Persons younger than 16 years may not submit any personal data through the Website of the Data Controller. If you are a person younger than 16, before submitting personal information you must obtain consent of your parents or other lawful guardians.
Personal data – any information relating to an identified or identifiable natural person (‘Data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, religious, economic, cultural or social identity of that natural person.
Representative – a person representing Clients, the Data Controller’s Partners, Service providers, both natural and legal persons.
Applicant – a person who shows interest in the EINPIX software administrated by the Data Controller or wishes to contact the Data Controller on other matters.
Data Subject’s consent – any freely given, specific, informed and unambiguous indication of the Data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Einpix software – the Einpix solution downloaded by Users enabling the recording, creating and managing visual tasks and other individual elements of the content according to functionality and rights granted to individual Users.
Einpix software user – a natural person who has the User account in Einpix software and is the Client’s employee or a person to whom the Client issues an additional license to use the Einpix software on the basis of the agreement with the Client.
Candidate – a person participating or intending to participate in staff selection carried out by the Data Controller>
Client – a person who concludes the agreement (including online) with the Data Controller for use (purchase) of the EINPIX software.
Partner – a natural or legal person cooperating with the Data Controller or concluding a cooperation agreement with the Data Controller (e.g., on IT tool development).
Service Provider – a natural or legal person who can offer or offers goods, services or works to the Data Controller and who cooperates with the Data Controller or has concluded an agreement with the latter on sale of goods, services or works.
Person calling by phone – a person who calls at the published contact phone number regarding the use (purchase) of the EINPIX software administrated by the Data Controller and(or) other matters.
Direct marketing – activities aimed at offering to persons the goods or services by post, phone or directly and/or at obtaining their opinion regarding the offered goods or services.
Personal data processing – any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The Data Controller shall collect personal data in accordance with requirements of applicable legal acts of the European Union and Republic of Lithuania, as well as instructions of controlling authorities. All reasonable technical and administrative measures shall be applied to protect data collected on Data Subjects against loss, unauthorised use or alterations.
WHAT INFORMATION WE COLLECT ABOUT YOU
The information directly provided by you.
The information about how you use our Website.
If you visit our Website, we also collect the information which discloses the specifics of use of the services provided by us or automatically generated statistics on visits. More information is provided in the ‘Cookies Policy’>
Information from sources of third parties
We can obtain information about you from public and commercial sources (to the extent permitted by applicable legal acts) and link it with other information which we receive from or about you. In addition, we can obtain information about you from third parties’ social network services when you connect to them, e.g. thorough Facebook network accounts.
Other information collected by us
We can also collect other information about you, your device or your use of our website’s content with your consent.
You may decide not to provide to us certain information; however, in such case you may be denied access to the service offered by us.
PERSONAL DATA PROCESSING FOR THE PURPOSES OF CONSULTATION OR FULFILMENT OF A QUERY
Processing of personal data of Applicants, including Persons calling the Data Controller phone, for the purpose of a consultation, submission of a query and/or for other purposes. The Data Controller shall process the following personal data of Applicants, including Persons calling by phone:
Personal data of Applicants shall not be communicated to third parties.
Personal data for the purposes of a consultation, submission of a query shall be processed on the basis of consent expressed when submitting personal data (Article 6(1)(a) of the General Data Protection Regulation)>
PERSONAL DATA PROCESSING FOR THE PURPOSE OF USE OF EINPIX SOFTWARE AND PROVISION OF ITS MAINTENANCE SERVICES
Processing of personal data of Clients (Representatives) and other users of Einpix software. The Data Controller shall process the following personal data of Clients (Representatives) and other users of Einpix software:
Data are obtained directly from Clients when performing the agreement concluded with the Client and/or from other third parties connected with the Data Subject.
We undertake not to transfer your personal data to any unrelated parties, except for the following cases>
The Data Controller may transfer personal data of Clients and other Data Subjects to Data Processors not specified in this Policy who provide services (carry out works) to the Data Controller and process personal data of Clients and Data Subjects on behalf of the Data Controller (e.g., companies providing accounting services). Data Processors may process personal data only according to the Data Controller’s instructions and only to the extent necessary for the proper fulfilment of contractual obligations. If the Data Controller involves data processors, the Data Controller shall take all necessary measures to ensure that the data processors have in place appropriate organisational and technical security measures and maintain secrecy of personal data.
Personal data processed on the basis of the Data Subject’s consent expressed when submitting personal data, and/or performance of the agreement concluded with the Data Subject (Article 6(1)(a) and (b) of the General Data Protection Regulation).
PERSONAL DATA PROCESSING FOR THE PURPOSE OF PERFORMING AGREEMENTS WITH PARTNERS, SERVICE PROVIDERS
When cooperating with Partners and Service Providers the Data Controller shall process the following personal data of natural persons or Representatives:
Data obtained directly from natural persons, Representatives and/or represented persons.
We undertake not to transfer your personal data to any unrelated third parties, except in the following cases:
The Data Controller may transfer personal data of natural persons, Representatives to Data Processors not specified in this Policy who provide services (carry out works) to the Data Controller and process personal data of natural persons, Representatives on behalf of the Data Controller (e.g., companies providing accounting services)).
Processing of personal data in performing agreements with Service Providers and Suppliers shall be carried out on the basis of performance of the agreement and/or of the legitimate interest of the Data Controller (Article 6(1)(b) and (f) of the General Data Protection Regulation).
PERSONAL DATA PROCESSING FOR THE PURPOSE OF DIRECT MARKETING
The following personal data of Clients and other Data Subjects may be processed for the purpose of direct marketing:
Having sent a newsletter, the Data Controller may collect statistics on the Data Subject’s behaviour related to the use and content of the newsletter (e.g., whether the newsletter was read, what links were opened by the Data Subject).
The Data Subject’s e-mail address may be used for providing advertising on Facebook, Google and other advertising platforms, adapting the advertising to the targeted audience.
Personal data obtained directly from Data Subjects. The Data Controller may transfer Personal data only to third parties who provide specialised services in order to send e-messages, adapt the type of advertising ordered through advertising platforms.
Personal data of Clients and other Data Subjects processed on the basis of consent expressed when submitting personal data and agreeing with their processing for the purpose of direct marketing, or on the basis of the Data Controller’s legitimate interest (Article 6(1)(b) and (f) of the General Data Protection Regulation and Article 69(2) of the Law of the Republic of Lithuania on Electronic Communications when personal data are processed on the basis of the Data Controller’s legitimate interest).
Please be informed that the Data Subject shall have the right to disagree or to withdraw the consent to process his (her) personal data for direct marketing purposes at any time without specifying the motives of the disagreement, notifying by e-mail: email@example.com or calling at the phone number: +370 698 07938.
The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
PERSONAL DATA PROCESSING FOR THE PURPOSES OF SELECTION OF CANDIDATES TO JOB VACANCIES
For the staff selection purposes the Data Controller shall process personal data voluntarily provided by the Candidate to the extent to which such personal data were provided. The Data Controller may process the below specified data of Candidates:
Data obtained directly from Candidates and/or third parties providing job search, selection and/or intermediation services (e.g., employment agencies, job search online portals, career social networks (e.g., Linkedin), etc.). These data shall not be transferred to third parties.
Data of Candidates shall be processed on the basis of consent declared when submitting personal data and/or on the basis of the Candidate’s request prior to conclusion of the contract (Article 6(1)(b) and (b) of the General Data Protection Regulation).
WHAT WE DO TO PROTECT YOUR INFORMATION
Personal data shall be protected against loss, unauthorised use and changes. We have implemented organisational and technical measures to protect all information collected by us for the purposes of provision of services. Please be reminded that despite appropriate actions taken by us to protect your information, no website, online transaction, computer system or wireless communication is completely secure.
The Data Controller shall apply different periods of storage of Personal data in observance of requirements of legal acts and according to personal data processing purposes.
Personal data storage period:
Personal data processing purpose
Period of storage
Processing of Data Subjects’ personal data for the purposes of consultation, fulfilment of a quer>
1 (one) year from the day of the consultation, fulfilment of the query, except where the Data Subject applies for provision of the Data Controller’s services. In such case, the general time limit of 10 (ten) years shall apply.
Processing of personal data of Clients
The term of validity of the agreement and 10 (ten) years after its expiration.
Personal data of Einpix software users to the extent related to the use of Einpix software
The period during which the User’s account is active and 30 (thirty) days after cancellation of the user account. Later the data shall be depersonalised.
Processing of personal data of natural persons, Representatives for the purpose of performance of agreements with Partners, Service Providers
The term of validity of the agreement and 10 (ten) years after its expiration.
Processing of personal data of Data Subjects for direct marketing purpose
5 (five) years from the day on which the consent is given, unless the Data Subject requests the extension of this time limit.
When the Data Subject’s personal data are processed for the direct marketing purpose on the basis of consent or legitimate interest of the Data Controller, the Data Controller shall stop processing the Data Subject’s personal data for the direct marketing purpose (shall immediately destroy them) as soon as the Data Subject objects the processing of personal data for such purpose.
Processing of personal data of Candidates for staff selection purposes
6 (six) moths after the end of staff selection. For a longer retention of Candidates’ CVs and other data the Candidate’s consent shall be required
Exemptions from the periods of storage may be applied to the extent they do not infringe the rights of Data Subjects and are in compliance with legal requirements.
On expiration of the established time limits, unless they have been extended, the data shall be destroyed in a manner which prevents them from being recovered.
The Data Subject whose data are processed in the Data Controller’s activities shall have the following rights:
The Data Subject shall have the right to submit to the Data Controller in writing any request or order concerning processing of personal data in one of the following ways: deliver directly to the address: UAB Epicus IT, Saltoniškių g. 34A, Vilnius; by post: UAB Epicus IT, Saltoniškių g. 34A, Vilnius; by e-mail: firstname.lastname@example.org .
Having received such a request or order the Data Controller shall, not later than within one month from the date of request, submit the answer and carry out or refuse to carry the actions specified in the request. Where appropriate, the specified time limit may be extended for two more months, considering the complexity and number of requests. In such case, the Data Controller shall notify the Data Subject about such extension within one month from the date of request, also specifying the reasons for the refusal.
The Data Controller may refuse enabling data subjects to implement the above specified rights, except for disagreement with personal data processing for direct marketing purpose when in the cases established by laws it is necessary to ensure the prevention, investigation and identification of crimes, infringements of business or professional ethics, and the protection of rights and freedoms of the Data Subject or other persons.
THIRD PARTY WEBSITES, SERVICES AND PRODUCTS ON OUR WEBSITE
The Data Controller’s Website may contain advertising banners of third parties, links to their websites and services which are not controlled by the Data Controller, e.g., a link to the Data Controller’s Facebook profile. The Data Controller shall not be responsible for the safety and privacy of the information collected by third parties. You must read the privacy provisions applicable to third party websites and services which you use.
If you provide your personal data using Facebook, we understand that you give your consent to us to get in touch with you by the specified contact phone number or e-mail and to submit the offers of services>
Phone: +370 698 07938
Post: UAB “Epicus IT", Saltoniškių g. 34A, Vilnius
Updated on 11 November 2019