VIKONDA GROUP, UAB (hereinafter referred to as “the Company” or “we”) seek to inform you in detail about the processing of your personal data, whether you communicate with us by meeting us in person, by visiting us or by electronic means, submitting requests, complaints, applications, statements, information about violations and/or feedback (hereinafter referred to as “the Request”), or when concluding Contracts, or in any other manner chosen by you. This document applies to you if we process your personal data.
Application is your written request to learn about your data processed by us, your requirement to adjust the data, discontinue the collection of data or delete your existing personal data (“forget you”).
This information is important; therefore, please read it carefully. We reserve the right to change our Policies to keep up with the arising or changing demands and the progress in process, so we ask you to read it regularly.
- WHAT DATA WE PROCESS?
Personal data (hereinafter referred to as “Personal Data” or “Data”) is any information that may be used to identify a person, as well as any other information necessary to properly fulfill pre-contractual and contractual obligations in so far as necessary to respond properly to the Request, the Application, for marketing purposes, and to perform other, not precluding by the legislation or binding obligations, actions.
Personal Data referred to in the Policy include:
- Identification and contact information you have specified: first name, surname, personal number, telephone number, e-mail address, address.
- Other information which is necessary for the performance of the Contract and about the collection of which you will be informed in a particular contract concluded with you.
- A recording of a telephone call, if any.
- Video data recorded by the video surveillance equipment (if any).
- Information about your IP address or its device ID (if you contacted us by electronic means).
- ON WHAT BASIS AND FOR WHAT PURPOSE WE PROCESS YOUR DATA?
We use your Data only for the purpose of: (i) the proper performance of the Contract; (ii) to resolve your applications or claims as well as Requests arising during the performance of the Contract; (iii) to respond to Requests. We may also analyse, systematize Data/information received on the basis of these documents, with a view to improving the quality of our activities and services provided to you, to expand the range of services provided, taking into account your views and suggestions; (iv) to provide you with tailored direct marketing offers that meet your needs. If you do not consent to the use of your Personal Data for direct marketing purposes, please inform us immediately; v) to ensure our safety and your security, security of property, we conduct video surveillance and process your video data (this provision is valid only upon arrival at the office of the Company or other object of the Company containing video surveillance cameras); (vi) to ensure the provision of services remotely, we may record telephone conversations or other communications between you and us. For this purpose, we also store the telephone number, IP address and other data identifying you, the content, duration, time of conversation, and other technical data (you will be notified of recording telephone conversations as soon as we answer the call. If you do not agree with this, you have the right to stop communication by phone and communicate with us in another way acceptable to you).
- HOW LONG DO WE PROCESS AND STORE YOUR DATA?
3.1. We process and store your data:
(a) for as long as the Contract is in force;
(b) within the period of response to the Request;
(c) within the period provided for in the legislation of the Republic of Lithuania;
(d) within the period of marketing.
3.2. At the end/upon termination of the contract, having answered to the Request, we will destroy your Data or reliably and irfreversibly anonymise your Data under the following procedures and terms:
(i) we will destroy specific Personal Data necessary for the performance of the Contract and/or the response to the Request no later than within 10 working days after the expiry of the Contract, after the response to the Request, if the legislation of the Republic of Lithuania does not require to store these Data and if there are no preconditions for legal disputes. In the case of legal disputes, these data shall be deleted within the time limits specified in paragraph (ii);
(ii) we will destroy other Personal Data that do not need to be stored in accordance with the archiving procedure provided for in the legislation of the Republic of Lithuania and if you have fully settled accounts for services provided under the Contract no later than within 6 months after the expiry of the Contract. In the case of legal disputes, we shall store your Data for a further period of 30 working days after the date of resolution of the particular legal dispute and the date of entry into force of the final decision, and in the case of enforcement/recovery, after the date of the period of such execution/recovery;
(iii) the record of telephone conversation, if any, and the video data recorded by video surveillance equipment (if any) shall be destroyed within 30 days after the expiry/termination of the Contract (if the above mentioned equipment allows storage for such a period; when there is no possibility of such storage, Data shall be destroyed after each period of 30 calendar days), unless there are preconditions for a legal dispute; in this case, Data shall be destroyed within the time limits specified in paragraph (ii);
(iv) we will delete information about your IP address or the ID of your device (if you have contacted us by electronic means) within 60 days after the date of such contact, if these Data are not necessary for ongoing legal disputes between the Parties, as in this case, Data shall be destroyed under the procedure provided for in paragraph (ii);
(v) we will store the Data collected for marketing purposes as long as you use our services and store it for another period of 1 year after you stop using them. Upon receipt of your Request to “forget you”, we will destroy only the Data used for marketing within 30 days of the date of such Request;
(vi) we store and process Personal Data which, according to the legislation of the Republic of Lithunia, need to be compulsorily archived, in accordance with the time limits laid down in that legislation.
- FROM WHAT SOURCES WE COLLECT YOUR PERSONAL DATA?
Usually, we receive your Data directly from you – when you contact us for the conclusion, amendment of the Contract or submit the Inquiry in any manner chosen by you. When concluding and performing the Contract, and after its termination, in the event of legal proceedings or recovery, we may collect your Data when answering your Request: (a) from data provided publicly by you or by third parties about you; (b) from legal entities, where you are a representative, employee, contractor and so on of these legal entities; (c) from partners or other legal entities who use us or whom we use to provide services to you.
If, in order to provide services under the Contract in a qualitative and objective manner, to examine your Request, we need to collect additional information or conduct the investigation of relevant circumstances, we may link the Data provided by you to the Data we hold and/or in performing the Contract or examining your Request using the Data collected, we may check video data, interview our employees, etc.
If the information (including documents) necessary to conclude, modify or terminate the Contract, the Request is submitted from a computer located on the Company’s or third party’s network, there remains a risk that web pages visited will be recorded in the browser’s history or/and in the Company’s or third party’s network registry, as appropriate. This can be avoided by submitting information from a computer that is not on the network.
It is also important to note that the information submitted for the conclusion, modification or termination of the Contract, the Request may contain metadata that may disclose the notifier’s personal information which is not related to the information he/she submits. Therefore, it is important to remove metadata that are not related to the Request before submitting the information.
- IN WHICH CASES AND TO WHICH THIRD PARTIES WE DISCLOSE YOUR DATA?
We may transfer your Data to third parties who provide us with legal services, as well as services related to accounting, data administration, etc. Such persons may include developers and administrators of web sites, social profiles, database software providers and administrators, data center, hosting and cloud service providers, etc. In each case, we provide the data processor with the Data to the extent necessary to execute a particular order or to provide a specific service. Data processors we use may process your Personal Data only in accordance with our instructions and are not allowed to use them for other purposes or transfer them to other persons without our consent. In addition, they are required to ensure the security of your Data in accordance with the applicable law and written agreements and contracts with us.
If the event described in the Request may be recognised as insured, we will transmit your Request and Data to the insurance company(s) in which we have insured our civil liability, property or which provides us with other insurance cover related to the event listed in your Request. Insurance companies act as independent data controllers and process your Data in accordance with terms and rules established by the insurance company.
Your Data may also be made available to competent authorities or law enforcement agencies, such as police, law enforcement authorities or supervisory authorities, to the State Enterprise Centre of Registers, but only upon their request or only when it is required by the applicable law, or in cases and under procedures provided for by the legislation to ensure our rights, the security of our other customers, employees and resources, to assert, submit and defend legal requirements.
We may combine the available information about you from various sources.
The Request (information about violation, complaint, etc., when you do not require a response) may be submitted anonymously or with your Personal Data. In the latter case, the notifier’s personal information will only be known to those persons who will investigate the information received. However, the notifier may be summoned to court as a witness if necessary, thereby losing his/her anonymity.
- IN WHICH TERRITORIES AND JURISDICTIONS WE PROCESS YOUR PERSONAL DATA?
As a general rule, we process and store your Personal Data within the territory of the European Union or the European Economic Area (EU/EEA). However, we may transfer your Personal Data outside the EU/EEA, for example, where it is necessary for the conclusion and performance of the Contract or if you have given your consent to such transfer. We transfer your Personal Data outside the EU/EEA if at least one of the following measures is implemented:
- The European Commission has recognised that the state ensures a sufficient level of protection of personal data.
• The recipient of data in the United States is certified in accordance with the requirements of the EU-US agreement known as the “Privacy Shield”.
• There is a contract under standard terms approved by the European Commission.
• Codes of conduct or other safeguards are in place under the General Data Protection Regulation.
- HOW SECURE ARE YOUR DATA?
When processing Personal Data, we comply with the requirements of the legislation on data protection, including the GDPR. We use a variety of security technologies and procedures to protect your personal information from unauthorized access, use or disclosure. We carefully select data processors and require them to use appropriate tools to protect your confidentiality and to ensure the security of your personal information. However, the security of the transmission of information over the Internet or mobile communications cannot be absolutely guaranteed, any communication of information to us in the above-mentioned ways is carried out at your own risk.
- WHAT RIGHTS DO DATA PROTECTION LEGISLATION GIVES YOU?
Right of access to your Personal Data processed by us: You have the right to receive our confirmation of our processing of your Personal Data, as well as the right to access your Personal Data processed by us and information about the purposes of the processing, categories of data processed, categories of recipients, period of processing, sources of data acquisition.
Right to correct your Personal Data: If the Data provided by you to us have changed or you believe that the information we process about you is inaccurate or incorrect, you have the right to request the change, adjustment or correction of this information.
Right to lodge a complaint: If you believe that we process your Data in breach of the legislation on data protection, we always ask first to contact us directly. If you are not satisfied with the way offered by us to resolve the problem or if you believe we will not take the necessary steps to comply with your request, you will have the right to lodge a complaint with the supervisory authority where the State Data Protection Inspectorate is located in the Republic of Lithuania (A. Juozapavičiaus g. 6, 09310 Vilnius; tel. (+370 5) 271 2804, 279 1445; e-mail: email@example.com).
Right to delete Data (right to be forgotten): In certain circumstances under the legal rules for the processing of Data (when Personal Data are processed illegally, the basis for processing disappeared, etc.), you have the right to request in writing that we delete your Personal Data.
Right to restrict the Data processing: In certain circumstances provided for in the legislation on data processing (when Personal Data are processed illegally, you contest the accuracy of the Data, you have objected to the processing of Data on the basis of our legitimate interest, etc.), you also have the right to inform in writing about the restriction of the processing of your Data.
- WHAT ARE THE PRINCIPLES OF THE PROTECTION OF PERSONAL DATA THAT WE ADHERE TO?
When collecting and using Personal Data entrusted to us as well as Personal Data from other sources, we adhere to the following principles:
9.1. Your Personal Data are processed in a lawful, fair and transparent manner (principle of legality, fairness and transparency).
9.2. Your Personal Data are collected for established, clearly defined and legitimate purposes and are not further processed in a manner incompatible with those purposes (purpose limitation principle).
9.3. Your Personal Data are adequate, relevant and only for the purposes for which they are processed (data minimisation principle).
9.4. Your Personal Data processed are accurate and, if necessary, updated (principle of accuracy).
9.5. Your Personal Data are stored in a form so that your personal identity could be established for no longer than is necessary for the purposes for which your Personal Data are processed (principle of the retention period limitation).
9.6. Your personal data are processed so that to ensure adequate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage of data (principle of integrity and confidentiality) by means of appropriate technical or organisational measures.
- WHAT DO WE COMMIT TO?
When collecting and using Personal Data entrusted to us as well as Personal Data from other sources, we undertake:
10.1. to process your Personal Data only for clearly defined and legitimate purposes;
10.3. to process your Personal Data lawfully, accurately, transparently, honestly and in such a way as to ensure the accuracy, identity and security of the Personal Data processed;
10.4. to ensure that excessive Personal Data are not processed;
10.5. to process your Personal Data for no longer than is necessary for the purposes for which the Personal Data are processed;
10.7. to perform other statutory duties.
- WHAT WAYS CAN YOU CONTACT US AND HOW WILL WE RESPOND TO YOU?
11.1. You may submit all requests for data processing to us in the following ways:
– E-mail: firstname.lastname@example.org
– Internet: www.vikonda.lt
– Postal correspondence address: Didžioji g. 22, LT-57255 Kėdainiai
Addressee: Lawyer of Koncernas VIKONDA, UAB
11.2. Our details as data controller and processor:
Koncernas VIKONDA, UAB
Legal entity code 261592650
Registered office: Didžioji g. 22, LT-57255 Kėdainiai, Republic of Lithuania
11.3. We will respond to your Request for data processing no later than within 30 (thirty) calendar days from the date of receipt of the Request. In exceptional cases requiring additional time, we will have the right, after informing you, to extend the time limit for the submission of the requested data or fulfillment of other requirements specified in your Request to 60 (sixty) calendar days from the date of your Request.
We will refuse to comply with your Request by reasoned response, when circumstance provided for in the GDPR and other legal acts are established, informing you about it in writing.
Cookie — what is it?
A cookie is a small information file sent to your computer, phone or other device while visiting a particular website and stored in your browser. Cookies are of different types, so the uses of cookies also vary. Cookies can be categorized according to their purpose, storage time and their location on the site.
What are cookies used on this site for?
Cookies allow the website to remember information about your browsing habits, actions and settings so that you can take full advantage of the website’s facilities. Cookies also allow you to monitor the frequency of visiting the website and collect general statistical information about the number of visitors to the website.
In some cases, deleting cookies may slow down the speed of browsing the Internet, limit the operation of certain features of the website, or block access to the site.
What cookies are NOT used on this website for?
The cookies we use do not contain sensitive personal information such as your address, password, credit or debit card details, etc.
Who uses information stored in cookies?
The information contained in our website’s cookies is exclusively used by our authorized employees, except for the “third-party cookies” listed below, which are used and processed by external entities providing services at our request related to the improvement of our services and facilitating browsing our website for the user. These “third-party cookies” are mainly used to obtain statistical information on visits.
How to change cookie settings?
You can choose cookies to accept or certain cookies to opt out by changing your browser settings. You can set your browser to immediately reject all or some cookies. You can also remove cookies that have already been stored on your computer or other device. Importantly, please note that each browser has a different method of customizing settings. If necessary, use your browser’s manual function to make the right choice.
Descriptions of cookies used on website of Koncernas VIKONDA, UAB (www.vikonda.lt):
|Cookie Name||Purpose||Period of Validity|
|_ga||Allows tracking the website by using “Google Analytics” analysis tool.||2 years|
|_gat||Doesn’t keep any information. Used only for restriction when sending information to “Google Analytics”.||Until the end of the session|
|_gid||“Google Analytics” cookie for distinguishing users.||1 day|