Privacy Policy

In this privacy policy (hereinafter referred to as the “Privacy Policy”) you will find information about how Skrivanek UAB (hereinafter referred to as “Skrivanek”, “Company”, “We”) collects, stores and processes your personal data.

We comply with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “GDPR”), as well as with the requirements of any other data protection legislation, in relation to the protection of your personal data.

DATA CONTROLLER

The controller of the personal data processing operations described in this Privacy Policy, which determines the purposes and means of data processing, is UAB “Skrivanek”, legal entity code 300023429, address Švitrigailos g. 11B, Vilnius, Lithuania.

DATA PROTECTION OFFICER

If you would like to clarify, find out how the Company processes your personal data, or if you intend to exercise your rights as a data subject, please contact the Company’s designated Data Protection Officer: Rusnė Juozapaitienė, e-mail: rusne@duomenuapsauga.eu, telephone number +370 698 34316 (MB “Personal Data Protection”).

APPLICATION OF THE PRIVACY POLICY

By reading this privacy policy (hereinafter referred to as the “Privacy Policy”), you will learn how and for what purposes we process your personal data, where we obtain it from, to whom we provide and store it, and what your rights are as a subject of personal data.

As used in this Privacy Policy, “personal data” means any information from which you can be identified, whether directly or indirectly.

The terms used in this Privacy Policy (e.g. data controller, data processor) shall be understood as defined and interpreted in the General Data Protection Regulation.

The Privacy Policy is governed by the law of the Republic of Lithuania.

Employees, shareholders and members of the governing bodies of the Company shall be informed about the processing of their personal data in accordance with the procedure approved by the Company’s internal legal acts.

SOURCES OF PERSONAL DATA

We process your personal data obtained from the following sources:

  1. When you submit them to us. You provide us with your personal data when you use our services, send us your CV, cover letters, communicate with us by phone, email or during meetings.
  2. When you use our website. When you use our website, certain information (e.g. Internet Protocol (IP) address, type of web browser used) is collected automatically.
  3. From devices. For example, you visit the Company’s premises and premises where video surveillance is carried out.
  4. From third countries. We may also receive your personal data from third parties in accordance with the procedure established by law and/or this Privacy Policy, for example, we receive your personal data from our customers. Our clients must inform the data subjects of such transfer of personal data before the data is transferred to Us.
  5. From Skrivanek Holding SE group companies and offices.

PURPOSES OF PROCESSING PERSONAL DATA

RECRUITMENT OF EMPLOYEES, TRAINEES, SUPPLIERS

When recruiting employees, trainees, translation or training providers, we process the following personal data of potential employees, trainees, service providers: name, surname, other information provided by the data subject in the curriculum vitae, cover letter.

Data retention period: at the time of recruitment or for 1 year (subject to the data subject’s consent).

Legal basis: Conclusion of a contract (Article 6(1)(b)) – when applying for a specific position. Data subject’s consent (Article 6(1)(a)) – when the data is stored for future recruitment or when the individual is not applying for a specific position.

PROVISION OF FOREIGN LANGUAGE COURSE SERVICES (PREPARATION OF INVOICES, CASH RECEIPT)

For the purposes of the administration of the language school and the provision of foreign language course services, we process the following personal data of language school participants: name, surname, telephone number, email, level of proficiency in the foreign language, the foreign language, the name of the employer (in the case of a contract with a legal person), the position (in the case of a contract with a legal person), the details of the representation (in the case of a contract with a legal person), and signature.

Data storage period: 10 years from the end of the contract. VAT invoices and cash receipts shall be kept for 10 years from the date of issue.

Legal basis: Conclusion and execution of a contract with the data subject, if the contract is concluded with an individual (Article 6(1)(b)). Legitimate interest in processing personal data of representatives of legal entities, if the contract is concluded with a legal entity or an individual acting on behalf of another (Article 6(1)(f)).

Data recipients: the Lithuanian Government Tax Inspectorate.

PROVISION OF A FOREIGN LANGUAGE ASSESSMENT AND ASSESSMENT SERVICE

When providing the foreign language assessment and determination service, we process the following personal data of the service recipients: name, surname, telephone number, email address, foreign language proficiency level.

Data storage period: 10 years.

Legal basis: Conclusion and execution of a contract with the data subject (Article 6(1)(b)).

Data recipients: Skrivanek PL.

ADMINISTERING ENQUIRIES

We process the following personal data of the interested party in the course of providing our services: name, surname, company, phone number, email, service of interest, text of the message, Facebook account name (when contacted via Messenger).

Data storage period: 1 month.

Legal basis: Legitimate interest in communicating with potential clients (Article 6(1)(f)).

Recipients of the data: Meta Platforms when contacted via Messenger.

TRANSLATION AND DOCUMENT CERTIFICATION SERVICES (INVOICES, CASH RECEIPTS) FOR NATURAL PERSONS

When providing translation and document validation services, we may process the following personal data of our translation clients (natural persons and representatives of legal entities): name, surname, telephone number, email address, personal signature, documents to be translated and the personal data contained therein.

Data storage period: translated documents are stored for 5 years after the order has been processed. VAT invoices and cash receipts shall be kept for 10 years from the date of issue. Other data shall be kept for 10 years after the end of the contract.

Legal basis: Conclusion and execution of a contract with the data subject (Article 6(1)(b)). Legitimate interest in processing personal data of representatives of legal entities, if the contract is concluded with a legal entity or an individual acting on behalf of another (Article 6(1)(f)).

Data recipients: the Lithuanian Government Tax Inspectorate.

TRANSLATION AND DOCUMENT CERTIFICATION SERVICES (INVOICE, CASH RECEIPT) FOR LEGAL PERSONS

When providing translation and document validation services, we may process the following personal data of the employees/representatives of our translation clients (legal entities): name, surname, telephone number, email, personal signature, documents to be translated and the personal data contained in them.

Data storage period: translated documents are stored for 5 years after the order has been processed. VAT invoices and cash receipts shall be kept for 10 years from the date of issue. Other data shall be kept for 10 years after the end of the contract.

Legal basis: legitimate interest to process personal data of representatives of legal persons where the contract is concluded with a legal person or a person who concludes a contract on behalf of another person (Article 6(1)(f)). The processing is necessary for the controller to comply with statutory requirements (Article 6(1)(c)).

Data recipients: the Lithuanian Government Tax Inspectorate.

ADMINISTRATION OF SERVICE PROVIDERS (PAYMENT FOR SERVICES RENDERED, DETERMINATION OF QUALIFICATIONS, QUALITY AND SUITABILITY)

When purchasing services, we administer and select service providers and may process the following personal data of suppliers (translators, teachers, editors, layout designers, content creators, etc.): name, surname, personal identification number, address, telephone number, email, bank account number, bank, participation in training/courses/educational programmes, diplomas, references, education, level of proficiency in foreign languages, foreign language, evaluation of the trial translation, signature of the individual, copy of the certificate of self-employment.

Data retention period: copyright agreements are kept for 50 years. VAT invoices and cash receipts shall be kept for 10 years from the date of issue. Other data shall be kept for 5 years after the end of the cooperation agreement.

Legal basis: conclusion and performance of a contract with the data subject (Article 6(1)(b)). The processing is necessary for the controller to comply with legal requirements (Article 6(1)(c)). Legitimate interest to process personal data of representatives of legal persons if the contract is concluded with a legal person or a person who concludes a contract on behalf of another person (Article 6(1)(f)).

Data recipients: the Lithuanian Government Tax Inspectorate, the Government Social Insurance Fund Board under the Ministry of Social Security and Labour.

DOCUMENT MANAGEMENT

In order to register and manage documents, we process the following personal data of senders, addressees, and other persons whose personal data are included in the letters we prepare: name, surname, email address, telephone number.

Data storage period: 10 years.

Legal basis: legitimate interest in possession of documents (Article 6(1)(f)).

Data recipients: government institutions and bodies.

COMPANY REVIEW (ISO AND OTHER AUDITS)

In order to carry out audits of the Company’s activities, we process all personal data of the Company’s customers, shareholders and service recipients..

Data storage period: data is kept for 10 years.

Legal basis: legitimate interest in carrying out inspections and audits of the company’s activities (Article 6(1)(f)).

Data recipients: external auditors.

IDENTIFICATION OF EXISTING CUSTOMERS

In order to identify customers and other visitors to the Company’s premises, we process the following personal data: name, surname, email address, telephone number.

Data storage period: 10 years after identification.

Legal basis: legitimate interest in customer identification (Article 6(1)(f)).

IMPROVING THE WEBSITE, UPDATING MARKETING CAMPAIGNS, VISITOR STATISTICS (USE OF COOKIES)

To improve the website, provide and personalize marketing offers, collect and analyze website visitor statistics, and ensure website functionality, the Company uses cookies, plugins, and similar technologies on its website. For this purpose, the Company processes the following personal data: the visitor’s computer browser and its version, language preference, region, browsing time, time zone set, and other information collected through cookie

Data retention period: The retention period for personal data depends on the specific cookie used to collect the personal data. However, in all cases, the retention period does not exceed 2 years.

Legal basis: The data subject’s consent (Article 6(1)(a)), based on which personal data collected through non-essential cookies is processed. Legitimate interest in ensuring the functioning of the website and its features (Article 6(1)(f)).

Detailed information about cookies is provided in the Company’s Cookie Policy, available at the following link: https://skrivanek.lt/en/cookie-policy/

MARKETING (CUSTOMER SATISFACTION SURVEYS)

In order to gather customer feedback about the services provided, the Company processes the following personal data of its customers: email address, phone number, first name, last name, and company name.

Data retention period: 3 years.

Teisinis pagrindas: duomenų subjekto sutikimas (6 str. 1 d. a p.). Teisėtas interesas gerinti paslaugų kokybę (6 str. 1 d. f p.).

DEBT COLLECTION

In order to ensure compliance with contracts and manage outstanding debts, we process the following personal data of debtors: first name, last name, company name, phone number, email address, and debt information.

Data retention period: 10 years after the full settlement of obligations.

Legal basis: Legitimate interest in debt collection (Article 6(1)(f)).

Data recipients: Debt collection companies.

COMPANY AWARENESS PROMOTION (SOCIAL MEDIA MANAGEMENT)

The Company, in order to increase its visibility, manages social media accounts together with social media administrators. The information you provide on social media or that is collected when you visit our accounts is controlled by the social media platform operators. Therefore, we recommend that you familiarize yourself with the privacy notices of the social media platform operators.

As administrators of social media accounts, we select the appropriate settings based on our target audience and the goals of managing and promoting our activities. The social media platform operators may have restricted the ability to modify certain essential settings, and as a result, we cannot influence the information that the social media operators collect about you.

Data retention period: The information is provided in the privacy notices of the social media platform operators.

Legal basis: Our legitimate interest in increasing the Company’s visibility (GDPR Article 6(1)(f)).

PERSONAL DATA RECIPIENTS

Your personal data may be provided to the following recipients, depending on the basis for data provision and ensuring the security of the transmitted data:

  • to state institutions, law enforcement agencies, and other entities in accordance with the laws of the Republic of Lithuania, or when the provision of data is necessary to assert, enforce, or defend the Company’s legal claims.
  • to debt collection companies.
  • to auditors, other consultants, notary offices, and bailiff offices.
  • to the State Enterprise Centre of Registers (VĮ Registrų centras).
  • to state institutions and agencies.
  • to the Government Tax Inspectorate.
  • to social media administrators.
  • to the State Social Insurance Fund Board under the Ministry of Social Security and Labour.
  • in case of a dispute – to individuals providing legal services to us, including lawyers.
  • to other group companies.
  • to data processors.

The Company engages data processors who, according to our instructions and within the scope we set, will process personal data to the extent necessary to achieve the data processing objectives. By involving data processors, we aim to ensure that the data processors implement appropriate organizational and technical security measures and maintain the confidentiality of personal data.

With your consent, we may also provide your personal data to other data recipients.

We may also disclose your data in order to protect your vital interests (for example, if you feel unwell on our premises and we need to seek medical assistance).

If we disclose your personal data to any other groups of data recipients not specified in this Privacy Policy, we will inform you no later than at the time of the first disclosure, unless we have already provided such information to you previously.

TRANSFER OF PERSONAL DATA OUTSIDE THE EU BORDERS

Typically, we process and store the personal data of data subjects within the territory of the European Union or the European Economic Area (EU/EEA). However, we may also transfer personal data outside the EU/EEA when it is necessary to achieve the objectives for which the data was collected and processed.

We transfer your personal data outside the EU/EEA in accordance with the requirements of Chapter V of the GDPR, if at least one of the following measures is implemented:

  • The European Commission has recognized that the country to which the data is transferred provides an adequate level of protection for personal data.
  • a contract has been concluded based on the standard contractual clauses approved by the European Commission.
  • adherence to codes of conduct or the application of other protective measures under the General Data Protection Regulation (GDPR).
  • we have a separate and freely given consent from the data subject for the transfer of data outside the EU/EEA borders.

PROFILING AND AUTOMATED DECISION-MAKING

The Company does not engage in profiling or automated decision-making that would have significant consequences for you or have a substantial impact on you.

YOUR RIGHTS AS A DATA SUBJECT

As a data subject, you have the following rights:

Right to information: You have the right to receive all information regarding how your personal data is processed. This includes information on the purposes for which your data is collected, the legal basis for processing the data, the recipients of the data, and the data retention periods.

Right of access: You have the right to request access to the personal data we hold about you. This allows you to verify the accuracy and legality of the data being processed and to understand how it is being used.

Right to rectification and supplementation: If you notice that your personal data is inaccurate or incomplete, you have the right to request that it be corrected or supplemented.

Right to erasure (right to be forgotten): You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected. Additionally, you may request the deletion of data if its processing is unlawful or if you have withdrawn your consent, and there are no other lawful grounds for retaining it.

Right to object and withdraw consent: You have the right to object to the processing of your personal data in certain cases, for example, when it is used for direct marketing purposes. Additionally, if the data is processed based on your consent, you have the right to withdraw that consent at any time.

Right to restrict processing: In certain circumstances, you can request the temporary suspension of the processing of your personal data. This may apply when verifying the accuracy of your data, in case of a dispute, or when you want the data to be retained but no longer processed.

Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and, if technically feasible, transfer it to another data controller. This ensures smooth data portability and enables you to change service providers if you wish to do so.

Right to lodge a complaint: If you believe that your rights related to the processing of your personal data have been violated, you have the right to file a complaint with the competent supervisory authority – the State Data Protection Inspectorate, located at L. Sapiegos g. 17, Vilnius, email address ada@ada.lt, website https://vdai.lrv.lt, as well as with the competent court of the Republic of Lithuania.

Right to compensation: If you have suffered damage due to the unlawful processing of your personal data, you have the right to seek compensation for the harm caused.

These rights are essential tools for protecting your privacy and data security. As the responsible data controller, we are committed to upholding these rights and ensuring that your personal data is processed fairly, securely, and lawfully.

PROCEDURE FOR EXERCISING YOUR RIGHTS

You can exercise your rights as a data subject by sending a request via email with an electronic signature to info@skrivanek.lt, visiting our office, or sending a request by post to: Švitrigailos g. 11B, LT-03228 Vilnius, or by contacting the Company’s Data Protection Officer.

The request to exercise the data subject’s rights must be legible, signed, and include the data subject’s first name, last name, address, and/or other contact details for communication or where a response is requested.

If the data subject exercises their rights through a representative, the representative must provide their first name, last name, address, and/or other contact details for communication, where the representative wishes to receive a response. Additionally, the representative must provide the data subject’s first name, last name, and other details necessary for the proper identification of the data subject, as well as a document or a copy of the document confirming the representation.

FINAL PROVISIONS

The website may contain links to third-party websites, legal acts, and links to social media platforms (the ability to share website content on social networks). It is important to note that the privacy policies of these third-party websites apply to the linked websites provided on the Company’s website, and the Company is not responsible for the content, activities, or privacy policies of these websites.

UPDATING THE PRIVACY POLICY

We may review and modify the Privacy Policy at any time. The changes take effect from the date they are published on the website.

We recommend that you always review the latest version of the Privacy Policy.

The Privacy Policy was last updated on December 5, 2024.