Privacy policy

Introduction

In respect of inviolability of private life VORAS Consulting has determined this privacy policy (hereinafter referred as Policy) to ensure the security of the information, including any personal data, collected and processed by the company in this and other websites owned by the company.

This Policy determines the main principles of privacy and rules, which are applied by VORAS Consulting in general, and which are particularly applied to the use of this or other websites (Facebook, LinkedIn profiles, etc.), owned by VORAS Consulting (hereinafter jointly referred to as website) – visiting, browsing and/or using the services on the website.

The person (user of the website) confirms that he or she is aware of this Policy, understands and accepts it, while he or she continues to browse and/or use the services and/or information in this website after the given notice about it on the website.

Processing of personal data

VORAS Consulting is processing personal data in compliance with the law and regulations of European Union and Republic of Lithuania.

VORAS Consulting is processing the data, given by you as a data subject, when you are ordering VORAS Consulting services, as well as requesting or downloading publications, applications, or other information made available on our website, or using other services provided by the website. Usually website visitors (data subjects) may be asked to provide the following data: given name, family name, organisation and job position, e-mail address, telephone number, work address; whichever is necessary to fulfil your request.

VORAS Consulting processes this data for one or more of the following purposes: customer service (request fulfillment), execution of the contracts, direct marketing.

Processing of data for the purpose of direct marketing

An individual may accept or deny that his or her data will be used for the purposes of direct marketing when he or she provides an e-mail address or other personal data on our website in order to get VORAS Consulting services, as well as requesting or downloading publications, applications, or other information made available on our website, or using other services provided by the website.

This data is being processed for the purpose of direct marketing:

  • for 5 years from the last consent given by data subject to use his or her personal data;
  • for not more than 10 years from the end of service contract in case it was drawn up.

You can withdraw the consent to use your personal data for the purpose of direct marketing at any time by informing us via e-mail [email protected] or telephone +370 5 2071 002, as well as by clicking the “unsubscribe” link, which means that you refuse to receive direct marketing communications from now on.

The provision of data to other subjects

VORAS Consulting does not transfer any personal data to the other subjects without prior consent of an individual (data subject), unless required by applicable law or it is necessary for the operation of the website, provision of the ordered services, direct marketing.

At present, the data can be transferred to our suppliers that are providing financial obligation enforcement services, data centre and/or hosting services, e-document management system services, marketing and customer relationship management system services.

Suppliers that are providing e-document management system services, marketing and customer relationship management system services are established in countries outside European Union (third countries). VORAS Consulting ascertained that transferred data is stored in the data centres located in the European Union and there are appropriate data security controls in place.

Data subject accepts that his or her data, provided himself (or herself) or collected through the website, can be transferred to third countries, mentioned above, if he or she visits, browses and/or use services and /or information in the website.

VORAS Consulting ensures that suppliers will not be able to use the data for any other purposes and only to the extent necessary to fulfill their contractual obligations, i.e. provision of services to VORAS Consulting.  Other usage or further transfer of data is explicitly prohibited by the corresponding service provision contracts.

The right to access processed personal data

An individual (data subject) has the right to access his or her personal data, processed by the company, and to obtain information, free of charge once per year, on the sources and the type of his personal data that has been collected, the purpose of their processing and the data recipients to whom the data are disclosed or have been disclosed for at least during the last year. An individual must provide identity document or verify his or her identity according to the applicable laws or through electronic means of communication, which provide reliable identification of the person, to verify his or her identity.

The company shall reply not later than 30 calendar days from receipt of the request in writing and provides the requested data, or justifies the refusal to grant the request of the data subject. Upon the request of the data subject, such data must be provided in writing.

If the data subject finds out that his personal data is incorrect, incomplete or inaccurate, he or she must contact the company (in writing, by e-mail, via websites or any other form). The company then must check such data and rectify the incorrect, incomplete and inaccurate personal data without delay and/or suspend processing of such personal data, except storage. The company may keep archive copies of such data, if it is necessary to fulfil contractual obligations to the data subject, and/or if it is required by applicable law (for accounting purposes, cybercrime investigation, etc.)

An individual may appeal against actions of the company, acting as data controller and/or processor, to the State Data Protection Inspectorate of the Republic of Lithuania, or other appropriate authority, within three months of receipt of the refusal to grant the request or within three months of the date when the time period for giving a reply expires.

Websites of the third parties

VORAS Consulting is not responsible for data protection in websites of the third parties, even if these websites are reached through links in VORAS Consulting website(s). The user should be aware and pay attention at the privacy policies of each of these referenced websites.

Other circumstances

VORAS Consulting may from time to time amend this Policy. The user of website should be aware of such possible changes and make sure that he or she is familiar with the relevant version of this Policy.