This Policy has been prepared in accordance with the April 27, 2016 Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and superseding the Directive 95/46 / EC (General Data Protection Regulation) (hereinafter the Regulation).
This Policy informs the visitors of the Company’s website and the customers to whom the training services are provided about the processing of their personal data.
Personal data means any information relating to an identified or identifiable individual (data subject); an identifiable individual means a person who can be identified, directly or indirectly, in particular by an identifier such as first name, surname, personal identification number, location and internet identifier or by one or more physical identifiers of that natural person, signs of physiological, genetic, mental, economic, cultural or social identity.
Data subject – an individual- a visitor of the Company’s website, whose personal data is collected and processed by the Company.
Consent of the data subject shall mean any freely given specific and unambiguous expression of the will of the duly informed data subject, in the form of a statement or an unequivocal act by which he or she consents to the processing of personal data concerning him or her.
Data subject’s rights – opportunities of the data subject to participate and control the activities of the data controller and / or processor when processing his / her personal data – to know, to be informed about the processing of his / her personal data in the Company; to get acquainted with his personal data processed in the Company and how they are processed; to require the rectification, destruction of one’s personal data or the suspension, except for storage, of the processing of one’s personal data where the data is processed in breach of the provisions of legal acts; not to consent to the processing of his personal data; demand the deletion of his personal data; to receive data relating to him which he has provided to the controller; to file a complaint with the supervisory authority (State Data Protection Inspectorate).
Data Processing means any operation or sequence of operations carried out by automated or non-automated means on personal data or personal data sets, such as collection, recording, sorting, systematisation, storage, adaptation or modification, retrieval, access, use, disclosure by transfer, distribution or otherwise making them available, as well as collating or merging them with other data, restricting, deleting or destroying them.
Automatic data processing – data processing operations performed in whole or in part by automatic means. They are any information and communication technologies that can be used to process personal data, such as computers, communication networks, etc.
Data controller – UAB Proto takas, a legal entity established in accordance with the laws of the Republic of Lithuania, legal entity code: 304850561, registered office address: Gelvonų str. 2-105, 07149 Vilnius.
Data Processor means an individual or legal person, public authority, agency or any other body which processes personal data on behalf of the data controller.
Data Recipient means an individual or legal person, public authority, agency or any other body to whom personal data are disclosed, whether a third party or not. However, public authorities which, under European Union or Member State law, may obtain personal data in the course of a specific investigation shall not be considered as recipients of the data.
A cookie is a small text file that a website saves on your computer or mobile device when you visit it.
Personal data breach means a security breach resulting in the unintentional or unlawful destruction, loss, alteration, unauthorized disclosure, transmission, storage or other processing of, or unauthorized access to, personal data.
Other terms used in this Policy shall be understood as defined in the Regulation and other legal acts regulating the processing of personal data.
PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA
- The company follows the following principles when processing your personal data:
1.1. The Company processes personal data only for the purposes lawful and defined in this Policy and does not continue to process it in a way incompatible with those purposes (purpose limitation principle);
1.2. Personal data is processed accurately, fairly and lawfully in accordance with legal requirements (principle of legality, fairness and transparency);
1.3. The company processes personal data in such a way that personal data is accurate and is constantly updated in the event of a change (principle of accuracy);
1.4. The company processes personal data only to the extent necessary to achieve the purposes of personal data processing (principle of data reduction);
1.5. Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data were collected and for which they are collected (principle of limitation on the duration of storage);
1.6. When processing personal data, the company shall apply appropriate technical and organizational measures to ensure adequate security of personal data, including protection against unauthorized or unlawful processing of personal data and against unintentional loss, destruction or damage (principle of integrity and confidentiality);
1.7. The Company is responsible for compliance with the principles set out in this Policy and must be able to demonstrate compliance with them (accountability principle).
PURPOSES OF THE PROCESSING OF PERSONAL DATA
- The Company processes your personal data:
2.1. For the purpose of providing training services and the pursuit of legitimate interests, as well as for the proper management and administration of the website, to facilitate the search for information, to ensure the submission of data subjects’ inquiries online and access to purchased training lectures.
- For the purpose specified in Clause 2 of this Policy, the Company collects and processes the following data of you:
3.1. Personal data: name, surname (if you provide them);
3.2. Contact details: e-mail address, telephone number, address (if you provide them);
3.3. Image (when you join online training lectures);
3.4. Other personal data / information provided to the Company in your request and / or during training.
COLLECTION AND PROCESSING OF PERSONAL DATA
- Personal data is obtained from you when such data is required by law or when you provide such data voluntarily.
- The Company also processes your personal data in cases when you contact it by general e-mail, by making a request on the Company’s website, asking questions or sending information to the contacts indicated on the Company’s website, as well as by registering for trainings organized by the Company. In such cases, the Company processes your data in order to administer inquiries, provide training services, ensure the quality of services provided, protect and secure its legitimate interests.
- Irrespective of the way in which the data are collected, they shall be kept only to the extent and for the time necessary to achieve the intended purposes, but not beyond the term set by the order of the Chief Archivist of Lithuania No. V-100 dated March 9, 2011 in the approved version of the General Documentation Terms and Conditions of the current version or in other acts regulating the Company’s internal procedures. Personal data of customers who have purchased training organized by the Company shall be stored for at least 5 (five) years from the date of acquisition of training. Data contained in requests made through the Website is stored until the request is answered and is subsequently destroyed.
RIGHTS OF THE PERSONAL DATA SUBJECT
- You, as a data subject, have the right to:
7.1. Know / be informed about the processing of your personal data;
7.2. Get acquainted with your personal data and its processing. You have the right to contact the Company with a request for information on what and for what purpose your personal data is processed;
7.3. Require the correction of your personal data. If it is established that your personal data processed in the Company is inaccurate or incomplete, you have the right to apply for the correction or supplementation of such personal data;
7.4. Require the deletion of your personal data (“right to be fingered”). You have the right to request the Company to delete your personal data on one of the following grounds:
– personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
– you have revoked the consent on which the processing was based and there is no other legal basis for processing your personal data;
– You do not consent to the processing of the data and there are no overriding legitimate reasons to process it;
– personal data have been processed unlawfully.
7.5. Require restrictions on the processing of your personal data. You have the right to apply to the Company to restrict the processing of your personal data on one of the following grounds:
– You dispute the accuracy of the data for a period during which the Company can verify the accuracy of the personal data;
– the processing of personal data is illegal and you do not consent to the deletion of the data and instead request a restriction on their use;
– The company no longer needs personal data for processing purposes, but you need them to make, enforce or defend legal claims;
– You objected to the processing of the data until it has been verified that the Company’s legitimate reasons outweigh the data subject’s reasons.
7.6. Do not consent to the processing of personal data. You have the right to object to the processing of certain optional personal data concerning you. Such disagreement may be expressed by not filling in certain sections of the documents, as well as by subsequently submitting a request for termination of the processing of your personal data, which is processed voluntarily. At your request, the company will provide you with information on what your data is processed on an optional basis. Upon receipt of a request to terminate the processing of optional personal data, the company shall immediately terminate such processing, unless it is contrary to the requirements of legal acts, and shall inform you thereof;
7.7. To transfer data, that is, you have the right to receive personal data relating to you that you have provided to the Company in a structured, commonly used and computer-readable format, and you have the right to transfer that data to another data controller.
- The rights of customers as Data Subjects are implemented in the Company free of charge – information on the processing of his / her Personal Data is provided to the Data Subject free of charge. The Company, as the Data Subject, must examine the Customer’s request for the implementation of his / her rights specified in the Regulation and submit the response to the Data Subject in the manner specified in the request free of charge no later than within 1 (one) month from the date of receipt. This term may be extended for another 2 (two) months, depending on the complexity of the application and the number of pending applications. The Company must, within 1 (one) month from the date of receipt of the request, inform the Data Subject about the extension of the deadline for processing the request and indicate the reasons for the extension.
MEASURES TO ENSURE THE SECURITY OF PERSONAL DATA
- When storing personal data, the company shall implement and ensure appropriate organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, as well as from any other unlawful processing.
- Only those persons who have the right of access to such data have the right to access your personal data collected and processed by the Company and only when it is necessary to achieve the purposes provided for in this Policy.
- The company ensures proper network management, maintenance of information systems and implementation of other technical measures necessary to ensure the protection of your personal data.
TRANSFER OF PERSONAL DATA TO THE THIRD PARTIES
- Your personal data may be disclosed to the third parties that provide services to the Company that ensure the operation and maintenance of the information systems used by the Company. In such cases, your personal data will only be disclosed to third parties to the extent necessary for the proper provision of their services.
- Personal data of clients receiving training services are transferred to third countries or to an international organization, i. y. access to clients’ personal data is granted to lecturers conducting training, who may be third-country nationals (eg Russia).
- Upon completion of the training organized by the Company, at the request of the data subject and with his / her consent, his / her personal data may be transferred to the Company’s partners providing employment services (including third countries).
- Your personal data may be disclosed to law enforcement authorities in accordance with the procedure provided for in the legal acts of the Republic of Lithuania.
- In all other cases, your personal data may be disclosed to third parties only with your consent.
- The information collected with the help of cookies allows the Company to improve the operation of the website, ensuring you a convenient and efficient search for information.
- The main cookies used on the Company’s website: The given consent can be revoked at any time by changing the settings of your web browser and deleting the stored cookies. How you do this depends on your operating system and web browser.
||Purpose of data processing
||This cookie is set by Google Analytics. The cookie is used to separate users, calculate data for visitors, sessions, campaigns, and track statistical analysis of site usage. Cookies store information anonymously and assign a randomly generated number to identify unique visitors.
||This cookie is set by Google Analytics. A cookie is used to differentiate users, store information about how visitors use the website, and help create an analysis report on how the website works. The data collected, including the number of visitors, the source they came from, and the pages were anonymous.
||Used to control the flow of requests. These cookies were implemented by Google Universal Analytics to reduce query speed in order to limit data collection on high-traffic sites. It is only used to improve the performance of the site.
- After deleting the stored cookies, some functions of the Company’s website may not work as intended.
- This Policy is regularly reviewed and updated, and changes to it are posted on the website: https://trainyourbrain.online.
- If you have any questions, comments or complaints regarding the personal data collected, used and stored by the Company, please contact us by e-mail. email firstname.lastname@example.org or email@example.com.