Privacy Policy – UAB Delca logistic
The rules specified in this privacy policy (hereinafter – Privacy Policy) determine how your personal data is processed and used for this website (hereinafter Website) and/or mobile device application (hereinafter App).
By logging in, creating an account or in any way using the Website, the App or its services, as well as by checking the box “I have read and agree to be bound by the Privacy Policy” when registering on the Website, the App, and/or using the Services provided by the Website, you (referred to as “data subject”, “you”, “your”, “you”, “yours”, or “you”, etc. in the following, as the case may be, depending on the context, in the Privacy Policy) ) acknowledge that you have read the Privacy Policy and that you agree to comply with it for the entire period of your use of the Services (the Website or the App) and, to the extent applicable, after the end of your use of the Services (after termination of the contract for the provision of the Services etc.). In the event that you do not agree to the provisions of this Privacy Policy, please log out of the Website, do not install or delete the App and do not use it.
GENERAL PROVISIONS
The company referred to on the Website and/or the App (depending on the context, as “Company”, We, Our, Ours, “Us”, We, Us, or the like) has developed and operates the Website and/or the App for the purpose of providing users with the electronic services that complement the services of the ELCA group of companies, as well as to perform related transactions (e.g. create an account, enter into electronic transactions, make payments, open an account for payment of services, top up an account, view transactions, and obtain other electronic services related to the provision of consumer services and non-electronic services to the consumer (Services). The company belongs to the ELCA group of companies.
In providing the Services on the Website and/or the App, we collect and process personal data relating to the user of the Website and/or the App and the use of the Website and/or the App. We do so in accordance with applicable law and this Privacy Policy. We understand that privacy and the protection of personal data are important issues when using the Website and/or the App, which is why we have detailed in our Privacy Policy what personal data we process and how we process it, what rights you have and what obligations you have in relation to the personal data we process.
You may use the Services (Website and/or App) only if you have read and agree to be bound by the Privacy Policy.
This Privacy Policy applies to the processing of all your personal data when we provide the Services on the Website and/or the App. The Company may establish and make publicly available separate rules for the processing of individual categories of personal data, in particular when personal data is processed for purposes and in ways other than those set out in this Privacy Policy (e.g. when the data is processed outside of the Website and/or the App). The Company has established and published separate rules for the processing of Video Surveillance Data.
You can always find the current version of the Privacy Policy in the Settings section of the Website and/or the App.
CONTROLLER OF PERSONAL DATA
The controller of your personal data processed in connection with the provision of the Services on the Website and/or App is the ELCA Group company that operates the particular Website and/or App and is identified in the Contact section of the Website and/or App.
If you want to know the specific company, you can also contact ELCA Holding UAB, legal entity code 302837280, located at Parodu str. 2, LT-04133 Vilnius, the Republic of Lithuania, which is the controlling company of the ELCA group of companies for data processing.
The Company processes personal data itself or uses data processor(s), e.g. providers of technological platforms used for the operation of the Website and/or the App. If the Company will use data processors, you can obtain information about them and their contact details by contacting the Company or UAB ELCA Holding.
PURPOSES OF PROCESSING PERSONAL DATA
We process your personal data for the following purposes:
Customer identification, getting to know the customer and concluding the agreement. We are required by law to identify you before we start providing the Services. To verify your identity, we process copies of your personal documents (your passport or identity card, residence permit, etc.), or we require you to use third-party payment or identification services, or we may obtain your identity data from your mobile operator (which issued the SIM card you are using), or we may compare the data from all of these sources, or we may use third-party identification service providers. Copies of documents may be retained in accordance with legal requirements.
Service provision (agreement performance). We use your personal data to provide you with the Services, e.g. to enable you to enter into transactions, to enable you to purchase property offered for sale on the Website and/or the App, to pay for the purchased property, to view your actions and transaction history, to manage your Website and/or App account, etc. We may also use your personal data to contact you about the Services we provide to you (to inform you about changes to or disruptions of the Services, to respond to your enquiries, or to deal with any complaints you have made to us).
Prevention of money laundering and terrorist financing (compliance with statutory obligations). Processing of your personal data, e.g. for the purpose of fulfilling anti-money laundering and anti-terrorist financing obligations and other obligations imposed on us by law.
Ensuring and protecting our rights and legitimate interests. We process your personal data in order to exercise and defend our rights under the contract entered into with you for the provision of the Services.
Designing, developing and improving the quality of services. To the minimum extent necessary for business purposes and, where possible, after depersonalization, your personal data may be processed, e.g. depersonalized, and used to analyze the usage patterns and trends on the Website and/or App, to get to know the customer, his/her expectations, and to develop the Services and the Website and/or App. We may use your personal data to correct errors and improve the performance of the Website and/or the App.
Offering services (direct marketing). Your personal data is processed for the purpose of providing you with relevant information about our goods or services (including those provided in conjunction with our partners, such as financial service providers) and to seek your opinion about them.
Customer service by electronic means, gathering evidence for the purposes of protecting our rights and legitimate interests. If you contact us by telephone, conversations may be recorded for the specified purpose, with separate notice to you.
We may also process your personal data for purposes other than those set out above, to the extent required by law and, where necessary, after duly informing you or on the basis of another lawful basis for processing.
GROUNDS FOR PROCESSING PERSONAL DATA
We only process your personal data on the basis of a lawful basis for processing:
In order to enter into and/or perform an agreement with you in relation to the provision of the Services (e.g. by processing your personal data necessary to order and provide the Services, etc.).
With your consent (e.g. to send you offers, access your contact details, use your location data).
For our legitimate interests (e.g. to collect evidence of the proper provision of the Services to you, to ensure the security of our property, to prevent crime and public order, to carry out and develop our business, to enforce our rights, to manage our indebtedness, to ensure that the use of the Website and/or App is safe and secure, and to provide you with a safe and secure experience and experience of using the Website and/or the App, etc.); or
By complying with a legal requirement applicable to us (e.g. effective monitoring and investigation of suspicious transactions and monetary transactions in accordance with the procedures set out in the Law on Prevention of Money Laundering and Terrorist Financing of the Republic of Lithuania).
We may also process your personal data on other legal grounds where necessary in accordance with the law, after duly informing you.
PROCESSED PERSONAL DATA
We or our service providers process personal data relating to your use of the Services (in particular, transactional data) about you and others, and we may automatically collect technical data generated by the Site and/or the App in connection with your use of the Services or the functionality of the Site and/or the App (e.g., records of the technical operations of the Website and/or the App are recorded in a system log). We do not normally associate the data recorded in the technical logs of the Site and/or the App in the system log with you as a user of the Website and/or the App, but in certain cases (to ensure proper interaction between the Site and/or the App and our systems and to ensure the security of the system and to resolve technical problems and, for example, to record the timing of transactions and other actions); recording the consents you have given when using the Website and/or the App; continuous monitoring of customer transactions for the purposes of preventing money laundering and terrorist financing; capturing your identification data when the Website and/or the App is first accessed), which will allow you to be identified or distinguished from the technical entries recorded in the system log. In the technical records of operations of the Website and/or the App recorded in the system log, we record the actions you take when using the Website and/or the App that require information on the Website and/or the App that is not stored on the Website and/or the App itself (e.g., the fact that a password has been entered, that the password is (in)correct, the level of identification of the customer performing actions on the Website and/or the App, the data provided by the customer, a list of the operations performed on the Website and/or the App). In such cases, the technical data of the Website and/or the App will be treated as your personal data in accordance with the procedure established by law and processed in accordance with the procedure established for the processing of personal data.
We may process the following personal data for the purposes of customer identification, customer knowledge and agreement conclusion:
Customer identification, customer acquaintance and agreement conclusion (upon our request, you will be required to provide this personal data because you are required to do so by law or because it is necessary for us to enter into or perform an agreement with you in relation to the provision of the Services, failing which you will not be able to use the Website and/or the App):
personal identification number;
name;
surname;
telephone number;
date of birth (if you are a foreigner) (if available, a personal identification number or other unique sequence of characters assigned to that person);
Details of the identity document (copy) used to establish your identity;
Your signature (unless it is optional on the identity document);
Your nationality (if you are stateless, the country that issued your identity document);
mobile (qualified electronic) signature data;
address of place of residence;
Your area of individual activity or business;
transaction data (objects, amounts, time and other data);
Workplace;
Position;
nature of the activity;
source of income;
Your image and the image of your identity document or its equivalent, and the data that allows you to confirm that the image of your face matches the identity document that you have provided (when used to verify identity);
biometric data (a technically processed image of your face and a facial image contained in your identity document (when used for identification));
e-mail address;
Internet Protocol (IP) address;
information on the telecommunications terminal equipment;
other data obtained in the course of the identification of the client and/or the conclusion of the transaction.
We may process the following personal data about you for the provision of the Services:
personal identification number;
name;
surname;
IBAN account number;
telephone number;
date of birth (if you are a foreigner) (if available, a personal identification number or other unique sequence of characters assigned to that person);
Details of the identity document (copy) used to establish your identity;
Your signature (unless it is optional on the identity document);
Your nationality (if you are stateless, the country that issued your identity document);
e-mail address;
address of place of residence;
Website and/or App User ID;
Your location data (if applicable);
data on transactions and your actions (objects, amounts, time and other data);
your activity on the Website recorded in a system log and stored in technical records or/and
In the app (technical records), used for troubleshooting and ensuring system security;
the balance (amount) of funds transferred to pay for the Services;
financial transaction data (funds added/deposited/transferred to the account (amount), number of payment transactions, type of payment transaction (received, sent), status, date and time, amounts, frequency, purpose of the payment, amount of the transaction fee, amount of the amount of the deferred payment account used for the payment);
details of the auto-refill service (whether it’s enabled, the settings for it, etc.);
limits on transactions;
bank card details (name, surname, number (part of it), year and month of validity, CVV code) if the card is linked to your account;
Data about your visits to and use of the Website and/or the App;
Website and/or App security code;
Internet Protocol (IP) address;
the versions of the Service agreements, consents, notices received, Privacy Policy and other related documents that you have agreed to comply with;
Details of requests and communications you have made to us;
Your personal data (name, surname, phone number, whether you have completed the tasks specified in the rules of the promotion, etc.) is necessary for the organization of the promotion. For the purpose of organizing the promotion, we make automated decisions in relation to you, which are set out in the specific rules of the promotion.
We may process the following data for the purposes of fulfilling our obligations under the law (e.g. the Law on Prevention of Money Laundering and Terrorist Financing, the Law on Payments, the Law on Tax Administration, etc.):
Your identity data;
Details of your transactions and operations;
other data required by law.
We may process data about you that you have provided to us and that we have generated (e.g. the content of your transactions and obligations to us, the content of our communications with you), as well as other data necessary for the purposes of our interests, in order to safeguard and protect our rights and interests.
We may process data provided by you (e.g. a bug report) and generated by us (e.g. the volume of the Services used), as well as any other information provided by you, including personal data, for the purpose of designing, developing and improving the quality of the Services, when you inform us of glitches and errors on the Website and/or the App.
For offering services (direct marketing), we may process the following data: name, surname, email address, telephone number, chosen method of receiving communications (SMS, email, Website and/or App).
For the purposes of customer service by electronic communication (e.g. service and advice on the use of the Services, the Website and/or the App and troubleshooting of malfunctions), for the collection of evidence for the purpose of defending our rights and legitimate interests, we may process the following data about you: your name, surname, telephone number, personal identification number (or the last 4 digits of your personal identification number), answers to questions, transactions and any type of transactions, your place of employment, job, position, nature of your business, source of your income, email address and other information about you, your name, address and telephone number, and your name, address and telephone number, personal identification number (or last 4 digits of your personal identification number), your responses to questions, your name and surname. e-mail address, information relating to the matter to which the application relates or the need to protect our interests. For this purpose, we will also process records of electronic communications, their dates, times and duration.
When organizing games or promotions We, as the data controller, may process the following personal data of you and/or others to the extent that it depends on the nature of the game or promotion and the rules of the game or promotion: transaction or transaction number, name, amount, time, date, where tax is required to be paid in connection with the winning of your prize or benefit, and the information necessary for the filing of a tax return and the payment of taxes.
Some of the above data is generated by us. In the event of a change in the personal data that you have provided to us for any of the purposes of processing personal data as set out in this Privacy Policy, you will promptly inform us of the change in your personal data so that the personal data we process about you is accurate and correct.
We will process your personal data on the legal basis permitted by applicable law, usually on the basis of a contract for the performance of Services to you.
SOURCES OF PERSONAL DATA
We receive your personal data on the following legal grounds:
directly from you (when you provide data to us at our request or voluntarily in the course of using the Services, identifying you, reporting bugs on the Website and/or the App);
generating it ourselves ((e.g., technical data that identifies you in relation to the operation of the Website and/or the App; Your identification data created by capturing a facial image during a live video transmission and matching the facial image of the identity document shown);
from the financial services provider of your choice (e.g. a commercial bank);
from other persons established in the European Union who provide us with information technology, identity verification/identification and/or other services;
from public sources (e.g. the population register of the Republic of Lithuania maintained by the State Enterprise Centre of Registers);
from persons managing joint debtor files (e.g. UAB Creditinfo Lietuva);
by collecting negative public information (e.g. information about breaches of the law) about you on the internet through targeted searches;
from organizations maintaining public registers and international databases (e.g. lists of the validity of identity documents, international financial sanctions);
from service providers and third parties (e.g. internet service providers, identity service providers);
with your knowledge and from other persons.
CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Your personal data will only be processed on our behalf and on our behalf by our trained employees who ensure the security and confidentiality of your personal data, or by trusted, appropriately trained and supervised providers of information technology and other services necessary for the provision of the Services (such as the management of your payment transactions and the management of the databases of your billing transactions with the merchants) (“your data processors”), and then only to the extent necessary for the proper provision of the Services.
We can use service providers in Lithuania, in another country of the European Union or the European Economic Area, or in any other country in the world (“third country”). In the event that the service provider we use is established in a third country that does not ensure adequate security of your personal data, we will take appropriate technical and organizational measures to protect your personal data (e.g., by including personal data protection clauses in our contracts with these service providers and/or using other measures to ensure the lawfulness and security of the transfer of the data) in order to prevent unlawful processing of your personal data in such countries.
In all cases, when we provide your personal data to other persons, we apply technical and organizational security measures to ensure that the recipients of your personal data process your personal data only for the purposes set out in the Privacy Policy and in accordance with the applicable legal requirements for data provision.
We do not share your personal data outside of the ELCA group of companies with other independent data controllers (recipients), except as necessary to achieve the purposes set out in this Privacy Policy, such as:
to the extent necessary to verify your identity when you access the Website and/or the App, we may transfer your personal data to an identification services company that we use;
to the extent necessary for the provision of the Services (e.g. to enter into and carry out transactions on the Website and/or App, to carry out account transactions), we will provide your personal data to providers of the services you have requested established in any country in the world that you specify or that will be involved in the performance of the transaction and the provision of the Services you have requested (e.g., payment institutions, transport service providers);
to the extent necessary to provide you with a telephone service and to gather evidence for the purposes of upholding our rights and legitimate interests, we will provide access to certain of your personal data to persons who provide us with security and legal services;
to the extent necessary for the development and quality improvement of the Services, we will provide your personal data to the service providers of the Website and/or the App for the purposes of recording, analyzing and rectifying errors, malfunctions and malfunctions of the Website and/or the App;
we may provide your personal data to the administrator of the joint debtor file (e.g. Creditinfo Lietuva UAB) on a legal basis).
We may provide your personal data outside the ELCA Group to other independent data controllers (recipients) and where required by law.
We will inform you about the provision of your personal data if it is required by law and if such information is not contrary to law or prejudicial to the protection of legally protected interests.
To third parties established within or outside the European Union for the purpose of pursuing our legitimate and legitimate interests (e.g. investors and potential investors in the case of a transfer of (part of) a business; ensuring appropriate safeguards in relation to the protection of the personal data provided, ensuring that financial institutions in the European Union or in a third country investigate suspicious financial transactions or transactions made by you or to you for the purposes of preventing money laundering and terrorist financing) ensuring the confidentiality of, and the protection of, your personal data, and the other conditions necessary for the proper provision of your personal data to such persons.
PERIOD OF PROCESSING OF PERSONAL DATA
We will process your personal data for the minimum period of time necessary to comply with the law or to achieve the purposes set out in the Privacy Policy, after which we will securely and irretrievably destroy your personal data if we do not have a legitimate basis for the further processing of such personal data. We choose the specific period of retention of personal data based on the nature of the personal data and the purposes of the processing.
We will normally process your personal data for the duration of your use of the Services and we will retain your personal data for a period of 10 years after the end of your use of the Services (e.g. termination of the contract for the provision of the Services) on an active non-processing basis.
We will retain the data relating to correspondence with you regarding the provision of the Services or the use of the Website and/or the App for the duration of your use of the Website and/or the App, and for a period of 5 years after the end of your use of the Services (e.g., termination of the agreement to provide the Services).
The storage periods indicated may be extended for a maximum of 2 years at the request of the competent public authorities or in other cases provided for by law.
For the purpose of protecting our rights and interests, we process your personal data for the exercise and defense of our rights under our contracts with you, and we will process your personal data for the period of time necessary for the exercise of our rights or the protection of our rights or interests or for the period of time necessary to comply with the procedural deadlines established by law.
We will retain your personal data for the purpose of designing, developing and improving the quality of our Services for 1 year from the date of submission of the relevant data.
Where we process your personal data on the basis of your consent (e.g. direct marketing), we will process your personal data for the period of time specified in the relevant consent (in the relevant section of the Privacy Policy). Unless otherwise provided by law, we will keep records of the processing of your personal data (evidence of the consents to which you have given your consent, notifications of processing to which you have been made aware) for the entire period of your use of the Services, and we will retain them for a period of 3 years after the end of your use of the Services (e.g., the termination of the contract for the provision of Services), without actively managing them.
Your actions on the Website and/or the App are recorded in the technical records in the system log at the time of downloading and installing the Website and/or the App on your mobile device, or at any other time at which the relevant recorded actions are performed on the Website and/or the App. These records of your actions on the Website and/or the App are processed and stored as they are necessary to preserve evidence of legally enforceable actions (such as confirmations of your transactions, records of the conclusion of a contract, etc.). The retention period for records that prove actions producing legal effects is determined in the same way as for the personal data (your actions) for which they are stored.
We will securely destroy your personal data without any legal basis for further processing.
DIRECT MARKETING
We will provide service offerings (notifications) with your consent (by ticking the relevant box) during your use of the Website and/or App or at any time thereafter in the settings of the Website and/or App, and, where permitted by law, with a legitimate interest in notifying you of our Services that are similar to those that you use.
By ticking the box to receive direct marketing (offers) during your use of the Website and/or the App or at any time thereafter in the settings of the Website and/or the App, you opt-in to receive our offers and agree that we, as the data controller, may contact you by email. As a data controller, we agree to contact you by email, SMS and direct message on the Website and/or App to offer our services or to ask your opinion about them (for direct marketing purposes) and to process your personal data (telephone number, name, surname, email address, method of receipt of messages (SMS, email, Website and/or App)) received from you on the basis of and subject to the terms and conditions of this consent.
You can withdraw your consent to receive communications at any time without adverse consequences. You can do so by unchecking the option (e.g. unticking the box) to receive offers in the settings options on the Website and/or the App. You have the right to opt-out of receiving communications.
If you do not agree to receive offers, we will not be able to provide you with relevant information.
If we receive a request to withdraw your consent to receive direct marketing communications, we will immediately stop processing your personal data on the basis of your consent, but the withdrawal of consent will not affect the lawfulness of the processing of your personal data on the basis of your consent prior to the withdrawal of your consent (the processing of the communications prior to the withdrawal of the consent).
For the purpose of receiving communications about our services, we will collect and process your personal data in digital form by means that ensure secure processing. We will receive your personal data for the purpose of sending notifications from you and will not disclose it to anyone for this purpose.
On the basis of your consent to receive notifications about our services, we will continue to send you notifications for as long as you use the Website and/or the App (until you terminate the Services Agreement) or until you revoke this consent.
YOUR RIGHTS
You have the following data subject rights in relation to your personal data:
1) know about the processing of your personal data;
2) request access to and a copy of your personal data processed by us;
3) request rectification of your personal data;
4) request the erasure of your personal data;
5) to request the transfer of certain of your personal data;
6) in certain cases provided for by law, to request the restriction of the processing of your personal data;
7) in certain cases provided for by law, to inform us that you do not consent to the processing of your personal data;
8) withdraw your consent to the processing of your personal data, if you have previously given it;
9) f we make automated decisions about you (e.g. we make a decision not to provide you with the Services on the basis of your personal data solely by computer means) or if we profile you (e.g. classify you in a category that we have created on the basis of your use of the Services or other characteristics), you have the right to tell us that you do not agree with a decision made by us on the basis of automated means, including on the basis of profiling, and to require a human being’s participation in the making of such a decision;
10) if you believe that we violate your rights as a data subject, you have the right to lodge a complaint with the State Data Protection Inspectorate in accordance with the procedure established by the legislation, and/or to seek redress in court for unlawful processing of your personal data.
Procedure for exercising your rights:
1) The rectification (correction, updating), deletion, restriction of personal data shall be carried out at your request or on our initiative in the pursuit of legitimate (e.g. internal administrative) purposes. All other rights you have as a data subject are exercised only at your request.
2) Your requests to exercise the rights of data subjects must comply with the requirements of the Privacy Policy and the law. Requests that do not comply with these requirements may be considered unreasonable and may not be fulfilled. We will only comply with reasonable, non-abusive requests and only after we are satisfied of the identity of the person (and representative) making the request and their right to make the request.
3) We will only comply with requests to exercise your rights if we receive a free-form written request from you to exercise a specific right (or several rights). The request must be in legible characters, the request must not use obscene words, swearing, abusive or disrespectful language, and it must clearly and specifically state the right(s) sought to be enforced. You must submit your request for the exercise of the data subject’s rights to us in Lithuanian in writing by email: asmensduomenys@elcaholding.com, by visiting our office in person (Parodu str. 2, LT-04133 Vilnius) or by post to our office address.
4) The application must be signed by you with a physical signature or a qualified electronic signature. The application and the documents submitted with the application, if they are required under the procedures for identifying you or your representative described below, or if the application is not signed with a qualified electronic signature, must be submitted in a normal computer-readable format that is sufficiently clear and legible (e.g. a scanned pdf document).
5) We may ask you to provide additional information to establish your identity or to clarify your application.
6) We will identify the data subject (and his/her representative) who has submitted your request on the basis of the notarized scanned copy(s) of the personal identification document(s) attached to the request, or after you have signed the request with a qualified electronic signature. If the request for the exercise of the data subject’s rights is made to your legal representative or to a person acting under a mandate, the request must be accompanied by a scanned copy of the document certifying the right of representation (e.g. the civil status act) certified by a notary public or of the power of attorney certified by a notary public. Failure to sign the request (including by a qualified electronic signature) and/or to enclose a copy of the document(s) requested with the request will mean that your request is unfounded and will not be executed. We will keep the request and the documents submitted with the request for the duration of the request and for 3 years after the request has been fulfilled, after which we will dispose it securely;
7) Requests shall be implemented or refused (with reasons) within 30 calendar days from the date of submission of a request that complies with the Privacy Policy and the law. This time limit may be extended in accordance with the procedures and in the cases provided for by law (e.g. if the request relates to a large amount of personal data), upon prior notification to the Data Subject. We will reply to you at the email address from which you sent your request;
8) We will normally carry out your request free of charge 1 time per calendar year. We may ask you to reimburse us for the costs incurred in implementing your abusive or repeated requests with substantially similar content made within 1 calendar year from the date of the last implementation (reasonable refusal to implement) of a similar request, in particular if we have not made substantial changes to our processing activities during that period, or we may treat such a request as unreasonable and not implement it. We may also consider a request to be unreasonable and refuse to comply with it if: it does not specify the specific right it seeks to enforce; it does not provide other information required by the Privacy Policy or by law for the request; such request is not provided for by law or the Privacy Policy; the request is otherwise manifestly unfounded; or the request is made in an abusive manner. We do not process your personal data; the application is not accompanied by (or is not accompanied by) documents identifying you (the representative); the person making the application is not duly authorized or has no right to make the application; the legislation does not allow the application to be granted. In complying with your requests, we will not provide you with our commercially sensitive information and other data that are exempt from disclosure to the data subject by law.
We implement the right to know about the processing of personal data by providing information in the Privacy Policy, information notices on the Website and/or the App and other channels.
By exercising your right of access to your personal data, you can obtain confirmation that we process your personal data; information on which categories of your personal data we process, the sources from which we collected it, the purposes for which we process it, the categories of recipients to which we provide it, and the retention period of such data; information about automated decision-making or profiling of you (if applicable); information about transfers of personal data outside the European Economic Area (if applicable). Upon request, we will provide you with a copy of your personal data in a suitable format and medium of our choice.
If you identify that we are processing incorrect, incomplete or inaccurate personal data about you, you may request that we rectify or erase this personal data. Upon receipt of a request for rectification of personal data, we will suspend the active processing of such data, except for storage, verify the accuracy of the personal data and, if applicable, after rectification of the incorrect, incomplete, inaccurate data, resume the processing of the rectified personal data.
In the cases provided for by law, you can request to restrict the processing of your personal data. In this case, you must specify in your request the grounds for the restriction, the scope of the personal data to be restricted and the requested period of application of the restriction. If grounds for restricting the processing of personal data are established, we will separate the personal data subject to the restricted processing from other personal data and will suspend the processing of the data subject to the restriction, except for the storage, and, if applicable, notify you of this.
We will only be able to process personal data subject to limited processing to the extent and in the cases provided for by law. Restricting the processing of certain of your personal data may make it impossible to ensure the full or proper functionality of the Website and/or the App or the provision of the Services.
In the cases and to the extent provided for by law, we will exercise your right to erasure of all or part of your personal data processed by us (other than those required by law to be further processed) (right to be forgotten). Upon receipt of such a request, we will securely and irretrievably destroy the data requested for erasure (to the extent consistent with our obligations under the law) and, where possible, inform the recipients of such personal data known to us of your request. If we do not have the technical capability to delete all copies of your personal data from all information systems or backups at the same time, we will let you know when the data can be completely removed from our systems.
When exercising your right to data portability (to receive your personal data in a standard, computer-readable and interoperable format or to request a transfer to another controller), you should additionally specify in your request: whether you are requesting to receive the personal data yourself, or whether you are requesting the transfer of the personal data we process about you directly to another controller (in this case, you should also indicate precisely the recipient, the recipient’s information system, the recipient’s information system, the data transfer system, and the preferred format of the data to be used in the transfer of your personal data), the amount of the data (the extent of the data transfer), and the purposes for which you wish to have your personal data transferred. A request for the transfer of personal data may only be made in respect of limited personal data: i.e. only personal data that is processed by automated means, that is processed on the basis of consent or for the performance of a contract, and that has been directly provided to us by you or that has been directly captured by us (without the use of any special algorithms) in the course of your use of the Services.
Where your personal data is processed for legitimate interest (e.g. processing of your personal data for direct marketing purposes, for the purpose of the Services, for analysis of market trends; providing or obtaining your personal data to or from a credit institution established in the European Union or in a third country for the purposes of investigating suspicious financial transactions and transactions for the purposes of the prevention of money laundering and terrorist financing) or on the grounds of public interest, or on the basis of profiling of your personal data, or on the basis of automated decision-making (if carried out), you have the right to object to such processing of your personal data. If you disagree, you must notify us at the email address and in the order specified in the Privacy Policy. In this case, we will stop processing the relevant personal data unless there are legitimate and justified reasons to continue processing your personal data.
When processing your personal data on the basis of consent, you have the right to withdraw your prior consent at any time (e.g., by unchecking the boxes in the settings options on the Website and/or the App or by submitting the above request). Upon receipt of information about the withdrawal of consent, we will immediately stop processing personal data on the basis of consent, but the withdrawal of consent will not affect the lawfulness of the processing of personal data based on consent carried out prior to the withdrawal of consent.
PROCESSING OF STATISTICAL INFORMATION AND USE OF COOKIES
In order to ensure your access to the Website, the App and the Services, we use the technologies necessary to provide the Services, such as the technical parameters of the user’s device, location, technical actions performed on the Website and/or the App, etc. No data that could identify you or distinguish you from a group of persons will be collected and processed using this technology, and it is not possible to identify you on the basis of the technical data recorded. In order to ensure your accessibility, the Technology is necessary for the proper provision of the Services and will therefore apply for as long as you use the Website and/or the App. Technology solutions for this purpose are provided by the trusted suppliers we use (e.g. Google Inc.).
Cookies are storage media that store information on your device. When using the Website, session cookies may be placed on your device to identify the session and technical parameters of the user.
More information on cookies can be found at: www.AllAboutCookies.org. Cookies are under your control and can be refused or destroyed (deleted, uninstalled) at any time by adjusting the permissions applied to the Website on your terminal device, by clearing the cache or by reinstalling the terminal device.
When you use the App, the files of the App and the files necessary for its operation are saved on your device.
DATA SECURITY
We have appropriate security measures in place (including, but not limited to, data encryption, securing of transmission channels and network, access rights management) to protect your personal data processed by us from unauthorized access, alteration, disclosure, destruction or other unlawful processing. If, despite the security measures in place, a personal data breach occurs which may have significant adverse consequences for your rights, we will inform you immediately.
CONTACTS
If you have any questions regarding the Privacy Policy, the processing of your personal data or in order to exercise your rights, please contact the person in charge of UAB ELCA Holding by e-mail: asmensduomenys@elcaholding.com.
FINAL PROVISIONS
We may change this Privacy Policy or any part of it at any time at our sole discretion. Such changes shall become effective upon posting of the updated Privacy Policy on the Website and/or the App.
Please regularly review and familiarize yourself with the latest version of the Privacy Policy. If we plan to make material changes to the Privacy Policy, we will notify you in advance by posting a notice on the Site and/or App or otherwise.
If you do not agree to the changes made to the Privacy Policy, you are not entitled to use the Website, the App and/or the Services.