Data protection

 

1. BASIC CONCEPTS

1.1. MB Devyndarbės (hereinafter referred to as the "Company"), established in accordance with the laws of the Republic of Lithuania, whose registered office is at V.Krėvės pr. 48-112, LT-50405 Kaunas, Lithuania, company code 304742767, about which data is collected and stored in the Register of Legal Entities.

1.2. Data subject – means a natural person whose personal data is processed by the Company.

1.3. Personal data - means any information related to a natural person - Data subject whose identity is known or can be directly or indirectly determined using data such as a personal code, one or more physical, physiological, psychological, economic, cultural or social characteristics characteristic of a person character traits.

1.4. Processing of Personal Data - means any action performed with Personal Data: collection, recording, accumulation, storage, classification, grouping, connection, change (addition or correction), provision, publication, use, logical and/or arithmetic operations, search, dissemination , destruction or other action or set of actions.

1.5. Automatic method - refers to actions performed in whole or in part by automatic means.

1.6. Member - means a person who has concluded an employment or similar contract with the Community and is appointed to process Personal Data by the decision of the Community representative or whose personal data is being processed.

1.7. Controller – means a legal or natural person who is authorized by the Community to process personal data. The handler(s) must be registered with the Inspectorate.

1.8. Data Recipient – means a legal or natural person to whom Personal Data is provided. The data recipient(s) must be registered with the Inspectorate

1.9. Inspectorate – State Data Protection Inspectorate of the Republic of Lithuania.

2. GENERAL PROVISIONS

2.1. This document regulates the actions of the Community and its members in the processing of Personal Data, using the automatic means of processing Personal Data installed in the Community, and also determines the rights of Data Subjects, risk factors for the violation of Personal Data Protection, measures for the implementation of Personal Data Protection and other issues related to the processing of Personal Data.

2.2. Personal data must be accurate, appropriate and only to the extent necessary for their collection and further processing. If necessary for the processing of Personal Data, Personal Data is constantly updated.

2.3. The purposes of personal data processing are direct marketing and other legitimate purposes defined in advance before data collection.

2.4. Community Rules 2.3. for the purpose specified in point, processes the following Personal Data of Data Subjects:

(a) name;

(b) surname;

(c) email address;

(d) telephone number;

(e) date of birth;

(f) gender;

(g) information of interest subscribed to;

2.5 The Society does not have the opportunity to check the correctness and authenticity of the data you provide, therefore, when accepting your registration form, we will consider your data to be accurate and correct.

2.6 Personal data are processed in accordance with the Law on Legal Protection of Personal Data of the Republic of Lithuania (February 1, 2008 No. X-1444), other laws and legal acts regulating data processing and protection, as well as these Rules.

3. PROCESSING OF PERSONAL DATA

3.1. Personal data is processed manually and automatically using personal data processing tools installed in the Community.

3.2. Only Members and Administrators have the right to process Personal Data. Each Member/Processor who is appointed to process Personal Data must keep Personal Data confidential and comply with the requirements of personal data protection legislation.

3.3. The Member / Controller must: (a) keep Personal Data confidential; (b) process Personal Data in accordance with the laws of the Republic of Lithuania, other legal acts and these Rules; (c) not to disclose, not to transfer and not to provide conditions for access to Personal Data by any means to any person who is not authorized to process Personal Data; (d) immediately notify the representative of the Community or the person designated by him about any suspicious situation that may pose a threat to the security of Personal Data.

3.4. Members who automatically process Personal Data or whose computers can access areas of the local network where Personal Data is stored must use passwords. Passwords must be changed periodically, as well as when certain circumstances arise (for example: when a member changes, when there is a threat of hacking, when there is a suspicion that the password has become known to third parties, etc.). A member working on a particular computer can only know his password.

3.5. The member responsible for computer maintenance must ensure that Personal Data files are not "visible" (shared) from other computers, and antivirus programs are updated periodically.

3.6. The member responsible for computer maintenance makes copies of the data files on the computers. If these files are lost or damaged, the responsible member must restore them within a few working days at the latest.

3.7. The protection of personal data is organized, ensured and carried out by the representative of the Community or the Member appointed by him.

3.8. The Member loses the right to process Personal Data when the Member's employment or similar contract with the Community expires, or when the Community Manager revokes the Member's appointment to process Personal Data.

3.9. The Controller loses the right to process Personal Data when the Controller's contract with the Company is terminated.

4. IMPLEMENTATION OF THE RIGHTS OF THE DATA SUBJECT

4.1. The data subject, by submitting an identity document to the Community, has the right to receive information from which sources and what personal data are collected, for what purpose they are processed, and to whom they are provided. Access to Personal Data is provided by submitting a written request for access to Personal Data to the Company by mail, fax or e-mail. by post

4.2. The Company, upon receiving an inquiry from the Data Subject regarding the processing of his Personal Data, shall answer whether the Personal Data related to him are being processed, and shall provide the Data Subject with the requested data no later than within 30 calendar days from the date of the Data Subject's request. At the request of the data subject, such data shall be submitted in writing to the specified address or e-mail. postal address.

4.3. The possibility to correct, destroy (the right to be forgotten) their Personal Data or to stop the processing of their Personal Data is granted to the Data Subject by submitting a written request to the Company by mail, fax or e-mail. by mail or verbal request, if the Data Subject can be identified. Upon receiving such a request, the Company immediately checks the Personal Data and, at the request of the Data Subject, immediately corrects incorrect, incomplete, inaccurate Personal Data.

4.4. The Company immediately informs the Data Subject about the correction and destruction of Personal Data performed or not performed at his request.

4.5. The company ensures all other rights, guarantees and interests of personal data subjects guaranteed by the laws and other legal acts of the Republic of Lithuania.

5. TRANSFER OF PERSONAL DATA

5.1. Personal data can be provided only to those Data Recipients with whom the Company has signed relevant agreements regarding the transfer/provision of Personal Data and the Data Recipient ensures adequate protection of the transferred Personal Data. Personal data may also be transferred to third parties in other cases and procedures provided for in the laws and other legal acts of the Republic of Lithuania.

5.2. The Community does not use or disclose sensitive personal information, such as information about health, racial origin, religious beliefs or political views, without the express consent of the Data Subject, except when required or permitted by law.

5.3. Personal data may also be transferred to third parties in other cases and procedures provided for in the laws and other legal acts of the Republic of Lithuania.

6. RISK FACTORS OF BREACH OF PERSONAL DATA PROTECTION

6.1. Violation of personal data protection is actions or omissions that may cause or cause undesirable consequences, as well as contravene the mandatory norms of laws governing the protection of personal data. The degree of impact, damage and consequences of a breach of personal data protection are determined in each specific case by a commission formed by a representative of the Community or a person authorized by him.

6.2. Risk factors for breach of personal data protection:

(a) accidental, when the protection of Personal Data is violated due to accidental reasons (errors in data processing, deletion, destruction of information media, data records, determination of incorrect routes (addresses) during data transmission, etc., or system failures due to power outages, computer viruses and etc., violation of internal rules, lack of system maintenance, software tests, inadequate maintenance of data carriers, invisible line capacity and protection, computer network integration, computer program protections, insufficient supply of fax materials, etc.);

(b) intentional, when the protection of Personal Data is deliberately violated (unlawful intrusion into Community / Hotel premises, storage of personal data media, information systems, computer network, malicious violation of established rules for the processing of Personal Data, deliberate distribution of a computer virus, theft of Personal Data, illegal use rights of another Member, etc.);

(c) unexpected random events (lightning, fire, flood, flood, storms, fire in electrical installation, exposure to changes in temperature and/or humidity, influence of dirt, dust and magnetic fields, random technical accidents, other unavoidable and/or uncontrollable factors, etc. .).

7. PERSONAL DATA PROTECTION IMPLEMENTATION MEASURES

7.1. In order to ensure the protection of Personal Data, the Company implements or plans to implement the following Personal Data Protection measures:

(a) administrative (establishing procedures for the safe handling of documents and computer data and their archives, as well as the organization of work in various fields of activity, familiarization of personnel with the protection of Personal Data during employment and at the end of employment or similar relationships, etc.);

(b) hardware and software protection (administration of service stations, information systems and databases, maintenance of workplaces, Community premises, protection of operating systems, protection against computer viruses, etc.);

(c) protection of communications and computer networks (filtering of shared data, programs, unwanted data packets (firewalling), etc.).

7.2. Personal data protection technical and software measures must ensure:

(a) installation of a storage facility for copies of operating systems and databases, determination of copying techniques and control of compliance;

(b) continuous data processing (processing) process technology;

(c) the strategy for resuming the systems operation in unforeseen cases (contingency management);

(d) physical (logical) separation of the application testing environment from work mode processes;

(e) authorized use of data, their inviolability.

7.3. All Members who have the right to process Personal Data or to organize and carry out their protection must strictly comply with the Personal Data Protection Measures established in the Community and the requirements of the relevant rules, instructions or procedures.

8. PERSONAL DATA PROCESSING TERM

8.1. Your personal data is stored until e-mail. The Fame.lt store will operate, but when the Personal Data is no longer needed for the purposes of their processing, they will be destroyed, except for those that must be transferred to state archives in cases established by law.

9. LIABILITY

9.1. Members who violate the Law on Legal Protection of Personal Data of the Republic of Lithuania, other legal acts regulating the processing and protection of Personal Data, or these Rules shall be subject to liability measures provided for by the laws of the Republic of Lithuania.

10. CONTACT INFORMATION

Where can you go to get acquainted with your personal data processed by Canywhere.lt?

To familiarize yourself with all data processing issues, you can contact us in the following ways: e-mail [email protected], phone no. +370 605 71778, V. Krėvės per. 48-112, Kaunas, LT-50405.

11. FINAL PROVISIONS

11.1. Supervision of compliance with the rules and, if necessary, review, is entrusted to the representative of the Community or a person authorized by him.

11.2. Responsible Members are familiarized with the Rules by signing.

en_USEnglish