• ‘Personal data’ shall refer to any information relating to an individual who is a data subject and who is known or identifiable, directly or indirectly, by reference to such data.
• ‘Data Subject’ shall mean any individual, including the Company’s customers, employees, partners and visitors.
• ‘Customer’ shall refer to any person who orders, buys or uses our Company’s services. Any customer who has concluded a purchase transaction with the Company shall ensure that all end users (e.g. family members) who use the Company’s services purchased by the customer have read the Privacy Notice and continue to observe its provisions.
• ‘Anonymised Data’ shall mean any information that no longer relates to an individual, as all identifiable elements have been removed from the personal data set.
• ‘Services’ shall refer to any products and/or services offered both electronically and otherwise by the Company.

The Company offers a wide range of services. The information we collect about is information that you provide to us when you order services or sign up on our websites.
 

We collect the following data:

• any data provided by you, for example, when you engage or establish a legal relationship with our Company by purchasing services, reporting a fault or signing up for services, accessing a partner account, subscribing to newsletters, or contacting us for information;
• any data that are generated when you use the services, to the extent permitted by applicable law, such as when you access our network and services (e.g. when you call or email us, or visit our websites);
• any data obtained from other sources, such as other service providers or publicly available registers.

You are under no obligation to provide any personal data to the Company, but if you choose to withhold such data, we may not be able to provide you with goods and/or services.

We collect personal data in the following categories:

• basic information such as first name, surname, personal identification number, date of birth, address, identity document details, contact information;
• data relating to the provision of services, fault reports, invoicing, payment details, information on consent and non-consent to the processing of personal data for the purposes of direct marketing and disclosure to third parties, contact information and related data records;
• data generated through communications, such as traffic data relating to the date, time and duration of the communication initiation, the incoming and outgoing caller number, the IP address of the internet user at the time of the communication, etc.;
• other data about the use of services and/or goods, such as information collected through cookies and similar technologies related to online browsing, etc;
• your visual data captured by photographers at Company events as part of the general crowd;
• telephone call recordings when you call the Company’s customer support centre or answer calls from the Company’s employees;
• other data that are collected on the basis of your consent and detailed at the time you are asked to give consent.

The Company collects and further processes your personal data solely on the basis of the lawful grounds stipulated in the legislation governing the protection of personal data, namely, for the purpose of concluding and/or performing a contract with you, on the grounds of your consent, in cases where the processing of personal data is required by the applicable legislation, and in cases where the processing of personal data is necessary for the Company’s legitimate interest (only if this does not prejudice the data subjects’ interest).

The Company shall process personal data for the following purposes:

• Establishing and performing electronic and hard-copy contracts, including but not limited to accounting for customers and contractual settlements. We process personal data that is necessary to ensure the proper provision of services to our customers, which includes the proper identification of individuals, the acceptance and processing of orders, customer support, and invoicing for goods and/or services. The legal basis is the performance of a contract concluded with you (Article 6, 1(b) of the GDPR) and the compliance with mandatory legislation (Article 6, 1(c) of the GDPR). For this purpose, the data are processed for 10 years following the end of the contract.
• Protecting our interests as a creditor, preventing material loss, recovering debts.. We process personal data that is necessary to properly assess your solvency, conclude contracts with you and perform credit checks, recover debts, deal with complaints, etc. The legal basis for this processing is our legitimate interest (Article 6(1)(f) of the GDPR), i.e. protecting our financial interests. You have the right to object to such processing by notifying us of your motivated objection. The data are processed for 5 years after the end of the credit relationship.
• Direct marketing. We process personal data (name, surname, email address, telephone number) for direct marketing purposes. We have the right to send direct marketing communications about comparable goods and services by email to our existing customers, provided that they have given their consent. The basis for processing the data in relation to our existing customers is our legitimate interest (Article 6(1)(f) of the GDPR), i.e. our aim to inform our existing customers about comparable goods and services. You have a right to object to such processing at the time of purchase. On this basis, we may send you direct marketing communications subject to your continuing consent and for a maximum period of 1 year after your last purchase. In relation to potential customers, the legal basis for processing is consent (Article 6(1)(a) of the GDPR). This means that potential customers may only receive our communications if they have actively expressed their consent. For this purpose, the data are processed until you withdraw your consent. You have the right to withhold your consent or to withdraw your previously given consent at any time without incurring any adverse consequences.
• Assessing the quality of customer support, protecting and defending the Company’s rights and legitimate interests, and collecting evidence (recording telephone conversations). We process recordings of telephone conversations between you and the Company’s customer support centre or when you answer calls from the Company’s employees, including the data provided in the course of the calls, to adequately assure the quality of our services and to protect our legitimate interests (to record certain facts and/or agreements made during the call). Recordings of telephone conversations are kept for up to 3 months after the call.
• Other purposes for which the Company has the right to process your personal data with your explicit consent, where the processing is necessary for the Company’s legitimate interest or where the Company is obliged to process the data by applicable law. We may also process personal data for other purposes if we have obtained the data subject’s consent or if we have the right to process the data on the basis of legitimate interest. Similarly, we process personal data to ensure compliance with our statutory obligations, e.g. accounting and reporting to competent authorities where required by law.

For all of the above, the Company shall process personal data only to the extent necessary to achieve its specific and legitimate purposes, with due regard to the protection of the data subject’s privacy.

The Company shall ensure that personal data is processed accurately, fairly and lawfully, that they are processed only for purposes compatible with those identified prior to the collection of the personal data, and that it is processed exclusively in strict compliance with the explicit and transparent requirements for the processing of personal data established by law.

The Company has implemented adequate organisational and technical security measures for the processing of your personal data to protect such data against accidental or unlawful destruction, alteration, disclosure or any other unauthorised processing. The Company’s security practices include, inter alia, the protection of employees, information, IT infrastructure, internal and public networks, as well as office buildings and technical facilities.

We may make your data available to:

• Data processors/subcontractors who provide services to us and process your data on behalf of the Company as the data controller. The processors shall have the right to process personal data only under our instructions and only to the extent necessary for the proper performance of their contractual obligations. When we engage subcontractors, we take all necessary measures to ensure that our processors have also adopted adequate organisational and technical security measures and that they maintain the confidentiality of personal data.
  

  Data Processor	Purpose of Processing
  Hosty	Server rental
  UAB Mijora	IT support, garantija.lt system maintenance
  Facebook	Marketing platform
  Omnisend	Remarketing platform
  OXONtech	Service platform
  Google analytics	Statistics platform
  Google adwords	Marketing platform
  Google pixel	Statistics platform
  Gjensidige	Buyer Protection service
  Paysera	Payment
  AB SEB	Payment
  Perlas Finance	Payment
  DPD	Delivery
  Venipak	Delivery
  Repair partners	Servicing
  Sales partners	Sales services

• Companies that process aggregated debtor data files. The Company shall have the right to provide the data controllers processing the aggregated debtor data files with the data of data subjects/debtors who have failed to meet their financial and/or material obligations in due time and in an appropriate manner for the purpose of debt management. Debtors’ data shall only be made available under the terms provided for in the legislation, following a prior written reminder of the default to the data subject and the appropriate application of the data protection requirements established by the legislation.
• Debt buyers. According to the Civil Code of the Republic of Lithuania, a company/creditor shall have the right to transfer a claim on a debt portfolio to another entity by means of a sale and purchase agreement without the debtor’s consent, and both the old and the new creditor may be informed of the transfer of the debt.
• Other third parties with your explicit consent, which may be obtained on an individual basis.

We may also share your data as follows:

• In response to requests from a court or public authority, only to the extent necessary for the proper enforcement of applicable law or a court order/certificate.

We shall only retain your personal data for a period not longer than required for the purposes of the processing or as provided for by law, if longer retention periods are stipulated therein.

For more information on the retention period of your personal data, please refer to the section ‘How do we use your personal data?’ above.

Our aim is to avoid retaining outdated or unnecessary information and to ensure that personal data and other customer information are kept up-to-date and correct.

For the Company’s partners to access our services, our partners are required to log in to their accounts and provide us with personal data that allows their identification by us. For this purpose, we collect the following information about you: login name, password, employee name, telephone number, email. We collect the following information about the Company’s partner company: company name, company code, VAT number, address, telephone number, email, and website address. Individual employee logins may be created for each company partner account, requiring the employee’s first name, last name, phone number, email address, while the login and password information is generated and emailed by the company. When partners delete their account, the account data and login information are deleted within 1 day, but the information related to the company’s activities continues to be stored within the company, as its deletion would result in the deletion of statistics and the loss of the extended warranty service certificates (EWSC) created.

To improve your experience on our websites, we use cookies, which are small text information files generated automatically as you browse the website and stored on your computer or other end device. The information collected by cookies allows us to provide you with a better browsing experience, attractive offers, and to learn more about the behaviour of our website users, to analyse trends and to improve both our website and the services we provide to you.

You may choose whether to accept cookies on your device. If you do not consent to cookies being stored on your computer or other end device, you can change your browser settings to disable all cookies or enable/disable them on an individual basis. Please note, however, that in some cases this may slow down your internet browsing speed, limit the functionality of certain websites, or block access to a website completely. For more information, please visit AllAboutCookies.org or www.google.com/privacy_ads.html. 

The information collected through the use of cookies is typically used for the following purposes:

• The use of functional cookies and the provision of services. Cookies are crucial to the functioning of our website and electronic services, ensuring a seamless experience for the user. For example, if the user opts to do so, they are not required to enter their name, password or any other data each time they log in.
• Service enhancement. By monitoring the use of cookies, we can improve the performance of our website and electronic services. We receive information regarding, for example, the most popular sections of our website, the websites users access from our website, the websites from which users access our website and the amount of time users spend on our website.
• Usage analysis. We use cookies to collect statistical data about the number of visitors to our websites and the use of our online services with a view to assessing the effectiveness of advertising. We may collect information, such as marketing emails and newsletters, to determine whether emails have been opened and whether they have prompted users to take any action, such as clicking on a link in the email to visit our website.
• Targeted marketing. We may also use cookies to collect information in order to provide browser-specific advertising or content by generating different target groups.

We may, in compliance with the law, link information obtained through the use of cookies with information obtained about an individual by other means, such as service usage information.

The Company’s website may contain links to third-party websites, products and services, as well as social network add-ons (e.g., Facebook plug-ins). All third-party services or applications available on the Company’s website are governed by the privacy notice of the respective third party. We strongly advise you to consult the privacy practices of such third parties.

If you have provided your details via Facebook, we take this to mean you consent to our using your contact telephone number and email address to provide you with offers of our services, such as the purchase of additional goods or direct marketing services. You can always change your mind and withdraw your consent by calling the Company’s Customer Support Centre on 8 700 555 66 or by sending an email to [email protected].

Strictly necessary cookies (9)

For ease of use, cookies are required to enable core functions such as browsing pages and accessing secure areas of the website. Without these cookies, the website will not function properly.

Statistics cookies (9)

By using statistics cookies, which collect and report on anonymous data, website owners can learn how visitors interact with their website.

Marketing cookies (4)

Marketing cookies are used to track visitors across multiple websites with the purpose of showing ads that are tailored to the interests of the individual user. Such ads are more useful to publishers and third-party advertisers.

Functional cookies (5)

These cookies enable improved features and personalisation, such as video and live chat. They may be set either by us or by third-party providers whose services we use on our websites. If you do not accept these cookies, some or all of these features may not work properly.

We may, in compliance with the law, link information obtained through the use of cookies with information obtained about an individual by other means, such as service usage information.

The Company’s website may contain links to third-party websites, products and services, as well as social network add-ons (e.g., Facebook plug-ins). All third-party services or applications available on the Company’s website are governed by the privacy notice of the respective third party. We strongly advise you to consult the privacy practices of such third parties.

You shall have the right to:

• contact the company and request information about your personal data processed by the Company;
• request the Company to rectify your personal data and/or to suspend the processing of such personal data, except for the retention of such data, should it become evident on accessing the personal data that the data is incorrect, incomplete or inaccurate;
• request the Company to erase the personal data or to suspend the processing of such personal data, except for retention, should it become evident on accessing the personal data that the personal data is being processed unlawfully or unfairly;
• request the Company to transfer your personal data to another controller or processor;
• object to the processing of your personal data where the processing is or will be done for direct marketing purposes or for the legitimate interest pursued by the Company or the third party to whom the personal data is disclosed;
• withdraw your consent to direct marketing at any time without any adverse consequences;
• Should you be concerned about any action/omission by the Company that may be in breach of this Privacy Notice or the requirements of the law, you may contact the Company in any manner that is convenient for you:

by emailing: [email protected].

by calling: 8 700 555 66

by writing to Žalgirio g. 92, Vilnius

by visiting the Company’s office.

Should the issue persist with the Company, you shall have the right to contact the State Data Protection Inspectorate on www.vdai.lrv.lt, which supervises and controls the legislation governing the protection of personal data.

As our activities and services evolve, we may need to update this Privacy Notice. We therefore recommend that you periodically visit our website for the most recent version of this Privacy Notice.

Please note that any material changes to this Notice will be communicated in advance by means of a notice on our website.

This document aims to inform you about the processing of your personal data on our social media accounts in accordance with Article 13 of the EU General Data Protection Regulation (GDPR).

Data Controller

The collection and processing of the data detailed below shall, in certain cases, be the responsibility of our Company, i.e.
Serviso Kontraktų Centras UAB
legal entity code: 126300671
registered office address: J. Basanavičiaus g. 51, Kėdainiai
and in other cases, the respective operators of social media networking account platforms (‘Platforms’).

Furthermore, where appropriate, we may act as joint controllers with the platform operators in accordance with Article 26 of the GDPR (personal data processing pursuant to Clause 4).

We, Serviso Kontraktų Centras UAB (‘Serviso Kontraktų Centras’), manage the following social media networking accounts (‘Accounts’):
•  Facebook: https://www.facebook.com/garantija.lt

Platform Operator Responsibilities

We have only limited influence over the processing of data by platform operators (e.g. member administration and information publishing). Where we can influence this, we shall, to the extent possible, ensure that the platform operator processes the data in a way that ensures privacy. However, in most cases, we cannot influence any processing actions by the platform operator and we are not privy to the exact data processed by the platform operator.

The platform operator administers the entire IT infrastructure of the channel, sets the data protection policies applicable to it, and maintains its own relationship with you as a user (if you are a registered user of their social media channel). Moreover, it is solely the Operator’s responsibility to handle all matters relating to your user account data to which we as a Company do not have access.

For more information about the platform provider’s data processing and other opt-out options, please refer to the privacy policy of the respective provider:

•  Facebook: https://www.facebook.com/privacy/explanation

When you use a platform, the operator of the respective platform typically processes your personal data on servers located in third countries, in particular in the USA and the United Kingdom.

Our Responsibility

Our Actions on Social Media Accounts

Purpose and legal basis for the personal data processing:
The purpose of personal data processing on our accounts includes informing customers about offers, products, services, promotions, giveaways, business topics, business news, engaging with account users on these topics and responding to their questions and positive/negative feedback.

We reserve the right to delete content if it becomes necessary to do so. It may be the case, for example, that the posts contain infringing or unlawful content, hateful comments, obscene feedback (explicitly sexual in nature), or attachments (such as photographs or videos) that violate, inter alia, copyrights, individual rights, the criminal code, or the ethics of Serviso Kontraktų Centras.

In some cases, we may share your content on our account, if this is a feature of the platform, and contact you via the platform. The legal basis for this is referred to in Article 6(1)(f) of the GDPR. We process the data for the purpose of publishing activities and communication.

The platform operators shall not have the opportunity to influence the processing of your personal data by Serviso Kontraktų Centras for the purposes of customer communications or the organisation of giveaways.

As detailed above, where the platform provider gives us the option to do so, we shall endeavour to ensure that our accounts comply with data protection requirements to the greatest extent possible.

The data that you contribute on our accounts, such as comments, videos, photos, likes, public posts, etc., shall be made available on the platform for this very purpose and we shall never use or process the data for any other purpose.

Personal data recipients and their categories:
In some cases, we may share the content you submit on our account, if this is a feature of the platform, and contact you via social media channels. In cases where you submit a query to us on the platform, we may, if necessary, redirect you to other secure and confidential channels of communication based on the type of reply sought. You may always send confidential queries to us at our business address given in Section 1 of this Privacy Policy.

We do not typically disclose data that you communicate to us through confidential channels (for example, by direct message, letter or email) to third parties not affiliated with Serviso Kontraktų Centras. As an exception, your personal data will be processed on our behalf by data processors. We have carefully selected and vetted such data processors. It may also be necessary to confidentially communicate individual parts of your query to the contracting parties in order to respond to your query (e.g. to suppliers if the query is for a specific product). In such cases, your query shall be anonymised prior to disclosure so that the third party cannot link it to you. If we need to communicate your personal information in a specific case, we shall notify you in advance and ask for your consent.

Retention period and criteria its determination:
Any personal information that you send to us via secure messages (including suggestions, positive/negative feedback) will be deleted or completely anonymised no later than 90 days after the final response to you. The 90-day retention period is justified by the fact that, in some cases, you as a customer may contact us again on the same issue following our response, and we may need to refer to previous correspondence. In practice, at the end of the 90-day period, we generally do not receive any further questions concerning our communications.

All of your public posts on these accounts shall be stored on our timeline for a limited period of time, except when deleted by us due to an update to the underlying topic, a breach of the law or our guidelines, or when deleted by you.

We cannot influence the cases where your data are deleted by the platform operator. In this regard, please refer to the data protection rules of each specific platform operator.

Giveaways

Purpose and legal basis for the personal data processing:
When you browse our website, read our newsletters or check our social media accounts, you may participate in a number of giveaways. Any personal data that you submit to us for the purposes of entering giveaways shall be used solely for the purposes of organising the giveaway (e.g. to select a winner, to send you a prize, to announce the winner anonymously, where appropriate), unless the terms and conditions of the specific giveaway state otherwise or you have given us your explicit and broader consent. If you have registered on the respective social network under your real name or if you can be identified from the photos on your account, we will not be able to exclude the possibility that you may be identified by other visitors to our account.

For the purpose of giveaways, the legal basis for processing your personal data is typically Article 6(1)(b) of the GDPR. If you give your consent for the purpose of participating in a giveaway, the legal basis for processing based on this consent is Article 6(1)(a) of the GDPR. If you have given your consent for the purpose of participating in a giveaway, you may withdraw this consent at any time. Withdrawal of consent shall take effect from the moment it is requested.

Personal data recipients and their categories:
We shall only disclose your personal data to third parties if this is necessary for the purpose of organising a giveaway or sending a prize (e.g. if the prize is sent by the sponsor of the giveaway or if the data need to be disclosed to a logistics company) or if you have given us your explicit consent for this purpose. Please note that content on some social media channels may also be shared directly on publicly accessed websites (e.g. via questionnaires or comments), and therefore other users may also be able to observe that you have participated in the giveaway from your interaction with us. Furthermore, information about your successful participation may also be visible on the respective account in these instances. If you have registered on the respective social network under your real name or if you can be identified from the photos on your account, we will not be able to exclude the possibility that you may be identified by other visitors to our account.

Retention period and criteria its determination:
At the end of a giveaway and after the winners have been announced, the participants’ personal data shall be deleted from the giveaway page within two weeks after the prize has been dispatched. Where the prize is a tangible object, the winners’ data shall be retained for the duration of the statutory warranty period in order to allow for repairs or replacement in the event of a fault. If you participate in a giveaway announced on our account (for example, by submitting a post or a comment), we cannot affect cases where your data are deleted by the platform operator. In this regard, please refer to the data protection rules of each specific platform operator.

Social Media Listening and Monitoring

Purpose and legal basis for the personal data processing:
In addition to the information you give us directly through the platform, we may also conduct what is known as social listening, as well as social media monitoring, in order to understand how people rate our products and services, to measure our promotional activities and to identify potential improvements. For this purpose, the posts published on the platforms shall be analysed according to a search query (e.g. about a new product line) or certain indicators (e.g. number of views and clicks). This only monitors posts that you publish to an unlimited number of people.

The extent of data collected for this purpose depends primarily on the nature and content of the post, for example, it could be a text-based post or an uploaded photo. Individual cases may also involve the collection and use of a user ID, for example when Serviso Kontraktų Centras wishes to offer assistance in resolving issues. We also currently receive information from the respective platform operators on the reach of individual posts.

The legal basis for the processing of personal data for the purpose of social listening is Article 6(1)(f) of the GDPR, as we process your personal data on the basis of our legitimate interest in identifying and responding to possible flaws in our products and services based on the publicly available posts.

Personal data recipients and their categories:
Where we engage external data processors for social media listening or social media monitoring, their obligations shall be contractually defined as provided for in Article 28 of the GDPR.

Retention period and criteria its determination:
Serviso Kontraktų Centras does not keep a regular log of significant data, but only analyses it in a targeted way to identify measures that may be needed to address potential problems. For the purpose of annual benchmarking, we may retain your personal data for up to 2 additional years, if necessary, unless you delete your data from the platform before that time.

Joint Data Controllers Pursuant to Article 26(1) of the GDPR

Article 26(1) of the GDPR (Joint Data Controllers) shall apply to our relationship with the following platform operators:

•  „Facebook“:  https://en-gb.facebook.com/legal/terms/page_controller_addendum

When the platform operator uses web monitoring practices, we and the platform operator act as joint data controllers. Web monitoring may be implemented irrespective of whether you are logged in or registered with the platform. As noted above, we have little control over the web monitoring methods used by the platform. In particular, we cannot disable them.

The legal basis for the use of web monitoring practices is your explicit consent under Article 6(1)(a) of the GDPR.

For more information on personal data recipients and their categories, as well as the data retention periods and the criteria for their determination, please refer to the platform operators’ privacy policies. We have no control over these privacy policies.
Please refer to the platform operators’ privacy policies in section 2 of this Policy to learn about your options for exercising your rights to prohibit the use of web monitoring practices or to withdraw your consent. You may also contact the platform operators directly at the addresses listed in the publication section.

We are only partially able to influence and disable the statistics provided to us by the platform operator. However, we always try to ensure that we are not exposed to excessive and optional statistical data.

Please note that the platform operator uses your account and behavioural data to analyse your habits, personal connections and interests. Serviso Kontraktų Centras cannot influence the processing or transfer of your data by the platform operator.

Personal Data Processing in Third Countries

TIn cases where we transfer personal data to data recipients located in a third country (outside the European Economic Area), you can learn about this from the information on the data recipients and their categories in the description of the respective data processing activity. The European Commission issues adequacy decisions to certify that certain third countries meet a standard of data protection equivalent to that provided in the European Economic Area. For a list of countries, please visit https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions . If a particular country does not have an equivalent standard of data protection, we shall take other measures to ensure that an adequate level of data protection is achieved. This includes, for example, regulations that are binding on companies, the European Commission’s decision on standard contractual clauses, certifications or recognised codes of conduct.

In addition, when you use a platform, the platform operator may process your personal data in a third country (outside the European Economic Area). Please refer to the privacy policies of the platform operators set out in section 2 of this Policy for more information on the processing of your personal data in a third country, which cannot be influenced by Serviso Kontraktų Centras.

Your Data Subject Rights

Overview

In addition to the right to withdraw your consents given to us, you shall also enjoy the following rights, subject to the applicable statutory provisions:

• the right of access to your personal data processed by us pursuant to Article 15 of the GDPR;
• the right to have incorrect or incomplete data rectified or amended in accordance with Article 16 of the GDPR;
• the right to request the erasure of your data processed by us pursuant to Article 17 of the GDPR;
• the right to request the restriction of the processing of your personal data in accordance with Article 18 of the GDPR;
• the right to data portability pursuant to Article 20 of the GDPR;
• the right to object in accordance with Article 21 of the GDPR.

Right of Access under Article 15 of the GDPR

Pursuant to Article 15(1) of the GDPR, you have the right to access your personal data stored by us free of charge. In particular, this includes:

• the purposes for which the personal data is processed;
• the categories of personal data processed;
• the recipients or recipient categories to whom personal data relating to you has been or will be disclosed;
• the expected retention period of your personal data or, if accurate information is not available, the criteria used to determine that period;
• the right to request the controller to rectify or erase your personal data or to restrict the processing of your personal data by the controller, or to object to such processing;
• the right to lodge a complaint with the supervisory authority;
• where the personal data is not collected from the data subject, the right to access all available information on the sources of personal data;
• the application of any automated decision-making processes referred to in Article 22(1) and (4) of the GDPR, including profiling, and, where appropriate, meaningful information on the rationale behind the use of such processes, as well as the significance of such processing and its expected consequences for the data subject.

Where personal data is transferred to a third country or an international organisation, you have the right to be informed of the appropriate security measures relating to such transfer in accordance with Article 46 of the GDPR.

Right to Request Rectification under Article 16 of the GDPR

You have the right to request the rectification of your inaccurate personal data. Depending on the purposes of the processing, you have the right to have incomplete personal data supplemented, including by means of a supplementary statement.

Right to Erasure under Article 17 of the GDPR

You have the right to request that we delete any personal data relating to you without undue delay if any of the following grounds apply:

• the personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
• you have withdrawn your consent on the basis of which the processing was effected in accordance with Articles 6(1)(a) or 9(2)(a) of the GDPR and there is no other legal basis for the processing;
• you do not consent to the processing in accordance with Article 21(1) or (2) of the GDPR and, as regards Article 21(1) of the GDPR, there are no overriding legitimate reasons for the processing of your personal data;
• your personal data has been processed unlawfully;
• the erasure of your personal data is necessary due to a legal obligation imposed on the controller;
• your personal data was collected in connection with information society services referred to in Article 8(1) of the GDPR.

If we have made personal data publicly available and we are obliged to erase it, we shall consider available technology and implementation costs and take reasonable steps, including technical measures, to inform the third parties processing your personal data of your request for erasure, so that they delete all references to the personal data or any copies/duplicates thereof.

Right to Restrict Processing under Article 18 of the GDPR

You have the right to request that we restrict your personal data processing where one of the following applies:

• you contest the accuracy of your personal data;
• the processing of your personal data is unlawful, but you object to its erasure and request that we restrict its use;
• the data controller no longer needs the personal data for the purposes of the processing, but the data subject requires such data for the establishment, exercise or defence of legal claims; or
• you have objected to the processing of your personal data in accordance with Article 21(1) of the GDPR, pending verification that the data controller’s legitimate interests override those of the data subject.

Right to Data Portability under Article 20 of the GDPR

You have the right to access your personal data that you have provided to us in a structured, standardised, computer-readable format and you have the right to transfer such data to another data controller without any obstacles in the following cases:

• the personal data is processed on the basis of consent in accordance with Article 6(1)(a) or Article 9(2)(a) of the GDPR, or on the basis of a contract in accordance with Article 6(1)(b) of the GDPR; and
• the personal data is processed by automated means.

In exercising your right to data portability, you also have the right to request that we transfer your personal data directly to another controller whenever technically feasible.

Right to Object under Article 21 of the GDPR

Provided that the conditions set out in Article 21(1) of the GDPR are met, you may object to your personal data processing on grounds relating to your particular case.
The above general right to object shall apply to all processing operations described in this Privacy Policy where the processing falls within the scope of Article 6(1)(f) of the GDPR. In contrast to the specific right to object to the processing of personal data for marketing purposes, we shall grant this general right to object if you invoke overriding reasons, such as a potential risk to life or health. You may also contact the responsible supervisory authority or the Data Protection Officer of Serviso Kontraktų Centras.

Right to Lodge a Complaint with the Data Protection Supervisory Authority under Article 77 of the GDPR

You also have the right to lodge a complaint with the competent data protection supervisory authority at any time. To do so, please contact the Lithuanian data protection supervisory authority – the State Data Protection Inspectorate.

Contacts

Please refer to our contact persons with questions or to exercise your rights in relation to data protection.

If you have any questions about our social media accounts or wish to exercise your rights in relation to the processing of your personal data, please contact our GDPR Department:
Email: [email protected] 

Contact persons for data protection questions

If you have any further questions about the processing of your data, please contact our GDPR Department:
Email: [email protected]