1. Viconus, UAB, legal entity code: 304875568, registered office address. By using the services of the viconus.lt website, the person confirms that he/she has read, understood and accepted this privacy policy.

General provisions

2. This Privacy Policy (hereinafter referred to as the “Policy”) governs, inter alia, the collection, processing and storage of personal data by the Company as a data controller.
3. The Company is engaged in project management and consultancy, which includes procurement of construction works, construction management, building life cycle services, building maintenance and other services. For the provision of these services, the Company processes personal data in accordance with the legal grounds and purposes of data processing set out in the Policy and the legislation applicable to the Company.
4. This Policy is addressed to persons who use or intend to use the Company’s services or visit the viconus.lt website.

Principles of personal data processing

5. The Company processes personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation”), the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other legal acts governing the processing of personal data.
6. The scope of personal data processed depends on the services of the Company ordered or used and the information provided by the website visitor when ordering and/or using the Company’s services, visiting or registering on the website.
7. The Company is guided by, among others, the following basic principles of data processing:

– Personal data shall only be collected for clearly defined and legitimate purposes.

– Personal data shall only be processed lawfully and fairly.

– Personal data is kept up to date.

– Personal data is kept secure and for no longer than the stated purposes of processing or as required by law.

– Personal data shall be processed only by those employees of the Company who are authorised to do so by virtue of their job functions.

8. The processing of personal data by the Company shall be subject to one or more of the following criteria for lawful processing: (i) to ensure the provision of services in accordance with the contract (i.e. (ii) with the consent of the data subject; (iii) where the processing is necessary for compliance with a legal obligation to which the Company is subject; (iv) where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Company; or (v) where the processing is necessary for the purposes of the legitimate interests of the Company or of a third party (see Art, http://www.privacy-regulation.eu/lt/6.htm).
9. When processing and storing personal data, the Company shall implement organisational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure, as well as against any other unlawful processing. Access to personal data processed by the Company shall be limited to those employees of the Company and ancillary service providers for whom it is necessary for the performance of their job functions or to provide services to the Company.
10. It is the responsibility of the Company’s customer or potential customer, employees and other natural persons to ensure that the personal data provided by them is accurate, true and complete. If the personal data provided by them changes, they must inform the Company immediately. The Company shall not be liable for any damage caused to the person and/or third parties due to the fact that the person has provided incorrect and/or incomplete personal data or has not applied for supplementing and/or amending the data in the event of a change.

Sources of personal data

11. Personal data is generally obtained directly from the data subject (the Company’s customer or potential customer, employees or candidates) who provides it by visiting the website, using the services provided by the Company, providing services to the Company, or by working or seeking employment with the Company.
12. In cases provided for by law or on the basis of consent, personal data may also be obtained from third parties (e.g. temporary employment companies, companies providing recruitment services, public authorities and registers).
13. Although the Client is not obliged to provide any personal data to the Company, it is possible that certain services may not be provided to the Client or that the Client may not be able to be employed by the Company if the personal data is not provided.

Purposes of processing personal data

14. The Company processes personal data for the following main purposes:

– For the administration and performance of contractual relations, in order to ensure the proper performance of contractual obligations and to maintain relations with suppliers, partners and customers in the course of business development, service provision and cooperation;

– For the provision of the services specified on the website;

– For internal and employee administration purposes;

– For direct marketing and marketing purposes;

– For compliance with statutory requirements in waste management and other areas and for the provision of data to public authorities (data controllers);

– For the purpose of ensuring the security of the Company’s facilities and assets, CCTV is installed in the Company’s production and common use areas.

Provision of personal data and recipients

15. The Company has the right to transfer the personal data of its customers’ representatives or employees to third parties who need to process the customers’ personal data for the purposes set out in this Policy or in the legislation.
16. The Company undertakes to transfer customer data to third parties only to the extent and in the cases necessary for the provision of the relevant services and/or the fulfilment of statutory obligations. If personal data are not necessary for the provision of a particular service, they shall not be transferred. The Company shall transfer personal data to the aforementioned third parties on the basis of a data provision agreement or on the basis of a specific legal act, in strict compliance with the statutory requirements.
17. The Company undertakes to observe the duty of confidentiality with respect to the personal data of customers, employees, potential customers or employees. Personal data may be disclosed to third parties only if necessary for the conclusion and performance of a contract for the benefit of the data subject or for other legitimate reasons.
18. The Company may provide the personal data processed to its data processors (subcontractors) who provide IT, accounting, debt collection or other support services to the Company and process personal data on behalf of the Company. The processors shall have the right to process personal data only on the instructions of the Company and only to the extent necessary for the proper performance of their obligations under the contract. The Company shall only use processors that provide sufficient guarantees that appropriate technical and organisational measures will be implemented in such a way that the processing complies with the requirements of the Regulation and that the data subject’s rights are protected.
19. The Company may also provide customer data in response to requests from courts, bailiffs or public authorities to the extent necessary for the proper execution of applicable law and the instructions of public authorities.

Processing of personal data for direct marketing purposes

20. For direct marketing purposes, the Company may process the data subject’s contact data. Consent to the use of personal data for direct marketing purposes shall be expressed by sending an e-mail to rnv@viconus.lt, subscribing to the Company’s newsletter, subscribing to the Company’s social media accounts, leaving the consent on the Company’s website (by ticking a checkbox), signing a form or a contract with the Company, or by informing the Company’s administration by any other written means. Giving consent for direct marketing is voluntary, is not a condition of the contractual relationship with the Company and does not affect the relationship between the data subject and the Company.
21. The Company may send communications of an informative nature if the individual has given consent to the Company to use his/her data for direct marketing purposes and to the Company’s customers without separate consent for the marketing of similar services, provided that they are given a clear, free and easily enforceable opportunity to oppose or opt-out of such use of their contact details and that they have not objected to such use in the first instance in the context of the sending of each communication.
22. For direct marketing purposes, the Company may send communications by email.
23. A person may withdraw consent to direct marketing at any time by notifying the Company by email at rnv@viconus.lt or otherwise contacting the Company.

Duration of storage of personal data

24. Personal data collected by the Company is stored in hard copy documents and/or in the Company’s information systems in electronic format. Personal data shall be processed for no longer than is necessary to achieve the purposes of the processing or for no longer than is required by the data subjects and/or provided for by law. As a general rule, personal data shall be processed for 10 years after the end of the contractual relationship.
25. Although the customer may terminate the contract or refuse the Company’s services, the Company shall continue to retain the personal data of the customer’s representatives for any claims or legal claims that may arise in the future, until the expiry of the retention periods.
26. The Company shall endeavour not to retain outdated or irrelevant information and to ensure that personal data and other information about customers is kept up-to-date, correct and destroyed in a timely manner.

Rights of data subjects

27. A data subject shall have the following rights, among others:

– To obtain information about the processing of his/her personal data by the Company, where and in what way the personal data are collected and on what basis they are processed;

– To apply to the Company for rectification, suspension of processing or destruction of his/her personal data, if the data are incorrect, incomplete or inaccurate, or if they are no longer necessary for the purposes for which they were collected. In this case, the data subject must submit a request, after which the Company will verify the information provided and take the necessary action. It is very important to the Company that the personal data in its possession are accurate and true;

– To request the Company to destroy personal data or to suspend the processing of such personal data, with the exception of storage, in the event that, after having access to his/her personal data, a person discovers that personal data are being processed unlawfully or fraudulently;

– To object to the processing of personal data where the processing is carried out or intended to be carried out for the purpose of direct marketing or for a legitimate interest pursued by the Company or by a third party to whom the personal data are provided;

– Withdraw your consent to the processing of personal data for direct marketing purposes at any time;

– If the data subject has concerns about the Company’s actions/inactions that may not comply with this Policy or the requirements of the law, he/she may contact the Company and obtain free assistance.

28. A person may exercise all of his/her rights as a data subject by contacting the Company by e-mail at rnv@viconus.lt.
29. In case of failure to resolve the issue with the Company, the Customer has the right to contact the State Data Protection Inspectorate (ada.lt), which is responsible for the supervision and control of the legal acts regulating the protection of personal data.

Cookies

30. In order to improve your visit to the Company’s website, the Company may use cookies, which are small pieces of textual information that are automatically created while browsing the website and are stored on the website visitor’s computer or other terminal device.
31. The information collected by cookies enables us to provide a more user-friendly browsing experience on the Company’s website and to learn more about the behaviour of visitors to the Company’s websites, to analyse trends and to improve both the website and the services provided by the Company or the information on the website. The Company processes personalised personal data by means of cookies.
32. If a visitor to the website does not consent to the placement of cookies on his/her computer or other terminal device, he/she may change his/her web browser settings to disable all cookies or enable/disable them one by one. However, the Company notes that in some cases this may slow down the speed of browsing the website, limit the functioning of certain features of the website, or block access to certain pages of the website. For more information about the cookies used on the Company’s website, please visit org or www.google.com/privacy_ads.html.

Final provisions

33. This Policy is governed by the laws of the Republic of Lithuania and the European Union.
34. The Company reserves the right to change this Policy, and we kindly ask visitors to the website to periodically check the Policy for any changes and to familiarize themselves with its amended or new provisions.

We wish you a pleasant browsing experience on our website!

Viconus, UAB