Last updated: 2024-07-03
TeraSky Baltic, UAB
Privacy Policy
GENERAL PROVISIONS
1.1. We are committed to safeguarding your privacy and ensuring the security of your personal data; therefore, we have endorsed and issue this privacy policy (“Privacy Policy”), which explains the manner in which we process your personal data, delineates the rights to which you are entitled, and provides additional information concerning the processing of your personal data.
1.2. This Privacy Policy clarifies the data processing activities undertaken by us when you utilise our website, accessible at terasky-europe.com and teraskyeurope.com (hereinafter referred to as the “Website”), visit our social networking sites Facebook (https://www.facebook.com/teraskybaltics), Instagram (https://www.instagram.com/teraskybaltics), LinkedIn (https://www.linkedin.com/company/terasky-baltic) (hereinafter referred to as “Social Accounts”), order or use our services, and contact us by email, telephone, or other electronic communication channels.
1.3. In this Privacy Policy “personal data” (“Personal Data”) shall refer to any information or set of information from which we can directly or indirectly identify you, such as your name, surname, email address, telephone number, etc.
1.4. When we refer to “data controller” (hereafter referred to as the “Data Controller”) we mean an entity primary responsibility for determining the purposes and means of processing Personal Data, whereas the “data processor” (hereinafter referred to as the “Data Processor”) means an entity that is responsible for processing Personal Data on behalf of the Data Controller. “Sub-processor” (hereinafter referred to as the “Sub-Processor”) is an entity that is engaged to assist the Data Processor.
1.5. In processing Personal Data, we comply with the requirements of the General Data Protection Regulation 2016/679 (EU) (“GDPR”) and the legislation of the Republic of Lithuania, as well as the instructions of the controlling authorities.
1.6. Should you utilise the Website, visit our Social Accounts, use our services, or contact us, and have provided consent to receive direct marketing communications, we consider that you have read and understood the Privacy Policy. If you do not agree with this Privacy Policy, you cannot use the Website and our Social Accounts.
1.7. The Website and Social Accounts may contain links to, for example, websites of our partners or other projects of ours. This Privacy Policy does not apply to such external websites. We encourage you to review the privacy policies of any third-party sites or platforms before disclosing any personal information or proceeding further.
1.8. This Privacy Policy is subject to change; therefore, we advise you to periodically visit the Website to review the latest version of the Privacy Policy posted.
WHO ARE WE?
2.1. The Data Controller of your Personal Data is TeraSky Baltic, UAB, a private limited liability company incorporated in the Republic of Lithuania, legal entity code 304935428, address Kareivių str. 11B, LT-09133 Vilnius, the data is collected and processed in the Register of Legal Entities of the State Enterprise “Registrų Centras” (hereinafter referred to as the “Data Controller” or TeraSky Baltic, UAB or “We”). We administer the Website and provide services accessible through it. Additionally, we may act as your client or potential employer.
2.2. Upon separate agreement, we may also provide you the services outside the Website, which may involve the processing of personal data as described in this Privacy Policy. In such cases, we, inter alia, may act as the Data Processor or Sub-processor. In such events, our rights and duties in data protection are provided for in section 8 of this Privacy Policy.
HOW DO WE RECEIVE YOUR PERSONAL DATA?
3.1. We receive your Personal Data:
3.1.1. directly from You when You provide your Personal Data to us. For example, when You use the Website and the services provided by us, make a payment, communicate with us by email or telephone, etc.;
3.1.2. when You use the Website or Social Accounts. For example, We may record Your visit history on the Website, purchases, IP address, service preferences, accessed URL links, etc.;
3.1.3. from other persons, such as your employer, service provider who identifies You as a contact person, payment institutions regarding payments made, etc.;
3.1.4. in the events where we act as the Data Processor or Sub-processor, if not collected as described above, we may also receive the Personal Data to be processed from the Data Controller(s) or, respectively, Data Processor(s).
3.2. When You provide Personal Data about yourself or others (e.g., about your employees, agents), You are responsible for the accuracy, completeness, and timeliness of such Personal Data, as well as for obtaining the necessary consent or informing the individual whose Personal Data is being provided to us. In certain cases, We may request confirmation from You that You have the right to provide us with Personal Data, for example, by completing registration forms.
WHAT PERSONAL DATA DO WE PROCESS ABOUT YOU?
4.1. Acting as Data Controller, We process your Personal Data for the following purposes and in accordance with the following terms and conditions:
4..1.1. Purposes of personal data processing: Website administration, ensuring functionality and security, quality improvement, fraud prevention, and the administration of electronic information delivery channels. Processed personal data: Data collected with the help of IP address, cookies, unique mobile device user number, and other settings includes information about the device being used (model, operating system, browser type and version), the unique device identifier (such as your device’s IMEI number, the device’s wireless network interface MAC address, or the mobile phone number used by the device), mobile network information, and analytical data. This analytical data encompasses information about your visit, including the links you clicked on our Website to and from it (including date and time), viewed or searched services, page response times, the amount of time spent on certain pages, page interaction information (such as scrolling and clicks), and methods used to exit the page. Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: Website data is stored as specified in the “How do We Use Cookies and Other Tracking Technologies” section of this privacy policy. Data not covered by tracking technologies is retained for no longer than three years from the date of collection. If consent is withdrawn, the data will be retained until the expiry of the consent (when data is processed based on consent). Legal grounds for personal data processing: Consent of the data subject (Article 6(1)(a) of the GDPR). The legitimate interests of the controller to fulfil their obligations efficiently and effectively, and to manage electronic information delivery channels (Article 6(1)(f) of the GDPR).
4..1.2. Purposes of personal data processing: Conclusion and execution of agreements for our services. Processed personal data: Your name, surname, email address, phone number, address, payment account number, payment information, order information, and other information, the name of the represented legal entity, address, position and/or relationship with the represented legal entity, content and messages related to the ordering of goods and services. Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: We will process your personal data for the duration of the agreement and for 10 years following the termination of the agreement. Legal grounds for personal data processing: The processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) of the GDPR); The legitimate interests of the controller or third party to fulfil our obligations efficiently and effectively (Article 6(1)(f) of the GDPR).
4..1.3. Purposes of personal data processing: Consultation on services available on the Website and outside the website, quality assurance. Processed personal data: If provided: name, surname, email address, phone number; Person represented (if you represent a company or another person), your relationship with the person represented; Subject and content of the communication (message, reply) and any data necessary to address quality issues; In the case of communication via social networks, we may collect publicly visible information from your account. Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: The data is stored for the duration of the communication and for up to 1 year after the end of the communication (last message); For Social Accounts, data is stored according to their respective settings; When processing data based on your consent, we shall do so for the duration of your consent. Should you withdraw your consent, we shall retain the data until the originally agreed upon period of consent has expired. Legal grounds for personal data processing: Consent of the data subject (Article 6(1)(a) of the GDPR); The legitimate interests of the controller to provide information and to ensure the quality of the service efficiently and effectively (Article 6(1)(f) of the GDPR).
4..1.4. Purposes of personal data processing: Creation and execution of agreements necessary for service provision and Company operations, other internal administration. Processed personal data: Name, surname, email address, phone number, position, workplace, represented person (when representing a company or another person), relationship with the represented person, individual activity data, other collaboration data. Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: Data is retained for the duration of the agreement/relationship maintenance period and for 10 years after the termination of the agreement/relationship (expiry of the contract). Legal grounds for personal data processing: The processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) of the GDPR); The legitimate interests of the controller or third party to fulfil our obligations efficiently and effectively (Article 6(1)(f) of the GDPR).
4..1.5. Purposes of personal data processing: Managing payments, accounting, debt management. Processed personal data: Name of the payer / person for whom the payment is made; Personal identification number (if applicable); Person represented (when representing a company or another person), relationship with the person represented; Address, email address, telephone number; Amount of the payment, date of the payment, number of the payer’s account, payment institution, confirmation of payment by the collector of the contribution; Details of the arrears (date, amount, basis of the origin of the arrears, debtor passed on / unpassed to the debtor for collection). Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: Personal data is processed in accordance with applicable laws, including the General Document Retention Schedule approved by the Chief Archivist of the Republic of Lithuania on the 9th of March 2011, Order No. V-100. When personal data does not fall within the scope of the aforementioned retention schedule, we will process it during the validity of the contract or the cooperation between the parties and for 10 years after the termination of the contract and/or relationship (last contact). Legal grounds for personal data processing: The processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) of the GDPR);The processing is necessary for compliance with a legal obligation imposed on the controller (Article 6(1)(c) of the GDPR) in accordance with the Law on Tax Administration of the Republic of Lithuania (Official Gazette, 2004-04-28, No. 63-2243), Law on Financial Accounting of the Republic of Lithuania (Official Gazette, 2001-11-28, No. 99-3515), Law on Companies' Financial Reporting of the Republic of Lithuania (Official Gazette, 2001-11-28, No. 99-3516), Law on Payments of the Republic of Lithuania (Official Gazette, 1999-11-17, No. 97-2775); Law on Companies of the Republic of Lithuania (Official Gazette, 2000-07-31, No. 64-1914), and other legislation; The legitimate interests of the controller or third party to effectively manage financial operations and debts (Article 6(1)(f) of the GDPR).
4..1.6. Purposes of personal data processing: Assessment and selection of candidates for the proposed job position. Processed personal data Your name, surname, email address, phone number, address, educational and professional background (experience) data, content of the resume, and any other information voluntarily provided by the candidate for recruitment and/or assessment purposes. Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: We will process your personal data during the recruitment period (recruitment is considered completed upon selecting a candidate for the proposed position or announcing a new recruitment) and for 3 months after the end of the recruitment, if the candidate's consent to retain the data after recruitment is obtained (unless consent is revoked earlier). Legal grounds for personal data processing: The processing is necessary for the conclusion of the contract (Article 6(1)(b) of the GDPR) when you submit your candidacy for our proposed job position; Consent of the data subject (Article 6(1)(a) of the GDPR) when you consent to the storage of data after the recruitment process.
4..1.7. Purposes of personal data processing: Managing Social Accounts. Processed personal data: Username, comments and shares on the post, information about clicks on “like” and “follow”, information about reactions to entries, photo, details of the message and the reply to the message (time of receipt, content, attachments), rating information, and any other information You provide. Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: Information on social media accounts is stored according to the terms set by the social media platform owners. Upon withdrawal of consent – until the expiration of consent (when data is processed based on consent). Legal grounds for personal data processing: Consent of the data subject (Article 6(1)(a) of the GDPR). The legitimate interests of the controller to effectively manage social media accounts and other electronic information delivery channels (Article 6(1)(f) of the GDPR).
4..1.8. Purposes of personal data processing: Publicly informing about the Company’s activities. Processed personal data: Personal data, photographs, video material, excerpts from training content contained in publications, magazines, and other presented content. Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: Data is processed for 5 years from the date of collection; Upon withdrawal of consent – until the expiration of the consent (when data is processed based on consent); Publicly disclosed data (in publications, magazines, etc.) are processed until the end of their public disclosure. Legal grounds for personal data processing: Consent of the data subject (Article 6(1)(a) of the GDPR). The legitimate interests of the controller or third party to effectively manage electronic information delivery channels (Article 6(1)(f) of the GDPR).
4..1.9. Purposes of personal data processing: Resolving disputes and claims. Processed personal data: Name, surname, email address, phone number, address, position; represented person (when representing a company or another individual), relationship with the represented person; content of the complaint/claim/legal document, information related to the dispute/claim.Personal data retention periods, upon expiration, the personal data shall be destroyed immediately, but no later than the next business day: The data is stored for the entire period of dispute/claim examination and for 3 years after the non-judicial examination of the dispute/claim, as well as for 10 years after the completion of judicial dispute resolution. Legal grounds for personal data processing: The processing is necessary for compliance with a legal obligation imposed on the controller (Article 6(1)(c) of the GDPR) in accordance with the Civil Code of the Republic of Lithuania (Official Gazette, 2000-09-06, No. 74-2262), the Code of Civil Procedure of the Republic of Lithuania (Official Gazette, 2002-04-06, No. 36-1340), and other legislation; Legitimate interests of the controller or of a third party to assert, exercise, or defend their rights and legal claims (Article 6(1)(f) of the GDPR).
4.2. You have the right to object to or withdraw your consent to the processing of your Personal Data at any time when such processing is based on consent.
4.3. In some cases, we may use the contacts you have provided to send you messages or call you in connection with our services. Such communications are essential for the proper provision of our services and are not considered promotional communications.
4.4. You have the right to amend and update the information we hold about You. In some cases, it is necessary for us to have accurate up-to-date information pertaining to You and We may request that You confirm the accuracy of information we hold about You.
SOCIAL ACCOUNTS
5.1. We post information regarding our Website, activities, services offered, changes to said services, and other news on our Social Accounts. Additionally, we may post advertisements or communicate with you through them to respond to your inquiries.
5.2. It is important to bear in mind that users of Social Accounts are subject not only to this Privacy Policy, but also to the privacy policies, rules and terms of use of the operators of the social networks on which the Social Accounts are located. When You interact with us on the Social Accounts and provide certain information (for example, by messaging us and commenting on our posts), We may see public information about your profile (such as your name, image, email, etc.) depending on the privacy settings you have selected. This information, for example, a comment you have posted, may also be visible to other visitors to a particular Social Account, depending on the privacy settings You have selected.
HOW DO WE USE YOUR PERSONAL DATA AND WHAT PRINCIPLES DO WE ADHERE TO?
6.1 We respect Your privacy and only collect and process Personal Data that is necessary to achieve our stated purposes for processing Personal Data.
6.2. In processing your Personal Data, we shall:
6.2.1. comply with the requirements of applicable and valid legislation, including the GDPR;
6.2.2. process your Personal Data in a lawful, fair and transparent manner;
6.2.3. We collect your Personal Data for specified, clearly defined and legitimate purposes and We do not process it in a manner that is incompatible with those purposes, except to the extent permitted by law;
6.2.4. We take all reasonable steps to ensure that Personal Data which is not accurate or complete in relation to the purposes for which it is processed is promptly rectified, supplemented, its processing is suspended, or it is destroyed;
6.2.5. We retain them in a form which permits your identification for no longer than is necessary for the purposes for which the Personal Data is processed;
6.2.6. We do not provide Personal Data to third parties and will not disclose it other than as set out in the Privacy Policy or applicable law;
6.2.7. We ensure that your Personal Data is processed securely, by implementing technical and organizational security measures, and by restricting access to your Personal Data to those of our employees who need such access for the purposes of their job functions.
TO WHOM AND WHEN DO WE TRANSFER YOUR PERSONAL DATA?
7.1. We may transfer your Personal Data to processors or recipients who assist us in the performance of our activities:
7.1.1. providers of financial accounting and financial transaction services;
7.1.2. IT solution providers;
7.1.3. providers of insurance service;
7.1.4. cloud and hosting service providers;
7.1.5. providers of payment collection service.
7.2. To enable us to publish content on Social Accounts, We disclose data to the following operators of social networking platforms:
7.2.1. Meta Platforms Ireland Ltd (Ireland) and Meta Platforms, Inc., (USA), (data is transferred in accordance with the EU Standard Contractual Clauses approved by the European Commission);
7.2.2. LinkedIn Ireland Unlimited Company (Ireland) and LinkedIn Corporation (USA) (data transferred in accordance with the EU Standard Contractual Clauses approved by the European Commission).
7.3. We may disclose data to law enforcement and pre-trial investigation authorities, courts and other dispute resolution authorities, as well as to other individuals or entities performing functions mandated by law, in accordance with the procedure stipulated by the legislation of the Republic of Lithuania. We provide these entities with information that is required by law or as specified by the entities themselves.
7.4. We may also transfer data, if necessary, to companies that would buy or acquire our business or engage in joint activities or other forms of cooperation with us, as well as to companies established by us.
7.5. We generally process Personal Data within the EU / EEA, but in some cases your Personal Data may be transferred outside the EU / EEA. The transfer of your Personal Data outside the EU / EEA is based on:
7.5.1. a data processing or supply agreement that describes such transfer and includes Standard Contractual Clauses for international transfers; or
7.5.2. an adequacy decision adopted by the European Commission, which means that the European Commission has recognized the country in which the third party is established and / or carries on business as providing an adequate level of protection of personal data; or
7.5.3. a specific authorization by the data protection supervisory authority to carry out such transfer; or
7.5.4. your consent to the transfer of your Personal Data outside the EU / EEA.
HOW DO WE PROCCESS PERSONAL DATA WHEN WE ACT AS THE DATA PROCESSOR?
8.1. When we gain access to and process Personal Data through our clients’ use of the services provided by us, we operate as a Data Processor (or Sub-processor) for the Personal Data managed by our client acting as the Data Controller (or Data Processor) (hereinafter referred to as the “Client”).
8.2. In this Section, our duties when serving as a Sub-processor to a Client functioning as a Data Processor will mirror our responsibilities acting as a Data Processor outlined below.
8.3. The data processed by us as a Data Processor may include identification and contact data (name, surname, workplace, position, phone number, email, username, other data), also the data received during the provision of services (name, surname, workplace, position, phone number, email, username, IP address, other data).
8.4. Acting as Data Processor we process the Personal Data for no longer than the duration of Client’s use of our services, unless such data must be retained for a longer period to substantiate the proper provision of services.
8.5. Acting as a Data Processor, we undertake to:
8.5.1. Process Personal Data only to the extent necessary for the performance of the Client’s task and the provision of services;
8.5.2. Immediately inform the Client if we are unable to process Personal Data for any reason;
8.5.3. Entrust the processing of Personal Data only to authorized persons who have assumed the duty of confidentiality to the extent necessary;
8.5.4. Upon receipt of a request from the data subject, the supervisory authority or any other person to provide the processed Personal Data, transmit such request to the Client;
8.5.5. Not to use Personal Data for purposes other than the performance of the Client’s task. We will take measures to prevent accidental or unlawful destruction, alteration, disclosure of Personal Data, as well as any other unlawful processing;
8.5.6. Apply appropriate technical and organizational security measures to protect Personal Data in accordance with the GDPR;
8.5.7. Taking into account the nature of the Personal Data provided, the manner in which it is provided, to enable the Client to access, correct, delete, restrict and transfer the Personal Data processed by us;
8.5.8. Considering the nature of the processing of Personal Data, the way it is provided, and the technical and organizational measures applied, at the request of the Client, to assist:
8.5.8.1. To fulfil the Client’s obligation to respond to requests to exercise the rights of the data subject to the extent that such rights are applied taking into account the services provided and the circumstances for the processing of Personal Data;
8.5.8.2. To fulfil specific obligations applicable to the Client under the GDPR or other legal acts regulating the protection of Personal Data, such as reporting a Personal Data breach, providing information in the context of a data protection impact assessment and prior consultations.
8.6. Should the Client issue an instruction or request that results in additional costs not previously agreed upon for reimbursement by the Client, we shall promptly notify the Client. In such circumstances, we reserve the right to suspend the processing of Personal Data, with the exception of its storage, until the matter of compensating the additional costs is satisfactorily resolved.
8.7. In the event that we identify any personal data breaches, whether due to actions or omissions that may compromise or threaten the security of Personal Data, we shall promptly notify the Client in writing, supplying all information required by the GDPR.
8.8. At the Client’s request, we will provide the information necessary to prove compliance with the applicable Personal Data processing obligations, as well as allow the Client to perform audits and inspections and cooperate in their performance.
8.9. The Client shall have the right to carry out an audit once a year, during normal business hours on our premises or at another place specified by us to the extent necessary to verify how we comply with the requirements of personal data protection legislation related to the our activities. The Client shall provide advance notice of the planned audit within a reasonable period of at least 30 (thirty) days, unless otherwise mutually agreed upon. The audit shall be carried out based on questions specifically related to the Client and agreed in advance with us. The audit shall respect confidentiality. The audit shall not interrupt our activities and may be carried out by Client staff or an auditor acting on behalf of the Client. We may object to the use of an auditor if he/she carries out activities that are in competition with our activities and, in our reasonable opinion, will not ensure the proper confidentiality of audit information. Both the Client and the auditor the Client uses shall be committed to our security procedures and confidentiality obligation.
8.10. We do not grant access at the time of the audit to confidential information and / or Personal Data and data of third parties that we are obliged to keep confidential in accordance with legal acts, as well as our systems and / or IT infrastructure used to provide services.
8.11. We allow the Client to carry out a verification related to the processing of Personal Data, which is obligated to be carried out by the supervisory authority in accordance with the Personal Data Protection legislation. Verification may be carried out only to the extent defined by law and, in any event, the confidentiality of the information obtained during the inspection must be ensured, unless the law requires such information to be made public. We may ask the Client to reimburse reasonable costs incurred as a result of such verification.
8.12. Where the processing of Personal Data is not necessary for the performance of our obligations in respect to the Client, we will destroy (or return) to the Client all Personal Data processed by the on Client’s behalf and delete copies of this data, unless otherwise provided for in the Personal Data protection legislation.
8.13. Liabilities of the Client:
8.13.1. The Client shall ensure that the Personal Data submitted to us for processing is collected and processed lawfully, for legitimate purposes, and on valid legal grounds. The Client affirms that it has obtained all necessary consents and has the right to transfer the Personal Data to us. Furthermore, the Client undertakes to adequately inform data subjects about the processing and transfer of their Personal Data to us. The Client shall be liable for any damages suffered by data subjects as a result of improper processing of Personal Data by the Client.
8.13.2. We do not independently verify the lawfulness of the transfer of such data. Should any individual indicate that the Personal Data transferred to us has been collected or processed unlawfully, we will immediately suspend the processing of said Personal Data until the Client refutes these allegations. The Client shall bear all costs and negative consequences arising from such a refutation, including any delays in the provision of services. We shall not be liable for any such consequences.
8.13.3. The Client undertakes to provide necessary and lawful instructions regarding the processing of Personal Data in a timely and proper manner, along with all requisite information and documents for such processing. Instructions shall be furnished in writing, which includes email or completion of our prepared forms.
WHAT RIGHTS DO YOU HAVE?
9.1. As a data subject, You have the following rights in relation to your Personal Data:
9.1.1. to informed about the processing of your Personal data and to have access to your Personal Data, i.e., to receive a notice confirming whether We are processing your Personal Data and, if We are, to request access to the data processed and the information relating to it;
9.1.2. to ask us to correct inaccurate or incorrect information We use or to supplement information where it is incomplete;
9.1.3. to ask us to erase information We hold about You where there is a basis for erasure;
9.1.4. to request us to restrict the processing of the information We hold about You where You contest the accuracy of the data or object to the processing of the data, You object to the erasure of your data which is unlawfully processed, or You need the data in order to assert, exercise, or defend legal claims;
9.1.5. to object to the use of your data where We process your data for our and / or third parties legitimate interests (including profiling, if we were to conduct such);
9.1.6. to request us to transfer / receive data that You have provided to us under a contract or consent and that We process by automated means in a commonly used electronic format;
9.1.7. to object to the application to You of a fully automated decision, including profiling, where such a decision may have legal consequences or a similar significant effect on You;
9.1.8. to withdraw the consents, You have given us to use information about You where We are using the data on the basis of your consent, including when we process Personal data for direct marketing purposes, as well as when we conduct profiling related to direct marketing;
9.1.9. lodge a complaint with the relevant data protection supervisory authority.
9.2. We may refuse to fulfil your rights, except for the right to object to the processing of your Personal Data when it is processed based on consent, including consent for direct marketing, where We are not permitted to comply with your request under the GDPR.
9.3. If You wish to withdraw your consent for the processing of Personal data or to exercise any of your rights set out above, You may contact us by email at office.vilnius@terasky.com. In order to better understand your request, We may ask you to fill in the relevant request form, request a signed request with an advanced or qualified electronic signature, send the request by post or visit us in person.
9.4. For security reasons, in some cases We will only be able to process your request after verifying your identity. We may, therefore, ask you to prove your identity, for example by providing an identity document or other pertinent information.
9.5. We do not typically charge any fee for exercising your rights. However, the law permits us to charge a reasonable fee or to refuse to comply with your request if it is manifestly unfounded or excessive.
9.6. Upon receipt of your request or instruction regarding the processing of your Personal Data, We will provide You with a response within no later than 1 month from the date of the request and will execute the actions specified in the request or inform You why We refuse to do so. If necessary, the time limit may be extended by an additional 2 months due to the complexity and number of requests. In this case, We will notify You of the extension within 1 month of receiving the request.
9.7. If Personal Data is erased at your request, We may retain copies of the information as necessary to protect our legitimate interests and those of others, to comply with obligations of public authorities, to resolve disputes, to identify disturbances or to comply with agreements.
HOW DO WE PROTECT YOUR PERSONAL DATA?
10.1. Your Personal Data is processed responsibly and securely, safeguarded against loss, unauthorized use and alteration. We have implemented both physical and technical measures to protect the information we collect from accidental or unlawful destruction, damage, alteration, loss, disclosure or any other unauthorized processing. The security measures for Personal Data shall be determined taking into account the risks involved in the processing of Personal Data.
10.2. Our employees are under a written obligation not to disclose or distribute your Personal Data to any unauthorized third party.
HOW DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
11.1. A cookie is a small text file that is stored in the browser or on your device (computer, tablet, mobile phone). In this Privacy Policy, we use the term “cookies” to refer to cookies and other similar technologies such as Pixel Tags, Web Beacons and Clear GIFs.
11.2. Cookies may be used to analyse information flows and user behaviour, to promote trust, to ensure security and the proper functioning of the Website, to remember preferences, to personalise the content displayed, and to link the Website to Social Accounts.
11.3. We may use mandatory cookies that are necessary for the operation of the Website; analytical cookies that analyse the use of the Website, functional cookies that remember users' preferences, ensure the smooth and secure operation of the Website and help to improve the functionality of the Website; performance cookies; third party cookies; advertising cookies that are designed to show you both personalised and generic advertisements.
11.4. Cookies used on our Website:
11.5. In addition, We use technological tools and solutions that record cookies and collect data:
Tool name:
Google Analytics
Tool purpose:
Generate statistics on the use of the website, aiming to reduce the frequency of requests. The collected data is transmitted to the USA. You can prevent Google Analytics from working by adjusting your browser settings or installing a browser plug-in. For more information, please refer to: https://tools.google.com/dlpage/gaoptout?hl=en.
11.6. Some third parties, such as social network operators, may use their own anonymous cookies to tailor the apps or applications they create to your needs. We do not control the use of these cookies. We recommend that you check the privacy policy of the third party for more detailed information.
11.7. On the Website, you can manage cookies by selecting the options in the cookie bar or adjusting the settings of the browser you use. You can refuse the use of optional cookies, but this may result in some of the Website's functionality not working and may slow down its performance. To manage cookies on your mobile device, please follow the official instructions for that device. For more detailed information on managing cookies, please visit http://www.AllAboutCookies.org or https://www.google.com/privacy_ads.html, as well as the help page of the browser you are using. You can manage the use of advertising cookies on the Network Advertising page at http://www.networkadvertising.org/managing/opt_out.asp.
CONTACT US
12.1. If you have any questions, comments or complaints about how We collect, use and store information about You, or if You wish to exercise your rights as a data subject, You may contact us at: office.vilnius@terasky.com.
12.2. If you believe that the processing of Your personal data infringes the provisions of the GDPR, You have the right to lodge a complaint with the supervisory authority. - State Data Protection Inspectorate, located at: L. Sapiegos str. 17, LT-10312 Vilnius, Lithuania, email: ada@ada.lt, website: https://vdai.lrv.lt/. We aim to promptly and amicably resolve all disputes; therefore, we firstly invite you to contact us.
FINAL PROVISIONS
13.1. If we were to amend this Privacy Policy, we will notify you by posting the updated Privacy Policy on the Website, via your email if you have provided one to us, or through other customary means of communication.