Privacy Policy
1. INTRODUCTION
This Privacy Policy (hereinafter referred to as the Policy) provides information as to which personal data is processed by the UAB “Energy ON” Company (hereinafter referred to as Company) on the basis of the Personal Data Protection Laws, what cookies are used on its corporate websites. It also describes the fundamental rights of the Data Subject as enforced by data protection laws.
Company contacts:
Name: UAB Energy ON
Company code: 306145361
Registered office address: Betygalos g. 6, LT-47183, Kaunas, Lithuania
Tel.: +370 661 70010
E-mail: info@energy-on.lt
The objective of the Privacy Policy – to inform about the Data Subject’s privacy protection ensured by the Company, to explain how the Company protects the Data Subject’s data and helps to understand how and to which Data Subject data is processed, what are the rights of the Data Subject and the ways in which they are implemented.
2. TERMS
-
Privacy Policy > This Privacy Policy is made public on this website.
-
Personal Data > Any information relating to a natural person – a data subject known or identifiable directly or indirectly by reference to such data as a personal code, one or more physical, physiological, psychological, economic, cultural or social characteristics of a person.
-
Data Subject > A person whose Personal Data is processed for specified purposes and means. The Data Subject is also a natural person associated with the Company’s customer and/or shareholder – a legal entity, e.g. the manager, shareholder of this legal entity, etc.
-
GDPR > Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC.
-
Data Processing > Any operation or sequence of operations performed by automated or non-automated means with Personal Data or Personal Data, such as collection, recording, sorting, organization, storage, adaptation or modification, extraction, access, usage, disclosure, transfer, distribution, or otherwise making data available to be used, as well as comparison or connection with other data, restriction, erasure or destruction.
-
Data Processor > A natural or legal person who processes personal data on behalf of the data controller or at its request.
-
Data Controller > A company that defines the purposes and means of data processing.
-
Cookies > Small text files with unique identification numbers, which are transferred from www.energy-on.lt (hereafter referred to as the Website) to the user’s computer. Cookies can be used to identify a user by storing website settings as server-side session identifiers, or otherwise if this is possible by storing text data.
-
Web Beacons > Short paragraphs of the code that are embedded in websites or e-mails.
3. PRINCIPLES FOR SECURE PROCESSING OF PERSONAL DATA
-
Principle of legality, honesty and transparency > Personal data is processed lawfully, honestly and transparently.
-
Purpose limitation principle > Personal data is collected for specified, clearly defined and legitimate purposes and not processed in a way incompatible with these purposes.
-
Data quantity reduction principle > Personal data is adequate, appropriate and only necessary for the purposes for which it is processed.
-
Precision principle > Personal data shall be kept in such a form that the identity of the data subjects can be determined for no longer than is necessary for the purposes for which they are processed.
-
Principle of limiting the term of storage > Personal data shall be kept in such a form that the identity of the data subjects can be determined for no longer than is necessary for the purposes for which the Personal Data is processed.
-
Principle of integrity and confidentiality > Personal Data is processed in such a way that appropriate technical or organizational measures ensure the proper security of Personal Data, including protection against unauthorized processing or processing of unauthorized data and accidental loss, destruction or damage.
-
Reporting principle > The Data Controller is responsible for complying with the principles related to the processing of Personal Data and must be able to demonstrate compliance with it.
4. METHODS OF OBTAINING PERSONAL DATA
Personal Data is processed after obtaining it in the following ways:
-
When you submit it to us. You provide us with your Personal Data by sending us your CV, cover letters, by applying for our job advertisements on job search portals, by communicating with us by telephone, e-mail, during meetings, by providing data through social networks, by filling in the request forms, provided on our website, the data is submitted before the conclusion of the contract and during the performance of the contract, etc.
-
In some cases, we can receive information about you (as a natural person or representatives of your company, employees, etc.) from publicly available sources, e.g. your company’s website (employees, lists of representatives), public announcements, etc.
-
When we receive data automatically. For example, you arrive to the territory and/or premises we monitor in our cameras (in which case we automatically receive your image, car number, etc.). When you use websites managed by us, certain information (such as the internet address (IP), the device used, the web browser used, the number of visits, the viewing of our website pages, the time spent on the website, etc.) is also automatically collected.
-
We may also receive your Personal Data from third parties, e.g. your former or existing employer or person represented by you (Personal Data from a former or existing employer as a candidate for a job is collected in the cases specified in this Policy, data is also obtained from our customer, partner, in the performance of mutual orders, contracts, etc.).
-
When your Personal Data is received from other sources (e.g. registers) for legitimate purposes in the manner prescribed by law.
5. LEGAL BASIS AND OBJECTIVES FOR THE PROCESSING OF PERSONAL DATA
The basis for the processing of Personal Data by Company may be the performance of a concluded contract or the intention to conclude a contract, the consent of the Data Subject to process its personal data for a specific purpose, as well as the performance of the applicable statutory obligations. The Company may also process Personal Data in accordance with the concept of legitimate interest (for example, protection of the property of the Company and individuals).
In accordance with the scope and under the applicable legislation, one or more of the above legal bases may apply to the processing of the same Personal Data.
The Company may process Personal Data for the following purposes:
-
The provision of services, product sales and other activities of the Company, i.e. for the purpose of selling products or services to you (or your employer, representative), as well as purchasing goods/products from you (or your employer, representative) or ordering services.
-
For the purpose of screening candidates for the position of an employee.
-
For the purposes of the internal administration and performance of an employment contract. To the extent permitted, as well as required by law, we process Personal Data of employees. The rules for the processing of Personal Data are regulated in detail by the Personal Data Processing Policy approved by the Company.
-
For the purposes of securing the Company’s legitimate interests and assets, the Data Subjects and the security of their assets.
-
Where appropriate, we may process your Personal Data in order to secure our legitimate interest in a legal or other dispute.
-
For direct marketing purposes. Upon receipt of the Data Subject’s consent, we offer our products and services, and improve them.
-
To answer queries.
6. PROCESSED PERSONAL DATA
-
For the purpose of sale of products, provision of services, conclusion and performance of a contract, we collect information about persons, suppliers, customers, potential suppliers and customers, other interested parties, as well as data about contacts with legal entities, such as the legal person’s manager, shareholder, member of the board or other management body, the beneficiary and similar data (necessary for the purpose of carrying out the transaction on behalf of the legal entity). This data may include the name, surname, personal identification number, date of birth, e-mail address, telephone number and other information necessary for the maintenance of pre-contractual relationships, the conclusion and execution of a contract. Personal Data necessary for connection and communication in pre-contractual relationships are processed on the basis of the Company’s legitimate interest, i.e. this data is necessary for the development and execution of the Company’s business. Data collected during the pre-contractual relationship will be stored for 3 years from the last contact with a potential customer or supplier. Data and documents processed for the purpose of concluding and executing a contract are retained for a period of 10 years after the termination of the contractual relationship, unless a longer period is specified by law for the purpose of archiving.
-
For the purpose of selection of candidates for employment, we collect the candidate’s Personal Data, i.e. first name, last name, address, e-mail address, telephone number, information on work experience, diplomas, checks on relevant records, information on professional interests, motivation letter and CV. The Company may collect candidate Personal Data relating to qualifications, professional skills and business qualities, the Company may collect from a former employer after informing the candidate, and from the existing employer only with the consent of the candidate. This information is used to help us decide whether to offer a job to a person. Please be informed that by submitting the specified data, you confirm that you agree and do not oppose the purposes for which the data is processed by the Company during the selection of employees. In order to retain your Personal Data after the selection (in order to re-submit the job offer), we will inform you and, without having received an objection to the processing of your Personal Data for the stated purpose, we will store it for no longer than 1 year after the completion of the appropriate screening. If you do not agree to the further processing of the data, Personal Data is immediately deleted.
-
For the purposes of internal administration and enforcement, we process Personal Data of employees. The rules for the processing of Personal Data of employees are regulated in detail by the Company’s approved Personal Data Processing Policy.
-
For the purpose of safeguarding the interests and assets of the Company, the Data Subjects and the security of their assets, we collect data such as a personal image, car number, etc. This data is processed for no longer than 15 – 30 days from the receipt of data, except when we are obliged to provide this data to the state authorities in compliance with the requirements of the legislation (due to such circumstances the processing time may be extended).
-
For the purpose of protecting the legitimate interests (in the event of a legal or other dispute), we collect the data that was provided to us, regardless of the primary purpose or basis of the processing of such data. If there is a legal or other dispute between you and us, or there is a likelihood of such a dispute in the future, we will keep your data longer, i.e. until the due date for the limitation period of the relevant complaint, claim or request and/or the final incontestable decision becomes final.
-
We collect contact details for direct marketing purposes, i.e. name, surname, telephone number, e-mail address, position, company in which the person works, etc. We will process this data for no longer than 3 years from the date of the consent for the processing of data for direct marketing purposes.
-
In order to respond to queries submitted to the Company, we process the content of your query, i.e. your application, request or feedback, other information provided in the query. Data can be processed to keep communications with you when you submit requests, complaints, feedback, etc. We process your request, letter, or other query, as well as the data provided and related to it, until we examine your request, provide a response and execute the relevant requests, as well as an additional 1 year after completing the relevant request.
7. DATA TRANSFER TO THIRD PARTIES
Personal Data may be disclosed to other parties if it is necessary for the conclusion of the contract or for the performance of the contract with the customer, or for other legitimate reasons. Information may also be provided to other parties upon your request.
We may also provide your data to data processors who provide services to us (perform work) and process your data on behalf of our Company as a Data Controller. Data Processors have the right to process Personal Data only in accordance with our instructions and only to the extent necessary for the proper performance of the contractual obligations.
Data may also be passed on to other parties when required by law or when it is necessary to protect our legitimate interests.
8. RIGHTS OF THE DATA SUBJECT
The Data Subject has the right:
-
Right to know about the processing of Personal Data and access to processed Personal Data. The Company, upon receiving a personal request for the processing of its Personal Data, is responsible for the processing of Personal Data related to it and provides the requested data. Such data must be provided in writing at the request of a person.
-
Right to request the correction of Personal Data. The Data Subject, having become aware of its Personal Data, and having determined that its Personal Data is incorrect, incomplete or inaccurate, has the right to apply to the Company for rectification of such data.
-
Right to request deletion of Personal Data. The request is executed under certain circumstances provided by the GDPR (when the Personal Data was processed illegally, the basis for the processing of the data is gone, etc.).
-
Right to restrict the processing of Personal Data. In certain cases specified in the GDPR (during the period during which the Data Subject’s request for data accuracy or the processing is being examined, etc.), the Data Subject has the right to request that the Company restricts the processing of the Personal Data of the Data Subject, except for storage (right to restrict the processing of Personal Data) .
-
Right to data portability. The Data Subject has the right to request, if technically feasible, to forward Personal Data collected on the basis of consent or contract performance in a readable format to it or to request that it is forwarded to another data controller. The Data Subject has no rights to data portability in the case of personal data processed in manually-structured files.
In cases where the Data Subject’s Personal Data is processed by the Company on the basis of its consent, the Data Subject has the right at any time to revoke its consent, and the processing of this consent-based data will be immediately terminated. Revoking of consent does not invalidate the lawfulness of the processing of the Data Subject data that was carried out before revoking of such consent.
The Data Subject is also entitled to file a complaint regarding the processing of Personal Data to the State Data Protection Inspectorate (address – A. Juozapavičiaus St. 6, 09310 Vilnius, website address – www.ada.lt) if the Data Subject considers that its Personal Data is being processed in violation of its rights and legitimate interests in accordance with applicable law.
In order to respond to and resolve issues related to the application of GDPR as soon as possible, we kindly ask you to contact the Company first.
9. PROCEDURE FOR PROCESSING REQUESTS
A request for the exercise of the specified rights shall be submitted by the Data Subject to the controller of the Personal Data, i.e. to the Company (UAB Energy ON).
You can provide us with the requirements related to the realization of your rights in person by coming to the Company, by post or by electronic means (e-mail: info@energy-on.lt). Upon receipt of your request, we may ask you to provide proof of identity, as well as any additional information required by us for the request.
Upon receipt of your request, we will respond to you within 30 calendar days of receipt of your request and of the date of submission of all necessary documents for submission of a response.
If we consider it necessary, we will stop processing your data, except storage, until your request is resolved. If you have legally waived the given consent, we will immediately, but not later than 30 calendar days, terminate your personal data processing activities, except in cases stipulated by law, i.e. when we are obliged to continue to process your data by the legislation in force, when we are subject to legal obligations, court decisions or binding instructions from the authorities.
By refusing to comply with your request, we will clearly indicate the grounds for such refusal.
10. COOKIES
Purpose of use
Website uses Cookies and Web Beacons to give the user a more complete and personalized experience using the Website. These technologies make it easier to understand user behavior and to facilitate the evaluation of service, advertising and search engine effectiveness, and to analyze trends and improve the quality of service provided.
When you visit the Website for the first time, a banner appears at the top of the screen, warning users that the Website uses the Cookies specified in this Privacy Policy. The banner will ask you if you want more information and provide a link to this Privacy Policy. If you choose to ignore the warning and continue to use the Website, we will place the Cookie on your computer by capturing this selection and your continued browsing on the website will be deemed to be consent for the use of the Cookies. If you visit the website in the future, the Cookie warning no longer appears on your screen, but the option to refuse cookies always exists through the browser settings here.
-
Google Analytics > _ga > Used to collect statistical information about the Website’s traffic > 2 years
-
Google Analytics > _gat > Used to restrict referrals to doublevkick.net > 1 minute
-
Google Analytics > _gid > Used to collect statistical information > 24 hours
-
TV system session identifier > october_session > Used as the content management system session identifier> Until the end of the Website window closure
Managing cookie settings
You can control cookies through the browser settings that you use, choosing which Cookies you want to accept and delete. You can refuse cookies at any time by deleting Cookies from your browser in which they are installed. The location of the Cookie management depends on the browser you are using. To learn more about how to manage or remove Cookies installed in your browser, visit the website of your browser or look through the brief guide for the most popular browsers here: Chrome; Mozilla, Edge; Safari; Opera.
You can also cancel your consent at any time for the use of Cookies by submitting us an e-mail request at info@energy-on.lt. By cancelling your consent for using Cookies, you must also delete Cookies installed in your browser.
11. POLICY VALIDITY AND CHANGES
Privacy Policy came into force on 25/05/2018.
We may update or amend this Privacy Policy at any time. Such updated or amended Privacy Policy will take effect from the date it is published on our Website.
If you join the Website after such update/amendment, you agree to the new requirements specified in the update. The update date shown at the bottom of the Privacy Policy shows the date when the Privacy Policy was last updated.
To improve your browsing experience on this website, we use cookies. By clicking on the “I Accept” button or by browsing further, you confirm your acceptance of the cookie installation. For more information on cookies, see Privacy Policy.