Privacy and Cookie Policy

Data Controller: VšĮ Mėlyna ir geltona, legal entity code 303420560, address Gedimino pr. 10-5, LT-01103 Vilnius, Lithuania. Contact email: [email protected] Primary purposes of personal data processing on the website https://blue-yellow.lt/ and in the activities of VšĮ Mėlyna ir geltona: • Collect and manage support for the armed resistance in Ukraine; • Inform about various actions and initiatives, including providing tailored or direct advertising (e.g., through cookies); • Respond to inquiries and provide supporting certificates; • Monitor website visitor traffic and browsing habits for statistical purposes (using cookies); • Create and execute contracts; • Maintain records and provide reports; • Protect the interests of our organization, its employees, volunteers, and partners; • And other related purposes. Your rights as a data subject: know what data about you is being processed; request correction of inaccurate data; request data transfer to another controller; object to data processing; refuse data processing or withdraw your consent at any time; request data erasure; request data processing restriction; and the right to lodge a complaint with the State Data Protection Inspectorate at [email protected]. You can find more information in the detailed Privacy Policy version below.

Privacy and Cookie Policy (Detailed)

You can visit our website anonymously. However, if you consent to the use of cookies, ask questions, follow/comment on our social media accounts, we process your data as specified in this Privacy and Cookie Policy.

Who processes your data?	The data controller is VšĮ Mėlyna ir geltona, legal entity code 303420560, address Gedimino pr. 10-5, LT-01103 Vilnius, Lithuania. For questions regarding personal data processing, please contact [email protected].
Why do we process data and what is our legal basis?	We process your personal data because we aim to: • Collect and manage support for the armed resistance in Ukraine, including organizing various initiatives such as events, games, and campaigns like “Gift to Ukraine” and “Digital Army.” The purpose of these initiatives is to collect funds and purchase necessary support for Ukraine. When you transfer funds, we process your payment data, which we receive from the financial institution. These data are further processed and stored for accounting purposes (see below). The legal basis for data processing is the fulfillment of obligations arising from legal acts, specifically the Non-Governmental Organizations Development Act of the Republic of Lithuania (Chapter III). • Inform you about various actions and initiatives, including providing tailored or direct advertising (e.g., through cookies). We are a transparent organization and periodically inform about our activities, usually through our social media channels and website. When we want to send you newsletters, post your photos on our website, or conduct surveys, we will obtain your consent as the legal basis for data processing. Targeted advertising through cookies is provided only to those who consent to the use of advertising cookies (see the “Cookies” section below). • Respond to inquiries and provide supporting certificates. The legal basis for data processing is our legitimate interest in being transparent and providing quality support to our donors and partners. Data are retained for up to 3 months from the date of responding to your inquiry and for 5 years from the date of issuing support certificates, unless data need to be retained longer due to potential disputes or claims. • Monitor website and social media visitor traffic and their browsing habits for statistical purposes. The legal basis for data processing is your consent to use statistical cookies. You have the right to refuse, and if you have consented, you can withdraw your consent at any time by adjusting cookie settings on the website. Data are collected through cookies and stored according to the specific cookie configuration. Specific terms can be found in the “Cookies” section below. For this purpose, data are shared with third parties – Google Inc and Meta. • Provide you with tailored advertising (using cookies). When browsing the internet, some of our cookies identify your interests and relevant topics, allowing us to offer you tailored advertisements on other websites you visit. The legal basis for data processing is your consent to use advertising cookies. • Properly create and execute contracts. The legal basis for data processing is a contract between you and us (e.g., a periodic support agreement). Contracts and data are kept for 10 years after the contract termination. • Properly maintain records and provide reports. The legal basis for data processing is compliance with legal requirements, such as the Lithuanian Financial Accounting Law (Articles 6 and 10). Data are kept for at least 5 years after the end of a specific financial transaction, unless otherwise specified in legal acts. • Protect the legitimate interests of our organization, its employees, volunteers, and partners. The legal basis for data processing is our legitimate interest in protecting our interests in court, arbitration, and other institutions. Data are kept until the final resolution of disputes.
Sharing of Information	We do not share your information collected on the website with anyone except when required to comply with legal requirements, such as providing information to the State Tax Inspectorate or other institutions. In carrying out our activities, we may engage other companies to help ensure IT security and website functionality. If such providers have access to personal data that we process, they are considered our data processors and process the data in accordance with our instructions. The personal data processed by VšĮ Mėlyna ir geltona are protected against unauthorized access and leakage and are stored on servers owned by VšĮ Mėlyna ir geltona in Lithuania – Baltneta. Data processors with access to the data include IT and accounting service providers (Baltneta, Pagautė, Civitta).
Data Transfer to Non-EU/EEA Countries	Generally, we do not transfer the data of our donors, partners, employees, or volunteers outside the EU/EEA. However, in certain cases, such a need may arise (e.g., when organizing a business trip to Ukraine). In such cases, data transfer is carried out only in compliance with appropriate safeguards, such as: a) If the country receiving the data has been recognized by the European Commission as ensuring an adequate level of personal data protection. b) If the country receiving the data has not been recognized by the European Commission as ensuring an adequate level of personal data protection, we would take appropriate transfer protection measures, such as obtaining the data subject’s consent, using Standard Contractual Clauses approved by the European Commission, or other contracts approved by competent authorities. Please note that when using the Facebook website, tracking, or commenting on our accounts, your personal data is also processed by Meta Inc. For data processing on the Facebook platform, we have limited influence, so you can find more information here: https://www.facebook.com/privacy/policy/.
Data Security	We aim to protect your personal information. We have implemented an internal security policy and provided instructions to employees on how to comply with personal data protection laws. We have also implemented appropriate procedures and security measures to protect your personal information from destruction, loss, alteration, unlawful disclosure, and unauthorized access, as well as any other processing that does not comply with applicable personal data protection laws. Please note that no electronic space, including Facebook and our website, is completely secure, so you must be cautious when providing your personal data.
Your Rights as a Data Subject	You have the right to: (i) request access to your personal data that we process; (ii) request corrections or deletions of your personal data; (iii) object to the processing of your personal data; (iv) restrict the processing of your personal data under certain conditions; (v) object to the processing of your personal data for direct marketing purposes; (vi) if the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time (withdrawal of consent will not affect the lawfulness of processing performed before consent withdrawal); (vii) you have the right to receive your personal information in a structured, commonly used, and machine-readable format (the right to data portability); (viii) you can always lodge a complaint with the data protection supervisory authority (in Lithuania, the State Data Protection Inspectorate). These rights may be conditional or limited. Therefore, it is not guaranteed that, for example, in a specific case, you will have the right to data portability or the right to request data deletion – this depends on the specific circumstances of data processing. To exercise your rights, please contact the contacts provided in this Privacy and Cookie Policy.

Cookies

A cookie is a small text file that stores user information about their actions on a website and stores it on the device you use for browsing. Cookies do not harm your device and allow us to provide you with a better browsing experience and faster website responsiveness to requests.

Our website uses three types of cookies:

A. Essential cookies (do not require your prior consent): These are necessary for the functioning of the website, and we automatically place them on your device when you start browsing the website. You can disable all cookies in your browser at any time by changing your browser settings, but this may interfere with the proper display of our website.

B. Statistical cookies (require your prior CONSENT): Our website uses statistical cookies, which can only be installed with your prior consent. Additionally, our website also sets cookies belonging to third parties, which are installed with your prior consent. These third parties may have access to the information collected through their cookies. Third parties include Google Inc.

C. Advertising cookies (require your prior CONSENT): Our website uses third-party cookies that, based on your browsing history, help create a certain profile of you. Third parties include Google Inc. Advertising cookies are used for advertising purposes: they create user profiles for displaying advertisements that match users’ preferences while browsing the website.

Statistical and advertising cookies will only be installed on your end device with your prior consent. For this reason, when you visit our website, a special pop-up window informs you that our website uses cookies and gives you the opportunity to manage them.

Consent is required for third-party cookies

The installation and other activities related to analytical and advertising cookies (which belong to third parties), including data collection and processing, are the responsibility of third parties. If you would like to learn more about these cookies and third parties that may have access to the collected information, or how to enable and disable cookies, you can review the cookie policies of third parties at the following links:

• Google Analytics: http://www.google.com/policies/technologies/cookies/

The cookies used on the website are as follows:

Title	Purpose	Cookie Type	Expiration (storage term on your device)
XSRF-TOKEN	Ensures website security	Necessary cookie	Valid for 1 day
_ga_#	Tracks the number of times a user visits the website	Statistical cookie	Valid for 2 years
_gat	User recognition and traffic management	Statistical cookie	Valid for 1 day
_ga	User recognition	Statistical cookie	Valid for 2 years
_gcl_au	Used by Google AdSense to determine the effectiveness of displayed ads	Advertising cookie	Valid for 3 months
blue_yellow_session			Valid for 1 day
_gid	User recognition	Statistical cookie	Valid for 1 day

Changes

This Privacy and Cookie Policy will be periodically reviewed. In the event of significant changes, the latest version will be published on the website, and you will be asked to review it again.

Last reviewed: July 14, 2023.