PRIVACY POLICY
UAB “ENERGUS GROUP” (legal entity code 304419130, registered office address Savanorių pr. 176C, Vilnius) (hereinafter referred to as “Energus”, “We” or “Company”), aims to comply with all applicable laws and regulations relating to the protection of personal data in the country in which the Company operates.
In this privacy policy (hereinafter referred to as the “Policy”) you will find all the information relevant to you regarding the processing of your personal data, including, but not limited to, its collection, use, disclosure, and protection, which is processed by the Company on the website www.energus.com (the “Website”) during your visit to the Website and to support its functions, when using any of our services (“Services”), or when communicating with us in other ways, such as when you contact us on social networks, apply for job offers, and in other cases, as well as information on how you can exercise your rights in relation to the personal data processed about you.
This Policy does not constitute an agreement between Us and You regarding the processing of data. By agreeing to this Policy, you confirm that you have read and understood this Policy, including how and why we process your personal data.
The website may also contain links to third party websites. The Company does not endorse and accepts no responsibility for the content of third party websites or the resources contained therein. The Policy does not apply to any websites that are not affiliated with the Company, even if you access those websites by clicking on a link provided on this Website. You should read the privacy policy of the third party website before providing any information.
In the event that any user of this Policy is unclear or does not understand the provisions of this Policy or any of them, such person should seek to resolve the ambiguity and immediately contact us by e-mail. email: info@energus.lt. We do not provide this information over the phone.
This Policy has been prepared in accordance with:
2016 m. 27 April Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation”);
the Law on Legal Protection of Personal Data of the Republic of Lithuania;
other legislation governing the secure processing of personal data and the lawfulness of their processing.
COLLECTING/RECEIVING PERSONAL DATA.
We collect or receive your personal data in a number of different ways in the course of providing our Services. We set out below in this Policy how we collect different categories of personal data. Often you can choose what personal information you provide to us, but sometimes we need certain personal information from you in order to provide you with the Services.
Personal data that you provide to us. We collect personal data that you or a person acting on your behalf provide directly to us, such as personal data you provide when you contact us on social networks, communicate with us through third party social networks, apply to us for a job offer, or otherwise communicate with us.
When you provide personal data to contact us. If you contact us by phone, email or phone. by post, by mail, through third party social networks, we will collect any information relating to the communication and any additional information you provide to us in the course of that communication. We will use this information to review, investigate and respond to any enquiry you have made to us (to process and manage your enquiries, such as responding to your questions or comments, or sending you information). Please note that we protect our communications with you and may use them both in our communications with you and in the event of a dispute or (pre-)legal proceedings.
When you visit the Site We automatically collect information about you, including:
Device Information: we collect information about the computer or mobile device you use to access the Site, including the hardware model, operating system and version, unique device identifiers and mobile network information;
Website activity: we collect records of activity on the Website;
Location information: based on your device settings, we may collect information about your device’s geographical location;
Information collected by cookies and other tracking technologies: we use different technologies to collect information, including cookies and web beacons. You can find out more about the use of cookies and similar technologies in our Cookie Notice.
Personal data about your use of our Services. Most of your personal data referred to in the Policy is obtained directly from you or a person acting on your behalf (personally identifiable information: Name, surname, date of birth, identity document information, contact details, address, information about entities related to the Client, such as company name, legal entity number, authorisation, transaction-related information, and transaction-related information, such as information relating to the Client’s business activities, the Client’s employees or representatives, as well as personal data of other persons, If We process it in the course of providing the Services, which may also include special categories of personal data), however, We may also collect Your Personal Data from data storage media, CCTV cameras and other technical means created at Our request, and may obtain it from other sources, such as other Clients, social networks, publicly available sources, where necessary for the provision of the Services, or in the event of a dispute with the Client.
USE OF INFORMATION.
We lawfully process the data you provide for the following purposes::
for the purpose of entering into and performing the Services to which you are a party (to fulfil our contractual obligations), such as verifying your identity and carrying out checks that we are required to carry out by law; tailoring the Services we offer to you, including, without limitation, carrying out any eligibility assessments for the purpose of using the Services; providing, maintaining and improving the Services; and making the Services available to you;
for the purpose of issuing invoices for the Services;
investigate and manage your enquiries, judicial and pre-judicial disputes and proceedings and ensure compliance with court proceedings, judgments, litigation decisions, orders of the government or other law enforcement authorities;
monitor and analyse our business;
maintain administrative records relating to Our business;
develop and market other products and services
to collect statistical data on the pages of the Website;
innovate, transfer or assign any of the Company’s rights or obligations;
comply with Our regulatory and other legal obligations;
To protect our legitimate interests.
Therefore, when you visit the Website and/or use the Services, we process your personal data for the purposes described in this Policy. We rely on various legal grounds to process your personal data for these purposes. These legal bases include:
to fulfil our contractual obligations and provide you with the Services;
Your consent (i.e. you have consented to the processing of your personal data), which you can withdraw at any time.
We generally rely on your consent (which can be withdrawn at any time), such as when you visit the Website or if you provide us with personal data that is not necessary (required by us).
seeking to assert, enforce or defend legal claims (i.e. to comply with a legal obligation, a judgment, or to enforce or defend any threatened or pending legal claim);
The legitimate interests of the company or a third party.
When we process your personal data on the basis of our legitimate interests, we do so as follows:
Service delivery and improvement. We process your personal data to improve and customize our Services. This is also necessary to pursue our legitimate interests in understanding how our Services are used, to allow Us to pursue our legitimate interests in improving our Services, their effectiveness, and interest in our Services. As a core part of our Services, we have a legitimate interest in analysing your on-site experience to help you search for and discover relevant Services;
Site customisation: we learn about the types of Services you are interested in from the personal information you provide and your browsing habits on the Site. We use this information to offer you possible Services. As a core part of our Services, we have a legitimate interest in analysing your experience of using the Website to help you search for and discover relevant Services;
Service Providers:We may also engage third party companies and individuals to assist Us in operating the Site or managing and providing the Services. These third parties would then only have limited access to your personal data, would only be able to use your personal data for these tasks on our behalf, and would be under an obligation not to disclose or use your personal data for any other purpose. In some other cases, these service providers are not necessary, for example, to enable us to provide the Services, but help us to improve them. In these cases, we have a legitimate interest in cooperating with service providers to improve the quality of our Services and/or Website.
YOUR RIGHTS AND HOW TO EXERCISE THEM.
You have certain rights under the legal framework in relation to the processing of your personal data. You have the right to contact us regarding questions related to the processing of your personal data, e.g. y. you have the following rights:
to know (be informed) about the processing of your personal data;
to have access to your personal data and how they are processed;
require the rectification or, taking into account the purposes of the processing of the personal data, the completion of incomplete personal data relating to the individual;
require the erasure of personal data relating to the individual;
You have the right to request the erasure of your personal data, except for personal data that we are required to retain by law or to protect the security and integrity of the Company.
require us to restrict the processing of your personal data;
receive the personal data relating to you that you have provided to us in a structured, commonly used and computer-readable format and/or transfer it to another controller;
to object to the processing of personal data relating to an individual where such processing is carried out in the public interest or the processing is necessary for the pursuit of our legitimate interests or those of a third party, where the interests of the individual are not overriding;
We note in this paragraph that if we process your personal data on the basis of legitimate interests or public interest, you may object to such processing in certain cases. In such cases, we will stop processing your personal data unless we have compelling legitimate grounds to continue processing such personal data or where necessary for legal reasons.
in the event that we process your personal data on the basis of your consent, you may choose to withdraw the consent you have given to us by using the specific features of the Website or the links provided to withdraw your consent;
please be informed that if you disagree with our decision adopted in relation to your request concerning the exercise of your rights, you have the right to lodge a complaint with the supervisory authority – the State Data Protection Inspectorate of the Republic of Lithuania, legal entity code 188607912, website www.ada.lt. Above all, we aim to resolve all disputes with you in a prompt and amicable manner.
Please also note that the above rights may be subject to limitations. This means that in certain circumstances we may not grant your request, or we may grant it only in part.
Procedure for requesting the exercise of rights
To exercise your rights, please submit to Mums in the official (Lithuanian) language, legible and signed by you:
Form for requesting information on the processing of personal data [forma] .
Form for requesting access to personal data [forma] .
Personal data rectification request form [forma] .
Form for requesting erasure of personal data [forma] .
Form for requesting restriction of processing of personal data [forma] .
Request for transfer of personal data form [forma] .
Form for objecting to the processing of personal data [forma] .
or
Submit your application in person at the Company’s office, by post or electronically. in person at the Company’s registered office or by registered mail to the Company’s registered office address, or electronically to the email address info@energus.lt.
You can only exercise your rights if you give Us the opportunity to verify your identity. You confirm your identity in one of the following ways:
If you apply directly, please provide proof of identity. In this case, we keep a copy of the identity document.
If the application is submitted by registered mail, please submit a copy of the identity document certified by a notary public or the equivalent of a notarial certificate with the application.
If the request is made electronically, please make the request in such a way that we can identify the electronic signature and the person making the request.
Your representative who submits the application or the representative who applies to us on behalf of your person must also submit a document confirming the representation in accordance with the procedure established by the legislation of the Republic of Lithuania.
The electronic request must be presented in such a way that the format and content of the electronic document can be recognised and can be opened and processed by the electronic document management system or by any other means of information technology used by us.
Procedure for submitting a reply to a request for the exercise of rights
We will respond to your request for the exercise of your rights no later than 30 (thirty) days from the date of your request. If you clarify (supplement) your application or formulate a substantially new application during the examination of the application, the time limit for the examination will start to run from the date of receipt of the clarified (supplemented) application. The deadline may be extended for a further period of 2 (two) months, depending on the complexity and number of requests. In this case, we will inform you within 30 (thirty) days of receipt of the request, together with the reasons for the delay.
Decisions on the exercise or refusal to exercise your rights in the Company shall be made by the Company’s Manager, unless the decision on this matter is delegated to another authorised employee.
All actions and information requested by you to enforce your rights are free of charge.
The information you request to exercise your rights is in the national language (Lithuanian).
DISCLOSURE OF PERSONAL DATA. RECIPIENTS OF DATA.
We guarantee that your personal data will not be sold, provided or otherwise transferred to third parties without your consent or used for purposes other than those specified in this Policy (i.e. other than those for which they were collected). We will not transfer your personal data in any way other than in accordance with this Policy or applicable law. However, We reserve the right to disclose information about you if We are required to do so by law or if We are required to do so by lawful law enforcement authorities or prosecuting authorities, such as for example, to disclose your personal data in response to lawful requests by public authorities; to protect or enforce our rights; or to defend ourselves against threatened or actual legal claims; to comply with a court order or other legal process; where we have a good faith belief that such disclosure is reasonably necessary to comply with the law, to prevent imminent harm or financial loss, or to investigate, prevent, prevent, or take action against illegal activities, suspected fraud, threats to our rights or property, or violations of our rights or use of the Website; and may also be necessary in the public interest (e.g., to prevent crime or fraud).
If you instruct Us to share your personal data with a third party, We may do so. For example, you can authorise third parties to act on your behalf (for example, a lawyer, an accountant, or a family member or guardian under a power of attorney). However, in this case, we may ask for evidence that the third party has been lawfully authorised to act on your behalf.
Please note that your personal data will not be transferred outside the European Union.
SECURITY OF PERSONAL DATA.
The security of your personal data is important to us. In order to protect your personal data in our possession from loss, damage, unauthorised disclosure or the like, we use security measures that are continuously improved in line with technological change.
At the Company, we restrict access to your personal data and therefore only authorised Company employees can process it, i.e. only those who need access to your personal data to perform their job functions. Among other things, the Company’s employees have signed confidentiality undertakings to handle information only to the extent necessary to perform the functions set out in the job description, to comply with the established information security requirements and with the provisions of other legislation governing the secure handling of information, to protect the secrecy of information and to ensure that information is not disclosed, transferred or otherwise made available to persons not authorised to handle it. Among other things, we pay close attention to raising the data security awareness of such employees, which is why we organise timely training on personal data protection and, where necessary, provide various guidance on data security issues, etc.
The Company has designated data security officers:
in implementing the provisions of the General Data Protection Regulation, the Company has engaged third parties to monitor compliance with the provisions of the General Data Protection Regulation, to provide opinions, to advise on data security issues and to carry out other functions specified in the General Data Protection Regulation;
The Company has a 7×24 Personal Data Breach Response Team that responds promptly, efficiently and competently to all personal data breaches affecting the Company and/or Data Subjects, including you;
in implementing the requirements of the legislation governing the personal data protection policy, the Company has engaged third parties to coordinate the implementation of the personal data protection policy, to review the compliance of the policy with the requirements of external laws and regulations, to review the effectiveness of the implementation of the protection of the personal data of the data subjects in the Company’s business processes, to maintain records of the personal data activities, and to perform other functions as prescribed by the legislation.
RETENTION PERIODS FOR PERSONAL DATA.
We will retain your personal data for as long as necessary to achieve the purposes set out in this Policy (i.e. for which we collected your personal data) or for other legitimate purposes, including to comply with our legal obligations (e.g. if we are required to retain your personal data to comply with applicable law), to fulfil our contractual obligations to you. In other words, the period for which we will retain your personal data may vary depending on the purposes for which the personal data was collected and the applicable legal requirements:
Data relating to the provision of the Services:
Information about the Client, the person acting on behalf of the Client and the transaction shall be retained for at least one year from the end of the contractual relationship with the Client, unless a competent authority has imposed a longer retention period for the information received on the basis of applicable law;
Transaction details and invoicing information shall be kept for a maximum of 10 years after the transaction.
Security data shall be kept for a maximum of 1 month after the collection of the relevant data;
Data collected by cookies: see. Our Cookie Policy.
We aim not to store outdated, irrelevant personal data, so only relevant information is stored when it is updated. Historical information is kept where required by applicable law (statutory) or for the purposes of Our business.
POLICY CHANGES.
We may add to or otherwise change this Policy from time to time. In the event that this Policy is supplemented or otherwise amended, an updated version of this Policy, indicating the date of the last update, will be posted on this Site so that visitors and/or registered members of the Site can always easily locate and consult it. We also note that if we consider that additions or other changes to the Policy are significant, we will notify you by posting an update to the Policy on the Site before the updated version of the Policy becomes effective. We encourage you to check back regularly for any updates to the Policy.
Last updated at [nurodyti].