This Privacy Policy was last updated on April 22, 2024.
Additions or changes to the Privacy Policy are effective from the date of their publication on this website.
I. GENERAL INFORMATION
UAB Šypsenos akademija (hereinafter – the Company or We) establishes the terms of personal data processing through this Privacy Policy (hereinafter – the Privacy Policy) for using the Company's website at https://sypsenosakademija.lt (hereinafter – the Website) and the Company's social media accounts (e.g., Facebook, Instagram, LinkedIn, etc.). The terms set out in this Privacy Policy apply each time you wish to access the content created by us on the Website or on social media, regardless of the device (computer, mobile phone, tablet, etc.) you are using.
Details of the data controller:
UAB „Šypsenos akademija“
Company code: 304689389
Address: Švitrigailos g. 11G-100, LT-03228 Vilnius
E-mail: info@sypsenosakademija.lt
For questions related to the protection of your personal data and its processing, please contact us at info@sypsenosakademija.lt.
As this Privacy Policy may change without prior notice, we encourage you to check it every time you visit our website. There you will find the latest version of this policy.
Your personal data is collected in compliance with the applicable laws and regulations of the European Union and the Republic of Lithuania, as well as the instructions of the relevant supervisory authorities. We apply all reasonable technical and administrative measures to ensure that the collected data about our clients is protected from loss, unauthorized use, and alteration.
II. WHAT DATA DO WE COLLECT ABOUT YOU AND HOW DO WE USE IT?
For what purpose do we collect personal data?
What personal data is collected?
What GDPR clause do we rely on when processing your personal data?
What GDPR clause do we rely on when processing your personal data?
2.1. Registration for a visit to receive the services of your choice
We collect the following data from applicants:
Name, surname;
E-mail address;
Telephone number;
Name of the service of interest;
Time of visit;
The division of the company to which it is planned to come;
Additional information provided by the person (e.g. reason for visit (complaints))
Execution of the contract (processing is necessary in order to take action at the request of the data subject prior to the conclusion of the contract (Art. 6 (1) (b) GDPR)
Consent process health data (Art. 9 2 (a) GDPR)
Information about registration for the visit is stored for no longer than 2 years after your visit.
2.2. Recording of telephone conversations to ensure the quality of services and information provided by telephone, as well as the handling of complaints and disputes
We collect:
Audio data of conversations;
The name of the consultant;
Telephone number of the caller;
Date of the interview and start and end times
Consent when you decide to continue the telephone conversation (Art. 6 (1) (a) GDPR)
Personal data is stored 6 months, after which they are automatically deleted, unless there is a need to store the data for a longer period for the purposes of further processing, such as investigating an incident or defending legal claims.
2.3. Conducting direct marketing, sending information about the services provided by the Company, offers and collection of opinions/feedback
We collect:
E-mail address;
Telephone number;
Actions taken with the received message (such as whether you opened the message, what links you clicked, etc.)
Consent when direct marketing messages are sent to persons interested in the Company's activities and services provided (Art. 6 (1) (a) GDPR)
Direct marketing messages to the Company's customers are sent in accordance with Article 81 (2) of the Law on Electronic Communications of the Republic of Lithuania giving you the opportunity to object to or refuse such use of your contact details.
Personal data is stored 5 years (unless you give a new consent to the longer storage of the data during this period).
2.4. To examine your inquiries, complaints, requests (internal administration)
We collect your name, contact information (if you provide it to us), along with the messages and attachments you send us, the history of your communication with you (including its content and time of receipt/submission) and any other information or documents you provide to us.
Legitimate interest resolve your inquiries, complaints, requests (Art. 6 (1) (f) GDPR)
Personal data is stored 5 years from the end of the examination of the issue. Personal data may also be stored for a longer period if it is necessary for the Company to defend itself against claims, claims or lawsuits filed against it.
2.5. Improvement of the website in order to ensure its operation, increase its security and adapt its content and functionality to the needs of users
When you visit the Website, the following data is automatically collected from you:
IP address;
Operating system;
User ID;
Other information about your activities on the Company's Website and other websites.
All this data is collected through the use of cookies. For more information on the use of cookies, see section 6 of this Privacy Policy under “Cookies”.
Personal data collected through the use of cookies is processed on the basis of our legitimate interest (Art. 6 (1) (f) GDPR), and we install cookies on your device only after receiving your consent (GDPR 6 p. 1 (a))
The retention periods are detailed in section 6 of the Privacy Policy under “Cookies”.
2.6. Administration of social networks
The following data is collected from users of social networks:
Name, surname;
Contact information is provided;
Comments are left under the posts of the Company's social media accounts;
Data on clicks, “likes”, “follow” and other reactions (including information about when the person started following or liked the Company's social network account);
Photo of the profile of the user of the social network;
Sent messages with attachments;
Communication history (including the content of messages and the time they were received/delivered)
Leave feedback and ratings
Consent(Art. 6 (1) (a) GDPR), which a person provides by logging into a specific social network
Personal data is stored for as long as the social network account of the Company or the data subject is valid, unless the data subject expresses a desire to delete his data contained in the Company's social network accounts earlier.
2.7. In order to defend one's rights (dispute resolution) — making claims, claims or claims and defending and cooperating with law enforcement or regulatory authorities in the manner and in cases prescribed by law
All the above information, documents and their attachments sent to you, documents submitted by you and their annexes, procedural documents, court orders, orders, decisions.
Information on criminal offenses and convictions.
We process this data with legitimate interest defend their rights in legal proceedings (Art. 6 (1) (f) GDPR).
The data is needed to enable us to assert, enforce or defend legal claims (GDPR 9 p. 2 (f)).
As long as legal proceedings are in progress and 10 years after their completion.
III. TO WHOM DO WE DISCLOSE YOUR PERSONAL DATA?
Your personal data may be provided to recipients who act as independent controllers and to recipients who act as our data processors. Upon receipt of your personal data, independent data controllers make their own decisions regarding the processing of personal data and are responsible for their use in accordance with applicable legislation. In the meantime, the data processors carry out our instructions and process personal data on our behalf in accordance with the concluded contracts. Although all recipients are obliged to comply with the relevant privacy and data protection requirements, we recommend that you contact the recipients who act as independent controllers directly regarding the details of the processing of your personal data. We provide a list of them in the subsection “Data recipients acting as controllers”. If you have any questions about the processing of your personal data by our data processors (a list of them can be found in the section “Data recipients acting as processors”), please address these questions directly to us.
Data recipients acting as controllers
State institutions and organizations, as well as other persons performing the functions assigned to them by legislation, for example, supervisory authorities, tax administration, law enforcement agencies, bailiffs, notaries, courts and non-judicial dispute resolution bodies. Personal data shall be provided to these recipients in cases prescribed by law and only in the case of a reasoned request from the responsible authorities or other authorized persons.
Organizations and individuals providing financial, performance audit and legal services.
Debt collection companies to which claims to indebtedness are transferred.
Data recipients acting as processors:
Service provider providing server rental and maintenance services;
A service provider providing customer management system services;
Provider providing online registration services;
Companies providing web browsing and analysis services;
Companies providing advertising, communication and marketing services;
Undertakings providing IT infrastructure and its maintenance services;
Providers of document repositories and business tools (Google Workspace or Microsoft 365)
Accounting program provider;
Provider of a platform for sending newsletters;
Companies providing electronic communications services;
Companies providing website administration services;
A service provider providing call recording and storage services;
In cases where you communicate with us through social networks, you should consult the applicable data protection conditions of a particular social network and familiarize yourself with its privacy policy. All personal data that you transmit to us with the help of social networks is controlled by a specific controller of the social network (e.g. Facebook or Instagram (Meta), Linkedin).
Although we usually process your personal data within the European Economic Area (EEA), in some cases we may transfer it outside the EEA. If the country to which we transfer your data is not included in the list of safe countries approved by the European Commission, we take additional security measures for the transfer of data: we conclude standard contractual terms with the data recipient approved by the European Commission or use Data Privacy Frameworkmechanism (for data recipients certified under this scheme when data is transferred to the USA). If you have any further questions regarding the transfer of your personal data outside the EEA, please contact us by email info@sypsenosakademija.lt.
Sale of business or merger of companies. We may also disclose your personal data to third parties in the event that we sell or buy any business or property (for liquidation, bankruptcy or other reason) or merge with another company. In this case, we may transfer your data to a prospective seller or buyer of such business or property, as the information of our customers may also be the subject of the sale at the time of a business sale or merger.
IV. WHAT DO WE DO TO PROTECT YOUR DATA?
When processing and protecting your personal data, we implement organizational and technical measures to ensure the protection of personal data against accidental or unlawful destruction (for example, we regularly back up data), alteration, disclosure, as well as any other unlawful processing. The security measures of personal data are determined taking into account the risks that arise during the processing of personal data, therefore, the secure use of our website is ensured by one of the world's most famous secure connection SSL (SSL). Secure Socket Layer) certificate.
Please note that while we take reasonable steps to protect your information, no website, online transaction, computer system or wireless connection is completely secure. You can and must also store your personal data without revealing your personal information, passwords, without leaving activated accounts.
V. YOUR RIGHTS
Each data subject, i.e. each of you, whose data is processed in our activities, has the following rights:
Know (be informed) about the processing of your personal data (Articles 12 to 14 GDPR);
Acquaintance with the processed personal data (Article 15 GDPR);
Request rectification of inaccurate personal data relating to you (Article 16 GDPR);
Request erasure of personal data relating to you (“right to be forgotten”) (Article 17 GDPR). Attention! You only have the right to be forgotten if it can be justified on one of the following grounds:
-Personal data are no longer necessary to achieve the purposes for which they were collected or otherwise processed;
-You revoke the consent to the processing of personal data on which the processing is based and there is no other basis for processing the data;
-You object to the processing of data in accordance with Article 21 (1) GDPR and there are no overriding legitimate grounds for processing the data.
Restrict data processing (Article 18 GDPR). Attention! You have the right to restrict the processing of your data only if:
-Personal data is inaccurate;
-The processing of personal data is illegal, but you do not consent to the deletion of the data;
-The controller no longer needs the personal data to fulfill its purpose, but you need them in order to assert, enforce or defend legal claims;
- You object to the processing of data in accordance with Art. 21 (1) GDPR, if the legitimate reasons of the controller do not outweigh your reasons.
Transfer your personal data where the processing is based on consent or contract and the data is processed by automated means (Article 20 GDPR);
To object to the processing of personal data for reasons related to your particular case, where the data are processed for the legitimate interests of the controller or a third party, unless the controller proves that the data is processed for compelling legitimate reasons that outweigh your interests, rights and freedoms, or in order to assert, exercise or defend legal claims imus (Article 21 GDPR).
If you believe that UAB “Šypsena akademija” processes your personal data unlawfully or does not exercise your rights, you have the right to lodge a complaint with the State Data Protection Inspectorate (L. Sapiegos str. 17, 10312 Vilnius, tel. (8 5) 271 2804, 279 1445, tel. p. ada@ada.lt).
If you have any request or instruction related to the processing of your personal data, please write to us by e-mail info@sypsenosakademija.lt. Upon receipt of such request or instruction, we shall, at the latest within 1 (one) month from the date of the application, we will provide a response and perform the actions specified in the request or inform you why we refuse to do them. If necessary, the specified period may be extended by a further two months, depending on the complexity and number of requests. In this case, within one month from the date of receipt of the request, we will inform you of such an extension and the reasons for it.
VI. COOKIES
We use cookies on our website, which we often refer to as”cookies”. The cookies we use are divided into the following categories: strictly mandatory, functional, statistical and marketing cookies. With cookies we aim to:
Ensure smooth and efficient operation of the Website;
Anonymously collect statistical information about how and what posts you have viewed;
To determine whether our Website meets the needs of users and to improve it accordingly;
Display the information that best suits your interests and needs.
When you visit the Website, only essential cookies (those cookies that ensure that the Website is rendered) are installed on your device. Functional, statistical and marketing cookies are installed only with your consent when you perform active actions in the cookie panel.
Our Website may also contain links to the websites of other individuals, companies or organisations. Please note that we are not responsible for the content of such websites or the privacy and data protection measures used by them. Therefore, if you click on a link from our website to other websites, you should consult their privacy policies separately.
CONTACT US
If you have any questions about the information contained in this Privacy Policy, please contact us by email: info@sypsenosakademija.lt.
