Privacy Policy
1. What Does This Privacy Policy Mean?
This privacy policy (hereinafter the ‘Privacy Policy’) provides information on the processing by UAB “Solutionlab Production” (hereinafter Company) of your personal data that are obtained: (i) in the course of performance of agreements with partners and suppliers who are legal persons and data of suppliers or service providers (natural persons); (ii) as Company performs direct marketing activities; (iii) when you participate in Company’s selections; (iv) when you submit inquiries to us; (v) as you perform active actions in Company’s social media accounts; (vi) ensuring the protection of trade secrets of Company; obtaining confirmation of the employee's actions in investigating violations of the law; (vii) ensuring the continuity of Company’s operations; (viii) protecting the Company's information systems from hacking and data theft, viruses, dangerous web pages, malware, copyright infringement through technical and Internet access, and computer networks from heavy loads.
Hereinafter all indicated persons whose data are processed by Company shall be referred to as ‘Data subject’.
2. About Company
Company, legal entity number 300629188, office address at Kareivių str.11B, Vilnius, data of the company are collected and stored in Register of Legal Entities of the Republic of Lithuania. Contact details for personal data matters: dataprotection@solutionlab.net
3. What Personal Data we do process?
Personal data are any information about the Data subject collected by Company that may be used for the Data Subject identification and is stored electronically or in any other manner.
Personal data include any information, including the Data subject’s name, surname, address and IP address, which is collected by Company about the Data subject for the purposes indicated in this Privacy Policy or during a separate meeting with the Data subject, or in the agreement with Company.
These data shall also include publicly available personal information of the Data subject accessed by Company when the Data subject contacts Company via any social media networks or performs active actions in Company’s social media accounts.
4. Direct Marketing
We will send offers for the provision of services of Company to persons, who have provided their contact details and have expressed a wish to receive information about the services offered by Company via electronic communication means (e-mail, phone, text messages), also ask for their opinion on provided services. Company will process the following personal data for direct marketing purposes: name, surname, phone number, e-mail address (data necessary in order to be able to send you direct marketing messages).
Your data processed on the basis of consent will be used for direct marketing purposes for 3 (three) years as of the receipt of your consent.
If you are our customer and have not objected to Company’s direct marketing messages, we will send you messages about services similar to those provided to you by e-mail on the basis of our legitimate interest. In this case, your data will be processed for direct marketing purposes for 1 year after the last purchase of the service.
You have the right to refuse direct marketing at any time by contacting us via e-mail on dataprotection@solutionlab.net
5. Contact Us
There are several ways how you can contact Company: by phone, e-mail, text messages on website https://solutionlab.net (hereinafter the ‘Website’) or via social media accounts. We personally accept, review and reply to all messages. If you contact us, we can process the following data belonging to you: name, surname, e-mail address, phone number, date, your nickname used in social media networks, and text of messages.
Such data will be processed in order to answer your questions. If you do not provide your contact details, we will not be able to contact you.
Please note that the Website can also use e-mail monitoring or blocking software and you must ensure that your e-mails do not contain unlawful content.
Electronic messages will be stored for 1 (one) year as of the receipt of the message for the purpose of defending the legal requirements of Company. For this purpose, we process correspondence and related personal data in pursuit of Company's legitimate interest (protection of legal claims).
All personal data provided by you in the course of communication with us will be used only for the aforementioned purposes and to review messages and administer and manage the communication flows. We undertake not to use your personal data without your express consent in any publications in such a way that would allow identifying you.
Please note that we may have to contact you by post, e-mail or phone. Please notify us of any changes of your personal data.
6. Social Media
Currently, we have an account on „LinkedIn“, which privacy notice is available at https://www.linkedin.com/legal/privacy-policy.
The information you provide to us on social media (including messages, the use of the Like and Follow fields, and other communications) is controlled by the social network manager. We recommend reading the privacy statements of third parties and contact service providers directly if you have any questions about the ways they use your personal data.
We process the information contained in our accounts for the purpose of administering the accounts with your consent. We do not store this information separately for this purpose.
7. Transfers of personal data to third countries
Data controllers on social media networks (LinkedIn) is established in third country for which the European Commission has not taken a decision on eligibility.
European Union population data published on the LinkedIn social network is processed by the data controller LinkedIn Ireland Unlimited Company (Wilton Plaza, Wilton Place, Dublin 2, Ireland). Information on how you can exercise your rights as a data subject can be found at https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy. In the event of a complaint about LinkedIn Ireland Unlimited Company's processing of your personal data or the exercise (non-exercise) of your rights as a data subject, you have the right to lodge a complaint with the LinkedIn Ireland Unlimited Company's supervisory authority, the Irish Data Protection Commission or the State Data Protection Inspectorate.
Microsoft Corporation acts as a data processor in accordance with the standard rules for the processing of personal data, which can be found by clicking the following link: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-DataProtection-Addendum-DPA?year=2021. In accordance with this standard rules, Microsoft Corporation undertakes to carry out the processing of Personal Data entrusted to it only in accordance with our documented instructions, including instructions for the transfer of Personal Data to a third country or to an international organization, unless this is required by European Union or Member State law to which Microsoft Corporation is subject, in which case Microsoft Corporation shall inform us of this legal requirement prior to the processing of the data, except where the law in question prohibits this for important reasons of public interest. For transfers of personal data to third countries for which the European Commission has not adopted an adequacy decision, Microsoft Corporation will be guided by the European Commission's Standard Data Protection Terms and Conditions (Article 46(2)(c) of the GDPR), which you can access by clicking on this link: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-andServices-Data-Protection-Addendum-DPA?year=2021.
8. Participation in the Selections
In the course of employee search and selection Company processes personal data of the candidates as follows:
For the purpose of searching for candidates on LinkedIn, other professional social networks, and other public sources, Company processes personal data of the natural persons matching the search criteria: search criteria, name, surname, other information provided on the public profile of the social network, communication with the potential candidate (via social media networks, or other contacts provided on their social media accounts). Processing of personal data is based on the legitimate interest of Company.
Until the answer on the participation in the employee selection process is received from the contacted potential candidate (in the event the contacted candidate does not wish to participate in the selection, the personal data is immediately deleted, in the event the contacted candidate agrees to participate in the selection process - the personal data is further processed on the basis of the consent, in the event there is no answer from the candidate - the personal data is stored until the end of the specific selection process).
For the purpose of candidate selection (handling applications, evaluation of the candidates) Company processes the following personal data of the candidates: name, surname, home address, e-mail address, telephone number, data provided in CV / Resume, motivational letter (optional).
Based on our legitimate interest, we will process the data on the person indicated by the candidate (name, surname, e-mail, telephone, information provided by the person) - former or current employer or person providing the recommendation, the information provided by him / her for the purpose of selection. We will erase this data at the end of the selection.
Personal data is stored until the completion of the particular selection process and erased within 3 working days after the completion of the selection procedure. In the event a separate consent of the candidate is received, the personal data is stored for 3 years from the receipt of the consent in order to offer the candidate to participate in the future candidate selections.
9. Performance of Company‘s Agreements
9.1. Company sometimes needs access to personal data held by its potential customers in order to assess the scope of its services and to prepare for entering into a contract with a potential customer. In such cases, Company shall grant the potential client access to the personal data of both the clients it manages and its employees on a viewable basis. For the above purpose, Company does not process the personal data in any way other than for review and does not store it. Company reviews the personal data of its clients and employees managed by its clients on the basis of legitimate interest (Article 6 (1) (f) of the GDPR)- to assess the scope of the services in a proper and fair manner and to enter into a service contract.
9.2. Company processes personal data of employees of suppliers or service providers (legal persons) and data of suppliers or service providers (natural persons) in order to perform the agreement concluded between Company and the aforementioned persons. In such case, Company will process the following personal data belonging to you: name, surname, date of birth, phone, e-mail address, messaging content, date and other data related to the performance of the agreement.
The basis for the processing of data of employees of service providers or suppliers (legal persons) of Company is the legitimate interest of the Company (Article 6 (1) (f) of the GDPR). We receive your data not only directly from you, but also from the service provider or supplier you are an employee of.
If you provide services or sell goods as a natural person, Company will process your personal data on the basis of performance of the agreement (Article 6 (1) (b) of the GDPR).
Personal data indicated in this section will be processed as long as the agreement is in effect. If personal data are indicated in the agreement, they will be stored for 10 years as of the date of expiration of the agreement. We will also process these personal data, when they are specified in the agreements and its enforcement documents, for the purpose of archiving, fulfilling the legal obligation provided for in the Index of Terms of Retention of General Documents approved by the Archivist of the Republic of Lithuania in March 9, 2011 by order No. V-100, 10.37 clause. For this purpose, we will keep the contract and its execution documents for 10 years from the date of conclusion or expiry of the contract (if the contract is of an ongoing nature). We will store personal data for the same number of years for the purpose and basis of Company's legitimate interest in defending legal claims. In the latter case, the recipients of your personal data may be courts, state institutions resolving disputes, parties to a dispute, lawyers and other entities providing legal services, depending on which remedies you or Company choose.
10. Protection of Company Confidential Information and Business Continuity
In order to ensure the protection of Company's confidential information, the continuity of Company's business, to protect information systems from hacking and data theft, viruses, dangerous websites, malware, copyright infringement through technical and Internet access and computer network from heavy loads, Company can view its employees' correspondence with contractors and information stored in Company’s electronic equipment. To achieve these goals, the Company processes the following personal data of its employees and persons who send or receive letters from employees: e-mail address, name, surname, date of the sender or recipient, content of information contained in electronic work tools.
Data collected for the protection of confidential information and Company’s information systems against intrusion and data theft, viruses, dangerous websites, malware, copyright infringement through technical and Internet access and computer network from heavy loads are stored for the purpose of defending legal requirements for 4 years, taking into account the provisions established in Paragraph 9 of Article 1.125 of the Civil Code of the Republic of Lithuania. In order to defend legal claims, data may be provided to data recipients (data controllers) such as courts, law enforcement authorities, public dispute resolution authorities, parties to a dispute, lawyers and other entities providing legal services.
In cases when the employee's employment contract with Company expires, the content of the employee's e-mail box is available for Company for 1 month from the end of the employment relationship for the purposes of business continuity, the e-mail box is deleted after this period.
11. Cookies
Cookies are used on the Website. A cookie is a small text file in alphanumeric format that we place with your consent on your browser or hard disk. We use different cookies for different purposes. Cookies also help us to differentiate you from other users of the Website, thus providing a more pleasant experience of using the Website and allowing us to improve the Website.
Most browsers allow you to reject all cookies, and some browsers allow you to reject only thirdparty cookies. So you can take advantage of these opportunities. However, please note that blocking all cookies will have a negative effect on the use of the Website, and without cookies you will not be able to use all the services provided on the Website. More information is available at AllAboutCookies.org or www.google.com/privacy_ads.html.
We use the cookies described below, for a detailed list of which you will find HERE:
https://policies.google.com/privacy?hl=en
https://www.linkedin.com/legal/privacy-policy
(a) Cookies are absolutely necessary.
These cookies are necessary for our Website to work. The basis for the use of such cookies is Paragraph 4 of Article 73 of the Law on Electronic Communications of the Republic of Lithuania. These cookies are necessary for the operation of the Website and cannot be disabled on our systems. We ensure the quality and security of the visit. These can be cookies, which, for example, allow you to log in and access secure areas of our Website, use the shopping cart feature or email account services.
(b) Analytical and / or performance cookies.
These cookies allow us to identify and count visitors to our Website and to track how visitors navigate our Website. This helps us improve the performance of the site, such as ensuring that users can easily find what they are looking for. Cookies are not intended to identify or influence your browsing experience while you are visiting the Website. If you do not agree to the use of these cookies, you will not be recorded in the visit statistics. The basis for the processing of the data collected by these cookies is your consent.
(c) Functional cookies.
These cookies are used to identify you when you return to our Website so that we can tailor the content provided to your needs, remember the information relevant to you. The basis for the processing of the data collected by these cookies is your consent.
(d) Commercial cookies.
We use our own and third-party cookies to display personalized advertising on our own and other websites. This is called "remarketing," which is based on browsing activity, such as the products you search for and view.
LinkedIn icon plugin is used on the Website.
12. Disclosure of Data
When we process your personal data, we engage Microsoft Corporation as our data processor in accordance with Article 28 of the GDPR, as we use Microsoft Office 365 and Azure cloud computing service.
Moreover, we can disclose information about you:
- if we must do this under the law;
- in order to sell a part of Company‘s activities or assets, where we disclose your personal data to the potential buyer of the activities or a part thereof;
- having sold the activities of Company‘s or a substantial part thereof to third parties.
Please note that the list of recipients and categories of recipients provided in the Privacy Policy may change; other recipients of your personal data may appear during the processing of your personal data, including intermediaries, marketing service and (or) IT service providers or subcontractors. If you wish to be notified of any changes to the recipients of your personal data, please inform us via e-mail provided in this Privacy Policy indicating in the e-mail as follows: “I wish to receive information on the changes to the recipients of my personal data, name, surname”.
13. Security of Your Personal Data
Your personal data will be processed pursuant to the requirements set out in the General Data Protection Regulation, the Republic of Lithuania Law on Legal Protection of Personal Data and other legal acts. In the course of processing of your personal data, we implement organizational and technical measures which ensure the protection of personal data from accidental or unlawful destruction, alteration, disclosure and any other unlawful processing.
14. Your Rights
This section contains information about your rights related to the processing of your personal data carried out by us and cases where you can exercise these rights. If you would like to receive more information on your rights or to exercise them, please contact us via e-mail indicated in this Privacy Policy.
Company will provide information on actions taken on a request with regard to implementation of your rights without undue delay and in any event within 1 (one) month of receipt of the request. In consideration of the request complexity and the number of received requests, the aforementioned term may be extended for 2 (two) further months. In this case, we will notify you of such term extension and reasons for it within 1 (one) month as of the receipt of request. Company will refuse to implement your rights only in cases provided for in the legal acts.
14.1. Right to Consent Withdrawal
If you have given us your explicit consent to the processing of your data, you can withdraw it at any time. Withdrawal of consent shall not affect the lawfulness of the processing of data carried out prior to the withdrawal of consent.
14.2. Right to Access Your Personal Data
We want you to fully understand how we use your personal data and not to experience any inconvenience because of that. You can contact us at any time and ask if we process any of your personal data. If we store or use your personal data in any way, you have the right to access them. If you wish to do this, please submit a written request to us at the address indicated in this Privacy Policy and confirm your identity. Please comply to the fairness and reasonableness principles when submitting such request.
14.3. Right to Request More Information
We hope that you will understand that it is very difficult to discuss all possible methods of collection and use of personal data. We try to provide as explicit and comprehensive information as possible and undertake to update this Privacy Policy if there are any changes to the personal data use process. Nevertheless, if you have any questions about the use of your personal data, we will be happy to answer them or will provide you with all additional information that we can disclose. If you have any specific questions or did not understand the provided information, please contact us.
14.4. Additional Rights
Below, you will find information about your additional rights that you can exercise in compliance with the following procedure.
a) You have the right to request us to rectify any inaccuracies of data held by us. In this case, we may ask you to confirm the rectified information.
b) You have the right to ask us to erase your personal data. This right will be implemented in cases provided in Article 17 of the General Data Protection Regulation (EU) 2016/679.
c) You have the right to ask us to restrict the processing of your personal data or to object to their processing:
- during the period required for us to verify the accuracy of your personal data when you submit claims with regard to data accuracy;
- in cases of unlawful collection, storage or use of your personal data where you decide not to request the erasure of data;
- when we do not need your personal data anymore, but you need them for the establishment, exercise or defense of legal claims;
- during the period required to determine if we have an overriding legal basis to continue processing your personal data if you exercise your right to object to the processing of your personal data.
d) You have the right to the portability of data that is processed by automated means and that we have received from you in a structured, commonly used and computer-readable format under your consent or for the purpose of agreement conclusion. If you exercise this right, we will transfer a copy of the data provided by you to you or the data controller of your choice.
e) You have the right to object to use of your personal data by us:
- in cases where we use such data in order to implement our legitimate interests, but we do not have an overriding legal basis to continue using your personal data; or
- at any time when we use your personal data for direct marketing purposes. In such case, the data will not be used for these purposes anymore; however, they may be used for other legitimate purposes.
15. Complaints
If you believe that your rights of the data subject have been and/or may be violated, please promptly contact us via e-mail indicated in this Privacy Policy. We ensure that as soon as we receive your complaint, we will contact you within the reasonable period and inform you about the complaint handling process, and then about its result.
If the handling results are unsatisfactory to you, you will be able to submit a claim to the supervisory authority – the State Data Protection Inspectorate (L. Sapiegos str. 17, Vilnius, www.vdai.lrv.lt, phones (8 5) 271 28 04, 279 1445).
16. Liability
You are responsible for the accuracy, correctness and completeness of your data submitted to us. In case of any changes to the data submitted by you, you must promptly notify us about that by email. We will in no way be responsible for the damage incurred by you due to the provision of inaccurate or incomplete personal data or failure to notify us about changes to them.
17. Amendments to the Privacy Policy
We may update or amend this Privacy Policy at any time. Such updated or amended Privacy Policy will come into effect as of its publication on our Website.
After making an update to the Privacy Policy, we will notify you about any changes that we consider material by publishing them on the Website. Updated on’ date indicated below shows the date of the latest update to the Privacy Policy.
The latest update to the Privacy Policy was made on 18/07/2022.
Third party cookies | ||
Name of cookie | Description of cookie | Link to third party privacy policy |
www.googleanalytics.com | „Google Analytics includes features that can help users of this cookie identify trends and trends in how visitors interact with their sites. Features allow you to collect, analyze, monitor, visualize, report, and integrate with other applications. |
https://policies.google.com/privacy?hl=en |
px.ads.linkedin.com | Linkedin's visitor tracking technologies are used to identify the visitor, ensure the security of his or her account, monitor his or her behavior, and provide customized content, including advertising. |
https://www.linkedin.com/legal/privacy policy |