PRIVACY POLICY

1. GENERAL PROVISIONS

This privacy policy (the Privacy Policy) contains information how “Boozt Technology Baltics”, UAB (the Company or we) manages information obtained from its website (www.boozt.com, the Website), LinkedIn and / or Facebook profiles visitors or its clients’ / vendors’ representatives and candidates.

Policy describes what personal data we collect, how we obtain it, on what basis and for what purposes we use your personal data, how we use it, how long we store your personal data, who we share your personal data with, how we protect your personal data, and what are your rights. The Company respects your privacy and is committed to protecting the safety of your personal data.

While processing personal data, the Company also acts in accordance with the legal acts regulating the protection of personal data, including the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the GDPR).

By using any of the services on the Website or by providing the Company with any information about yourself by submitting inquiries or contacting us (including via LinkedIn or Facebook), you understand that your personal data will be used as set out below.

Please be informed that this Policy may be updated at any time at the sole discretion of the Company. Any changes to this Policy are effective from the date of their publication on the Website. You undertake to review this Policy periodically to become aware of any changes. In case of any major changes to this Policy, we will inform you separately or provide an announcement on our Website.

2. DATA CONTROLLER AND CONTACT DETAILS

The controller of personal data is the Company, i.e.:

Name “Boozt Technology Baltics”, UAB
Legal entity code 304614924
Address Paupio g. 50,LT-11341 Vilnius, Lithuania
E-mail address vilnius@boozt.com

Should you have any questions in connection with this Policy or the processing of your personal data, please feel free to contact the Company using the contact details given above. Please submit your enquiries in writing (for example, by e-mail: vilnius@boozt.com) so that we could properly consider your enquiry and reply to you.

3. PERSONAL DATA

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to identification of the particular person, also constitute personal data.

Please do not send us any personal data, especially sensitive personal data, about yourself if you do not want such information to be used in any way.

The Company does not collect data from individuals under 14, so if you are under 14, you should not use this Website and should not provide your personal data to the Company.

4. PERSONAL DATA COLLECTED, ITS PURPOSES AND LEGAL GROUNDS

The Company will process your personal data for the following purposes and based on the related lawful basis:

4.1. Direct interactions and management of enquiries

Purpose The Company processes personal data received together with your enquiry (via e-mail) in order to properly administer enquiries (e.g. submit you an offer according to your request or answer questions), where necessary, fulfil various legal requirements and defend the legitimate interests of the Company.
Data subjects Persons submitting enquiries or contacting the Company via our e-mail.
Personal data
  • name, surname;
  • the entity (organisation) you represent (if provided);
  • your e-mail address;
  • your phone number (if provided);
  • your enquiry.

If it is not necessary to disclose certain personal data for the respective purpose (for an enquiry or request), therefore you should not provide excess data.

If you fail to provide your personal data, we may not be able to process your enquiry properly and provide you with the information you seek.

Legal basis
  • your consent (Article 6(1)(a) of the GDPR);
  • the execution of a contract with you (or if needed to take steps at your request before entering into a contract) (Article 6(1)(b) of the GDPR);
  • our legitimate interest to process your enquiry and provide you with the accurate information (Article 6(1)(f) of the GDPR).
Storage

The time limit for the storage of personal data specified in your enquiry is up to 3 years, depending on the nature of received personal data and other circumstances. In some individual cases, in accordance with the applicable legal requirements, your personal data might be stored longer.

4.2. Representatives of our (potential) clients and vendors

Purpose Communication with the representatives of our (potential) clients and (potential) vendors. Day to day business communication related to the services provided.
Data subjects Representatives of our (potential) clients and (potential) vendors.
Personal data
  • name, surname;
  • company name and position in the company;
  • e-mail address;
  • phone number;
  • subject matter and text of our communication;
  • address, identification code / birth date (if needed for the conclusion of a contract).
Legal basis The execution of a contract (or if needed to take steps at your request before entering into a contract) and processing of your requests (Article 6(1)(b) of the GDPR).
Storage Data will be stored for 10 years following the respective communication if we enter into a contract. If personal data are indicated in the contract between the Company and its client / vendor, then personal data will be stored for 10 years as of the date of expiration of the contract. If no contract is concluded, data will be stored for 5 years following the respective communication.

4.3. Contacts via social networks

Purpose Managing and administering Company’s social network (i.e. LinkedIn and /or Facebook profiles).
Data subjects Users of LinkedIn and Facebook interacting with Company’s LinkedIn and / or Facebook accounts.
Personal data
  • social network profile name;
  • profile picture;
  • public comments made in Company’s LinkedIn and / or Facebook;
  • subject matter and text of your queries, if any.
Legal basis Your consent (Article 6(1)(a) of the GDPR) or our legitimate interests to communicate with our followers (Article 6(1)(f) of the GDPR).
Storage Personal data will be stored until the Company’s LinkedIn and / or Facebook accounta are used by the Company, unless you by yourself at any time delete (or ask us to delete) your personal data earlier on.

4.4. Recruiting (Candidates)

Purpose Recruiting. Handling the personal data of the candidates to work at the Company.
Data subjects Candidates of the Company
Personal data
  • name, surname;
  • e-mail address;
  • phone number;
  • GitHub profile or / and LinkedIn profile (if provided)
  • text of our communication;
  • your resume, information about your experience and other information provided by you in your CV and / or other documents (skills, experience, qualifications and other details you voluntary provide);
  • your wishes for the job position (desired salary, benefit packages, type of employment you are looking for and other job preferences you provide to us);
  • professional social media accounts (e.g. LinkedIn) and information provided therein to the extent this information is public, relevant to your professional life and necessary in order to determine the suitability of the candidate for the specific position;
  • received data from third parties, recommending you as a candidate for a specific position.
Legal basis
  • Company’s legitimate interest to find a new employee for a specific or a potential job opening (Article 6(1)(f) of the GDPR);
  • necessity to take steps at your request before entering into an employment contract (Article 6(1)(b) of the GDPR);
  • your consent (Article 6(1)(a) of the GDPR).
Storage Company will store the personal data about the candidate for as long as the selection to the specific position is taking place and 6 months after that. Based on your consent such personal data may be stored longer.

4.5. Functions of the Website

All information about tools we use to maintain the functioning of our Website (including cookies) and related data privacy matters may be found in our Cookie Policy.

Cookies are small text files placed on the web browser used and saved on the visitor’s device. Cookies are placed on the visitor’s computer the first time that they visit the Website. Cookies are used to ensure a convenient and safe functioning of the website. This enables to constantly improve the functionality of the Website and to better adapt it to the needs of visitors.

You can delete all cookies stored on your computer, and in most browsers, you can set cookies not to be saved. First of all, you can delete all cookies that are already on your device by clearing the browsing history of your browser. This will remove all cookies from all websites you have visited. Be aware though that you may also lose some saved information (e.g. saved login details, site preferences).

Please be aware that if cookies are disabled, you may lose the ability to use the many features necessary to make the Website work as well. In order to remove cookies from your mobile phone, you should find this information in the user guide for your phone.

5. RECIPIENTS OF PERSONAL DATA, DATA TRANSFER

Any information that you provide may be processed by the Company and shared with third parties (data processors), which provide the Company with services and act on its behalf (e.g. companies providing data centre services, IT service providers, accounting service providers). The Company ensures that processing of personal data by such third parties will be based on legitimate legal ground and will be performed in accordance with lawful instructions of the Company and in compliance with the GDPR and other legal requirements. Your personal data will be provided to these data processors to the extent that is necessary for the provision of their respective services.

We ensure that the data processors of your personal data follow the instructions for the processing of personal data (where applicable) and implement appropriate organizational and technical measures to protect such personal data from accidental or unlawful destruction, alteration, disclosure or any other unlawful processing.

The personal data may also be transferred to the relevant personal data recipients / external third parties. The Company may share personal data with the following categories of third parties, as necessary:

  • courts, arbitrators, mediators, opposing party and their lawyers (if needed for the legal proceedings);
  • police, law enforcement authorities, tax authorities, other government or municipal institutions (if expressly required by relevant laws) or other persons or entities performing official functions assigned to them (e.g. notaries, debt collection companies),
  • our professional advisers such as lawyers, consultants, auditors or accountants (if needed for the protection of our legitimate interests),
  • service providers who provide information technology, system administration services, marketing, accounting, postal or courier or other services,
  • when entering into business transactions, i.e.: (i) in the case the financial or legal audit (due diligence) or when other inspection of the Company is being carried out – to the persons performing said audit / inspection; (ii) in the case it is intended to transfer the Company shares (any part thereof) or the Company as a business (any part thereof) – to the potential transferees (their representatives), (iii) any reorganisation, merger, incorporation of a joint venture, or any other transfer of the Company’s business, property or shares (also if related to bankruptcy or and other similar procedure). The Company shall ensure that the confidentiality of personal data is preserved in this case,
  • other persons or entities if needed to provide you with services as effectively as possible.

The Company does not transfer your personal data to third countries (outside the EU / EEA). In case any transfer outside the EU / EEA becomes necessary, we will make every effort to ensure that such data transfer comply with the requirements of the GDPR and implement appropriate measures to ensure that your personal data remains protected and secure. You may find more about such measures by contacting us directly via e-mail as indicated above.

6. YOUR RIGHTS

With respect of your personal data, you have the following rights provided for in the legislation, namely:

  1. The right to be informed about the processing of your personal data. We are obliged to provide clear and transparent information about our data processing activities. This is provided in this Policy.
  2. The right to access one’s personal data and the way it is processed. You have the right to obtain the confirmation of the Company that the Company processes your personal data as well as to access your personal data being processed and other related information. Also, this enables you to receive a copy of the personal data we hold about you. In order to provide you with requested data, we may have to verify the identity of the requester, if necessary.
  3. The right to rectify incorrect, inaccurate or incomplete data. If you believe that your information which is processed by the Company is inaccurate or incorrect, you have the right to request to change, revise or rectify this information. However, we may need to verify the accuracy of the new data you provide to us.
  4. The right to request the deletion of your personal data (“right to be forgotten”). Under certain circumstances listed in the applicable legislation (where personal data are processed illegally, the grounds for the processing of data have ceased to exist, etc.), you have the right to request that the Company would delete your personal data.
  5. The right to request to restrict the processing of your personal data. Under certain circumstances listed in the applicable legislation (where personal data are processed illegally, you have contested the accuracy of data, etc.), you have the right to request that the Company would restrict the processing of your personal data. Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.
  6. The right to request to transfer your personal data to another data controller or to provide them directly in any form convenient for you. You have the right to obtain the data which are processed by the Company on the basis of your consent or agreement and the processing of which is carried out by using automated tools in a customary and computer-readable format and you have the right to request to transfer them to another data controller.
  7. The right to object to the processing of your personal data if such personal data is processed on the basis of a legitimate interest. If personal data is processed on the basis of a legitimate interest, you may object to such processing of your personal data, except for the cases stipulated by law. In this case the Company will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
  8. The right to withdraw the consent given for the processing of personal data at any time (where your personal data are processed on the basis of separate consent). Upon the withdrawal of your consent to process your personal data, the data processing based on your consent will be terminated. However, your withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
  9. The right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.
    10. Lithuanian supervisory authority is Lithuanian State Data Protection Inspectorate, address L. Sapiegos str. 17, 10312 Vilnius, Lithuania, e-mail ada@ada.lt, website https://vdai.lrv.lt/. The Company would recommend and be grateful if you contact us before lodging a complaint to the relevant supervisory authority and express your concerns or questions to us. We will do our best to assist you with all your enquiries.

With a view to exercise your rights, or if you have any questions related to the protection of your personal data, please contact the Company using the contact details provided above in this Policy. In order to properly examine your enquiry and provide a detailed reply, please submit your enquiries in writing (by e-mail: vilnius@boozt.com).

We will exercise your rights within 30 days. If the request is very complex or the number of received requests is very high, this term may be extended for another 60 days. In this case, we will notify you about this extension and reasons for it within 30 days from your request. In order to ensure data protection and properly exercise your rights, we have the right to ask you to provide proof of your identity.

7. DISCLAIMER

The Website may include links to the websites that are owned, published and maintained by any third party. The Company does not undertake any responsibility for the accuracy or reliability of any such third‑party websites. We would recommend that you should read the privacy policy / statement of the other parties with whom you interact if you have any questions regarding their use of your personal data.

The Website and its contents are provided for general information purposes only. The Company assumes no responsibility for the information and material on the Website.

To the extent permissible by applicable laws the Company is not responsible or liable for any matter relating to you or any third parties accessing or using this Website and its contents.

8. DETAILS OF THE WEBSITE

The Website, content of the Website, code of the Website, design, domain name, all copyrights, trademarks, databases, corporate names and other intellectual property or other property related to the Website and / or its contents are fully owned by the Company and are protected by national and international intellectual property laws and other legislation.

Unless expressly permitted by the Company, you have no right, in any form and by any means, to copy, capture, reproduce in any form or manner, launch, publish, transfer, sell, translate, reprocess, submit, licence, modify, create derivative works from or based upon, republish, edit, transmit, retransmit or otherwise make public, publicly perform or display, frame, distribute or use, in part or in its entirety, the Website, the Website content or Website code.