Polo Apartments Privacy Policy
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from www.PoloApartments.lt (the “PoloApartments.lt”).
PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.” We collect Device Information using the following technologies: - “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. - “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps. - “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site. Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers, email address, and phone number. We refer to this information as “Order Information.” When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to: Communicate with you; Screen our orders for potential risk or fraud; and When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services. We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Smoobu to power our online store--you can read more about how Smoobu uses your Personal Information on their site: smoobu.com We also use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout. Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
BEHAVIOURAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work. You can opt out of targeted advertising by: FACEBOOK - https://www.facebook.com/settings/?tab=ads GOOGLE - https://www.google.com/settings/ads/anonymous Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/. DO NOT TRACK Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
YOUR RIGHTS
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
DATA RETENTION
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information. The Site is not intended for individuals under the age of 16 years old. We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
CONTACT US
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@poloapartments.lt or by mail using the details provided below: M.Yčo.g 7, Kaunas, 46462, Lithuania
MB Baltic apartments service PERSONAL DATA PROTECTION POLICY 1. GENERAL PROVISIONS1.1. The objectives of this personal data protection policy (hereinafter referred to as the Policy) are: 1.1.1. determine the collection, use and storage of personal data MB Baltic apartments service (hereinafter referred to as the Company) general principles and rules; 1.1.2. to implement the requirements of the Labor Code and adopt them in regular ways to publish employees' personal data protection policies in the workplace and its implementation measures; 1.1.3. to implement the requirements of the Labor Code and adopt them in regular ways to announce employee monitoring and control work in the workplace place order; 1.1.4. implement the provisions of the General Data Protection Regulation (GDPR) principles of real personal data protection and accountability; 1.1.5. facilitate proper implementation of the General Data Protection Regulation, Personal Data Protection Law, Labor Code, other European Union andThe requirements of the legal acts of the Republic of Lithuania in the field of personal data protection (hereinafter referred to as the ADA legal acts) implementation; 1.1.6. to create mutual understanding and legal clarity between the Company and its employees due to actions taken by the Company to protect its employees personal data; 1.1.7. assist the Company's employees in implementing the ADA legislation requirements. 1.2. The Rules apply to all Employees of the Company. Employees are introduced to this Policy in accordance with the procedure established by the valid internal Rules of Procedure. 2. SCOPE AND ADDRESSES 2.1. This policy applies to: 2.1.1. For the collection, use and storage of data on behalf of the Company; 2.1.2. Collection, use and storage of data processed by the Company; 2.1.3. For the collection, use and storage of Data for the purpose of employees' work functions. 2.2. The Policy is intended for all employees of the Company, including management. 2.3. All Employees must confirm that they understand their obligations and must comply with them. The Authorized Employee must ensure that a copy of this Policy is provided to or accessible to each Employee. 3. CONCEPTS 3.1. Unless expressly stated otherwise in this Policy and its annexes, the terms written with the first capital letter have the meanings specified below: ADA legislation All applicable international, European Union and Republic of Lithuania legislation, administrative decisions, requirements arising from case law, establishing rules and/or requirements for the processing of personal data, including, but not limited to, the General Data Protection Regulation, the Labor Code, the Law on the Legal Protection of Personal Data, the Law on Electronic Communications. Person A person (natural person) whose personal data is collected, used and stored by the Company and who can be identified, including but not limited to Employees. Defined as a data subject in ADA legislation. Data Any information relating to an Individual collected, used or stored by the Company. ADA legislation defines personal data as such. Personal request Any of the following: a) request for access to Data about Person; b) request to correct inaccurate Personal Data Data; c) request to delete Personal Data; d) request to restrict the processing of Personal Data use or deletion; e) request to export Data about Person; f) objection to Personal Data collection, use and storage within the Company, including sending marketing messages; g) objection to any automatic decision-making regarding the profiling of a Person or a Person In the company; h) any other request and/or complaint for any issue related to Data Protection In the company. Personal Request Management The process by which Personal Requests received by the Company are analyzed, investigated and responded to. The company MB Baltic apartments service is responsible for the collection, use and storage of Data, compliance with ADA legislation. ADA legislation defines it as a data controller or data processor, taking into account the processing of specific Data in its own interests or those of its clients. Employee Any employee of the Company or an employee seconded to the Company who has direct or indirect access to the Data. Authorized Employee An Employee appointed by the Company to assist the Company in ensuring legal compliance with ADA legislation, making decisions and advising Employees in the area of data protection. Data Processing The collection, use, storage, transfer, destruction or any other specific action performed on Data. ICT Information and communication technologies that the Company provides to Employees or that Employees use to perform their duties at the Company, including, but not limited to, computers, tablets, smartphones, USB devices or other data carriers, remote data storage, websites and other software. Data Breach Any of the following events: a) Loss, theft or unplanned destruction of the Company's ICT, documents and/or other media containing Data; b) accidental or intentional sending, uploading or sharing of Data with third parties who do not have the right to receive it; c) unauthorized access by third parties to the Company's ICT, documents and/or other means containing Data; d) malicious attacks against the Company's ICT and/or other means containing Data; e) errors related to the development, use and configuration of ICT and/or other tools that may pose a risk to Data Security; f) any other security breaches leading to the accidental or unlawful destruction, loss, leakage, alteration, unauthorized disclosure of, or access to, Data transmitted, stored, or otherwise collected, used, or stored by the Company. Data Security Breach Management The process during which the Company analyzes, records Data Security Breaches and, if necessary, reports to the Inspectorate or Individuals whose Data was affected. Data Processing Activity Records An electronic document that describes in detail the Data collected, used and stored by the Company. EEA European Economic Area (all EU member states plus Iceland, Norway, Liechtenstein). Inspectorate State Data Protection Inspectorate. Inspection inquiry Any letter, notification, request or other document submitted by the State Data Protection Inspectorate and addressed to the Company. Management of Inspectorate inquiries The process during which Inspectorate inquiries are examined, information necessary for a response is collected, and a response is provided to the Inspectorate. Special data are data specified in ADA legislation, the processing of which is subject to increased requirements (e.g. data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, health data or data about a natural person's sex life and sexual orientation, genetic, biometric identifiers, data about criminal convictions and criminal acts). Service Provider A specific service provider or other external legal entity or individual that has access to and processes Company Data on behalf of the Company. Defined as a data processor in ADA legislation. This policy complies with the Personal Data Protection Policy. Third Parties All natural or legal persons, except Employees. 3.2. Other terms not defined in this Policy shall be understood as defined in the ADA legislation. 4. PRINCIPLES OF DATA PROCESSING 4.1. When processing Data, the Company is guided by the principles that: personal data must be: 4.1.1. processed lawfully, fairly and transparently; 4.1.2. collected for specified, explicit and legitimate purposes and are not further processed in a manner incompatible with those purposes; 4.1.3. collected, used and stored in accordance with the Company's internal procedures and ensuring the protection of Data against unauthorized access, unlawful collection, use and storage, accidental loss, destruction or damage; 4.1.4. accurate and, where necessary, updated; 4.1.5. accurate and, where necessary, updated; 4.1.6. kept in a form that allows the identification of data subjects be kept for no longer than is necessary for the purposes for which the personal data are data is processed; 4.1.7. processed in such a way that appropriate technical or organizational measures ensure the appropriate security and confidentiality of personal data, including providing access to the Data only to those employees who need it to perform their direct job functions. 4.2. Data may be lawfully processed by the Company only if at least on one of the following grounds: 4.2.1. Contract: Data is necessary to conclude or perform an employment, civil or other contract with a Person, including, but not limited to, the execution of the terms of the contract, the execution of the rights and obligations of the parties provided for by legal acts for the relevant type of contract, and the execution of the obligations of the parties arising from the substance of the contract; 4.2.2. Legal obligation: The Company is obliged by law to process Data in tax, labor and other areas; 4.2.3. Legitimate interest: Data is necessary for dispute resolution, incident investigation, ensuring the security of property, people and ICT, business continuity or other predetermined interests of the Company, unless the interests of the Person are overridden in the context of specific circumstances. 4.2.4. Consent: The Person was free to choose whether to give consent to the processing of his/her Data, without any negative consequences for the Person, and such consent was given. 4.3. Special data may be lawfully processed by the Company: 4.3.1. Special personal data of employees, including health data, only to the extent necessary to exercise rights or obligations in the fields of labor and social security law or under collective agreements; 4.3.2. Special data of other persons – only to the extent that the Person could freely choose whether to give consent to the processing of Special Data, without any negative consequences for the Person and gave such consent in writing or electronically; 4.3.3. The processing of sensitive data of other persons is necessary for the exercise of judicial powers of EU or national courts, or for the conduct of investigations by law enforcement or supervisory authorities; 4.3.4. Processing of Special Data is necessary for the establishment, exercise or defense of legal claims. 4.4. Data on the criminal record of Individuals may be processed only when provided for by special legal acts and only to the extent necessary for the implementation of relevant legal acts, if such data is needed in a public procurement or project tender, however, such data must be: (a) stored separately from other data and not combined with them and (b) destroyed upon completion of the public procurement or project tender procedure, unless special legal acts provide for a special obligation of the Company to store such Data for a certain period of time. 4.5. Regardless of the above-mentioned legal grounds for Data Processing, in all cases, Data is processed lawfully when it is done on the basis of a data processing agreement when providing Data Processing services to the Company's clients, and the Data is processed on behalf of and in the interests of the client and in accordance with the Client's instructions. 5. RECORDS OF DATA PROCESSING ACTIVITIES 5.1. In order to ensure the lawfulness of Data Processing, the Company shall keep records of Data Processing activities, which shall include: 5.1.1. Identity of the data controller; 5.1.2. Categories of persons; 5.1.3. Data categories for each Category of Persons; 5.1.4. Purposes and legal basis for data processing (GDPR) for each Data Category; 5.1.5. Categories of Data Recipients for each Category of Persons according to the Purposes and Legal Basis of Data Transfer; 5.1.6. If any, data recipients operating outside the EEA and the data protection safeguards applied to them; 5.1.7. Data retention periods. 5.2. Separate records of Data Processing activities shall be maintained for the activities of the Company as a data processor. These records shall indicate: 5.2.1. Names and contact details of the data controllers whose data is processed by the Company, and, if available, contact details of their data protection officers; 5.2.2. Categories of processing operations for each Data Controller; 5.2.3. If any, data recipients operating outside the EEA and such transfers are subject to data protection safeguards. 5.3. Employees are familiarized with the Data Processing Activity Records in accordance with the procedure established by the Rules of Procedure. 5.4. Before starting to process the Data transferred by the Company's clients under the data processing agreement, Employees must contact the Authorized Employee, obtain and familiarize themselves with the data processing agreement concluded by the relevant client or clients and its annex, which defines the purposes of data processing, the categories of Persons and Data, and the categories of recipients. 6. GENERAL OBLIGATIONS OF EMPLOYEES IN THE FIELD OF DATA PROTECTION 6.1. Each Employee must: 6.1.1. when processing the Data, ensure that all requirements set out in the Policy; 6.1.2. process the Data only to perform their job functions and only to the extent necessary for their performance; 6.1.3. in all cases, identify the Data that is processed in the Employee's activities and be aware that the requirements of this Policy, data processing agreements and ADA legal acts apply to activities related to the Data; 6.1.4. When processing Data, the controller of which is the Company: 6.1.4.1. in all cases, ensure that the processed Data Category is included in the Data Processing Activity Records, and the purpose of the processing corresponds to at least one of the purposes specified in the Data Processing Activity Records; inform the Authorized Employee about the need to process new Data Categories and/or new purposes; 6.1.4.2. in all cases, before transferring Data to Third Parties, ensure that such a category of Data Recipients is included in the Data Processing Activity Records, and if it is intended to transfer Data outside the EEA, that the relevant Data Recipient is included in the Data Processing Activity Records; inform the Authorized Employee about the need to transfer Data to a category of Data Recipients not specified in the Data Processing Activity Records or to a Third Party operating outside the EEA and not specified in the Data Processing Activity Records. 6.1.5. When processing Data transferred to the Company's client under a data processing agreement: 6.1.5.1 in all cases, ensure that the processed Data Category is included in the annex to the data processing agreement, and the purpose of the processing corresponds to at least one of the purposes specified in the annex to the data processing agreement or a special instruction from the Company's client regarding the Data Processing has been received; inform the Authorized Employee about the need to process new Data Categories and/or for new purposes; 6.1.5.1 in all cases, before transferring Data to Third Parties, ensure that such a category of Data Recipients is included in the annex to the data processing agreement or a special instruction from the Company's client regarding the transfer of Data has been received; inform the Authorized Employee about the need to transfer Data to a category of Data Recipients not specified in the annex to the data processing agreement; 6.1.5.1 If there is any doubt as to whether the client's instructions comply with the requirements of ADA legislation, consult with an Authorized Employee before taking action. 6.1.6. ensure that each Person they encounter for the first time in the Company has been informed about the processing of their Data, and in the cases provided for in the Data Processing activity records, has given consent to the Data Processing; if the Person has not been informed about the processing of their Data and (or) their consent has not been obtained, when it is necessary according to the activity records, to deliver an information notice and (or) request the Person's consent in accordance with the form adapted to the relevant category of Persons; if none of the standard forms of information notices or consents used by the Company are appropriate in a particular case, the Employee must immediately inform the Authorized Employee thereof; 6.1.7. taking into account the nature of the work functions performed, make reasonable efforts to ensure that all Data managed by the Company is accurate and, where necessary, updated; 6.1.8. when processing the Data, act with care and caution, bearing in mind that the Employee's actions related to the Data pose a risk to the Company and Individuals, and in the event of any uncertainty related to the processing of the Data, contact the Authorized Employee and obtain the Authorized Person's advice or instructions before performing the Data processing operation; 6.1.9. implement and use technical and organizational Data protection measures that ensure the protection of Data against unauthorized access, unlawful collection, use and storage, accidental loss, destruction or damage, as set out in this Policy, work procedures and other documents of the Company; 6.1.10. not to disclose information about the technical and organizational Data Protection measures applied by the Company, including, but not limited to, the Company's internal documents, to any Third Parties without first ensuring their right to receive such information; 6.1.11. not to store personal data on any personal storage devices, computer or software belonging to the Employee (online data storage devices, storage devices, computers, telephones, etc.), unless in a specific case the Company allows the Employee to use specific personal devices for the performance of work functions; 6.1.12. when the Employee is permitted to use personal storage devices and/or computer or software to perform work functions, upon termination of the employment relationship, transfer all Data contained in any information files of the Employee (personal online storage devices, storage devices, personal computer, telephone, etc.) to the Company and destroy all copies of such information; 6.1.13. contact an Authorized Employee and receive his/her consultation: 6.1.13.1. intending to conclude a service agreement with a new client, whose transferred data will be processed by the Company on behalf of and in the interests of the client; 6.1.13.2. intending to engage a new Service Provider within the Company; 6.1.13.3. intending to create, implement or use new ICT and/or other methods for Data Processing in the Company; 6.1.13.4. before starting a new direct marketing campaign or Data Collection for its implementation; 6.1.13.5. in the event of any inaccuracies, doubts or questions related to the application, interpretation, violation or compliance with the Policy. 6.1.14. to handle requests from Individuals with care and attention; upon receipt of any request from an Individual, to notify the Authorized Employee thereof immediately, no later than within 1 (one) business day from receipt of the request from the Individual; 6.1.15. immediately, but no later than within 12 (twelve) hours, from the date of learning about the Data Security Breach in the Company: 6.1.15.1. inform the Authorized Employee about the Data Security Breach; 6.1.15.2. take reasonable actions within its competence to stop the Data Security Breach; 6.1.15.3. take reasonable actions within its competence to prevent a Data Security Breach from recurring. 6.1.16. cooperate with the Authorized Employee, other Employees and/or Service Providers in performing Data Security Breach Management, Personal Request Management, Inspection Inquiries Management and other procedures established by the Company related to Data Processing; 6.1.17. provide the Authorized Employee with any requested information within the shortest possible time frame; 6.1.18. to carry out the instructions of the Authorized Employee regarding Data Processing. 6.2. No Employee shall be granted access to Data unless such Data is necessary to perform their job functions. 6.3. Employees may send direct marketing messages to Individuals and/or legal entities if the Individuals and/or legal entities to whom direct marketing messages are sent: 6.3.1. have given consent to direct marketing; or 6.3.2. have purchased goods or services from the Company and: 6.3.2.1. provided their email details to the Company when purchasing goods or services from it; 6.3.2.2. each time direct marketing messages are sent, they are given an easily implemented, free-of-charge option to opt out of marketing messages (e.g. by clicking on an active link); 6.3.2.3. has never objected to receiving marketing communications from the Company; 6.3.2.4. similar products or services of the Company are advertised to them; 6.3.2.5. they have been informed that their email details may be used for direct marketing purposes. 7. IMPLEMENTATION OF PERSONAL RIGHTS 7.1. The Employee, upon receipt of the request of the Person, shall immediately, no later than within 1 (one) business day from the date of receipt of the request of the Person, the Authorized employee. 7.2. The Authorized Employee shall manage the received requests from Individuals in accordance with this Policy and ADA legislation. 7.3. Upon receipt of the request, the Authorized Employee: 7.3.1. reviews the application; 7.3.2. establishes the identity of the Person who submitted the request; 7.3.3. collects the information necessary for the examination of the application; 7.3.4. assesses the legal validity of the request; 7.3.5. confirms to the Person that his/her request has been received; 7.3.6. determines whether and what additional information from Employees, Service Providers and/or the Person who submitted the request is necessary in order to respond to the Person's request; 7.3.7. if necessary, gives the necessary instructions to the Employees regarding the further processing of the Personal Data of the person who submitted the request; 7.3.8. prepares and submits a response to the request to the Person. 7.4. Having determined that the received request of the Person is related to the data transferred by the Company's client under the data processing agreement, the Company shall forward such request to the relevant client and inform the person who submitted the request thereof; in this case, the response to the request shall be prepared by the Company's client, and the Authorized Employee shall provide the client with all information necessary for the consideration of the request and preparation of the response. 7.5. The authorized employee ensures that: 7.5.1. the request of the Person is responded to within 1 (one) month from the date of its receipt; if the complexity or number of requests of the Person submitted by the same Person is large, the Authorized Employee has the right to extend the deadline for submitting a response up to 2 (two) months, informing the Person thereof and indicating the reasons for the extension of the deadline; 7.5.2. The individual would be provided with only the information that is relevant to him/her; 7.5.3. Only as much information as required by ADA legislation would be provided to the individual; 7.5.4. In cases provided for by ADA legislation, where the Person does not have the right to exercise his/her right as a data subject, the Person's request would not be satisfied; 7.5.5. No confidential information of the Company, in particular the Company's trade secrets, would be disclosed to individuals. 7.6. A person's request shall be refused when: 7.6.1. The individual's request does not relate to rights under ADA legislation; 7.6.2. The individual's request relates to information that is not Data; 7.6.3. The request of a Person relates to information about another Person; 7.6.4. The individual is not entitled to exercise the relevant data subject rights under the requirements and exceptions set out in the ADA legal acts; 7.6.5. The request of the individual is manifestly disproportionate, including, but not limited to, the following cases; 7.6.5.1. The request of the Person is repetitive - the same Person has already submitted the same Request within 1 (one) year prior to receipt of the Request, except in cases where the Person can reasonably expect that the scope of the Data processed about the Person has changed during this period; 7.6.5.2. The individual's request involves a large amount of repetitive Data; 7.6.5.3. the circumstances indicate that the sole purpose of the Person's request is to disrupt the Company's operations and the Company can prove this. 7.7. The authorized employee shall respond to the request of the Person by electronic means in a concise and understandable form to the Person, using clear and understandable language, except in cases where the Person requests an oral response or a written response other than an electronic response. 7.8. If the request of the Person is refused in whole or in part, the response must indicate the reasons for the refusal and inform about the possibility of filing a complaint with the Inspectorate and/or taking legal measures. 7.9. If the Person's request is granted, the Authorized Employee coordinates and plans the implementation of the Person's request within the Company, provides instructions and consultations to Employees and Service Providers who must participate in the implementation of the Person's request. 8. CUSTOMERS AND SERVICE PROVIDERS 8.1. An authorized employee who becomes aware of the intention to use new Service Provider, must: 8.1.1. to verify and ensure that the Service Provider takes appropriate measures technical and organizational data protection measures and complies with other ADA legal requirements; 8.1.2. ensure that the Company, before sharing Data with the Service Provider, conclude a Data Processing Agreement with the provider (or include relevant provisions into existing contracts, including terms of service). 8.2. An Authorized Employee, upon learning of the intention to conclude a service agreement with a new client whose transferred data will be processed on behalf of and in the interests of that client, must ensure that the Company concludes a Data Processing Agreement with the client (or includes relevant provisions in existing agreements, including the terms of service) before starting to process the client's transferred data. 8.3. If the Service Provider or the client provides the Company with a form for their Data Processing Agreement, including the terms of service, the Authorized Employee must ensure that it complies with the requirements set forth in the ADA legislation before the Company enters into such agreement. 9. PROCEDURE FOR MONITORING AND CONTROL OF EMPLOYEES AT THE WORKPLACE 9.3. In order to ensure the security of the company's assets (including the processed data), access to the company's premises is possible only with access cards issued to employees and/or trainees. Each card has a separate identification code, which is assigned to the employee and can be determined when and which employee entered and left the premises. This measure applies exclusively to ensuring the security of the company's assets (including the processed data) and is not used for tracking and monitoring employees. 9.4. In order to manage its ICT infrastructure and ensure its security, the Company provides remote access to its ICT (computers, tablets, phones, etc.) to Employees performing their technical maintenance, external service providers - for software installation, updating, troubleshooting and similar technical support work. Although in this case no information stored on the device is collected, violations of the Employee's job duties (e.g., illegally installed software) may be identified during the provision of technical maintenance and such information may be used as evidence in establishing violations of the Employee's job duties. 9.5. Data of the Employee's correspondence with other Employees and Third Parties (customers, suppliers, etc.) using the Company's email, social media or similar account are stored in the information systems of the Company and/or the relevant electronic service provider used by the Company in order to ensure the Company's legitimate interests - the performance of concluded contracts, especially taking into account the fact that such correspondence is considered part of the contracts, the provision of information to contractors, the effective organization of work, as well as to facilitate the work of the employee himself. This Data is processed in accordance with the following rules: 9.5.1. The Company's communication systems, including e-mail, social networks, etc., are technologically designed for information storage, i.e. for technical reasons alone, they store all uploaded information unless it is specifically deleted; 9.5.2. When uploading any information to the Company's ICT, including sending electronic messages using the Company's email, social media and other similar accounts, Employees may and must understand that such information will inevitably be stored. The technologies used by the Employer do not allow marking the uploaded information, including email messages, as personal and such technical equipment requires disproportionately high costs, therefore, when uploading personal information, it may accidentally become known to other persons. Accordingly, Employees must not use the Company's ICT for personal purposes, and in doing so, they assume the risk that personal information may accidentally become known to other persons. 9.5.3. In order to implement the practice of communication with the Company's clients and internal communication within the Company, to ensure uninterrupted economic and commercial activities, when necessary, the Company's Employees may be given access to communication channels used by other Company Employees (for example, personal e-mail). 9.5.4. In order to ensure the continuity and continuity of the Company's activities, the Employee's correspondence data is available to the replacing Employees during their vacation, sick leave or similar periods, and also, upon termination of the Employee's employment contract, it will be available to the new Employee who will take over the work of the dismissed Employee. 9.5.5. Temporary access to the Employee's correspondence data may be granted to other Employees: 9.5.5.1. when it is necessary to urgently obtain relevant information, and the Employee himself is not at the workplace; 9.5.5.2. when it is necessary to collect information in order to assert or defend against claims in court, in administrative proceedings, in commercial disputes with the Employee or Third Parties or in other legal proceedings. 9.5.6. Employee correspondence data may be used as evidence in establishing violations of the Employee's work duties only when such a violation is established in accordance with the procedure established in this policy. 9.6. The Company does not conduct continuous, systematic ICT monitoring, i.e. does not collect Employee Data in ICT, however, Employees appointed by the Company have the right to conduct an ICT inspection, including, but not limited to, checking the Employee's email, social media and similar accounts, except for personal accounts, computers, tablets and other equipment in the Employee's possession, in the following cases: 9.6.1. when a criminal act or other serious violations of the law and/or work rules are detected or investigated; 9.6.2. when a leak of confidential information, infringement of intellectual property and/or a case of unfair competition is detected or investigated; 9.6.3. when litigation is ongoing; 9.6.4. when it is necessary to perform Data Breach Management; 9.6.5. when it is necessary to ensure the Company's ICT security. 9.7. The ICT inspection provided for in clause 9.6 may be performed by the Company's employees. 9.8. The Company shall inspect ICT in cases where there are no other means to achieve the objectives specified in clause 9.6. The decision on the inspection of ICT shall be made by the Head of the Company. 9.9. When inspecting ICT, the Employees appointed by the Company must reduce the amount of Data collected, used and stored as much as possible. When inspecting ICT, the Employees appointed by the Company shall collect, use and store only such Data as are necessary for the inspection of ICT. If excessive Data has been collected during the inspection of ICT, the Employees shall immediately delete it. 9.10. Employees appointed by the Company may begin checking ICT after having performed the following actions: 9.10.1. has identified the specific reasons, suspicions or information that require an ICT inspection and the specific objectives of the ICT inspection based on paragraph 9.6 of this Policy; 9.10.2. determined that other measures to achieve the adjustment objectives are not available or these measures are ineffective; 9.10.3. informed the Authorized Employee and received his/her consultation regarding the planned ICT inspection; 9.10.4. where necessary, used an ICT expert and/or bailiff; 9.10.5. ensured that a written decision was made regarding the ICT inspection. 9.11. Employees appointed by the Company must inform specific Employees whose ICTs are being inspected and provide them with the opportunity to observe the ICT inspection, unless disclosure of the aforementioned information would prevent the achievement of the inspection objectives. 9.12. After conducting an ICT inspection, the Employees appointed by the Company must document the results of the ICT inspection in writing. 10. DATA BREACH MANAGEMENT 10.1. An employee who becomes aware of a possible Data Security violation in the Company, immediately, but no later than within 12 (twelve) hours, must inform the Authorized Employee about this. 10.2. Authorized employee commits Data Security Breach management in accordance with this Policy and ADA legislation and fills in the data security breach register. 10.3. The authorized employee ensures that this Policy and ADA legal deadlines. Authorized employee may extend the period of validity of the infringements register by indicating the reasons for the extension deadlines if necessary due to the same Personal Data breach complexity or number. 10.4. An authorized employee, upon receiving information about a possible Upon noticing a data security breach from an Employee or by oneself, immediately, but no later than within 12 (twelve) hours, performs the initial Data security breach analysis: 10.4.1. reviews information about the Data Breach; 10.4.2. establishes Data Breach Management (including the necessary information gathering, consultation with Employees and/or Service Providers providers) deadlines; 10.4.3. determines whether and what additional information from Employees is required for Data Breach Management, and requests this information; 10.4.4. determines whether and which Service Providers, external Data Protection officials, IT security consultants and/or other Third Parties must be involved in the Data Breach Management process and, if necessary, requests them help. 10.5. An authorized employee who has determined that the Data Security additional information is required for breach management, requests Employees and (or) Service providers to provide the necessary information no later than within 24 (twenty-four) hours. Employees and service providers must be on time provide the Authorized Employee with all requested information. 10.6. Authorized employee no later than within 72 (seventy-two) hours from the moment of becoming aware of the Data security breach, must complete Data Breach Management, including Data Breach Registration and, if necessary, submission of reports to the Inspectorate. 10.7. An Authorized Employee Commits a Data Breach management: 10.7.1. by completing the Data Breach Register entry form and describing each Data Security Breach therein; 10.7.2. by providing notifications to the Inspectorate and Individuals about the Data security breaches; 10.7.3. providing recommendations and instructions to Employees regarding Data elimination or mitigation of the consequences of security breaches. 10.8. An authorized employee in writing in accordance with the procedure established by the Inspectorate or shall notify the Inspectorate of each Data Security breach, except in cases where the Data Security Breach Register entry indicates that the relevant Data Security Breach does not pose a risk to Individuals. 10.9. If the Data Security Breach Register entry is filled in indicates that the relevant Data Security Breach poses a significant risk The Authorized Employee shall notify the Persons whose Data has been affected in writing Individuals about a Data Breach, except in cases where the Data A security breach log entry proves that Individuals were protected from danger. 10.10. If the Data Security Breach Register entry is completed justifies that informing Individuals about a breach of their Data security would require disproportionate effort, the Authorized Employee is not obliged notify Individuals about a Data Security Breach. In this case, the Authorized The employee, in coordination with the Company's manager, must take other effective measures measures to inform Individuals whose Data has been affected by the Data security breach (e.g. posting information online or in the media), and these measures are indicated in the Data Security Breach in the registry entry. 11. INSPECTION QUESTIONS 11.1. The authorized employee manages the Inspectorate's inquiries. in accordance with this Policy and ADA legislation. 11.2. Upon receipt of an inquiry from the Inspectorate, the employee shall immediately, but no later than within 1 (one) working day, informs the Authorized Employee about such an inquiry. 11.3. An authorized employee, upon receiving an inquiry from the Inspectorate, must immediately conduct an initial analysis of the Inspectorate's inquiry: 11.3.1. review the Inspectorate's inquiry; 11.3.2. set deadlines for responding to the Inspectorate's inquiry (including collection of necessary information, consultations with Employees and/or Service providers); 11.3.3. if necessary, contact the Inspectorate regarding the deadline for submitting a response extension; 11.3.4. determine whether additional information is needed from Employees and, if so, ask them to provide such information; 11.3.5. determine whether Service Providers, external Data Protection officials, IT security consultants and/or Third Parties are involved in Upon request from the Inspectorate and, if so, ask for their assistance in preparing response to the Inspectorate's inquiry. 11.4. Having collected all the information necessary to respond to the Inspectorate's inquiry, information, but in no case later than within the period set by the Inspectorate deadline, the Authorized Employee prepares and submits to the Inspectorate a response to inquiry. 12. AUTHORIZED EMPLOYEE 12.1. The Company appoints an Authorized Employee to assist in the supervision How the Company complies with ADA legal requirements and operates as a Company representative on issues related to personal data protection. 12.2. Employees in accordance with the procedure established by the rules of procedure are informed about the appointed Authorized Employee and their contact details data. 12.3. The Company assists the Authorized Employee in carrying out the specified tasks providing the necessary resources, as well as providing access to Data, participate in data processing operations and maintain your expert knowledge. 12.4. The authorized employee performs the following tasks: 12.4.1. informs the Company, its Employees and members of the management bodies about their obligations under ADA legislation, as well as Data Protection in the Company and advises them on these matters; 12.4.2. monitors compliance with ADA legislation within the Company; 12.4.3. takes care of the Data collection, use and storage activities awareness-raising and training of participating Employees; 12.4.4. coordinates, performs and/or monitors the impact on Data Protection assessments within the Company; 12.4.5. monitors whether the Company develops, implements and/or uses ICT Data for processing in accordance with the requirements of ADA legislation; 12.4.6. performs the functions of a contact person for persons who apply to The Company on issues related to Data Processing; 12.4.7. advises Employees on the transfer of Data to specific Services providers or other entities established outside the EEA; 12.4.8. prepares this Policy, Data Processing Activity Records, other Data protection related internal rules, procedures, templates and other documents, monitors their compliance and periodically reviews them; 12.4.9. coordinates that the Company, with all Service Providers and Customers, whose transferred data will be processed on behalf and in the interests of that client, concluded Data Processing Agreements, including terms and conditions for the provision of services (or contracts with Service Providers with relevant provisions); 12.4.10. reports existing or potential violations of ADA legislation, posing risks to the Company's operations, and advises the Employees responsible for these violations; 12.4.11. performs Data Security Breach Management; 12.4.12. performs management of the implementation of the rights of individuals; 12.4.13. performs the functions of a contact person when contacting the Inspectorate to the Company. 12.4. In the event that the company becomes necessary or, even if it does not become necessary, appoints a data protection officer, he or she shall perform all the tasks specified in clause 12.4. and other tasks required by the ADA legal acts and their interpretations. 13. DATA TRANSFER TO THIRD COUNTRIES 13.1. An Employee may transfer personal data to specific service providers or other entities established outside the EEA only in cases where such service providers or other entities are included in the Company's Data Processing activity records. 13.2. If the Employee seeks to make Data available to specific Service Providers or other entities established outside the EEA and not included in the Company's Data Processing activity records for the first time within the Company, the Employee must contact the Authorized Employee and obtain his/her prior consultation or instructions. 13.3. Before the Company transfers personal data to specific service providers or other entities established outside the EEA for the first time, the Authorized Employee shall ensure that measures ensuring an adequate level of protection of the transferred data are implemented in accordance with Chapter V of the General Data Protection Regulation (for example, the data is transferred to a US company that complies with the Privacy Shield principles, or to a data recipient with whom the Company has concluded a data transfer agreement in accordance with the standard contractual clauses approved by the European Commission). 13.4. In cases where the Company intends to transfer data outside the EEA in accordance with the service provision rules published on the Internet by the service provider or otherwise provided to the Company, the Authorized Employee shall ensure that such rules comply with the requirements of this Procedure and ADA legal acts. 14. FINAL PROVISIONS 12.1. This Policy shall enter into force on the date of its approval and shall apply to Employees from the date of introduction to the Policy.
IMPORTANT INFORMATION ABOUT THISHOW WE COLLECT, USE AND STORE INFORMATIONABOUT PERSONS WHO FALL INTO THE FIELD OF SECURITY CAMERA SURVEILLANCEMB Baltic apartments service is committed to protecting your information. We comply with the European Union's General Data Protection Regulation (GDPR) and other laws that protect your information. To learn more, please read this notice carefully.How should I read this message?This notice will answer the most important questions about how we collect, use and store information about you. If you have any questions or any part of this notice is unclear, we are available to help you as described in Section 13 of this notice. Please note that any form of the word “we” in this notice refers to our Institution as set out in Section 2 of the notice.Who is responsible for protecting my information? Mes esame: MB Baltic apartments serviceOur company code is: 306270190Our address: M. Yčo St. 7, KaunasP.: info@poloapartments.ltPhone number: +37064463925Why are you collecting information about me?We have a legitimate interest in maintaining the security of our premises and assets and to this end we have installed security cameras in some of our common areas and facilities.We do not collect data about you purposefully, only in cases where, for any reason, you find yourself within the fields of view of the security cameras specified above on our premises or territory.For these reasons, we must collect, use and store information about you.What information should I provide you with and why?You are not required to provide us with any information, but your video will be recorded automatically when you enter the monitored premises or area.What information do you collect about me from other sources?We do not collect any information about you from other sources.What is the legal basis for collecting information about me?We collect information about you lawfully because we have a legitimate interest in maintaining the security of our premises and assets (Article 6(1)(f) GDPR).Are you collecting sensitive information about me?Sensitive information about you is not collected.Do you make automated decisions? Do you profile me?Automatic decisions are not made, you are not profiled.Are you passing on information about me to anyone?Information about you may be transferred to:state institutions (police, pre-trial investigation bodies, etc.), as provided for in legal acts;information and communication service providers (suppliers performing video surveillance maintenance, security companies administering video surveillance, etc.);Do you transfer information about me outside the European Economic Area?Information is not transferred outside the European Economic Area (all European Union Member States plus Iceland, Liechtenstein and Norway).How long do you keep information about me?We store video surveillance data for up to 3 calendar days;What are my rights?If you wish to take the actions set out below, please contact our Data Protection Officer as set out in Section 13. Please note that these rights are subject to statutory conditions and exceptions.Submit a request to access the information available about you;To object to your video surveillance and the use of filmed material with your image, where such data processing disproportionately restricts your rights and freedoms and legitimate interests in the context of specific circumstances;Submit a request to delete video footage recorded by security cameras with your image, when the processing of such data disproportionately restricts your rights and freedoms and legitimate interests in the context of specific circumstances;Submit a request to restrict access to security camera footage containing your image for use while your objection to the processing of such data is being considered;To challenge the collection, use and storage of your information by our institution;Submit a complaint to the State Data Protection Inspectorate.How can you help me?If you have any questions, comments or complaints regarding how we collect, use and store your data, we are ready to help you. If you need assistance, please contact us by e-mail: info@poloapartments.lt.
WEBSITE PRIVACY POLICY ABOUT VISITORS TO THE WEBSITE AND SOCIAL NETWORK PROFILES MB Baltic apartments service is committed to protecting your information and complies with the European Union's General Data Protection Regulation (GDPR) and other laws protecting your information. To learn more, please read this privacy policy carefully. 1. How should I read this privacy policy? This Privacy Policy will answer the most important questions about how we collect, use and store information about you. If you have any questions or any part of this Privacy Policy is unclear, we are available to assist you as described in Section 15 of this Privacy Policy. Please note that any form of the word “we” in this Privacy Policy refers to our Company as set out in Section 2 of this Notice. 2. Who is responsible for protecting my information? Mes esame: MB Baltic apartments serviceOur company code is: 306270190Our address: M. Yčo St. 7, KaunasP.: info@poloapartments.ltTel. No.: +37064463925 3. Why do you collect information about me? We provide public access to the website www.poloapartments.lt (hereinafter referred to as "Site"), we maintain, improve and ensure its security. By browsing our Site, you enter into a contract with us whereby you gain access to the Site's content and agree to the terms of use set forth in legal acts, including, but not limited to, the copyright terms and the personal data protection and privacy terms set forth in this information notice. We need to collect, use and store information about you to: · to manage, improve and optimize our Website and its user experience; · respond to inquiries and suggestions from website visitors, and provide technical assistance; · comply with legal obligations, resolve any disputes that may arise with you or third parties, and enforce our rights arising from any contracts entered into between you and us or between us and third parties; · understand browsing trends, assess the size and usage patterns of Our audience, and understand the wishes and preferences of Our users; · improve the operation and appearance of the Website, develop new features and functionality; · protect Our rights and property relating to the Website. 4. What information do you collect, use and store about me? When you browse the Website, we may use technologies (analysis of requests made by your browser to the Website, cookies, etc.) that automatically collect: • Usage Data: When you access the Site, We may automatically collect certain data about your access to and use of the Site (e.g., the URLs of entry and exit links, the content and pages you access on the Site, access dates and times, etc.); • Device Information: When you access the Site, We may automatically collect information about your device and Internet connection (e.g., the type of computer or mobile device you are using, operating system version, device identifier, browser type, language, etc.). When you use the Website functionality (forms) on your own initiative to submit inquiries to Us or propose to Us to conclude contracts with You, or write a message to the contact email addresses specified on the Website, the following data about You is collected: · identification data (name, surname, company, etc.); · contact details (e-mail address, etc.); · additional data is required for the conclusion of the relevant type of contract, if you propose to conclude a contract (e.g.: when proposing to conclude an employment contract - date of birth, CV data, etc.; when proposing to conclude a service contract - information about the machine, its faults, etc.); · any other data provided on your initiative that you consider relevant in the context of the inquiry or offer you are making. 5. Do you collect sensitive personal information? No. If you provide us with sensitive personal information (information relating to your health, trade union membership, philosophical, religious, political beliefs, racial or ethnic origin, etc.), we will assume that you have given your consent. We also note that if this information is provided together with a request, complaint or report, we will be required to store such information in accordance with the General Document Retention Index. 6. Do you use cookies? When you log in to a Website or Social Network profile, we may send one or more cookies, which are small text files containing a string of alphanumeric characters. We may use both session cookies and persistent cookies. A session cookie disappears when you close your browser. A persistent cookie remains after you close your web browser and may be used by your web browser on subsequent visits to the Website. Persistent cookies can be removed through the settings of the web browser you are using. Please refer to your web browser’s user guide for the correct way to change your cookie settings. Cookies are a technical means for automatically collecting the technical browsing information specified in section 4 of this notice. We use the following types of cookies: · Session cookies. We use session cookies to enable you to use Our Website; · Security cookies. We use Security cookies for security purposes; · Analytical cookies. We use analytical cookies to see statistics on the traffic to our Website or Social Network account, topics of interest to you, and to offer you high-quality, most relevant information. 7. What information do you collect about me from other sources and from where? As a visitor to the Website or Social Network account, you do not need to provide us with any information. All technical information is automatically collected using standard web browsing technologies (analysis of requests made to the Website by your browser, cookies, etc.). If you wish to use the functionality (forms) of the Website or Social Network account to submit inquiries to Us or to propose that We conclude contracts with You, or to the contact email addresses specified on the Website, You should provide Your: · identification data (name, surname, company, etc.); · contact details (e-mail address, etc.); · additional data necessary for the conclusion of the relevant type of contract, if you propose to conclude a contract. You also have the option, at your discretion, to provide additional data that you consider relevant to the inquiry or offer to conclude a contract. If you fail to provide certain information that we need to properly respond to your inquiry or offer to conclude a contract, we may ask you to provide this information. 8. What information do you collect about me from other sources and from where? We do not collect any data about visitors to the Site from other sources. We may collect data from companies providing personnel search services to which you have given consent to share your resume or other information necessary for employment. 9. Why are you legally allowed to collect my information? We lawfully collect information about you because: · We need your information to provide you with access to the Website, i.e. to fulfill our agreement and allow you to browse Our Website according to your wishes, as well as to respond to inquiries and offers submitted at your initiative regarding the services provided by Us or the goods sold by Us (Article 6 (1) (b) of the GDPR); · You have agreed to us processing your personal data on your own initiative by submitting an inquiry, request, or complaint to us, when this is not related to the services or goods we provide (Article 6(1)(a) of the GDPR); · We need your information to comply with our legal obligations, resolve any disputes that may arise with you or other parties, and enforce our rights arising from any contracts concluded between you and us or between us and third parties (Article 6(1)(c) GDPR); · We need your information to improve our Website and the experience of its users, as well as to protect the Website against unauthorized access (Article 6 (1) (f) GDPR). 10. Will you use my personal data for automated decision-making or profiling? No. 11. Who will you share my personal data with? We may disclose your personal data: • To a purchaser or other successor to Our rights, in the event of a merger, separation, restructuring, reorganization, liquidation or other sale or transfer of all or part of the assets of Our Company, whether in the event of a bankruptcy, liquidation or similar proceeding, Your personal data held by Us is among the transferred assets; • To our insurers and/or professional advisors, to the extent reasonably necessary to obtain or maintain insurance coverage, manage risk, obtain professional advice or establish, exercise or defend legal claims, whether in judicial proceedings or in administrative or extrajudicial proceedings; To our service providers or contractors, to the extent reasonably necessary to provide access to, maintain, develop and ensure security of the Website and Social Media accounts.We may also disclose your personal data if such disclosure is necessary to comply with legal obligations to which we are subject, for the establishment, exercise or defense of legal claims, whether in judicial proceedings or in administrative or extrajudicial procedures. 12. Will my personal data be transferred outside the European Economic Area? limits? No. 13. How long will you keep information about me? We store the information about your inquiries and suggestions within the document retention periods established by the Chief Archivist of Lithuania. Technical information about the visitor's device(s) and browsing is automatically collected and stored as specified in the cookie table. 14. What are my rights? You have the following rights in the area of personal data protection: • Submit a request to access the information available about you; • Submit a request to correct the information we have about you; • Object to data processing based on Our legitimate interest, where the relevant data is processed exclusively for Our legitimate interests, and such processing disproportionately restricts your rights in the context of your specific circumstances rights and freedoms or legitimate interests; • Submit a request to delete information we have about you: - when data is processed for the purpose of newsletter and/or promotional material for subscription purposes; - when the data is processed exclusively for Our legitimate interests, You you object to such data processing, and such processing is specific to you restricts your rights and freedoms disproportionately in the context of the circumstances and legitimate interests, except where such data processing is necessary to assert or defend legal claims legal claims made; - your data processed without a lawful basis. • Submit a request to restrict access to information held about you or its deletion: - when requesting correction of incorrect data – for the period until the established errors will not be corrected; - after objecting to data processing based on Our legitimate interest, until Your objection will not be examined and Our decision will not be made regarding their further processing; - when we no longer need the personal data, but they are necessary for you to achieve to assert legal claims or defend against asserted legal claims requirements; - any data processed without a legal basis when you do not want it their deletion. • Challenge the collection, use and storage of your information by Our Company; • Submit a request to export your data; • Submit a complaint to the State Data Protection Inspectorate. If you wish to exercise your rights listed below, please contact: Our data protection contact person as specified in Section 15. Please note that these rights are subject to statutory restrictions. conditions and exceptions. 15. How can you help me?If you have any questions, comments or complaints regarding how we collect, use and store your data, we are ready to help you. If you need assistance, please contact us by e-mail: info@poloapartments.lt or by phone +37064463925.
MB Baltic apartments servicePRIVACY POLICY FOR PERSONS SENDING INQUIRIES, REQUESTS, COMPLAINTS MB Baltic apartments service is committed to protecting your information. We comply with the European Union's General Data Protection Regulation (GDPR) and other laws that protect your information that we collect, use and store within our Company. How should I read this Privacy Policy? This Privacy Policy will answer the most important questions about how we collect, use and store information about you. If you have any questions or any part of this Privacy Policy is unclear, our Data Protection Officer is available to assist you as described in Section 11 of this Privacy Policy. Please note that any form of the word “we” in this Privacy Policy refers to our Company as set out in Section 2 of the Privacy Policy. Who is responsible for protecting my information? Mes esame: MB Baltic apartments service;Our company code is: 306270190;Our address: M. Yčo St. 7, Kaunas;El. p.: info@poloapartments.lt;Tel. no.: +37064463925. Why are you collecting information about me? We process inquiries, requests and complaints received by post, email, or through the use of our website functionality. For this reason, we need to collect, use and store information about you. What information do you collect, use and store about me? When you submit a query, request or complaint to us, we collect the following data:the contact details you used to submit your inquiry, request or complaint;the subject of the inquiry, request or complaint;date of inquiry, request or complaint;the content of the inquiry, request or complaint;files attached to the inquiry, request or complaint;Your name and surname;response to your inquiry;other information you provided yourself. What information should I provide you with and why? When submitting an inquiry to the contact e-mail addresses specified on our website, by mail or by using the website functionality, you should provide us with your name, surname, e-mail address or other contact information, the subject of the inquiry and information relevant to the inquiry. When submitting an inquiry, you may be asked to provide additional information about you so that we can properly respond to your inquiry. What is the legal basis for collecting information about me? We collect and store information about you lawfully because:if you submit an inquiry, request or complaint to us regarding or in order to enter into a contract between us – this data is collected for the purposes of performing or concluding contracts (Article 6(1)(b) GDPR);We have a legal obligation to store inquiries, requests, and complaints (Article 6 (1) (c) GDPR). Are you collecting sensitive information about me? Sensitive information about you is not collected and we ask that you do not provide us with such information. If you provide us with such information, we will assume that you have given your consent to the processing of such personal data (Article 9(2)(a) GDPR). Do you share my information with other entities? We may transfer information about you to:to companies providing legal services, law firms, to the extent necessary to protect our legitimate interests;to their service providers, e.g. companies providing IT, archiving, communication, data storage, document management system services, who assume the obligations regarding confidentiality and security provided for in legal acts in the field of personal data protection. How long do you keep information about me? Your information will be stored:if your request is related to a contract that we have concluded or plan to conclude – we will store your information for 10 years after the end of the contract;If you have submitted a complaint, request or other notification to us, we will store it in accordance with the General Document Retention Index approved by the Chief Archivist of Lithuania - for 1 year from the date of the decision in our company. What actions can I take regarding my information at your company? If you wish to take the actions set out below, please contact us as set out in Section 12. Please note that these rights are subject to conditions and exceptions set out in the legislation. Submit a request to access the information we have about you, if we process your personal data from which we can determine your identity;submit a request to correct or supplement the information we have about you;submit a request to delete information about you when:We process your data on the basis of consent;We process your data unlawfully;Your data is processed on the basis of our legitimate interest and you object to our legitimate interest;Your data is no longer necessary to achieve the purposes for which it was collected;we are subject to a legal obligation to delete information about you;submit a request to us to restrict the processing of information about you when you dispute the accuracy of the data or object to the processing of the data, you do not agree to the deletion of your unlawfully processed data, or you need the data to assert, exercise or defend legal claims;to contest the collection, use and storage of your information by our Company when we process your data based on legitimate interest as the basis for data processing;to submit a request to export your data if you have provided the data to us in a structured, commonly used format and you have consented to the processing of such data or we need to process this data in order to perform a contract with you;withdraw your consent, if any, to the processing of your personal data at any time;file a complaint with the State Data Protection Inspectorate (more information at lrv.lt). How can you help me? If you have any questions, comments or complaints regarding how we collect, use and store your data, we are ready to help you. If you need assistance, please contact us by e-mail: info@poloapartments.lt or by phone +37064463925.
MB Baltic apartments servicePRIVACY POLICY FOR PEOPLE WHO LEAVE FEEDBACK ABOUT OUR ACTIVITIES MB Baltic apartments service is committed to protecting your information. We comply with the European Union's General Data Protection Regulation (GDPR) and other laws that protect your information that we collect, use and store within our Company. How should I read this Privacy Policy? This Privacy Policy will answer the most important questions about how we collect, use and store information about you. If you have any questions or any part of this Privacy Policy is unclear, our Data Protection Officer is available to assist you as described in Section 11 of this Privacy Policy. Please note that any form of the word “we” in this Privacy Policy refers to our Company as set out in Section 2 of the Privacy Policy. Who is responsible for protecting my information? Mes esame: MB Baltic apartments service;Our company code is: 306270190;Our address: M. Yčo St. 7, Kaunas;El. p.: info@poloapartments.lt;Tel. no.: +37064463925. Why are you collecting information about me? In order to promote our Company's activities, we want to publish our customers' feedback on our website/social media accounts, along with our services provided to them. What information should I provide you with and why? If you consent to us publishing your review and/or other information about you, you should provide us with:your feedback on our services provided to you;Your name. What is the legal basis for collecting information about me? We collect information about you lawfully because you have given your consent to the publication of your feedback about the services we have provided and/or other data about you on our website/social media accounts (Article 6(1)(a) GDPR). Are you collecting sensitive information about me? Sensitive information about you is not collected. Do you make automated decisions? Do you profile me? Automatic decisions are not made, you are not profiled. Are you passing on information about me to anyone? Information about you may be transferred to:our service providers – data storage, IT, website hosting, social network managers, document management, and communication service providers, who assume the obligations regarding confidentiality and security provided for in legal acts in the field of personal data protection. How long do you keep information about me? For this purpose, we will store information about you for no longer than 3 years. What are my rights? If you wish to take the actions set out below, please contact us as set out in Section 11. Please note that these rights are subject to statutory conditions and exceptions. Submit a request to access the information we have about you, if we process your personal data from which we can determine your identity;submit a request to correct or supplement the information we have about you;submit a request to delete information about you when:We process your data on the basis of consent;We process your data unlawfully;Your data is processed on the basis of our legitimate interest and you object to our legitimate interest;Your data is no longer necessary to achieve the purposes for which it was collected;we are subject to a legal obligation to delete information about you;submit a request to us to restrict the processing of information about you when you dispute the accuracy of the data or object to the processing of the data, you do not agree to the deletion of your unlawfully processed data, or you need the data to assert, exercise or defend legal claims;challenge the collection, use and storage of your information when we process your data based on legitimate interest as the basis for data processing;to submit a request to export your data if you have provided the data to us in a structured, commonly used format and you have consented to the processing of such data or we need to process this data in order to perform a contract with you;withdraw your consent, if any, to the processing of your personal data at any time;file a complaint with the State Data Protection Inspectorate (more information at lrv.lt). How can you help me? If you have any questions, comments or complaints regarding how we collect, use and store your data, we are ready to help you. If you need assistance, please contact us by e-mail: info@poloapartments.lt or by phone +37064463925.
MB Baltic apartments servicePRIVACY POLICY FOR CANDIDATES MB Baltic apartments service is committed to protecting your information. We comply with the European Union's General Data Protection Regulation (GDPR) and other laws that protect your information that we collect, use and store within our Company. How should I read this Privacy Policy? This Privacy Policy will answer the most important questions about how we collect, use and store information about you. If you have any questions or any part of this Privacy Policy is unclear, our Data Protection Officer is available to assist you as described in Section 12 of this Privacy Policy. Please note that any form of the word “we” in this Privacy Policy refers to our Company as set out in Section 2 of the Privacy Policy. Who is responsible for protecting my information? Mes esame: MB Baltic apartments service;Our company code is: 306270190;Our address: M. Yčo St. 7, Kaunas;P.: info@poloapartments.lt.Tel. no.: +37064463925. Why and how do you collect information about me? We collect, use and store your data for the following reasons:we need to assess your suitability for the position you are applying for; Do you collect information about me from other sources? We may receive information about you from your former or current employers, as described in this privacy policy. What information should I provide you with and why? During the candidate selection process, to apply for a job with us, you should provide us with your:identification data;contact details;data about your work experience;data about your qualifications;other information that you believe may be useful to you in the selection process. What is the legal basis for collecting information about me? We collect and store information about you lawfully because:information about you is necessary for the selection process in order to conclude an employment or service contract (Article 6(1)(b) of the GDPR); Do you make automated decisions? Do you profile me? You are not profiled, automatic decisions are not made. Are you collecting sensitive information about me? Sensitive information about you is not collected during the selection process. If you provide us with sensitive information, such as your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual orientation, genetic or biometric data, we will assume that you have given your consent to this (Article 9(2)(a) GDPR). Are you passing on information about me to anyone? Information about you may be transferred to:our service providers – companies providing IT, communication, data storage, document management, and employee selection services, who assume the obligations regarding confidentiality and security provided for by legal acts in the field of personal data protection. How long do you keep information about me? We will store information about you until the end of the selection process, and if you give your consent to store your resume after the end of the selection process so that we can provide you with a job offer or an offer to participate in our next selection processes if a vacancy arises, for a maximum of 3 years. What are my rights? If you wish to take the actions set out below, please contact us as set out in Section 13. Please note that these rights are subject to statutory conditions and exceptions. Submit a request to access the information we have about you, if we process your personal data from which we can determine your identity;submit a request to correct or supplement the information we have about you;submit a request to delete information about you when:We process your data on the basis of consent;We process your data unlawfully;Your data is processed on the basis of our legitimate interest and you object to our legitimate interest;Your data is no longer necessary to achieve the purposes for which it was collected;we are subject to a legal obligation to delete information about you;submit a request to us to restrict the processing of information about you when you dispute the accuracy of the data or object to the processing of the data, you do not agree to the deletion of your unlawfully processed data, or you need the data to assert, exercise or defend legal claims;challenge the collection, use and storage of your information when we process your data based on legitimate interest as the basis for data processing;to submit a request to export your data if you have provided the data to us in a structured, commonly used format and you have consented to the processing of such data or we need to process this data in order to perform a contract with you;withdraw your consent, if any, to the processing of your personal data at any time;file a complaint with the State Data Protection Inspectorate (more information at lrv.lt). How can you help me? If you have any questions, comments or complaints regarding how we collect, use and store your data, we are ready to help you. If you need assistance, please contact us by e-mail: info@poloapartments.lt or by phone +37064463925.
MB Baltic apartments serviceDIRECT MARKETING PRIVACY POLICY FOR DIRECT MARKETING PARTICIPANTS MB Baltic apartments service is committed to protecting your information. We comply with the European Union's General Data Protection Regulation (GDPR) and other laws that protect your information that we collect, use and store within our Company. How should I read this Privacy Policy? This Privacy Policy will answer the most important questions about how we collect, use and store information about you. If you have any questions or any part of this Privacy Policy is unclear, our Data Protection Officer is available to assist you as described in Section 11 of this Privacy Policy. Please note that any form of the word “we” in this Privacy Policy refers to our Company as set out in Section 2 of the Privacy Policy. Who is responsible for protecting my information? Mes esame: MB Baltic apartments service;Our company code is: 306270190;Our address: M. Yčo St. 7, Kaunas;El. p.: info@poloapartments.lt;Tel. no.: +37064463925. Why are you collecting information about me? We collect, use and store your personal data in order to effectively market our goods/services:to send you our newsletters;send you promotional SMS messages;send you surveys about the quality of the services provided;make advertising calls. What information should I provide you with and why? Depending on the direct marketing measures you have consented to, you should provide us with your email address or telephone number. What is the legal basis for collecting information about me? We collect information about you lawfully because you have given your consent to at least one of the direct marketing measures specified in Section 3 (Article 6(1)(a) GDPR). Are you collecting sensitive information about me? Sensitive information about you is not collected. Do you make automated decisions? Do you profile me? Automated decisions are not made, but we will perform profiling actions. Are you passing on information about me to anyone? Information about you may be transferred to:to our service providers – companies providing IT, marketing, data storage, data management, communication, newsletter sending, telemarketing, and SMS short message sending services, who assume the obligations regarding confidentiality and security provided for by legal acts in the field of personal data protection. How long do you keep information about me? We retain your information for direct marketing purposes until you withdraw your consent or for 3 years. Please note that at the end of the 3-year period, we may ask you to renew your consent for an additional 3-year period. What are my rights? If you wish to take the actions set out below, please contact us as set out in Section 12. Please note that these rights are subject to statutory conditions and exceptions. Submit a request to access the information we have about you, if we process your personal data from which we can determine your identity;submit a request to correct or supplement the information we have about you;submit a request to delete information about you when:We process your data on the basis of consent;We process your data unlawfully;Your data is processed on the basis of our legitimate interest and you object to our legitimate interest;Your data is no longer necessary to achieve the purposes for which it was collected;we are subject to a legal obligation to delete information about you;submit a request to us to restrict the processing of information about you when you dispute the accuracy of the data or object to the processing of the data, you do not agree to the deletion of your unlawfully processed data, or you need the data to assert, exercise or defend legal claims;challenge the collection, use and storage of your information when we process your data based on legitimate interest as the basis for data processing;to submit a request to export your data if you have provided the data to us in a structured, commonly used format and you have consented to the processing of such data or we need to process this data in order to perform a contract with you;withdraw your consent, if any, to the processing of your personal data at any time;file a complaint with the State Data Protection Inspectorate (more information at lrv.lt). How can you help me? If you have any questions, comments or complaints regarding how we collect, use and store your data, we are ready to help you. If you need assistance, please contact us by e-mail: info@poloapartments.lt or by phone +37064463925.
