visitor statistics, page views | Consent (cookie banner) | policies.google.com |
⚙️ Note: Google Analytics data is anonymised – IP addresses are truncated before storage. You may opt out by installing the browser extension: Google Analytics Opt-out.
6. Cookies
The Website uses cookies – small text files stored on your device. Below is an overview of the cookies used:
| Category | Examples | Purpose | Duration |
|---|
| Essential | wordpress_logged_in, edd_cart | Login functionality, shopping cart | Session / 2 days |
| Functional | wordpress_test_cookie, wp-settings | Saving user preferences | 1 year |
| Analytics | _ga, _gid, _gat | Website traffic statistics | 2 years / 24 hrs |
You can manage or disable cookies in your browser settings. Please note that disabling essential cookies may affect the functionality of the Website.
When visitors leave comments on the Website, I collect data shown in the comments form, the visitor's IP address, and browser user agent string to help with spam detection. An anonymised string (hash) from your email address may be provided to the Gravatar service to display an avatar image.
8. Embedded Content from Other Websites
Articles on this Website may include embedded content (e.g., YouTube videos, images, articles). This content from other websites behaves as if the visitor had visited the source website and may collect data about you, use cookies, and embed additional third-party tracking.
9. Data Security Measures
The following technical and organisational measures are in place to protect personal data:
- SSL/TLS Encryption – all communication between your browser and the Website is encrypted (HTTPS).
- Access Control – access to personal data is restricted to the data controller only. No third-party staff have access.
- Regular Backups – data is backed up regularly and stored in a separate environment.
- Software Updates – WordPress, plugins, and themes are kept up to date to patch security vulnerabilities.
- Payment Data – card data is never stored on this Website; processed only through PCI DSS-certified intermediaries (Stripe, PayPal).
⚠️ In the event of a data breach: If a personal data breach likely to result in risk to your rights occurs, I will notify the competent supervisory authority within 72 hours and, where required, inform affected individuals.
10. How Long I Retain Your Data
- Order Data: Data related to financial transactions (e.g., name, address, purchase amount) is retained for 10 years from the date of the transaction to comply with Lithuanian accounting and tax legislation.
- Email Marketing: Retained for as long as your consent is valid or until you withdraw it.
- Analytics Data: Google Analytics data is retained for 26 months, after which it is automatically deleted.
- Comments: The comment and its metadata are retained indefinitely, unless you request deletion.
11. Your Rights Under the GDPR
Under the GDPR, you have the following rights regarding your personal data:
| Right | What It Means |
|---|
| 📋 Right of Access | You may request a copy of all personal data I hold about you. |
| ✏️ Right to Rectification | You may request correction of inaccurate or incomplete data. |
| 🗑️ Right to Erasure | You may request deletion of data no longer necessary for its original purpose. This does not apply to data I am legally required to retain. |
| ⏸️ Right to Restriction | You may request that I temporarily suspend processing of your data. |
| 📦 Right to Data Portability | You may receive your data in a structured, commonly used format. |
| 🚫 Right to Object | You may object to processing for direct marketing purposes – at any time and free of charge. |
| ↩️ Right to Withdraw Consent | Where processing is based on consent, you may withdraw it at any time without affecting prior processing. |
To exercise any of these rights, please contact info@balticlocalize.com. I will respond within 30 days.
You also have the right to lodge a complaint with the Lithuanian supervisory authority: State Data Protection Inspectorate (VDAI) – vdai.lrv.lt
12. Changes to This Policy
This Privacy Policy may be updated periodically to reflect changes in practice or legal requirements. I will notify you of significant changes by email or by posting a notice on the Website. I recommend reviewing this page periodically.
Current Version: 2.0 · Last Updated: 2025
