Skip to main content
CartClose Cart

True Habit DATA PROTECTION RULES – PRIVACY POLICY

I. INTRODUCTION

This document outlines the rules for processing personal data of MB, True habit customers. It establishes the principles, objectives and procedures for data collection, usage, and storage, and defines who is authorised to access such information and for what purposes.

 

II. DEFINITIONS

Data Controller: An individual or legal entity appointed by the Company to process customer data.

Company: MB “True habit”, 306541122 (Baltosios Vokės Sodų g. 122, LT-14108 Vilnius, +37061479049, info@truehabit.eu).

Other terms used in these Rules are understood as defined in the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the processing of personal data. These include:

Personal Data: Any information relating to an identified or identifiable natural person (“data subject”). This can be directly or indirectly identifiable by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data processing: Any operation or set of operations performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Third party: A natural or legal person, other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process the personal data.

 

III. PRINCIPLES OF PERSONAL DATA PROCESSING

Company adheres to the following principles when processing customer personal data:

  • Data will only be processed for legitimate and defined purposes outlined in these Rules.
  • Data will be processed in a manner that is fair, lawful, and transparent, complying with all relevant legal requirements.
  • Data will be collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes.
  • Data will be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
  • Data will be accurate and, where necessary, kept up to date.
  • Data will be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
  • Data will be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

 

IV. PURPOSES OF PERSONAL DATA PROCESSING

Detailed information regarding the processing of customer personal data is available in this Policy.

The main categories of personal data processed include: name, surname, telephone number, email address, and other information necessary to fulfil orders and present marketing offers.

The main purposes for processing personal data are:

  • Order processing and fulfilment.
  • Analysis of user data, purchases and website usage for the purposes of improving user experience and website optimization.
  • Marketing and advertising purposes.

 

V. RIGHTS OF THE DATA SUBJECT

Company appoints a responsible person to ensure that the rights of customers as data subjects are protected, properly implemented, and all information is presented appropriately, timely and in a form acceptable to employees.

Customer Rights as Data Subjects:

  • Right to be informed about the collection of personal data. When collecting customer personal data, the Company must inform individuals of what personal data they must provide, for what purpose the relevant data is collected, to whom and for what purpose it may be provided, and the consequences of not providing personal data. Simplified information is provided in the customer’s consent forms.
  • Right of access to personal data and its processing. The customer has the right to request information from the Company about what and for what purpose their personal data is being processed. Once a year, this information is provided to the customer free of charge. If a customer requests this information more than once a year, the fee for providing this information cannot exceed the cost of providing such information.
  • Right to rectification, erasure or restriction of processing of personal data. The customer has the right to request the rectification, erasure or restriction of processing of their personal data.
  • Right to object to the processing of personal data. The customer has the right to object to the processing of certain optional personal data. Such objection may be expressed by not filling in certain sections of a questionnaire or other documents, as well as by subsequently submitting a request to stop processing optional personal data. The Company provides written information on what personal data is processed on a non-mandatory basis. Upon receiving a request to stop processing personal data that is processed on a non-mandatory basis, the Company shall immediately stop such processing, unless it contradicts the requirements of legal acts, and shall inform the employee/customer accordingly.

 

VI. PERSONAL DATA SECURITY MEASURES

Access rights and authorisations to process personal data are granted, revoked and modified by order of the Company’s manager.

Company implements and ensures appropriate organizational and technical measures when storing personal data to protect it against accidental or unlawful destruction, alteration, disclosure, and any other unlawful processing.

The Company ensures the proper storage of documents and data files and takes measures to prevent the accidental or unlawful destruction, alteration, disclosure or any other unlawful processing of personal data. Copies of documents containing employee personal data must be destroyed in such a way that these documents cannot be restored and their content identified.

Only authorized individuals may have access to personal data within the Company, and only when it is necessary to achieve the purposes set out in these Rules.

The Company ensures the security of the premises where personal data is stored, the proper layout and review of technical equipment, compliance with fire safety rules, proper network management, information system maintenance and the implementation of other technical measures necessary to ensure the protection of personal data.

Company takes measures to prevent the accidental or unlawful destruction, alteration, disclosure or any other unlawful processing of personal data by storing entrusted documents and data files properly and securely.

If the employee processing the data or another responsible person doubts the reliability of the implemented security measures, they must contact their direct manager to have the existing security measures assessed and, if necessary, initiate the acquisition and implementation of additional measures.

Employees or other responsible persons who automatically process personal data, or whose computers can access areas of the local network where personal data is stored, use assigned passwords. The passwords are changed under certain circumstances (e.g. when an employee changes, there is a risk of a break-in, there is a suspicion that the password has become known to third parties, etc.).

An employee working on a specific computer and accessing personal data may only know their own password. Passwords are stored in a secure location and used only when necessary.

If violations of personal data security are detected, the Company shall take immediate measures to prevent the unlawful processing of personal data.

Failure to comply with these Rules, depending on the severity of the violation, when committed by an employee, may be considered a violation of work duties, for which employees may be subject to liability as provided for by the Labour Code of the Republic of Lithuania.

 

VII. DATA COLLECTION, COOKIES

We process your Personal data that we receive through the following means:

  • When you provide us with Personal data yourself;
  • When we collect your Personal data ourselves as you use the Website, our administered social accounts, when you contact us by telephone or electronic communication means, when you visit our goods pick-up point;
  • To the extent permitted by applicable law, we may also receive information about you from other sources, such as publicly available registries, databases, marketing partners and other third parties.
  • Depending on your social network settings, if you choose to link your social network account with your account on our
  • Website, we may see certain data from your social network account, including your personal account data: your first and last name or nickname, profile picture and email address.
  • In the online store, payments are processed using the platforms makecommerce.lt (operator Maksekeskus AS (Niine 11, Tallinn 10414, Estonia, reg. no.: 12268475) and Stripe (operator Stripe, Inc., (South San Francisco, 354 Oyster Point Blvd, United States) , therefore your personal information required for payment execution and confirmation will be transferred to Maksekeskus AS and Stripe, Inc..
  • You have the right to modify and update the information you have provided to us. In some cases (for example, when selling you goods, delivering them, etc.) we need to have accurate and up-to-date information about you that is necessary for the quality provision of services, so we may ask you to periodically confirm that the information we have about you is correct.
  • By providing us with your Personal Data, you are responsible for the accuracy, completeness and up-to-dateness of this Personal Data.
  • On our Website, we use “third-party cookies”, which means cookies that we are not the controller of, e.g. Google Analytics, Google Ads, Facebook and other cookies. We use these cookies to obtain statistical information about the use of the website and for online advertising purposes based on your behaviour.

What is a cookie and what is its purpose?

A cookie is a small text file that a website sends to your web browser. It’s stored on your computer so the website can remember information about you, such as your login details or shopping basket contents, the next time you visit.

Cookies help websites function more effectively and improve your browsing experience. They can also provide information to website owners for statistical or advertising purposes.

How can I manage cookies?

Most web browsers allow you to control how cookies are used. You can usually choose to block all cookies, accept all cookies, or only accept cookies from specific websites. You can also choose to delete cookies that have already been stored on your computer.

Here are instructions on how to manage cookies in some popular web browsers:

Chrome

Firefox

Internet Explorer

Safari

You can find more information about cookies, including how to manage your cookie preferences and opt out of interest-based advertising, on the following websites:

  • Your Online Choices: https://youronlinechoices.com/uk/
  • Network Advertising Initiative: https://www.networkadvertising.org/
  • Digital Advertising Alliance: https://www.aboutads.info/

 

FINAL PROVISIONS

These Rules are reviewed and updated when legislation governing the processing of personal data changes.
Employees and other responsible persons are acquainted with these Rules in writing or electronically and are obliged to comply with the obligations stipulated therein and to be guided by the principles set out in these Rules when performing their work functions. Upon request from the client, they are given the opportunity to get acquainted with these Rules.

The Company has the right to amend these Rules in part or in full. Employees and other responsible persons are acquainted with the amendments in writing or electronically.

If you have any questions, please contact info@truehabit.eu

True Habit white logo (registered)

About

Benefits
Ingredients
Get Your True Habit
About

Information

Contact us
FAQs
Terms & Conditions
Privacy policy
Food supplements are not a substitute for a balanced and varied diet and a healthy lifestyle. Not suitable for children and adolescents under 18 years or for women who are pregnant or breastfeeding. Do not exceed the indicated daily intake. Refrain from taking other food supplements containing zinc. Keep out of reach of children. The content on this website is intended for informational purposes only. It is not intended to replace professional advice from a doctor or healthcare provider. The information provided here should not be used to diagnose any medical conditions or diseases. Please carefully read the complete list of ingredients in the product. If you have, or suspect you may have, a health concern, immediately contact your healthcare provider.
Do not use if the packaging is damaged.
TRUE HABIT is a registered trademark.
“True Habit” food supplement is notified in Lithuania – State Food and Veterinary Service: Notified food supplement list
MB True Habit food handling entity number: 130022546 – State Food and Veterinary Service: Food handling entity list

© 2025 True Habit. All rights reserved.

Get Your True Habit