Our aim is to provide you with detailed information on processing of your personal data irrespective of whether you communicate with us by way of personal meetings, electronically (e.g. mobile apps or websites) or in any other way you prefer. The present Policy applies to you, if your data are processed by Citybirds Sarl Lithuanian branch.
We care about the protection and privacy of your personal data.
Devote some of your time to look through the Policy and in case of any query, do not hesitate to contact us by email firstname.lastname@example.org.
Going forward there may be changes in our Policy, therefore, we encourage you to periodically review it.
Your personal data are processed in line with the General Data Protection Regulation (EU) 2016/679 (hereinafter the ‘GDPR’), Law on the Protection of Personal Data as well as other legislation.
Personal Data means any information relating to you which you yourself have provided or which we obtain from other sources and which enable to identify you. It may be your name, surname, personal ID number, contact information, information relating to agreements you have concluded with Citybirds Sarl Lithuania branch, etc.
Data Subject (you) means a natural person (customer, his or her representative) whose personal data we obtain and use further.
Citybirds Sarl Lithuanian branch (hereinafter – Citybirds) means a branch of the Switzerland company Citybirds Sarl.
For the purpose of this Policy, the terms used in the GDPR and other regulatory acts shall apply.
What is the data related to you that we collect?
We collect basic personal data, such as name, surname personal ID number, date of birth, telephone number, e-mail, address.
What are our purposes for collecting and using your personal data?
We collect and use your personal data that you provide to us yourself or that we obtain from other sources. We process your personal data with the following main purposes:
To be able to identify you and get in touch with you, we collect your name, surname, personal ID code, date of birth, address, telephone number, email and other contact data.
To provide you with a consultation and to assess your needs.
To be able to advice you, to render our services and goods to you and duly perform our contractual obligations and exercise the responsibilities required under relevant legislation, also in order to make sure your participation in loyalty programmes, we use data on contracts and other transactions you have concluded with us and information we receive when you use our services or buy from us goods.
To be able to control our daily transactions and protect our legitimate interests
To improve our services and goods quality.
To be able to send general type direct marketing offerings, we collect and use your name, surname, telephone communication number, electronic mail address. To provide direct marketing offerings (by phone, electronic mail, mobile apps) that answer your needs If you disagree that your personal data are used for the purpose of direct marketing, please inform us immediately about it.
To be able to communicate with us, among other things, to reply to your queries and requests regarding services or goods and to receive your feed-back.
What gives us the right to access and use your personal data?
We access and use your personal data, if any of the following applies:
- you intend to conclude or have concluded an agreement (order) with us;
- you have given your consent;
- processing of personal data is possible on the basis of legislative acts;
- for the purposes of our legitimate interests.
Where from do we get your personal data?
We use personal data, which you provide to us when you seek our services or goods and use them, when you fill out client forms in website, submit requests or etc.
To whom do we provide your personal data?
We provide your personal data in compliance with relevant legal requirements. Your data may be transmitted to:
- Switzerland company Citybirds Sarl and other group companies;
- banks and financial institutions;
- providers of payment and other services involved in the performance of a transaction executed with you;
- companies providing marketing, event organisation and related services;
- our professional advisers, accountants and auditors;
- courts, tribunals, arbiters or any other dispute settlement authorities.
We, for the purpose of processing of personal data referred to in the present Policy, may attract other service providers. We seek to ensure that service providers are complaint with the requirements of the GDPR, laws, the present Policy as well as other requirements of legal acts. The relationship between us, as a data controller, and a definite data processor, other than in cases where such relationship is provided by laws or any other legislation, is set in in written contract or in terms and conditions stated in writing.
Usually we process and store your personal data in the territory of the European Union or the European Union Economic Area (EU/EEA), however, we can transfer your personal data outside the EU / EEA, for instance, where it is necessary for the conclusion and performance of an agreement.
How long do we store your data?
We store your data no longer than it is required for the purposes for which they have been collected or for a period as provided by legislation.
What is the level of your personal information security?
We use various security ensuring technologies and procedures with the aim to protect your personal information from illegal access, usage or disclosure. Our suppliers are carefully selected, we require that they use appropriate measures that can secure your confidentiality and ensure your personal data security. Nevertheless, the security of information transfer via email or by mobile communication in some cases cannot be ensured for reasons not dependent on us, therefore you should take due case when providing confidential information to us by other than our electronic systems.
What are your rights?
You have the following rights:
- the right to request that we provide you access to your personal data;
- the right to request rectification of incorrect, inaccurate or incomplete data;
- the right to limit the processing of your personal data until, at your request, the lawfulness of your personal data processing is checked;
- the right to request erasure of personal data;
- the right to disagree with personal data processing for direct marketing purposes, including profiling, and when personal data are processed aiming at our legitimate interests;
- the right to request to transfer your personal data to another controller or provide directly in a format that is
- convenient for you (applicable to the personal data, which you have provided yourself and which are processed by automated means on consent basis or on agreement conclusion and performance basis);
- the right to withdraw your consent without any impact on the use of your personal data that was performed before the withdrawal of the consent;
- the right to lodge a complaint to the State Data Protection Inspectorate.
How will you exercise your rights?
We take every effort for the implementation of your rights and for answering any and all questions that arise to you regarding the present Policy and matters envisaged in it. You may lodge a request regarding the exercise of the above-indicated rights as well as any complaints, notices or requests (hereinafter the ‘Request’) to us by e-mail email@example.com.
We will reply to your Request within a period of not more than 30 (thirty) calendar days since the day of receipt of the Request. In exceptional circumstances, which require additional time, we will, by giving you a relevant notice,have the right to extend the deadline for the submission of the requested data or for the consideration of claims set out in the Request up to 60 (sixty) calendar days after the day of your referral.
We will refuse to satisfy your Request by giving a substantiated response in case any circumstances set out in the GDPR or other legislation are determined upon giving you a relevant written notice.
What are the personal data protection principles that we observe?
The principles we observe when collecting and using your personal data entrusted to us as well as personal data obtained from other sources are as follows:
- your personal data are processed in a legitimate, fair and transparent manner (the principle of legality, fairness and transparency);
- your personal data are collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes (principle of purpose limitation);
- your personal data are adequate, relevant and only such that are required in relation to the purposes for which they are processed (principle of data minimisation);
- processed personal data are accurate and, where necessary, kept up to date (principle of accuracy);
- your personal data are kept in a form which permits identification of data subjects for no longer than it is necessary in view of the purposes for which the data are processed (principle of retention limitation);
- your personal data are processed in such a way that application of relevant technical or organisational measures would ensure adequate personal data security, including protection from unauthorised data processing or unlawful data processing and from accidental loss, destruction or damage (integrity and confidentiality principle).
In the process of collecting and using your personal data entrusted to us as well as those obtained from other sources, we do undertake as follows:
- to process your personal data for explicit and legitimate purposes only;
- to refrain from processing your personal data for purposes other than those stated in the present Policy, unless otherwise laid down by relevant legislation;
- to process your personal data lawfully, accurately, in a transparent manner and so that accuracy, identity and security of the processed personal data is ensured;
- to ensure that superfluous personal data are not processed;
- to process your personal data no longer than it is necessary for the purposes for which personal data are processed;
- be responsible for the observance of the principles laid down in the present Policy and be able to prove their observance;
- to perform other duties arising from the legislation.
The present Policy shall take effect on 25 May 2018. It may be amended within the limits of changes in the legislation and in our activities. We will notify about changes at our website www.citybirds.lt.