When processing Personal Data, we comply with the provisions of the General Data Protection Regulation No. 2016/679 (EU) (hereinafter - GDPR) and the requirements of the legal acts of the Republic of Lithuania, as well as the instructions of the controlling authorities.
WHO ARE WE?
We are UAB Gorampa, a private limited liability company established in the Republic of Lithuania, legal entity code 304436133, address Švitrigailos g. 8-507, Vilnius, data are collected and processed in the Register of Legal Entities of the Centre of Registers, State Enterprise (hereinafter the “Company” or “us”).
We manage the Website and Social Accounts and act as a Personal Data Controller in offering and providing services, performing the Company’s day-to-day operations, or complying with legal requirements.
When Personal Data are provided using our services (for example, an employer who orders services from us, provides the employee’s Personal Data in a service account created and controlled by the employer), we act as a processor of Personal Data. Such processing of Personal Data are subject to the terms and conditions of Us as a processor of Personal Data set out in the personal data processing agreement.
WHAT YOUR PERSONAL DATA DO WE PROCESS?
We process your Personal Data obtained in the following ways:
When you provide us with Personal Data, for example, register on the Website, order our services, contact us by e-mail or telephone, etc.;
When we collect your Personal Data when you use our Services and the Website, Social Accounts, such as the history of use of the Services, your IP address, the history of your visits to the Website, your choices, open URL links, etc.;
When we receive Personal Data from other parties, for example, when we receive information from public registers, state or local government institutions or bodies, our partners, other third parties, such as payment institutions, about payments made, etc.;
When your personal data, with your consent, is provided to us by other persons, including companies using our services, for example, when such Companies indicate your contacts, refer to you as an authorized person, and so on.
We process personal data as data controllers in order to offer and provide services, to fulfil our contractual obligations, as well as pursuing our or third parties’ legitimate interest, in compliance with legal regulations or obligations.
The person providing Personal Data to us, both when providing his/her Personal Data and Personal Data of other persons (such as employees, representatives), is responsible for the correctness, completeness, and relevance of such Personal Data, as well as for the consent of the data subject for his/her Personal Data provision to us. We may ask you to confirm that a person has the right to provide us with Personal Data (for example, by filling in service order or registration forms). If necessary (for example, a person inquires us about receiving his/her Personal Data), we will identify the provider of such data.
We process your Personal Data for the following purposes and under the following conditions:
You have the right to refuse or revoke your consent to the processing of your Personal Data at any time when these are processed on the basis of your consent.
On the Website, we provide registered service users with the opportunity to see the information specified in the service user’s account, personal contacts, written messages, communicate, place orders, and track the history of services. This information will not be visible to unregistered users. It will also not be visible when a user’s account is inactive (for example, if the user does not renew the service agreement with us).
In some cases, we may send you messages related to ordering or providing our services, for example, informing you about the confirmation of the service order, the expiration date of the ordered services, changes in the provision of services. Such notices are necessary for the proper provision of our services and are not considered promotional notices.
You have the right to change and update your information provided to us. In some cases, we need to have accurate, up-to-date information about you, so we may ask you periodically to confirm that the information we hold about you is correct.
HOW DO WE USE YOUR PERSONAL DATA AND WHAT PRINCIPLES DO WE KEEP?
We collect and process only such Personal Data as is necessary to achieve the Personal Data Processing Purposes we have specified.
When processing your Personal Data
We comply with the requirements of current and applicable legislation, including GDPR;
We process your Personal Data in a lawful, fair, and transparent manner;
We collect your Personal Data for specified, clearly defined and legitimate purposes and do not process them in a way incompatible with those purposes, except to the extent permitted by law;
We take all reasonable steps to ensure that Personal Data that is inaccurate or incomplete, in accordance with the purposes for which they are processed, would be rectified, supplemented, suspended, or destroyed without delay;
We hold them in such a form that your identity can be established for no longer than is necessary for the purposes for which the Personal Data are processed;
We ensure that your Personal Data are processed securely.
TO WHOM AND WHEN DO WE TRANSFER YOUR PERSONAL DATA?
We may transfer your Personal Data to:
Our partners or consultants such as auditors, lawyers, tax, business consultants, investors and so on.
Personal Data processors that we use, such as ancillary service providers, companies providing advertising and marketing services, accounting services, IT programming services, cloud and hosting services, IT security, maintenance, and technical service providers, etc. We require data processors to store, process and handle Personal Data as responsibly as we do and only in accordance with our instructions.
Social network platform operators (so that we can publish your content to Social Network accounts):
LinkedIn Ireland Unlimited Company (Ireland);
LinkedIn Corporation (USA) (data are transferred according to EU standard contractual clauses);
Facebook Ireland Ltd. (Ireland);
Facebook, Inc. (US) (data transferred according to EU standard contractual clauses).
State or local self-government institutions and authorities, law enforcement and pre-trial investigation institutions, courts and other dispute resolution institutions, other persons performing functions assigned by law, in accordance with the procedure provided for by legislation of the Republic of Lithuania. We provide these entities with mandatory information required by law or specified by the entities themselves;
Other third parties, such as payment institutions, etc.;
If necessary, to companies that intend to buy or would buy the Company's business or would conduct joint activities with us or would cooperate in another form, as well as to companies established by us.
We normally process Personal Data within the European Economic Area, but in some cases your Personal Data may be transferred outside the European Economic Area (hereinafter “EEA”). Your Personal Data will only be transferred outside the EEA under the following conditions:
Data are transferred only to our reliable partners who ensure the provision of our services to you;
Data processing or provision agreements have been signed with such partners, which ensure the security of your Personal Data;
The Commission of the European Union has decided on the eligibility of the country in which our partner is established, i.e., an adequate level of security is ensured; or
You have given your consent to the transfer of your Personal Data outside the European Economic Area.
WHAT RIGHTS DO YOU HAVE?
As a data subject, you have the following rights with regard to your Personal Data:
To know (to be informed) about the processing of your Personal Data (right to know);
To access your Personal Data and the way they are processed (right of access);
To request the correction or, depending on the purposes of the processing of Personal Data, supplementing of incomplete Personal Data (right to rectification);
To request the erasure of your Personal Data or the suspension of your Personal Data processing activities (excluding storage) (right to erase and right to “be forgotten”);
To request us to restrict the processing of Personal Data for one of the legitimate reasons (right to restrict);
The right to transfer data (right to transfer). This right will be exercised only if there are grounds for its exercise and appropriate technical measures to ensure that the transfer of the requested Personal Data does not pose a risk of security breach to the data of other persons;
The right to object the processing of your personal data when we process Personal Data on the basis of a legitimate interest of the Company or a third party, including profiling. If you object, we will only be able to further process your Personal Data for compelling legitimate reasons that take precedence over your interests, rights, and freedoms, or to make, enforce or defend legal claims;
Revoke your consent to the processing of your Personal Data when this data are processed or intended to be processed for direct marketing purposes, including profiling as far as such direct marketing is concerned (based on the Personal Data you provide, profiling may be carried out for direct marketing purposes in order to offer you individually tailored solutions and proposals. You can revoke your consent to the processing of personal data by automated processing, including profiling, or object to it at any time).
If you do not want your Personal Data to be processed for direct marketing purposes, you may opt out of such processing for the purposes of conducting surveys, including profiling, without giving reasons for the refusal (disagreement) by writing an e-mail to firstname.lastname@example.org or in another way specified in the message provided to you (for example, by clicking on the relevant link in the newsletter).
We may refuse to implement your rights listed above, except for refusal to process your Personal Data for direct marketing purposes or in other cases where Personal Data are processed with your consent, where GDPR provisions allows us to disregard your request, or where in cases provided for by law, the prevention, investigation, and detection of criminal offenses, breaches of official or professional ethics must be ensured, as well as the protection of the rights and freedoms of the data subject, us and others.
You can exercise some of your rights as a data subject by changing the settings of the user account and the information contained therein. You may submit any request or instruction related to the processing of Personal Data to us in writing by e-mail email@example.com. When you make such a request, we may, in order to better understand the content of your request, ask you to complete the necessary forms, as well as provide an identity document or other information that will help us verify your identity. If you make a request by e-mail, depending on its content, we may ask you to come to us or make a written request.
Upon receipt of your request or instruction regarding the processing of Personal Data, we will, no later than within 1 month from the date of the request, provide a response and perform the actions specified in the request or inform you why we refuse to perform them. If necessary, the specified period may be extended by a further 2 months, depending on the complexity and number of applications. In this case, we will notify you of such an extension within 1 month of receiving the request.
If Personal Data are deleted at your request, we will retain only copies of information that is necessary to protect the legitimate interests of us and others, to comply with government obligations, to resolve disputes, to identify disruptions, or to comply with any agreements you have with us.
WILL WE SEND YOU NEWS?
You can give us your consent if you wish to receive our offers and information about our services, activities and offers. You can also give us your consent to help us evaluate the quality of our services.
With your consent, the news of your choice will be sent to you by e-mail or SMS to the telephone number specified by you, as well as by notifications in your account. After receiving your consent, we can inquire about the quality of our services and maintenance by e-mail, message in your account or by contacting the telephone number provided by you, as well as invite you to fill in quality assessment forms.
We will try not to abuse the right to share news, which you have provided to us. After sending the news, we can collect information about the people who received it, for example, which message the people opened, what links they clicked on, and so on. Such information is collected in order to offer you relevant and more tailored news.
Your contacts may be passed on to our partners/processors who provide us with news delivery or quality assessment services.
Withdrawal of consent does not automatically oblige us to destroy your Personal Data or provide you with information about the Personal Data we process, so you must make such a request separately in order for us to perform these steps as well.
HOW DO WE PROTECT YOUR PERSONAL DATA?
Your Personal Data are processed responsibly, securely and is protected from loss, unauthorized use, and alteration. We have put in place physical and technical measures to protect the information we collect from accidental or unlawful destruction, damage, alteration, loss, disclosure, as well as from any other unlawful processing. Security measures for personal data shall be determined taking into account the risks arising from the processing of Personal Data.
Our employees have made a written commitment not to disclose or distribute your Personal Data to third parties.
Cookies are small files that are stored in the browser of a Website visitor’s device when you browse websites. Other technologies, including data we store on your browser or device, identifiers associated with your device, and other software may be used for similar purposes. Cookies are widely used to make websites work or to function better and more efficiently. In this policy, all of the above technologies are referred to as “cookies”.
You can choose whether you want to accept cookies. If you do not agree to cookies being stored on the browser of your computer or other device, you can mark it in the cookie acceptance bar, change the settings of the browser you are using and disable cookies (all at once or one by one or in groups). To opt out of cookies on your mobile device, you must follow the official instructions for that device. Please note that in some cases, refusing cookies may slow down your browsing experience, restrict the functionality of certain websites or block access to the website. For more information, visit http://www.AllAboutCookies.org or https://www.google.com/privacy_ads.html.
You may opt out of the use of third-party cookies for advertising purposes by visiting the Network Advertising opt-out page at http://www.networkadvertising.org/managing/opt_out.asp.
We may use mandatory cookies that are necessary for the operation of the Website, analytical cookies, functional cookies to analyse Website traffic, memorize user preferences and adapt them to the Website so that we can provide enhanced features, performance cookies, third-party cookies that use third parties, advertising cookies to display personalized and general advertising to you.
We use the following Google Inc. products that record cookies:
Google Analytics – analyses how you use the Website, generates reports based on this analysis, helps to plan and forecast the activities of the Website and services. Data collected by Google Analytics is typically transmitted and stored on a Google Inc. server in the United States. We have implemented IP anonymity on the Website, so that Google Inc. would hide your IP address in the EU and EEA countries. You can change your browser settings to prevent Google Analytics from analysing information. In this case, you will be given an opt-out cookie. However, if you delete all cookies, the opt-out cookie may also be deleted. You can also prevent Google from capturing data by downloading and installing a browser plug-in from https://tools.google.com/dlpage/gaoptout?hl=en.
Google AdSense – allows to evaluate your use of the Website in relation to the advertisements displayed and to provide information-based reports. Data collected by Google AdSense is typically transmitted and stored on a Google server in the United States. If you do not want to receive customized ads, you can change your settings at https://www.google.com/settings/ads as needed. In this case, you will be given an opt-out cookie. However, if you delete all cookies, the opt-out cookie may also be deleted.
Google Remarketing – allows to repeatedly show ads on sites in the Google Inc. partner network. If you do not want to receive customized ads, you can change your settings at https://www.google.com/settings/ads as needed. In this case, you will be given an opt-out cookie. However, if you delete all cookies, the opt-out cookie may also be deleted.
Address: Jakšto g. 9A, Vilnius, LT-01108, Lithuania.
If you wish to make a complaint about our processing of Personal Data, please provide it to us in writing, providing as much information as possible. We will cooperate with you and try to resolve any issues immediately.
If you think that in accordance with the GDPR your rights have been violated, you can submit a complaint to our supervisory authority – the State Data Protection Inspectorate, more information and contact details can be found on the Inspectorate’s website (https://vdai.lrv.lt/). We strive to resolve all disputes promptly and peacefully, so we invite you to contact us first.