We, UAB Privacy Partners, are a legal entity that provides data privacy, consulting and information security services to other legal entities. Being engaged in “business to business” interactions, we do not collect personal data from natural persons directly and in daily conduct of our business we believe in data minimization and implement it. However, in our operations we do rely on some personal data.

This Privacy Policy document describes what personal data we collect, how we use it, when we disclose it and how you can control use and disclosure of your data.

Speaking in the EU General Data Protection Regulation terms we are a controller and in order:

• To provide our services to our customers who are companies as a rule, we may process the name, e-mail address and telephone number of their employees who act as their contact persons for us;
• To perform the employer’s responsibilities we process names, telephone numbers, e-mail addresses, home addresses and bank account numbers of our employees;
• To meet our contractual obligations to our subcontractors who often are natural persons we process their names, telephone numbers, e-mail addresses, business domicile addresses and bank account numbers
• To ensure the best browsing experience on our webpage, we use only essential/necessary cookies that keep your browsing session stabile and uninterrupted.

We do not collect, store, process or transfer any categories of your special data such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. In case of any accidental disclosure of such information to us, we would take immediate action to get it deleted from our records of any form.

Personal data that we process we have obtained:

• directly from our employees or our subcontractors;
• in business communication with our customers, partners and subcontractors when they forward the contact details of their employees to us;
• during the browsing sessions of our website.

At any times we keep as much personal data as it is needed for our core business operations.

• Personal data of our employees is processed for administration of the employment relations. We store it in documents, such as employment contracts, and in electronic systems used for payroll accounting and reporting.
• Personal data of our customers’ and subcontractors’ representatives are used in electronic communication, banking transactions and customer database management which is necessary to ensure our core business operations. Some personal data is stored in printed contracts that we have signed with parties that we do business with.
• Personal information collected by cookies at our webpage is not processed or used in any other way than ensuring a better presentation of the content of our website. This type of personal information is stored on a server that runs our webpage

As part of our core business activities we may share your personal data with the selected third-parties. For example, we do share personal data of our employees and of some customers and subcontractors with a third-party accountant and some other services providers. In those interactions we have taken steps that were in our control to ensure that the third parties that process personal data on our behalf do take appropriate physical, technical and organizational measures to keep your personal data adequately protected.

We also might disclose your personal data to competent law enforcement and judicial institutions, regulatory authorities, government agencies or other third parties in order:

• to comply with legal obligations,
• to detect and protect against fraud, or any technical or security vulnerabilities;
• to respond to an emergency; or
• to protect the rights, property, safety or vital interests of our customers, visitors of our website or any other person or the public in general.

Part of the personal data that we collect is kept in documents and stored in our office in Vilnius, Lithuania. We also keep your personal data in electronic format and store in our computers and telephones. As users of cloud computing services, we store your data on servers of third-party services providers who have committed to keeping the data in the EU and to adopting appropriate data security measures.

We will keep your personal data for as long as we have a legitimate business need to do so. When we have no ongoing legitimate business need to process your personal data, we will stop any processing activities and will immediately delete your personal data. If complete deletion right away is not possible, for example, because your personal data is stored on a backup server, we will abstain from any further processing of the data and securely store it until deletion is possible.

We will also follow applicable regulations or laws on retaining contracts, documents and other information for taxation and accounting purposes and store them as long as it is required by the law.

Your information collected by cookies of our website is stored for the duration of your browsing session and gets deleted automatically right after you close our webpage.

We believe that in the way we process your personal data we do respect your rights as a data subject. Given the sources and processing methods of your personal data, we acknowledge that you are entitled to exercise the following of your rights at any point by sending an email to [email protected] or submitting a request through the “Contact” form on our website:

• The right to be informed. You have the right to be provided a clear and easily understandable statement about how we use your personal data and what are your rights.
• The right to access and rectification. You have the right to access, correct or update your personal data at any time.
• The right to data portability. Some of your personal data that we process might be portable. This means it can be moved, copied or transmitted electronically under certain circumstances.
• The right to be forgotten. Under certain circumstances, you have right to request that we delete your data. If the personal data we process is no longer needed for any purposes and we are not required by law to retain it, we will do our best to delete, destroy or permanently de-identify it.
• The right to restrict processing. Under certain circumstances, other than back-up storage or retention by law, you have the right to restrict the processing of your personal data.
• The right to submit a complaint to the State Data Protection Inspectorate about how we process your personal data.