Privacy Policy

The purpose of the privacy policy is to inform how personal data of subjects are collected and processed, to explain how long they are stored, to whom they are provided, what rights have data subjects and where to apply for their implementation or other issues related to personal data processing.

Personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 of the European Union (hereinafter - the Regulation), the Law of Republic of Lithuania on Legal Protection of Personal Data and other legal acts regulating the protection of personal data.

UAB "Sistemų registras" adheres to the following basic data processing principles:

  • personal data is collected only for clearly defined and legitimate purposes;
  • personal data is processed only legally and fairly;
  • personal data is constantly updated;
  • personal data is stored securely and for no longer than the established purposes of data processing or legal acts require;
  • personal data is processed only by employees of the Company who have been granted such a right according to their work functions or by authorized data processors.

 

  1. CONCEPTS

 

  • Data controller - UAB "Sistemų registras" (hereinafter - the Company), registration code 302834882, registration address Taikos pr. 131B, Kaunas .
  • Data subject - any individual whose data is processed by the Company. The data manager collects only that data of the subject which is necessary for the performance of the Company 's activities and/or visiting, using, browsing the Company 's websites, the Facebook account of the social network, etc. (hereinafter - Website). The company ensures that the collected and processed personal data will be secure and will be used only for a specific purpose.
  • Personal data - any information directly or indirectly related to a data subject whose identity is known or can be directly or indirectly determined using the relevant data. Processing of personal data is any operation performed with personal data (including collection, recording, storage, editing, modification, granting of access, submission of requests, transfer, archiving, etc.).
  • Agreement - any voluntary and knowingly given confirmation by which the data subject agrees to the processing of his personal data for a specific purpose.

 

  1. SOURCES OF PERSONAL DATA

 

  • Personal data is provided by the data subject. The data subject applies to the Company, registers for training organized by the Company, uses the services provided by the Company, purchases goods and/or services, leaves comments, asks questions, applies to the Company for information, etc.
  • Personal data is obtained when the data subject visits the Company on the website. The data subject fills in the forms therein or leaves his contact details for any reason, etc.
  • Personal data is obtained from other sources. Data is obtained from other institutions or companies, publicly available registers, etc.

 

  1. PROCESSING OF PERSONAL DATA

 

  • By submitting personal data to the Company, the data subject agrees that the Company will use the collected data to fulfill its obligations to the data subject, providing services that the data subject expects.
  • Company processes personal data for the following purposes:

 

  • inquiries, comments and complaints. For this purpose, the following data is processed:
  • Name(s), surname(s) and/or username, e-mail address, telephone number, address, subject of message, comment, feedback or complaint, text of message, comment, feedback or complaint.
  • The data of requests, comments and complaints are stored for 1 calendar year after their submission.
  • Data handling legal the basis is to manage data necessary in order to legitimate data manager or the third of the country interests, except cases where such data subject interests or main rights and freedom, for which it is necessary to ensure person data protection, are higher, especially when the data subject is child (BDAR 6 d. 1 f point) and data subject agreement (BDAR 6 d. 1 a point).

 

  • With others purposes for which Company have right to manage the personal data of data subject when data subject expressed own agreement and when data is needed to manage because of Companies legitimate of interest or when to handle data Company obliges corresponding legal acts.

 

  1. USE OF SOCIAL NETWORKS

 

  • All information you provide via social media (including messages, use of the "Like" and "Follow" boxes , and other communications) is controlled by the operator of the relevant social network.
  • Currently, our Company has an account on the social network Facebook, whose privacy policy is available at https://www.facebook.com/privacy/explanation ;
  • Currently, our Company has an account on the LinkedIn social network , whose privacy policy is available at https://www.linkedin.com/legal/privacy-policy ;
  • Currently, our Company has an account on the social network YouTube, whose privacy policy is available at https://policies.google.com/privacy?hl=en-US .
  • We recommend that you read the privacy notices of third parties and contact the service providers directly, if you have any questions about how they use your personal data.

 

  1. PROVISION OF PERSONAL DATA

 

  • The Company undertakes to observe the duty of confidentiality towards the data subjects. Personal data may be disclosed to third parties only if it is necessary to conclude and execute a contract for the benefit of the data subject, or for other legitimate reasons.
  • The Company may provide personal data to its data processors who provide services to the Company and process personal data for the Company on behalf of her. Data processors have the right to process personal data only according to the Company instructions and only to the extent that it is necessary in order to properly fulfill the obligations set out in the contract. The company uses only those data processors who sufficiently ensure that appropriate technical and organizational measures will be implemented in such a way that the data processing meets the requirements of the Regulation and ensures the protection of the data subject's rights.
  • The Company may also provide personal data in response to court or state authority requests to the extent necessary to properly comply with applicable legislation and state authority orders.
  • The Company guarantees that personal data will not be sold or rented to third parties.

 

  1. PROCESSING OF PERSONAL DATA OF MINORS

 

  • Persons under the age of 14 may not provide any personal data through the Company's If a person is younger than 14 years old, in order to use the Company's services, before providing personal information, it is mandatory to provide the written agreement of one of the representatives (father, mother, guardian(s)) regarding the processing of personal data.

 

  1. PERSONAL DATA STORAGE PERIOD

 

  • Personal data collected by the Company is stored in printed documents and/or in the Company's information systems. Personal data is processed no longer than it is necessary to achieve the purposes of data processing or no longer than it is required by the data subjects and/or provided by legal acts.
  • Although the data subject may terminate the contract and refuse the Company 's services, the Company must continue to store the data subject's data due to possible future demands or legal claims until the data storage terms expire.

 

  1. RIGHTS OF THE DATA SUBJECT

 

  • The right to receive information about data processing.
  • The right to access the processed data.
  • The right to demand rectification of data.
  • The right to request deletion of data ("Right to be forgotten"). This right does not apply, if the personal data that is requested to be deleted is also processed on another legal basis, such as the processing is necessary for the performance of a contract or is the fulfillment of an obligation according to applicable legislation.
  • The right to restrict data processing.
  • The right to object to data processing.
  • Right to data portability . The right to data portability cannot adversely affect the rights and freedoms of others. The data subject does not have the right to data portability in relation to personal data that is processed manually in systematized files, such as paper files.
  • The right to request that a decision based solely on automated data processing, including profiling, would not be applied.
  • The right to submit a complaint regarding the processing of personal data to the State Data Protection Inspectorate .
  1. The company must provide conditions for the data subject to implement the above-mentioned rights of the data subject, with the exception of cases established by law when it is necessary to ensure state security or defense, public order, prevention, investigation, detection or prosecution of criminal activities, important economic or financial interests of the state, official or professional prevention, investigation and detection of ethical violations, protection of the rights and freedoms of the data subject or other persons.

 

  1. PROCEDURE FOR IMPLEMENTATION OF THE DATA SUBJECT RIGHTS
    • The data subject, in order to exercise his rights, can apply to the Company :
      • by submitting a written request in person, by mail, through a representative or by means of electronic communication - e-mail: oshpass@sertifikuoti.lt ;
      • orally - by phone: +370 698 31801 ;
      • in writing - the address: Taikos pr. 131B, Kaunas .
    • You can also contact the Company's data protection officer, e-mail by mail: isaledusduomenys@sdg.lt .
    • In order to protect data from illegal disclosure, the Company , upon receiving a data subject's request to submit data or exercise other rights, must verify the identity of the data subject.
    • The company 's response to the data subject is provided no later than within one month from the data subject days of receipt of the request, taking into account the specific circumstances of personal data processing. This period may be extended by another two months if necessary, depending on the complexity and number of requests.

 

  1. RESPONSIBILITY OF THE DATA SUBJECT

 

  • The data subject has:
    • inform the Company about changes in the provided information and data. It is important for the company to have correct and valid data subject information;
    • to provide the necessary information so that, at the request of the data subject, the Company can identify the data subject and make sure that it is really communicating or cooperating with a specific data subject (provide a document confirming the identity of the person or in accordance with the procedure established by legal acts or electronic means of communication that would allow the proper identification of the data subject). This is necessary for data protection of the data subject and other persons, so that the disclosed information about the data subject is provided only to the data subject, without violating the rights of other persons.

 

  1. FINAL PROVISIONS

 

  • By transferring personal data to the Company , the data subject accepts this Privacy Policy, understands its provisions and agrees to comply with it.
  • Based on the development and improvement of the Company’s activities, the Company has the right to unilaterally change this Privacy Policy at any time. The company has the right to unilaterally, partially or completely change the Privacy Policy by announcing it on the website oshpass.eu .
  • Additions or changes to the privacy policy take effect from the date of their publication, that is, from the day they are placed on the website oshpass.eu