We realise the special significance of protecting your personal data and therefore will only collect and process your data that are required for the purposes of our business. We process personal data in a legal, transparent, and fair manner, for predetermined purposes and only to the extent required for achieving the processing purposes. As we process personal data, we seek that they are accurate, secure, confidential, and kept and stored properly.
For the purposes of processing your personal data, we follow the personal data requirements prescribed by General Data Processing Regulation (EU) 2016/679 dated 27 April 2016 (GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania, as well as other regulations and/or regulatory bodies.
1. WHAT THIS DOCUMENT IS ABOUT
1.1. As you read this privacy policy (the ‘Privacy Policy’) you will learn how and for what purposes we process your personal data, the sources where we obtain the data, the recipients of the data, the procedure for storing them, as well as the rights you have as a personal data subject.
1.2. This Privacy Policy determines the privacy rules applicable to the use of our website, https://www.corpusa.lt (the ‘Website’). Please read this Privacy Policy carefully, for it will apply every time you visit our Website. If you do not accept our Privacy Policy, you should discontinue using our Website.
1.3. For the purposes of this Privacy Policy, the term ‘personal data’ will mean any directly or indirectly identifiable information. Personal data include, for instance, your name and last name, e-mail address, phone number, location data and internet identifier, your characteristics, and other personal data as defined by the GDPR.
2. WHAT WE ARE
2.1. UAB Corpus A, domiciled at Gabijos g. 52-102, LT-06157 in Vilnius, business ID 125167563, phone: +370 700 33390, e-mail: info@corpusa.lt.
2.2. UAB Corpus A is legally the controller of your personal data in the cases and to the extent outlined in the present Privacy Policy.
2.3. Details of the Data Protection Officer: Inga Sevelionienė, phone: 8 640 26 733, e-mail: i.sevelioniene@corpusa.lt.
3. THE PRINCIPLES THAT WE FOLLOW
3.1. For the purposes of processing your personal data, we will:
a) follow the effective and applicable regulations, including the GDPR;
b) process your personal data in a manner that is legal, fair, and transparent;
c) collect your personal data for predetermined, clearly defined, and legal purposes and will not continue to process them in any way that is incompatible with these purposes, unless permitted by the law;
d) take all reasonably measures to make sure that personal data that are inaccurate or incomplete, considering the purposes of their processing, be immediately rectified, supplemented, suspended from further processing, or destroyed;
e) store the data in an identifiable form only as long as it is necessary for the purposes for which the personal data are processed;
f) not submit the personal data to third parties or disclose the data, with the exception of instances set forth in the Privacy Policy or the applicable regulations;
g) make sure that your personal data are processed so as to guarantee, with the use of the appropriate technical or organisational measures, an adequate level of security of the personal data, including protection against unlawful data processing and accidental loss, destruction, or damage of the data.
4. HOW WE COLLECT YOUR PERSONAL DATA
4.1. We process your personal data that we receive as follows:
a) when you submit them to us. You provide us with your personal data and other information as you access the Website, for instance, when you complete a query and send it to us, or contact us over the phone, by mail or e-mail;
b) when you access our Website. When you access our Website, certain information (such as your IP address, browser type, number of visits, and so on) is collected automatically as detailed in Section 6 of this Privacy Policy;
c) when we receive your personal data from other persons in the manner prescribed by the regulations and/or this Privacy Policy. In cases when we receive data from sources other than the data subjects as such, we require that the data subjects be notified about the processing of the relevant personal data (the purpose and other terms and conditions as detailed in this Privacy Policy). Furthermore, when we are provided with data of another data subject, we require that the data subject be notified about this Privacy Policy.
4.2. We may combine personal data we obtain from you as you use the Website with the data we collect ourselves in other public and/or accessible sources (for instance, we can combine the personal data you submit yourself with data obtained through use of cookies on the Website or with data legally obtained from third parties).
4.3. You can always demand that any erroneous data are rectified or that you are allowed to exercise any other rights that you may have as a personal data subject as spelled out in this Privacy Policy and the applicable regulations.
4.4. Our services are not intended for persons under 18 years of age; therefore, such persons should not submit any personal data through our Website.
5. THE GROUNDS, PURPOSES, AND METHODS OF OUR PROCESSING PF YOUR PERSONAL DATA
5.1. Your personal data are processed on the grounds of your consent; a mutual service agreement; our legal obligations; and/or our legitimate interest to ensure the quality of our services.
We process personal data within the scope of the purposes for which they were collected. Access to your personal data will only be available to employees who need to process the personal data to be able to perform their professional duties and obligations to you as a client. Your personal data will not be stored or processed for periods longer than necessary to achieve the above purposes of data processing. Personal data will be processed so as to ensure confidentiality and integrity of the data.
5.2. The exact scope of personal data and the method of processing depends on the nature of our mutual relationship.
Period of data processing
In case of an agreement, the duration of the agreement and 10 years after the expiry thereof, unless there is a (judicial) dispute that extends beyond that period, in which case, until the data the final decision by the competent body becomes enforceable.
If no agreement is executed, one year after the user’s last login.
We receive the data from you, and present or transfer the data to providers of cloud, hosting, website administration, and related services, IT service providers, compliance service providers, legal advisers, auditors at the times when they provide their services to us; government institutions and other entities to the extent required to identify potential money laundering and terrorist financing risks; administrators of debtor databases, debt administration and recovery companies, insurance companies, payment service providers, other third parties to the extent necessary for the purposes of providing our services, provided they have the legal grounds to receive the data.
Data categories: name, last name, e-mail, phone number, password, login name, related legal entity (position held).
5.3. For the purposes of personal data processing detailed in this Privacy Policy, we will never ask you to provide or disclose, and will not process special categories of personal data that reveal your racial or ethnic origin, political views, religious or philosophical believes or trade union membership, as well as health data, genetic data, biometric data (to specifically establish your identity), and information about your sex life.
5.4. Please do not specify excessive personal data that are not required for the above purposes.
5.5. Data processors will process personal data strictly as per your instructions and to the extent necessary to achieve the relevant purposes only.
Transfers of personal data to third parties
In the course of providing services to our clients, we are obligated to transfer personal data to third parties: various governmental institutions, subcontractors, debt recovery companies, and so on. Also, in the course of our business, we use third-party services to ensure the functioning of the company. In such cases, we are obligated to transfer personal data to these external service providers so that they can provide us with their services. These external service providers act as data processors. Personal data transferred to external service providers will be limited to the extent absolutely necessary to ensure the provision of third-party services.
We take steps to make sure that the external service providers to whom we transfer your personal data follow our instructions as to the processing of your personal data. The transfer of your personal data will be regulated by data processing agreements that we have executed with the external service providers. All external service providers must guarantee as data processors that they will process your personal data with the same degree of care and diligence as we do and, among other things, will be legally liable towards you and us for any breach of this guaranty. Said external service providers will also implement technical and organisational measures to be able to ensure at least the same level of data protection as we do in the course of personal data processing.
5.6. Your rights as a data subject
We are legally obligated to ensure that your personal data are accurate and updated. We kindly ask you to help us honour this obligation and make sure that you will notify us of any pending changes in relation to your personal data that we process.
You may exercise the following rights relating to your personal data that we process at any time:
a) The right of access: you will have the right to request access to any data that may be regarded as your personal data, including, e.g., the right to know whether we process your personal data, the categories of data that we process, as well as find out the purposes for which we process the data.
b) The right to rectification: you will have the right to request that we rectify any of your personal data that you think to be inaccurate or incomplete.
c) The right to objection: you will have the right to object to the relevant processing of your personal data, including, e.g., the processing of your personal data for marketing purposes or where the processing of your personal data is otherwise grounded on legitimate interests.
d) The right to erasure: you may also request that your personal data be deleted if they are no longer needed for the purposes for which they were collected or when you believe that the data processing is unlawful or that the personal data must be erased for compliance with a legal obligation.
e) The right to data portability: where your personal data is subjected to automated processing with your consent or on the basis of a mutual contractual relationship, you may request that we deliver the personal data to you in a structured, commonly used and machine-readable format. Furthermore, you may request that the personal data be transferred to another controller. Please note that this can only be done if technologically possible.
f) The right to withdraw consent: where your data are processed with your consent, you will have the right to withdraw your consent to data processing at any time.
As we provide our services to the clients, situations may occur where our obligations as well as relevant regulations or operating rules prohibit us to disclose or erase data that we store and process. Furthermore, such regulations, provisions, or rules may also prevent you from exercising your other rights as a data subject.
If you have any complaints as to how we process your personal data or would like to learn more about our data processing practices, you may contact us at the addresses and numbers specified in the last section of this Privacy Policy.
If you think that your personal data are being processed in an inappropriate manner or that we have violated your rights as a data subject, you will have the right to file a complaint with the Data Protection Institution (DPI). You may file the complaint by contacting the DPI operating in your jurisdiction based on the venue of the suspected violation of your rights as a data subject, or based on the location of the inappropriate processing of your data, or your place of residence or work.
The DPI in Lithuania is the State Data Protection Inspectorate, https://www.ada.lt/go.php/lit/Eng.
5.7. Location of the processing of your personal data
We will primarily store and process personal data within the European Union.
6. HOW DO WE USE COOKIES?
6.1. Cookies. We use cookies to obtain information of how you interact with our Website. This information does not include any data that would identify you as a private individual. We process you data using cookies for as long as your consent is in effect.
We use the Website and other channels of communication specified therein to collect information relating to your job application. We will use the personal data provided in all documents that you submitted to us together with your application. The application will be reviewed to determine whether the information contained therein is in line with UAB Corpus A’s needs. We will store the data obtained in the process of recruitment for as long as necessary to evaluate your application under any and all applicable regulations and provisions. We may also request your consent allowing us to store your personal data for an additional period of time after the application has been evaluated.
UAB Corpus A will also collect information provided by or for our clients or information that we obtain in the course of providing our services. This collecting of personal data is necessary for us to be able to perform our obligations to our clients and provide services to our current and future clients in our legitimate interests. While providing our services, we may supplement any personal data provided by you directly with any personal data obtained from other sources.
6.2. A cookie is a small (less than 1 KB in size) file made of letters and digits that our Website asks your browser (such as Internet Explorer, Chrome, Firefox, Safari, or Opera) to save on your computer or mobile device. The cookie remembers your actions and preferences and allows you to browse our Website with as much ease as possible. Without cookies, you would not be able to access all of our Website’s functionalities.
Cookies allow recognising you as a returning visitor, help collect statistical data about the flows of visitors to the Website, and improve the user’s experience of browsing the Website. To that end, UAB Corpus A uses the following cookies:
Session cookies: the ses [number] cookie is used to maintain the functionality of our Website. It allows the Website operator to connect your actions with the browser session, which begins and ends with you opening and closing the browser, as appropriate. The ses [number] cookie is temporary and will be erased as soon as you close the browser.
Permanent cookies: Google Analytics (_ga, _gat) are cookies that we use to improve our Website through analysis of consumer behaviour. These cookies provide us with information like the number of visitors to the Website, pages accessed by them, and the overall amount of time spent on our Website. All information collected with _ga and _gat cookies is combined with similar information from other visitors and is hence anonymous. We do not identify individual visitors. The _ga cookie expires after two years, the _gat cookie, as early as after ten minutes.
Unless you have set your browser up to decline all or some of the cookies, the cookies will be created immediately after you visit our Website.
Most browsers allow you to manage cookies via settings. If you do not want to accept cookies, you can select the option to refuse all cookies or notify you when a cookie is created in your browser’s settings.
More information about managing the cookie settings of the popular browsers is available here:
Internet Explorer
Chrome
Firefox
Safari
Opera
6.3. We can use cookies on the Website to collect information specified in paragraph 5.2 of this Privacy Policy as detailed in paragraph 6.6 hereof.
6.4. We use information that we collect with cookies:
a) to ensure the Website’s functionality;
b) to improve and develop the Website to make it even better aligned with your needs;
c) to develop our services and analyse the use of the Website;
d) for targeted marketing purposes.
6.5. To the extent permitted by the law, we may combine information obtained with cookies and personal information obtained via other channels (such as information about the use of the Website and other personal data provided by you or obtained from other sources).
6.6. Information about the cookies that the Website uses, their purpose, validity, and data used is available here.
6.7. You may give your consent to cookies on our Website by clicking ‘Accept’ on the cookie banner that appears on the Website.
6.8. You may withdraw your consent to cookies on our Website at any time by changing your browser’s settings so as not to accept cookies. The exact method depends on your operating system and the type of your web browser. Detailed information about cookies, their use, and how to refuse them is available at http://AllAboutCookies.org or http://google.com/privacy_ads.html.
6.9. In some cases, deactivation of technical and functional cookies in particular, refusal to accept cookies or deletion of cookies may slow down your browsing speed and restrict access to certain functionalities of the Website or to the Website in general.
7. HOW LONG WE STORE YOUR PERSONAL DATA
7.1. We will not store your personal data longer than needed for the purposes of data processing or provided for in the regulations, unless the law provides for a longer data storage period.
7.2. We try not to store old, irrelevant personal data; therefore, once the data are updated (such was by way of revision or modification of information, etc.), only the relevant information will be stored. Historical information will be stored when necessary for the purposes of the law or our business.
7.3. The periods of storage of your personal data for each individual purpose that the personal data are used for are specified in paragraph 5.2 of the Privacy Policy.
8. HOW DO WE STORE YOUR PERSONAL DATA?
8.1. Data that we collect from you will be located on the EU territory, but they can also be transmitted or stored outside of the EU. They may also be processed by our staff or the staff of our suppliers located outside of the EU. When transferring your data outside of the EU, we will take every step necessary to ensure that your data are processed safely and in line with this Privacy Policy.
8.2. Unfortunately, transmitting information online is not always secure. Even though we do our best to protect your personal data, we cannot guarantee the security of the data when you transmit them to the Website: in that case, the risk of transmitting data to the Website is borne by you. When we receive your data, we will apply legally compliant procedures and security measures to protect your data against unauthorised access, unlawful processing or disclosure, accidental loss, erasure, or destruction.
8.3. In the highly unlikely case of us discovering a security breach concerning your personal data that may pose a high threat to your rights of freedoms, we will notify you to the effect without delay, as soon as we become aware of the fact and determine the kind of information that has been accessed.
9. EXTERNAL WEBSITES
9.1. The Website may contain links to external websites, such as the websites of our business partners or websites where we have accounts that advertise our services. As you follow the links to any of the websites, please note that these websites and the services that can be accessed through them have their own privacy policies and we do not assume any liability or obligations with respect thereto, or for personal data collected on these websites or in the course of providing services through them, such as contact and location data. We recommend you review these policies before you provide any personal data on these websites or use any of the services they offer.
10. AMENDING THIS PRIVACY POLICY
10.1. Any and all amendments to our Privacy Policy will be published on the Website. Will give notify you of any major changes and/or as necessary. New provisions of the Privacy Policy may also be published on the Website and you may have to read and accept them before you can continue using our Website and/or services.
11. CONTACTING US
11.1 Please send all documents pertaining to this Privacy Policy or contact us using the following details:
a) if by mail: UAB Corpus A, domiciled at Gabijos g. 52-102, LT-06157 Vilnius;
b) if by e-mail: info@corpusa.lt;
c) if by phone: +370 700 33390.
The Privacy Policy of the Website was published on 5 November 2020.