2. The Joint-stock company Vilnius Locomotive Repair Depot (hereinafter – the company) processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and the Council of 27th of April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data which repeals Directive 95/46/EC (General Data Protection Regulation) (hereinafter –Regulation (EU) 2016/679), and in accordance with the Law on Legal Protection of Personal Data of the Republic of Lithuania (hereinafter – the Law on Legal Protection of Personal Data).
3. Personal data – any information relating to an identified or identifiable natural person (data subject), first of all, according to identifier, for instance, name and surname, personal identification number, location data and online identifier or according to one or more factors specific to the physical, physiological, genetic, psychological, mental, economic, cultural and social identity of that natural person.
4. Recipient – a natural or legal person, public authority, agency or any other body to which the personal data are disclosed, whether it is a third party or not.
5. Data subject – a natural person – a user of the website whose personal data are processed.
6. Data processing – any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, familiarization, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination with other data, restriction, erasure or destruction.
7. Data processor – a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the company.
8. Data controller – the Joint-stock company Vilnius Locomotive Repair Depot, legal entity code 126280418, Švitrigailos St. 39, Vilnius, phone: (8 5) 269 2035, e-mail: [email protected], [email protected]
9. Cookie – a small piece of data which is automatically created by browsing a website and stored on the computer or another terminal equipment.
PROCESSED PERSONAL DATA, PURPOSES OF THEIR PROCESSING AND WAYS OF RETRIEVAL
11. The company processes the following personal data of the website users:
11.1. automatically collected from computers and (or) mobile devices of the website users with the help of cookies and other similar technologies:
11.1.1. the time and duration of access to the website;
11.1.2. IP address;
11.1.3. used browser;
11.1.4. the type and parameters of the used device.
11.2. submitted by a user of the website when contacting the company with a request, suggestion or a complaint:
11.2.1. name and surname;
11.2.2. e-mail address;
11.2.3. telephone number.
12.1. to deal with personal requests, suggestions and complaints;
12.2. to ensure effective and safe functioning of the website, to make it more convenient.
13. The company retrieves personal data of the website users in the following ways:
13.1. automatically by using the website (these personal data are retrieved from cookies and other similar technologies);
13.2. directly from a user of the website, for instance, when contacting the company with a request, review, complaint.
LEGAL GROUNDS FOR PERSONAL DATA PROCESSING
14.1. implementing its legitimate interests (to deal with and respond to the requests, complaints or suggestions, etc. of the website users);
14.2. following the requirements of legal acts.
PROTECTION OF PERSONAL DATA AND TIME LIMITS FOR THE STORAGE
15. The company shall protect personal data from loss, unauthorized access and alterations. The company shall implement physical and technical measures in order to protect all collected information. It is recalled that no website, online operation, computer system or wireless connection is completely safe though we implement proper actions to protect your information.
17. The company shall store your data for the period of 3 years from the last day the data subject used our services or content. At the end of this period the data shall be erased so that they would not be restored.
SUBMISSION OF PERSONAL DATA
18.1. data processors (providers of informational technologies services, companies performing the analysis of online browsing and online activities, and similar);
18.2. courts, pre-trial investigation bodies, state or municipal institutions that have the right to receive personal data according to legal acts or when the company provides personal data to these subjects in order to protect its legitimate interests.
19. If a need to provide personal data of the website users to third parties or international organizations existing outside EEA territory arose, the company shall take all possible measures to ensure the safety of transferred personal data and shall perform the transfer of data in accordance with:
19.1. The European Commission’s decision on adequacy which indicates that the European Commission has recognized the state, where the third party is established and (or) operates, as ensuring the adequate level of personal data protection; or
19.2. and agreement signed with the third party and based on standard contractual clauses approved by the European Commission; or
19.3. authorization received from the State Data Protection Inspectorate;
19.4. other available personal data protection measures and derogations, when possible.
RIGHTS OF DATA SUBJECTS
20. The company, in accordance with Regulation (EU) 2016/679, provides the following rights to the website users (data subjects):
20.1. to receive information on personal data that we process, whence and how personal data are collected and the basis on which the company processes them;
20.2. to contact the company with the request to correct their personal data, terminate their processing, withdraw the consent to collect and process their personal data provided to the company (if such consent was given), destroy the data if they were incorrect, incomplete inaccurate, or they are no longer necessary for the purposes of collection. In such case, the data subject shall submit a request upon which the company shall verify the provided information and shall take all necessary actions;
20.3. to contact the company with the request to destroy personal data or terminate the processing of such personal data, disagree with the processing of personal data when these data are processed or intended to be processed for the purposes specified above or on the basis of legitimate interest pursued by the company or a third party to which personal data are provided;
20.4. to request to transfer their personal data;
20.5. the right to submit a complaint to the State Data Protection Inspectorate (e-mail: [email protected]).
COOKIES USED AND THEIR REFUSAL
22. In order to ensure effective and safe functioning of the website, make it more convenient, the company uses the following cookies:
|PHPSESSID||1 year||Protects session data|
|pll_language||1 year||Remembers the user’s language selection|
|pll_language||1 year||Remembers the user’s language selection|
24. The deactivation of cookies may affect the browsing speed or some functionalities of the browser.
25. The user of the website may learn about the management of cookies at http://www.allaboutcookies.org/manage-cookies/.
26.1. The company’s employee responsible for the protection of data at Puškino St. 1, Radviliškis, phone: 8 614 60987, e-mail: [email protected];
26.2. The company at Švitrigailos St. 39, Vilnius, phone: (8 5) 269 2035, e-mail: [email protected]
27. All information which is provided by the data subject to the company through social media (including messages, use of Like and Follow fields, and other communication means), is managed by the controller of the social network.
28. The website contains links to the company’s accounts on social networks. Currently, the company maintains the following accounts:
28.1. on Facebook the privacy notice of which is available at https://www.facebook.com/privacy/explanation;
28.2. on LinkedIn the privacy notice of which is available at https://www.linkedin.com/legal/privacy-policy.
29. The company recommends reading privacy notices of third parties and contacting providers of services directly if the data subject has any questions regarding the use of his/her personal data.