Pereiti prie pagrindinio turinio
Kraunama...

Privacy Policy

1. What does this Privacy Policy mean?

This Privacy Policy sets out the terms and conditions that users using UAB Optas IT services, Company's suppliers, partners and candidates must comply with. This Privacy Policy also sets out the basic details of personal data processing principles and the rights of data subjects.

This Privacy Policy is created based on the applicable laws governing the protection and security of Personal Data, directly applicable EU legislation, including the April 27, 2016 2016/679 General data Regulation (GDPR) and any amendments or additions thereto, other existing mandatory data protection provisions or security legislations.

The Company's services are intended for people over 14 years of age. Individuals under the age of 14 may not disclose any personal information to the Company.

2. About the data controller

UAB Optas IT (hereinafter – Company), Company code 305576024, registration address Partizanų str. 54, 49447 Kaunas, Lithuania. Contacts for personal data: email dpo@optas.eu.

3. Definitions

Personal data – any information relating to an identified or identifiable natural person (data subject).

A natural person (identifiable) – a person who can be directly or indirectly identified, in particular, by the identifiers such as the name, surname of the person, identification number, location data and internet identifier or one or more characteristics of that natural person's physical, physiological, genetic, mental, economic, cultural or social identity.

Customer – a natural or legal person who uses the services of the Company.

4. How do we collect and store your personal data?

The collection of personal data depends on the services and products you use, the contractual relationship with you and the data you provide to communicate with us.

The Company collects your personal data:

  • provided by you (directly from the data subject), e.g. when you communicate or have legal relations with the Company, i.e. you purchase goods and / or services or register for services, contact us for information, etc.
  • which is generated when you use our services, such as when you use the services, call us, send us a text message (SMS), browse the Internet, visit our websites or social network accounts, use our products, and so on.
  • which we receive from other sources, such as a legal basis, from other institutions or companies, etc. y. banks, credit bureau (for solvency assessment), publicly available registers, etc.
  • when data controllers entrust the collection and processing of your data to us by concluding a service agreement with us.

The processing of data shall be carried out in accordance with the following principles, as set out in Article 5 of the GDPR:

  • the principle of legality, fairness and transparency;
  • the principle of purpose limitation;
  • the principle of data reduction;
  • the principle of accuracy;
  • the principle of limiting the duration of storage;
  • the principle of integrity and confidentiality.

Your personal data is processed in accordance with the General Data Protection Regulation. When processing your personal data, we implement reasonable organizational and technical measures that ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure, as well as other unlawful processing.

5. What data do we collect and for what purposes?

Direct marketing and market research

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Sending offers, advertisements to customers and other interested people via email Name, surname, telephone number, email address 3 years Article 6 (1) (a) GDPR – consent of the data subject
Market research, customer satisfaction and quality analysis Customer's or potential customer's reaction, feedback, opinions 3 years Article 6 (1) (f) GDPR – legitimate interest

Your participation in seminars, events

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Publicity of information from events organized by the Company, informing the public about our events and promoting our notability The fact of your participation, name, surname, photo or video material 3 years Article 6 (1) (f) GDPR – legitimate interest
Preservation of data about past marketing activities Photos or videos from events, expense reports 10 years Article 6 (1) (f) GDPR – legitimate interest

Participation in vacancies / internships

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Selection for vacancies / internships Your resume and / or cover letter and / or other information provided from you Until the end of the recruitment Article 6 (1) (a) and (b) GDPR – consent of the data subject and the intention to conclude a contract
Selection for future vacancies / internships Your resume and / or cover letter and / or other information provided from you 3 years Article 6 (1) (a) and (b) GDPR – consent of the data subject and the intention to conclude a contract

Protection of property and individuals

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Protection of property and people in order to record, keep and examine incidents evidence (damage to property, theft, wrongdoing, injuries, accidents, etc.) Video data 14 days Article 6 (1) (f) GDPR – legitimate interest

Execution of contracts with suppliers / partners / customers

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Performance of a contracts with suppliers / partners / customers Name, surname of suppliers' or service providers' employees (natural and legal person), phone, email address, content of correspondence, date, other data related to the performance of the contract 3 years after the end of the contract and 10 years after the termination of the contract Article 6 (1) (b) GDPR – performance of a contract
Invoicing Name, surname, payer's details, bought services or goods 10 years Article 6 (1) (b) GDPR – performance of a contract
Debt administration Name, surname, position, information on indebtedness, contact details 10 years Article 6 (1) (f) GDPR – legitimate interest

Examination of inquiries, reports and complaints

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Inquiries (received via email, via website, social network account, phone) storage and processing Name, surname, email address, phone number, inquiry text / call content 1 year from the examination of the inquiry or according to a specific social network privacy policy Article 6 (1) (a) and (b) GDPR – consent of the data subject and performance of a contract
Customer service system and helpline: complaints, inquiries, consultations, incidents Contact details – name, surname, email address, place of work, telephone number, inquiry content, other communication details 3 years from the examination of the inquiry Article 6 (1) (b) and (f) GDPR – performance of a contract and legitimate interest of the data controller
Communication via remote communication applications Information provided by customers, suppliers, partners 1 year or according to the privacy policy of the specific application Article 6 (1) (f) GDPR – legitimate interest

Website / social network statistics and administration

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Monitoring social network account and website traffic statistics Cookies collect information related to website visitors (more information in the cookies section), anonymous statistics, social network data According to social network's, statistical service providers' privacy policies Article 6 (1) (a) and (f) GDPR – consent of the data subject and legitimate interest of the data controller

Data backup

Purpose of data processing
Processed personal data
Duration of data processing
Legal basis of data processing
Storage of data backups and archival data to ensure continuity and recoverability All data stored in the Company's information systems 1 year Article 6 (1) (f) GDPR – legitimate interest

6. The data collected in the website – cookies

A cookie is a small text file or piece of software that is sent to your device, that stores information about your browsing history and the data usage of your device. It is controlled by your web browser, sometimes it has a unique random number. You can read, destroy or change it.

Processed personal data
Processed personal data
Duration of data processing
Legal basis of data processing
_ga – analytical cookie used to collect statistical information about the website IP addresses and unique ID numbers are used for statistical information accounting. Accounting is done through Google analytics 2 years Article 6 (1) (f) GDPR - legitimate interest

7. Websites and social networks, communication programs

For your convenience, in order to spread information about our activities and to meet the needs and expectations of our customers, we administer the following data and social networking services:

When you visit our social network accounts, your data may also be processed by social network administrators. We also recommend that you read the privacy policies provided by the social networks:

We try to communicate with our clients through all available channels, including remote communication programs like Zoom, Skype, Google Duo and so on. We encourage you to review the privacy policies of the following programs:

8. Who can we disclose your data to?

  • To our professional advisors, auditors;
  • To notaries, if the contract concluded with you requires a notarial form;
  • Bailiffs, entities providing legal and / or debt collection services, entities taking over the right of claim, joint debtors' data processors;
  • To companies which provide data center, hosting, cloud services; website administration and related services; software development, provision and support services; information technology infrastructure services; communications services;
  • To companies providing advertising and marketing services;
  • To companies providing archiving, physical and / or electronic security, asset management and / or other services;
  • To state institutions in accordance with the procedure provided by law;
  • To law enforcement authorities at their request or on our initiative, if there is a suspicion that a criminal offense has been committed, as well as courts and other dispute resolution authorities, tax administrators;
  • Your personal data will not be transferred to a third country or international organization, except as provided in this Privacy Policy;
  • We will not transfer your personal data outside the European Union and / or the European Economic Community to third parties other than IT service providers located in, for example, the United States. In this case, the European Commission has declared that the third country provides an adequate level of protection ("eligibility decision"). In the absence of a decision on adequacy, the data may be transferred subject to appropriate safeguards, provided that the individuals have enforceable rights and effective remedies as provided in the GDPR.

9. Your rights

In accordance with the provisions of the GDPR, you, as a data subject, may exercise the following rights:

  • Right of access to personal data, i.e. make a request for information on whether your personal data is being processed, and if your personal data is being processed, you have the right to access your personal data that is being processed by the Company;
  • The right to correct personal data, i.e. make a request to correct your personal data if you identify that the personal data we process is incorrect, incomplete or inaccurate;
  • The right to delete data (the right "to be forgotten"), i.e. make a request to delete your personal data if your data is processed illegally or fraudulently;
  • The right to restrict the processing of data, i.e. make a request to restrict (suspend) the processing of your personal data, except for storage – in the event that, for example, you request to correct your personal data (while the accuracy of personal data is checked and / or corrected), or it is established that personal data is being processed unlawfully and you do not consent to the deletion of the data, or you have objected to the processing of your personal data or other cases;
  • The right to data transfer, i.e. make a request to transfer your personal data, which is processed by automated means;
  • The right to object to the processing of data, i.e. to object to the processing of personal data where the processing is carried out on a legitimate interest or a public interest basis;
  • The right to claim that you are excluded from a decision based solely on automated data processing, including profiling, which has legal consequences for you or which has a significant effect on you;
  • The right to revoke the consents given to us at any time regarding the processing of personal data, e.g. for direct marketing.

You can fulfill your rights by sending us a request in the form provided via email dpo@optas.eu

If you believe that your rights as a data subject have been or may be violated, please contact us immediately with a complaint via email. We assure you that after receiving your complaint we will contact you within a reasonable time and inform you about the progress of the complaint investigation and, subsequently, of the outcome. You can also submit a complaint with the supervisory authority.

10. Website visitor's / customer's responsibility

You are responsible for ensuring that the information you provide to us is accurate, correct and complete. If the data you provide changes, you must notify us immediately via email. In no event will we be liable for any damages incurred by you as a result of you providing incorrect or incomplete personal information or not informing us of such data change.

The information published on the Company's websites, its copying, reproduction, references to it are allowed only with the written permission of the Company. It can be obtained by contacting us via email info@optas.eu. This permission does not imply any transfer of rights in the material.

11. Privacy Policy oversight

We regularly review the compliance of this Privacy Policy with the law and the personal data processed by the Company.

We may update or change this Privacy Policy at any time. Such updated or amended Privacy Policy will be effective as of the date of its publication on our website or UAB Optas IT software.

This privacy policy was last modified on 2021-11-23.