Privacy Policy

What does this Privacy Policy mean?

In this Privacy Policy (hereinafter – the Privacy Policy) we give you information about how UAB “Centro Denticija”, UAB “DENTICIJA” and UAB “Stomatologijos poliklinika” (hereinafter collectively referred to as the Joint Controller, and each individually – as the Data Controller) process your personal data received: (i) when purchasing goods or services from the Data Controller; (ii) in the case of direct marketing by the Data Controller; (iii) during your participation in the Data Controller’s selections; (iv)
to ensure the security of employees, clients and property protection (video surveillance); (v) for the conclusion and execution of contracts concluded between the Data Controller and the partners, i.e. legal persons; (v) when you visit the website https://denticija.lt/ (hereinafter – the Website); (vi) if you perform active actions in the Data Controller’s social media accounts. All persons referred to below whose data is processed by the Data Controller are referred to as the Data Subjects.

Joint Data Controllers

The Data Controller may process data as an individual data controller, but may also process personal data together with other Data Controllers (i.e. joint data controllers as it is specified in art. 26 of the General Data Protection Regulation (EU) 2016/679 (hereinafter – the Regulation). An agreement shall be concluded between the Joint Controllers whereby the Joint Controllers determine in a transparent manner their respective responsibilities for fulfilling the obligations imposed by the Regulation and define the relevant actual functions of the Joint Controllers and the relationship with the Data Subjects. At the written request of the Data Subject, the Data Subject shall have possibility to know the essential provisions of this agreement. The Data Subject may exercise the rights set out in the Regulation in respect of each of the Controllers.

Data Controller

1. Data Controllers are:
   (i) UAB “Centro Denticija”, legal entity code 122666529, address of head office: Vilniaus Str. 25, LT-01402 Vilnius, Lithuania, data about the Company is collected and stored in the Register of Legal Entities of the Republic of Lithuania. Email of the Data Controller responsible for data protection: info@centrodenticija.lt. (ii) UAB “Denticija”, legal entity code 110503937, address of head office: V. Grybo Str. 32/10, LT-10318 Vilnius, Lithuania, data about the Company is collected and stored in the Register of Legal Entities of the Republic of Lithuania. Email of the Data Controller responsible for data protection: arunas@sveikatosteise.lt. (iii) UAB “Stomatologijos poliklinika”, legal entity code 134515727, address of head office: Vytauto ave 14, LT-44355 Kaunas, Lithuania, data about the Company is collected and stored in the Register of Legal Entities of the Republic of Lithuania. Email of the Data Controller responsible for data protection: arunas@sveikatosteise.lt.
2. The Data Controller shall determine, alone or together with others, the purposes and means of Data Processing. This term includes any or all the companies referred to in this paragraph.

What is personal data?

Personal data means any information collected by the Data Controller or the Joint Controller about the Data Subject that can be used to identify the Data Subject and is stored electronically or otherwise. Personal data shall include any information, including the name and address of the Data Subject, that the Data Controller or the Joint Controller collects about the Data Subjects for the purposes set out in this Privacy Policy or in a separate consent or agreement between the Data Subject and the Data Controller.

Personal data that is processed by the Joint Controller when providing services to you

Personal data processed by the Data Controller when providing services to you

Direct Marketing

By electronic means (e-mail, telephone, SMS messages), we will send offers on the sale or provision of the Data Controller’s goods or services, newsletters and other promotional material, ask for opinion, inform about the Data Controller’s news the persons over 14 years old who have provided their contact details and have expressed wish to receive information on the goods and / or services offered by the Data Controller.

For the purpose of direct marketing, the Data Controller will process your following personal data: name, surname, workplace, telephone number, e-mail address (mandatory data without which we will not be able to send you direct marketing messages), date of birth, city, sex. Your data for direct marketing purposes will be processed for 5 years from the date of consent.

If you have purchased goods or services distributed by the Data Controller and have not objected to receiving direct marketing messages from the Data Controller, we will send you notifications by e-mail on the basis of our legitimate interest regarding goods or services that are similar to those provided to you or purchased. In this case, your data for the purpose of direct marketing will be processed for 1 year after the purchase of the last good or service.

You have the right to object or at any time refuse to receive direct marketing messages by contacting us via the email provided in p. 2 of the Privacy Policy.

Participation in the selection process

We collect and process your resume and/or cover letter and/or other information provided by you (workplace, e-mail, date of birth, address, education, surname, telephone number, name, preferred job, date of receipt of resume, personal characteristics, work experience: last employer, total work experience there, held position, other work experience, knowledge of foreign languages: language, reading, writing, speaking levels, ability to work with computer programs, other data and motives, desired salary) and / or other information provided by you during participation in the selection process for the purpose of carrying out the job selection on the basis of your consent, which you express to the Data Controller by sending your resume and / or cover letter. If you do not provide your resume and / or cover letter, we will not be able to assess your suitability for the proposed position.

If you do not express your separate consent to the processing of your personal data at the end of this job selection, we undertake to delete and / or destroy your personal data within 6 months from receipt of resume.

Ensuring security of employees, clients and property (video surveillance)

For the purposes of the Data Controller’s legitimate interest in ensuring the security of its employees, clients and other persons entering the field of video surveillance, as well as the protection of property (video surveillance), the Data Controller shall process video data of its employees and clients and other persons entering the field of video surveillance to ensure their and their property’s security. The Data Subject’s video data shall be captured by the Data Controller’s video surveillance equipment when visiting the Data Controller’s premises. This data is stored for 30 (thirty) calendar days.

Ensuring proper provision of services to clients (recording of conversations)

To ensure the appropriate quality of the services provided by the Data Controller, and for the purposes of Service and Quality assessment, conversation may be recorded with the prior notification and consent of the Data Subject. In addition to the audio recording of the call itself, the following metadata of telephone call records are also processed: caller’s telephone number, date, duration and start and end times of the conversation. This data is stored for 30 (thirty) calendar days.

Fulfilment of the Data Controller’s contracts with legal partners

To ensure Data Controller’s legitimate interest in ensuring the fulfilment of the Data Controller’s agreements concluded with legal partners, the Data Controller shall process the following personal data of the employees, i.e. name, surname, e-mail address, phone number, text of correspondence. These data shall be stored for the duration of the agreement with the partner and for additional 4 (four) years after its expiry.

How to contact us

There are some ways you can contact the Data Controller: by phone, by e-mail. All messages are accepted, reviewed and answered by us. If you contact us, it means that we can process the data you give us, i.e. name, surname, e-mail address, telephone number, date and text of correspondence. Such data will be processed to prepare for the performance of the agreement or to answer any questions you may have. If you do not provide your contact details, it will not be possible to contact you.

Correspondence shall be stored for 1 (one) year from receipt of the message, except for information for the storage of which the Privacy Policy or legislation set other time limits.

All personal data you provide when communicating with us is used only for the above purposes and to view messages and to administer and manage communication flows. We undertake not to use your personal data in any publications without your express consent in such a way that you may be identified.

Please note that we may need to contact you by post, e-mail or phone. Please inform us of changes to your personal data.

Cookies

A cookie is a small file made up of letters and digits which, with your consent, we save to your browser or to the hard drive of your computer. For different purposes, we use different cookies. Cookies also help us to distinguish you from other website users, thus providing a more enjoyable experience of using the site and allowing us to improve it.
Most browsers allow you to reject all cookies, and some browsers have the option to reject cookies only from third parties. So, you can take advantage of these opportunities. However, please note that blocking all cookies will have a negative impact on the use of the website, and without cookies you will not be able to use all the services provided on the website. Further information is available at AllAboutCookies.org or www.google.com/privacy_ads.html.

We use the cookies described below, a detailed list of which can be found HERE:

(a) Absolutely necessary cookies.
These cookies are necessary for our site to function. The data processed by such cookies is needed for the proper performance of the agreement when you visit the website as well as for ensuring the quality and security of your visit. These can be cookies that, for example, allow you to log in and enter protected areas of our website, use the shopping cart feature or e-invoices services.

(b) Analytical and / or performance cookies.
These cookies allow us to recognize and count visitors of the website and track how visitors move around our site while using it. This helps us to improve the operation of the site, for example, to ensure that users can easily find what they are looking for. The basis for processing the data collected by these cookies is your consent.

(c) Functional cookies.
These cookies are used to recognize you when you return to our website, so that we can customize the content presented to your needs and remember the information that is relevant to you. The basis for processing the data collected by these cookies is your consent.

(d) Commercial cookies.
We use our own and third-party cookies to display personalized advertising on our own and other sites. This is called “re-marketing”, which is based on browsing actions, e.g., your searched, viewed goods.

Means of social media

The information you provide us with on social media (including messages, use of the “Like” and “Follow” fields, and other communication) is controlled by the social network manager. We currently have the following accounts:
– on Facebook, which privacy notice is provided at https://www.facebook.com/privacy/explanation;
– on Instagram, which privacy notice is provided at https://help.instagram.com/519522125107875;
– on LinkedIn, which privacy notice is provided at https://www.linkedin.com/legal/privacy-policy;
– on YouTube, the privacy notice of which is provided at https://policies.google.com/privacy?hl=lt.

We recommend that you read third parties’ privacy notices and contact service providers directly if you have any questions about how they use your personal data.

Disclosure of data

We may disclose information about you to our employees, managers, intermediaries, service providers, companies that carry out administration or collection, persons or subcontractors providing marketing, IT services, if reasonably required for those purposes as specified in this Privacy Policy. In addition, we can disclose information about you in following cases:
● if we must do it by law;
● to defend our rights or interests (including providing your data to third parties to recover your debts to us);
● if we intend to sell a part of the Data Controller’s business or assets and disclose your personal data to a potential buyer of the business or part of it;
● if we intend to sell the Data Controller’s shares or a part thereof to third parties;
Your personal data will not be transferred to a third party and / or an international organisation. Except as provided in this Privacy Policy, we do not provide your personal data to any third parties. The list of data recipients or categories of data recipients specified in the Privacy Policy may change, so if you would like to be informed about changes in the recipients of your personal data, please inform us by e-mail provided in this Privacy Policy stating in the text of the e-mail “I wish to receive information about the change of recipients of my personal data, my name, surname”.

Security of your personal data

Your personal data will be processed in accordance with the requirements of the Regulation, the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts. When processing your personal data, we use organizational and technical measures that ensure the protection of personal data from accidental or unlawful destruction, alteration, disclosure, as well as from any other illegal processing.

Your rights

In this section, we provide information about your rights in relation to our processing of your personal data and the cases in which you may exercise these rights. If you want more information about your rights or exercise them, please contact us by e-mail stated in this Privacy Policy. The Data Controller, without unreasonable delay, but no later than 1 (one) month after receipt of the request, shall provide you the information on the actions taken in response to your request for the exercise of your rights. Depending on the complexity of the request and the number of requests received, this time limit may be extended by a further 2 (two) months. In that case, we will inform you within 1 (one) month of receipt of the request about such extension and the reasons for it. The Data Controller can refuse to implement your rights only in cases provided for by law.

1. Right to withdraw consent
   If you have given us explicit consent to the processing of your data, you can withdraw it at any time.
2. Right to access your personal data
   We want you to fully understand how we use your personal data, so you do not feel any inconvenience as a result. You can contact us at any time to ask if we process any of your personal data. If we store or use your personal data in any way, you have the right to access it. To do this, submit a written request to us at the address specified in this Privacy Policy, confirm your identity; and when making such a request, observe the principles of honesty and reasonableness.
3. Right to request further information
   We hope that you will understand that discussing all possible ways of collecting and using personal data is quite difficult. We strive to provide as clear and complete information as possible and undertake to update this Privacy Policy if the process of personal data use changes. However, if you have any questions about the use of your personal data, we will be happy to answer them or provide any additional information that we may disclose. If you have any specific questions or misunderstood the information provided, please contact us.
4. Additional rights
   Below we provide information about the additional rights you have, which you can exercise by following the procedure described below.
   (a) You have the right to ask us to correct any inaccuracies in the available data. In this case, we may ask you to confirm the corrected information.
   (b) You have the right to ask us to delete your personal data. This right shall be exercised in the cases provided for in Article 17 of the Regulation.
   (c) You have the right to ask us to restrict or disallow the processing of your personal data in following case:
   ● for the period needed to make sure of the accuracy of your personal data when you make claims about the accuracy of the data;
   ● when our collection, storage or use of your personal data is illegal, but you decide not to ask for the data to be deleted;
   ● when your personal data are no longer required by us, but you need them to determine, fulfil or defend a legal claim;
   ● for the period required to determine whether we have a more important legal basis to continue processing your personal data if you have exercised your right to object to the processing of personal data.
   (d) You have the right to the transfer of data processed by automated means and which we have obtained from you with your consent or on the basis of the conclusion or performance of the agreement. If you exercise this right, we will, at your request, transfer a copy of the data provided by you.
   (e) You have the right to object to our use of your personal data in following cases:
   ● when we use such data to protect our legitimate interests, but we do not have a more substantial legal basis for continuing to use your personal data; or
   ● any time we use your personal data to send newsletters or for direct marketing purposes, including profiling. In this case, the data will no longer be used for these purposes, but can be used for other legitimate purposes.

Complaints

If you believe that your, as the Data Subject’s, rights are and / or may be violated, please contact us immediately by e-mail provided in this Privacy Policy. We ensure that only upon receipt of your complaint we will contact you within a reasonable period and inform you about the progress of the complaint investigation and later about the result.
If the results of the investigation do not satisfy you, you will be able to file a complaint with the Supervisory Authority – the State Data Protection Inspectorate (www.vdai.lrv.lt).

Responsibility

You are responsible for the confidentiality of the data you provide and for ensuring that the data you provide us with is accurate, correct and complete. If the data you provide changes, you must immediately inform us by e-mail. We will under no circumstances be liable for any damage caused to you by the fact that you provided incorrect or incomplete personal data or did not inform us of any change in personal data.

Privacy Policy changes

We may update or modify this Privacy Policy at any time. This updated or modified Privacy Policy will take effect from its publication on our website. You should check it occasionally to make sure you are satisfied with the current version of the Privacy Policy.

When we update our Privacy Policy, we will inform you of the changes we consider essential by publishing them on our website. The “Update Date” below shows when the Privacy Policy was last updated.

The Privacy Policy was last updated on [2020-06-19].