Version of 11.06.2019

PRIVACY POLICY
GENERAL INFORMATION

This privacy policy outlines the conditions of processing of personal data of visitors of the website www.rbbaltic.lt (hereinafter – the website) and other data subjects as well as the procedure for the exercise of the rights of data subjects. Personal data is processed by RB Baltic, UAB, company code 300595095, address of seat Žygio St. 92-94, Vilnius, e-mail: info@rbbaltic.lt, (hereinafter the Controller).

The Controller may review and amend the privacy policy at any time, and we therefore recommend that you make sure on a regular basis that you are familiar with the updated (effective)version of the privacy policy.

The personal data of the website visitors and other data subjects are processed pursuant to the legislation in force and by implementing appropriate technical and organisational security measures.

The Controller uses the personal data which you provide or which the Controller collects only for the purposes specified in the privacy policy. Your personal data are transferred to the data processors, providing the website’s hosting and support services, newsletter mailing services. In cases stipulated by law, your data may also be transferred to competent authorities.

The website contains links to websites which are not owned by the Controller. The Controller shall not be liable for any privacy policies applied by such websites, and we therefore recommend you to be proactive and read privacy policies applied to a website to which you are redirected.

USE OF COOKIES

The website uses cookies, which are small text files placed on your device (e.g. desktop computer, mobile phone, tablet), when you browse the website.

We need the cookies on the website to be able to do the following:

  • Ensure the appropriate functioning of the website;
  • Ensure the optimal functioning speed and security of the website;
  • Find out about visits to the website and its individual pages/sections, analyse the website visitor flows (visit date and time, specific browsers used, specific device types used and sizes of the screens of the devices used) and in this manner improve the website on an ongoing basis and satisfy your needs better.
  • Provide statistical information (Non-identifying visitors) about website to third parties (Google and etc.).

The specifications of the cookies used by the Controller are provided in the table below.

TYPENAME OF THE COOKIEFUNCION OF THE COOKIEEXPIRY
Cookies collected for statistical purposesPHPSESSIDUsed to support the sessionUntil the end of the session
 _gaUsed to distinguish unique users.2 years
 _gatDoes not store any information. Used to throttle request rate.1 day
 _gidUsed to distinguish unique users.1 day
 aStatsVisitsUsed to distinguish unique users.1 day
Marketing cookies_fbpUsed to deliver a series of advertisement products such as real time bidding from third party advertisers.1 day
Other cookiessLanguageUsed to identify the language of the visitor’s browser.1 day

 

Accurate information about the functions of the cookies used by third parties (Youtube, Facebook, Google, LinkedIn, Skype etc.) and the personal data collected by the third parties can be found in the privacy policies of these third parties (e.g. the Google (and Youtube) privacy policy, the Facebook cookies policy, the LinkedIn privacy policy, the Skype privacy policy) or by contacting the data protection officer of the respective third party that sends cookies.

You can find out what specific cookies were saved when you visit the website by checking your browser settings. If you’re using Google Chrome, you can find information about saved cookies by clicking the button to the left of the address box.

You can delete, restrict or block cookies by controlling your web browser settings. If you want websites not to place any cookies on your device, customize your web browser settings so that you are notified before any cookie is placed or your browser rejects all cookies. You will need to customize the settings for each internet browser on each device.

 Cookies placed during visits to the Controller’s fan pages on social media platforms

The Controller administers a fan pages on Facebook and LinkedIn, also YouTube channel “RB Balrtic”(hereinafter the Fan Pages).

When you visit the Fan Pages, the administrators of the social media platforms place cookies on your device, and these cookies collect your personal data. Cookies are placed on your device both in case you are a registered user of the respective social media platform and in case you do not have an account on the respective social media platform. The Controller (RBBALTIC) does not have access to the collected personal data and only receives from the administrators of the social media platforms statistical information about visits to the Fan Pages.

To receive comprehensive information about your personal data processed for the purpose of administration of the Fan Pages, please read the following:

You can delete, restrict or block cookies by controlling your web browser settings. If you want websites not to place any cookies on your device, customize your web browser settings so that you are notified before any cookie is placed or your browser rejects all cookies. You will need to customize the settings for each internet browser on each device.

By blocking or restricting the use of cookies, you may not receive the services you require or may not use the functionality of the website.

You can find more information about cookies, how they work, and their settings at http://www.allaboutcookies.org.

COMMUNICATION TOOLS

For the purpose of responding to your inquiry and saving evidence of correspondence (implementing the legitimate interest to ensure the effective communication and prevent any disputes related to customer service), the Controller processes the following information that you provide:

  • By sending an inquiry via the contact form, name, surname, e-mail address and content of the inquiry is processed. If you do not provide this information, you will not be able to contact us via the contact form. In this case the date and time of receipt of the inquiry is also being processed.
  • By sending a letter to the Controller’s registered office specified on the Website, the following data is processed: name, surname, address, date of receipt and the information specified in the letter;
  • By communicating via Facebook or LinkedIn the following data is processed: name, surname, photo (if used), date and time of the inquiry and content of correspondence with the Controller’s representative.
  • By communicating via the e-mail address specified on the website, the following data is processed: name, e-mail address, phone number (if specified), workplace (if specified), e-mail date and time and content of correspondence with the Controller’s representative.

The personal data submitted in connection with the inquiries and any further correspondence between you and the Manager will be kept to the extent necessary to accomplish a specific task and to ensure the exercise of the Manager’s rights.

In case of sending an inquiry via Facebook or LinkedIn accounts, the personal data you provide may be disclosed to the social network managers and other persons with whom Facebook and LinkedIn managers share personal data. For more information please read the privacy policies of Facebook and LinkedIn.

Your rights related to processing of your personal data are specified in the PROCEDURE OF THE EXERCISE OF THE RIGHTS section of the privacy policy.

PERSONAL DATA OF CUSTOMERS AND SUPPLIERS

For the purpose of concluding and executing purchase, lease, service or other contracts, the Controller shall manage the following customer and supplier (natural person) data: name, surname, personal code, address, telephone number, e-mail address, supplier’s individual activity certificate number or business license number, details of contracts entered into, goods or services purchased or supplied, their price, invoice details, correspondence, checking account, billing and debt information. The manager manages the following data related to clients and suppliers (legal persons) (employees, consultants, financiers): name, surname, telephone number, e-mail address, workplace, position, correspondence. The legal basis for the processing of personal data is the pursuit of the contract.

For the purpose of redressing its violated rights (in the exercise of its legitimate interest in avoiding losses due to late payment or improper performance of its duties), the Controller may process other data necessary for this purpose in addition to the personal data of the clients and suppliers already mentioned.

The Controller transfers the personal data of customers and suppliers to the companies providing parcel delivery, freight or warehousing services, as well as to other data recipients: accounting services, business management system administration services providers, financial institutions, insurance companies, lawyers, translators and other service providers, related with contracting and execution of contracts. To protect its violated rights, the Controller may provide personal data of clients and suppliers to debt collection companies, bankruptcy administrators, law enforcement agencies, bailiffs, and other persons involved in the exercise of the Controller ‘s rights.

For the purpose of concluding and executing contracts, personal data shall be processed for 5 years from the date of expiry of the contract or the date of the last purchase of goods (services), accounting data – for 10 years from the expiry of the contract. For the purpose of remedies of the Controller, the data shall be processed to the extent necessary for this purpose.

Your rights related to the processing of your personal data are specified in the PROCEDURE OF EXERCISE OF THE RIGHTS section of the privacy policy.

PERSONAL DATA OF PROSPECTIVE EMPLOYEES

The Controller processes the personal data of candidates for employees for the purpose of employee selection and employment, implementing legitimate interest to evaluate a candidate’s suitability for the respective position.

In addition to the data provided by a person who wishes to work in the Controller’s company, the Controller may collect and process in other ways other publicly accessible data of a candidate, related to qualifications, professional skills and competencies,  i.e. look for information on the internet, check a candidate’s profiles on social media platforms (e.g. LinkedIn, Facebook, Twitter), etc. The Controller may also contact a candidate’s former employers and ask them to provide information about the candidate’s qualifications, professional skills and competencies.

The Controller stores the data about a candidate, provided by the candidate and/or collected by the Controller independently, for 4 months from the end of the respective selection procedure. If a consent to the further processing of a candidate’s personal data is not obtained, then, on expiry of the said term, all personal data of the respective candidate (both the data provided by the candidate and the data collected by the Controller) are deleted.

Your rights related to the processing of your personal data are specified in the PROCEDURE OF EXERCISE OF THE RIGHTS section of the privacy policy.

DIRECT MARKETING

The Controller sends direct marketing messages to the Controller’s purchasers of goods and services, pursuing a legitimate interest on informing its customers about similar goods, services, discounts, or other similar information, unless the customer has disagreed with his or her personal data processing for direct marketing purposes. A website user may also subscribe to receiving the direct marketing messages. For the purposes of direct marketing, the following data of customers (natural persons) or persons related to customers (legal persons) and subscribed persons are processed: name, surname, workplace, telephone number, e-mail address.

Recipients of the newsletter can unsubscribe from the mailing list at any time by clicking the link available in each newsletter or by sending a written application to the e-mail address info@rbbaltic.lt. Unless you withdraw consent to process your personal data for direct marketing purposes, your personal data is stored for 5 years from the date of the end of the contract with the client (natural or legal person) or subscription to the newsletter whichever is earlier.

Your rights related to the processing of your personal data are specified in the PROCEDURE OF THE EXERCISE OF THE RIGHTS section of the privacy policy.

PROCEDURE OF EXERCISE OF THE RIGHTS

All data subjects whose personal data the Controller processes have the following rights:

The right of access to personal data processed by the Controller
The right to request rectification of inaccurate or incomprehensive personal data

The right of access to personal data and the right to request rectification of inaccurate personal data may be implemented by sending a written application to the address of seat of the Controller or to the e-mail address info@rbbaltic.lt (in case an application signed with an electronic signature is presented). In your application to access your personal data, please specify the categories of personal data you wish to access.

In your application to request rectification of inaccurate or incomprehensive personal data, please specify personal data you wish to rectificate.

The right to restriction of the processing of personal data until the purpose for which the personal data is processed is verified, until it is established whether the interests of the data subject who disagrees to the processing of personal data supersede the interests of the Controller or not, as well as in cases where personal data is processed unlawfully, but the data subject disagrees that this data be deletedThis right shall be exercised by sending a written application to the address of seat of the Controller or to the e-mail address info@rbbaltic.lt (in case an application signed with an electronic signature is presented).

If the application is reasoned, the processing of personal data shall be restricted within 5 business days from receipt of the application.

The right to data portability

This right shall be exercised by sending a written application to the address of seat of the Controller or to the e-mail address info@rbbaltic.lt (in case an application signed with an electronic signature is presented). If a data subject requests the transfer of only some of the personal data processed by the Controller, the application must specify the categories of personal data in respect of which the right to data portability is being exercised.

If the application is reasoned, the Controller, within 30 days from the receipt of the application, provides you or the data controller specified by you your personal data in a computer-readable format.

The right to object to the processing of personal data

The right to object to the processing of personal data for direct marketing purposes is exercised by clicking on the opt-out link in the direct marketing messages or by submitting an application to info@rbbaltic.lt.

This right shall be exercised by sending a written application to the address of seat of the Controller or to the e-mail address info@rbbaltic.lt (in case an application signed with an electronic signature is presented).

If you object to the processing of your personal data, it will be assessed whether your legitimate interest, with regard to which you object to the processing of your personal data, overrides the legitimate interest of the Controller, on which the processing of your personal data is based.

The right to have his personal data deleted

This right shall be exercised by sending a written application to the address of seat of the Controller or to the e-mail address info@rbbaltic.lt (in case an application signed with an electronic signature is presented).

The Controller deletes the data subject’s data within 30 days from the receipt of the application or refuses to fulfil the request and informs of the reasons in writing.

The right to lodge a complaint with the competent supervisory authorityThis right may be exercised by lodging a complaint with the State Data Protection Inspectorate in connection with any actions of the Controller related to the processing of your personal data.

In cases you exercise your rights by sending a written application by mail to the address of State Data Protection Inspectorate, the application must be accompanied by a notarised copy of your ID document (passport, ID card).

CONTACT INFORMATION

Should you have any questions regarding the privacy policy, please do not hesitate to contact us and request assistance:

RB Baltic, UAB
Žygio st. 92-94, Vilnius
Phone: 8 5 2670929
E-mail: info@rbbaltic.lt