Cookie Policy

This version of the Cookie Policy is effective from 18 June 2026.

Date of the latest update: 18 June 2026. An archive of earlier versions is available on request from the data controller using the details on the Contacts page.

Cookies are small text files that your browser stores on your device (computer, tablet or phone) when you visit a website. On your next visit they allow the site to recognise your browser and remember certain information.

Cookies do not harm your device and do not contain viruses. They help the site work, remember your choices (such as your language or shopping cart contents) and understand how the site is used so we can keep improving it.

Besides classic cookies, we also use similar technologies such as browser local storage and pixels. In this policy we refer to all of them collectively as "cookies", but their specifics regarding storage and deletion are addressed separately (see the "Local Storage and Pixels" section).

Depending on their purpose, we group cookies into four categories: strictly necessary, functional (preferences), analytics and marketing. Each is described below with examples.

Strictly necessary cookies are required for the site to work at all, so no consent is needed for them. They enable secure sign-in to your account, session handling, the shopping cart, order placement and fraud prevention (for example, CSRF protection and a secure payment flow).

Functional (preference) cookies remember your choices and improve convenience: your selected language (LT, EN or RU), region, recently viewed products or your response to the cookie banner. They are not essential and load only after consent.

Analytics cookies help us understand how visitors use the site: which pages are most popular, where people run into difficulties and how the purchase journey flows. We use this data in aggregated form to improve the site's performance and content. They load only after consent.

Marketing cookies are used to show more relevant advertising and measure its effectiveness, including remarketing (for example, reminding you of height-adjustable desks you viewed, on other sites). They load only after you give your consent.

Different categories of cookies rely on different legal bases under the GDPR and the ePrivacy regime.

Strictly necessary cookies are processed without consent: they fall under the ePrivacy exemption for strictly necessary cookies, and, where personal data is involved, on performance of a contract (GDPR Art. 6(1)(b)) and our legitimate interest in keeping the site secure and operational (GDPR Art. 6(1)(f)).

Functional, analytics and marketing cookies are processed solely on the basis of your consent (GDPR Art. 6(1)(a)). You can withdraw this consent at any time, and doing so is as easy as giving it.

Below is an indicative list of the cookies and technologies we use, grouped by category. The exact, always-current list with specific names is shown in the cookie settings window; the list here discloses typical cookies, their provider, purpose, type (first or third party) and retention period.

Strictly necessary – session cookie (e.g. "session" / "sid"): provider ProDesk (first party), purpose – maintaining your sign-in session, duration – until the browser is closed (session cookie).

Strictly necessary – security cookie (e.g. "csrf_token"): provider ProDesk (first party), purpose – protection against CSRF attacks, duration – session or up to 24 hours.

Functional – language and preference cookie (e.g. "locale"): provider ProDesk (first party), purpose – remembering your selected language and region, duration – up to 12 months.

Functional – consent cookie (e.g. "cookie_consent"): provider ProDesk (first party), purpose – recording your response in the cookie banner, duration – 6 months (after this period we ask for consent again).

Analytics – traffic analytics cookies (e.g. "_ga", "_ga_*"): provider Google Analytics (Google Ireland Ltd., third party), purpose – aggregated site-usage statistics, duration – up to 12 months.

Marketing – advertising and remarketing cookies (e.g. "_gcl_au", "_fbp"): providers Google Ads / Meta (third parties), purpose – showing relevant ads and measuring their effectiveness across other sites, duration – up to 90 days.

Specific names, providers and durations may change as we improve the site; the always-current list is available in the cookie settings window, and for material changes we will ask for your consent again.

We load strictly necessary cookies immediately, because the site could not technically work without them, and no consent is required for these.

All other cookies — functional, analytics and marketing — load only once you give clear consent through the cookie banner. Until then they are not activated and no non-essential data is collected.

On your first visit, a cookie banner appears where you can accept all cookies, reject non-essential ones, or choose the categories you prefer individually. The "Reject non-essential" button is displayed with the same prominence as "Accept all", so that declining non-essential cookies is just as easy as accepting them.

You can change or withdraw your choice at any time by opening the cookie settings in the footer of the site, turning each optional category on or off individually. In line with GDPR Art. 7(3), withdrawing consent is as easy as giving it, and a withdrawal does not affect any processing lawfully carried out beforehand.

You can also manage and delete cookies in your browser settings (Chrome, Safari, Firefox, Edge and others). Please note that disabling strictly necessary cookies may cause some features, such as signing in or placing an order, to work incorrectly.

Some cookies are set by trusted partners whose services we use. Payment service providers: Paysera, Montonio and Stripe — they ensure secure payment processing; your payment card data is handled directly by the payment provider and never reaches our server.

To analyse site traffic and usage we use Google Analytics (provider Google Ireland Ltd.). For advertising and remarketing we may use Google Ads and Meta (Facebook / Instagram). You can review their privacy and cookie policies at policies.google.com/privacy and www.facebook.com/policy.php respectively; the payment providers' policies are available at paysera.com, montonio.com and stripe.com.

Third-party cookies are governed by the privacy and cookie policies of the respective providers, which we recommend you review. The exact list of these services and links are also shown in the cookie settings window.

Marketing and some analytics cookies may involve profiling — an assessment of your browsing behaviour and interests in order to show more relevant advertising and measure its effectiveness.

With your consent, your pseudonymous identifiers may be shared with advertising networks (for example, Google Ads, Meta) so that personalised advertising and remarketing (retargeting) can be shown across other sites and platforms.

This profiling does not produce legal effects concerning you or similarly significantly affect you. You can withdraw consent for marketing cookies at any time in the cookie settings, after which personalised advertising and retargeting based on our site will no longer be carried out.

Some analytics and marketing providers (for example, Google, Meta) may transfer personal data to third countries outside the European Union and the European Economic Area (EU/EEA), including the USA.

Such transfers take place only where appropriate safeguards are in place under GDPR Arts. 44–49: on the basis of a European Commission adequacy decision (for example, the EU–US Data Privacy Framework) or Standard Contractual Clauses (SCCs) together with supplementary safeguards.

Further information about the safeguards applied, and copies of them, can be obtained by contacting the data controller using the details on the Contacts page.

By storage duration, cookies are either session (temporary) or persistent. Session cookies last only while you are browsing and are deleted when you close your browser.

Persistent cookies stay on your device for a set period or until you delete them yourself. Typical durations: functional preference cookies — up to 12 months; the consent-record cookie — 6 months; analytics cookies — up to 12 months; marketing cookies — up to 90 days. The specific lifetime of each cookie is also shown in the cookie settings window and in the "List of Cookies We Use" section.

We keep cookies no longer than necessary to achieve their purpose; once they expire they are deleted automatically. When the consent record expires (after 6 months) we ask again for consent to non-essential cookies.

Browser local storage and pixels work differently from classic cookies: local storage has no automatic expiry, so the data it holds remains until it is removed programmatically or you delete it yourself.

Local storage cannot be cleared using the usual browser cookie controls — it is removed via your browser's clear site data / storage function. If you withdraw consent, we remove or stop using the non-essential local-storage entries we have set.

Pixels (tags) are used together with analytics and marketing cookies; they are subject to the same consent requirement and the same legal bases and retention periods as the cookies of the corresponding category.

We may update this Cookie Policy when the technologies we use, the applicable law or our practices change. The current version is always available on this page, and the version in force is marked in the "Last Updated" section.

Where changes materially affect non-essential cookies, we will ask for your consent again.

This Cookie Policy applies alongside our Privacy Policy, which describes in detail how we process your personal data, who the data controller is, and what your rights are (the right to access, rectify, erase, restrict processing, object to processing and to data portability).

You can find the Privacy Policy in the site footer or on the "Privacy Policy" page. We recommend reading it together with this Cookie Policy.

The data controller is the Seller operating the ProDesk online store. The controller's full legal name, company registration code and registered address are set out on the Contacts page, which contains the final, verified controller details.

If you have any questions about cookies or the processing of your personal data, please contact the data controller using the details on the Contacts page, or by email on data protection matters (the current address is given on the Contacts page). If a Data Protection Officer (DPO) has been appointed, their contact details are also published on the Contacts page; at present the controller is not required to appoint a DPO, but you may raise any data protection matter using the means above.

If you believe your data is being handled improperly, you have the right to lodge a complaint with the supervisory authority — the State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija, VDAI), L. Sapiegos g. 17, 10312 Vilnius, Lithuania, tel. +370 5 271 2804, email ada@ada.lt, website vdai.lrv.lt.