Personal data are processed in accordance with the European Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter referred to as the Regulation), the Law on the Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the protection of personal data.
UAB Emotika is guided by the following basic principles of data processing:
- personal data are collected only for clearly defined and legitimate purposes;
- personal data must be processed accurately, fairly and lawfully;
- personal data are constantly updated;
- personal data shall be stored securely and for no longer than is required by the purposes of the processing or by law;
- personal data shall be processed only by those employees of the Company who are authorised to do so in accordance with their working functions or by duly authorised data processors.
1.1. Data controller – UAB Emotika (hereinafter referred to as the Company), number of legal entity 305432981, registration address Miško g. 6A-3, Kaunas.
1.2. Data subject means any natural person whose data are processed by the Company. The data controller shall only collect the data of the data subject which is necessary for the performance of the Company's activities and/or for visiting, using, browsing the Company's websites, Facebook, LinkedIn, YouTube pages, the Company's mobile application Emotika (hereinafter referred to as the Website, Site). The Company ensures that the collected and processed personal data will be safe and will only be used for a specific purpose.
1.3. Personal data means any information that directly or indirectly relates to a data subject whose identity is known or who can be directly or indirectly identified using the relevant data. Personal data processing means any activities performed on personal data (including collection, editing, recording, storage, modification, access, sending up queries, transfers, archiving, etc.).
1.4. Consent means any voluntary and deliberate confirmation by which the data subject agrees that his personal data are processed for a specific purpose.
1.5. Cookies are small pieces of text information used on the Company's website, which are automatically generated when browsing the website and are stored on the computer or other device used by the data subject (website visitor). Cookies are used to improve the browsing experience of visitors to the website and to analyse the traffic and behaviour of visitors to the website.
2. PERSONAL DATA SOURCES
2.1. Personal data are provided by the data subject himself. The data subject shall apply to the Company, register for services, use the services provided by the Company, purchase goods and/or services, leave comments, ask questions, subscribe to newsletters, apply to the Company requesting information, etc.
2.2. Personal data are obtained when the data subject visits the Company's website. The data subject fills in the forms contained therein or, for whatever reason, leaves his/her contact details, etc.
2.3. Personal data are obtained from other sources. Data are obtained from other institutions or companies, publicly accessible registers, etc.
3. PERSONAL DATA PROCESSING
3.1. When submitting the personal data to the Company, the data subject agrees that the Company uses the collected data in fulfilling its obligations to the data subject in providing the services the data subject expects.
3.2. The personal data are managed by the Company for the following purposes:
3.2.1. Ensuring the continuity and continuity of the Company's activities. For this purpose, the following data are processed:
✓ For the purpose of concluding and executing contracts, personal data of suppliers (natural persons) may be processed: name(s), surname(s), personal identification number or date of birth, place of residence (address), telephone number, e-mail address, place of work, job title, bank account and the bank where the account is located, date, amount, currency of the monetary transaction or operation, and any other data provided by the individual, received by the Company in the course of the Company's activities in accordance with the legislation and/or required to be processed by the Company by the laws and/or other legal acts. For example, the data contained in the business certificate (type of activity, group, code, name, periods of activity, date of issue, amount), number of the certificate of individual activity, data on whether the data subject is a VAT payer and other data necessary for the proper performance of the obligations laid down in the contract and/or legal acts.
✓ For the purpose of the administration of debtors of the Company, the following personal data of clients (debtors, natural persons) may be processed: name(s), surname(s), personal identification number or date of birth, place of residence (address), telephone number, e-mail address, amount of debt, information on goods and/or services provided, other data related to the debt.
▪ Contracts, VAT invoices and other related documents shall be stored in accordance with the time limits set out in the General Index of Document Storage approved by Order of the Chief Archivist of Lithuania.
▪ Data relating to the administration of the Company's debtors shall be stored for no longer than necessary for the purposes for which the personal data are processed.
3.2.2. Administration of the curriculum vitae (CV) database for job candidates. For this purpose, the following data are processed:
✓ Name (s), surname (s), date of birth (age), address of residence, communication data (telephone number, e-mail address), information about the candidate's education (educational institution, period of training, acquired education and/or qualification), information on further training (training received, certificates obtained), information on the candidate's work experience (workplace, period of employment, position, responsibilities and/or achievements), information on language skills, information technologies, driving skills, other competencies, other information provided in the CV, cover letter or other application documents, references from employers, references: the person recommending the candidate, giving the reference or providing feedback, their contacts, references or content of the feedback.
▪ At the end of the selection period for a particular position and in case the subject's candidacy is not selected and employment contract with the data subject not concluded, the Company shall delete CVs and other data sent by the candidates, unless the Company has obtained the consent of the candidate to process his/her personal data for a longer period in order to offer a job position. In such a case, the data of the data subject shall be automatically stored for half a year from the date of submission of the data. After the expiry of the specified period of processing and storage, the data will be destroyed by the data controller's responsible persons within 1 (one) calendar week. Longer storage of personal data may be carried out when the personal data is necessary in the event of a dispute/complaint or on other grounds provided for by law.
3.2.3. Administering of inquiries, comments, and complaints. For this purpose, the following data are processed:
✓ Name (s) and/or username (s), email address, telephone number, address, message (s), comment (s), feedback (s) or complaint (s), text of the message, comment (s), feedback (s) or complaint (s).
▪ Data on inquiries, comments, and complaints are stored for 1 calendar year from the date of their submission.
3.2.4. Provision of personal consultations, group training, video and audio e-training services, administration of the Emotika mobile application for the provision of these services. For this purpose, the following data are processed:
✓ Registration data in the mobile application: Name(s), surname(s), email address, password, invitation code.
Additional data for using the mobile application: messages sent and received, messages posted within the app, photo, video, audio of the mobile app user, number of user points collected, phone number, personal identifiers, other personal data. We also collect app activity data such as pages views and taps in the app and other user-generated content for purpose of app functionality and analytics.
Additional data for logging into the mobile application: Internet Protocol (IP) address of the device, name of the device, version of the operating system, configuration of the application when using the service, time when the data subject uses the service. We also collect app information and performance data including crash logs, diagnostics, and other app performance data for issue troubleshooting purposes.
Additional billing data for the services provided by the Company, processed in the context of the sale of the services provided by the Company in the mobile application: history of payments for services, product/service payment data, information on service modules selected;
▪ The data shall be processed for no longer than the purposes of the data processing require and shall be stored for no longer than the period specified in Order No. V-118 of the Chief Archivist of Lithuania of 4 July 2011 “On the approval of the rules of document management and accounting and other legal acts”.
3.2.5. Administration of Inside Clubs of the Company. For this purpose, the following data are processed:
✓ Registration details for the respective club: Name(s), surname(s), position, place of work, length of service in the relevant field of work (years), email address, telephone number, introduction, expectations of joining the relevant club.
▪ The data shall be stored no longer than is necessary for the purposes for which the personal data are processed.
3.2.6. For other purposes, in which the Company has the right to process personal data of the data subject when the data subject has expressed his consent, when the data is to be processed for the legitimate interests of the Company, or when the data are processed by the Company according to the requirements of the relevant legislation.
4.2. The following types of cookies may be used on the Company's website:
4.2.1. Technical (essential) cookies – help the website visitor to display the website and its content, to ensure the functionality of the website, to create an account, to log in to the account, and to manage and process orders. Technical cookies are essential for the proper functionality of the website and their use does not require the consent of the website visitor.
4.2.2. Functional cookies – are used to help the website visitor use the Company's website, to remember the choices and preferences made during the browsing process. Functional cookies are not necessary for the full functionality of the website, but they add functionality and improve your experience of using the Company's website.
4.2.3. Analytical cookies – are used to obtain information about how visitors use the Company's website. This is necessary to enable us to optimize and improve the Company's website. Analytical cookies allow us to collect data about the web pages you have viewed, the pages you came from, the emails you have opened and responded to, and to date and time information. This also means that we may use information about you and how you use this website, such as the frequency of your visit, the number of clicks on a particular page, the search terms used, etc.
4.2.4.Commercial (targeted, promotional, or advertising) cookies – used to deliver personalized advertising to a visitor to the Company's website. This is called remarketing, which is based on browsing actions, such as the products and/or services you have searched for, viewed.
4.3. Access to statistical data about visitors to the Company's website is available to the Company's employees who are responsible for analyzing this data and improving the website.
4.4. Technical records may also be accessed by the Company's partners who provide content management tools for the Company's website.
4.5. The Google Analytics tool is provided by Google Inc. in the United States and therefore also has access to the statistical data collected by the Google Analytics tool. Google Inc. is committed to the EU-US Privacy Shield Principles, which ensure that the service provider complies with all the requirements of the EU privacy standards. This provider is also subject to contractual privacy obligations. You can read about this by clicking on the link below:
4.6. The data collected by the Company through cookies is stored by the Company for no longer than is necessary to achieve the purposes of the processing or for no longer than is required by the data subjects and/or provided for by law.
4.7. More detailed information about cookies can be found at: AllAboutCookies.org.
· For Chrome browser: https://support.google.com/chrome/answer/95647?hl=en;
· For Safari browser: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac;
5. USE OF SOCIAL NETWORKS
5.1. Any information you provide via social media (including messages, use of the Like and Follow fields, and other communications) is controlled by the operator of the social network concerned.
5.6. We encourage you to read third-party privacy notices and contact service providers directly if you have any questions about how they use your personal data.
6. SENDING NEWSLETTERS
6.1. The Company uses the third-party services MailerLite and MailGun to send newsletters. The third parties MailerLite and MailGun only use the email address of the recipient of the newsletter for the successful sending of newsletters. MailerLite and MailGun's privacy policies can be found at the following addresses:
6.2. You may opt-out of receiving newsletters by replying to the email you receive or by contacting the Company directly by email and expressing your wish to stop receiving the Company's newsletters.
7. PAYMENT FOR SERVICES
7.2. Our website is protected by a security protocol that relies on a data encryption system certificate (SSL). The web address of such a shop contains the letter ‘s’: https://.
8. FORMS OF DISCLOSURE OF PERSONAL DATA
8.1. The Company undertakes to comply with the confidentiality obligation with respect to data subjects. Personal data may only be disclosed to third parties if it is necessary for the conclusion and drawing up of the contract for the benefit of the data subject or for other legitimate reasons.
8.2. The Company may submit personal data to its data processors, who provide services to the Company and process personal data on behalf of the Company. Data processors have the right to process personal data only in accordance with the instructions of the Company and only to the extent necessary for the proper fulfillment of obligations laid down in the Contract. The Company shall use such processors that provide reasonable assurance that appropriate technical and organizational measures will be implemented in such a way that the processing of data complies with the requirements of the Regulation and will ensure the proper protection of the data subject's rights.
8.3. The Company may also provide personal data in response to requests from courts or public authorities to the extent necessary to properly enforce existing legislation and instructions from public authorities.
8.4. The Company guarantees that personal data will not be sold or leased to third parties.
9. PROCESSING OF PERSONAL DATA OF MINORS
9.1. Persons under the age of 14 cannot provide any personal data through the Company's website. If a person who is under 14 years of age, in order to use the services of the Company, before submitting personal information it is compulsory to provide a written consent of one of the representatives (father, mother, guardian (s)) on the processing of the personal data.
10. PERSONAL DATA STORAGE TERM
10.1. The personal data collected by the Company are stored in printed documents and/or in the Company's information systems. Personal data is processed for no longer than necessary for the purpose of data processing or for no longer than required by data subjects and/or provided by law.
10.2. Although the data subject may terminate the contract and refuse from the Company's services, the Company continues to be obliged to keep the date of the data subject for possible future claims or legal claims until the expiration of the data storage periods.
11. RIGHTS OF DATA SUBJECT
11.1. The right to receive information on the processing of data.
11.2. Right to access the data processed.
11.3. The right to request the correction of data.
11.4. The right to request the deletion of data (“The right to be forgotten”). This right does not apply if the personal data requested to be deleted are also processed on other legal grounds, such as the processing necessary for the performance of the contract, or when the obligations according to the applicable law.
11.5. The right to restrict the data processing.
11.6. The right to disagree with data processing.
11.7. The right to data portability. The right to data portability may not adversely affect other rights and freedoms. The data subject has no rights to the portability of data in relation to personal data processed in a non-automatic weigh-ins systematized file, such as paper files.
11.8. The right to require that only automated data processing, including profiling, is applied.
11.9. The right to submit a complaint regarding the processing of personal data to the State Data Protection Inspectorate.
12. The Company must ensure the disability for the data subject to exercise the rights of the data subject specified in the Rules, except in cases established by law when it is necessary to guarantee state security or defense, public order, prevention, investigation, detection or prosecution of criminal offenses, important economic or financial interests of the state, prevention, investigation and detection of breaches of professional ethics, protection of the rights and freedoms of the data subject or other persons.
13. PROCEDURE FOR IMPLEMENTING THE DATA SUBJECT’S RIGHTS
13.1. The data subject, in connection with the implementation of his rights, may apply to the Company:
13.1.1.when submitting a written request in person, by post, via a representative or by electronic means – by e-mail: firstname.lastname@example.org;
13.1.2.orally – by phone: +370 698 29469;
13.1.3.in writing at the address: Miško g. 6A-3, Kaunas.
13.2. In order to protect against unauthorized disclosure of data, the Company must verify the identity of the data subject upon receipt of a data subject's request for the provision of data or the exercise of other rights.
13.3. The Company's answer to the data subject must be given not later than within one month from the date of receipt of the data subject's request, taking into account the specific circumstances of the processing of personal data. This period may be extended by two further months where necessary, taking into account the complexity and number of the requests.
14. DATA SUBJECT’S RESPONSIBILITY
14.1. The data subject must:
14.1.1. inform the Company about changes in the submitted information and data. It is important for the Company to have valid and effective information of the data subject;
14.1.2. to provide the necessary information so that at the request of the data subject the Company can identify the data subject and a certain that it communicates or co-operates with the specific data subject (to provide a personal identity document, or in accordance with the procedure laid down by legal acts or by electronic means of communication that allows the data subject to be properly identified). It is necessary for the protection of data of the data subject and other persons so that the disclosure of the data subject's information is restricted to the data subject, without prejudice to the rights of others.
15. FINAL PROVISIONS