Privacy policy of „Softera Baltic“

The Privacy Policy sets out the basic principles of UAB “Softera Baltic” with regard to the collection, processing and storage of personal data. The Privacy Policy is intended to protect and defend the Client’s Personal Data from unauthorized use.

Updated on 18 April 2024

This Privacy Policy (hereinafter referred to as – the Policy) defines how UAB “Softera Baltic” (hereinafter referred to as – Softera, the Company, we) processes the personal data of its clients and (or) other persons (hereinafter referred to as – Users, Clients, you). The policy sets out the principles, rules and requirements of personal data processing that Softera adheres to in order to ensure the security of your personal data and the protection of your rights.

Who are we? Softera is a Microsoft Dynamics 365 business management solutions partner in Lithuania with perhaps the vastest experience and largest team of specialists, implementing ERP, CRM and business analytics (Power BI) solutions for businesses. Deep technological and process management knowledge, a competent team of specialists, proven solutions implementation and project management methodologies ensure the quality of the services provided. We aim to help clients choose value-creating process digitalization and optimization solutions.

We care about your privacy and the security of your personal data, therefore we are fully committed to processing the data of our Users and other persons only in accordance with the established principles and requirements of personal data processing and we ensure the confidentiality of personal data by implementing appropriate technical and organizational measures intended to protect personal data from unauthorized access, disclosure, accidental loss, alteration or destruction or other unauthorized processing. This Privacy Policy applies in conjunction with our Website Cookie Policy. If you have questions about personal data processing or would like to receive more detailed information about personal data processing, please contact us by e-mail duomenuapsauga@softera.lt

This Policy, taking into account changes in legislation and the Company’s activities, may be changed, so we recommend that you review it periodically. We will inform you about all changes to the Policy publicly on our website www.softera.lt

TERMS AND DEFINITIONS

  • Personal data means any information relating to an identified or identifiable natural person – data subject), who can be identified, directly or indirectly, in particular by reference to an identifier such as a personal identification number, or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person.
  • Personal data processing’ means any operation which is performed on personal data, such as collection, recording, storage, classification, grouping, merging, alteration, submission, announcement, use, logical and/or arithmetical operations, search, dissemination, destruction or other actions or a set of actions.
  • General Data Protection Regulation means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. (Hereinafter referred to as – Regulation, GDPR).
  • Data subjectmeans any natural person visiting the Company’s website softera.lt and (or) has expressed his or her intention to use, uses, used Company’s solutions and (or) services, participates in the Company-organized webinars and (or) events, intends to participate in our announced selections for vacant positions, wherefore we process personal data.
  • Data controllermeans UAB “Softera Baltic“, legal entity code 301566552, registered seat address K. Donelaičio st. 62 / V. Putvinskio st. 53 (BLC), 44248 Kaunas, Lithuania, e-mail info@softera.lt, phone number +370 37 752772, which establishes goals and means for processing of data indicated in this Privacy Policy.
  • Data processor means a natural or legal person that the Company uses to process your Personal Data on behalf of the Company.
  • Client means a natural or legal person to whom the Company provides services and who uses the Company’s products or solutions.
  • User means a visitor to the Company’s Website or another person who applies to the Company for information or consultation (consultation or advice on the Company’s products, testing or demonstration of products, inquires about product prices or wishes to receive an offer from the Company, etc.).
  • Websitemeans the Company-managed website softera.lt

Other terms used in the Privacy Policy are understood as defined in the Regulation, the Law of the Republic of Lithuania on the Legal Protection of Personal Data and other legal acts regulating the processing and security of personal data.


WHAT PRINCIPLES DO WE FOLLOW IN THE PROCESSING OF PERSONAL DATA?

We respect your privacy and collect and process only such Personal Data as are necessary to achieve the data processing goals specified by us. When processing your Personal Data, we comply with valid and applicable legal acts, including GDPR, the Law of the Republic of Lithuania on the Legal Protection of Personal Data and etc. When processing Personal Data, we adhere to the principles related to the processing of personal data established in the Regulation:

  • We process your Personal Data in a legal, fair and transparent manner
  • We collect your Personal Data for established, clearly defined and legitimate purposes and do not process them in a manner incompatible with those purposes, except to the extent permitted by law
  • We ensure that Personal Data is adequate, appropriate and only such that are necessary to achieve the data processing goals specified by us, i.e. we do not collect or store redundant or unnecessary data
  • We take all necessary measures to correct or delete Personal Data that is inaccurate or incorrect
  • We store data only as long as it is necessary to achieve the set goals
  • We apply the necessary technical and organizational security measures that ensure the security of your Personal Data, including protection against unauthorized or illegal data processing and against accidental loss, destruction or damage, including providing access to data or transferring data only to those employees or service providers to whom such access is necessary for the job functions they perform or the services they provide

WHEN DO WE PROCESS YOUR PERSONAL DATA?

We collect and process your personal data only when it is necessary to achieve our legitimate goals and when we have a legal basis to do so. The company may process personal data:

  • When you have expressed your consent to the processing of personal data for the specified goals or goals
  • When this is necessary in order to fulfill the contract concluded with you or to take action at your request before the conclusion of the contract
  • When we are required to do so by law
  • When processing personal data is necessary for the legitimate interests of the Company or third parties

WHAT PERSONAL DATA DO WE PROCESS?

 

When you wish to receive our consultation, test the solutions we develop or see a demonstration of the system at an agreed time and ask our specialists the questions of your concern and later receive an offer/price, we process: 

  • Name
  • Phone number
  • E-mail address
  • Company name

The goal of data processing – to contact the User and ensure proper service and provision of information to Users.
The legal basis for data processing – your consent.
Data storage period – data is stored for 5 years.

 

When we conclude service contracts and provide services to our Clients in the course of their execution, we process: 

  • Name, surname, workplace, position, contact details (phone number, e-mail address) of the client or his representative signing the contract
  • Name, surname, workplace, position, contact details (phone number, e-mail address) of the client’s contact person responsible for contract execution and communication

The goal of data processing – to conclude and execute a contract with the Client.
The legal basis for data processing – the execution of the contract with the Client.
Data storage period – data is stored for the duration of the contract with the Client and for 10 years after the end of the contract.

 

When we provide services to our Clients and our Clients contact us for help with the provided services using the JIRA service system, we process: 

  • Name, surname, workplace, position, contact details (phone number, e-mail address) of the Client’s contact person
  • Name, surname, e-mail address of the client’s employees who have access to the JIRA system
  • Other personal data that the Client indicates in his request for assistance

The purpose of data processing – to conclude and properly execute a contract, to provide assistance or advice to our Clients regarding the services provided.
The legal basis for data processing – the execution of the contract with the Client.
Data transmission – during the term of the contract, the data is transmitted to the service provider UAB “DataBank” performing the maintenance of the Company’s IT infrastructure and to Atlassian, the service provider of the JIRA service system, who process the data as data processors according to the Company’s instructions.
Data storage period – data is stored for 10 years after the inquiry is resolved in JIRA.

 

When we wish to provide you, the Client, from time to time, with newsletters, offers and information about our services that we think may be of interest to you, as well as ask for your opinion on the quality of our products and services provided, if you express your consent to receive our direct marketing messages, we process: 

  • E-mail address

The purpose of data processing – to provide newsletters, offers and information about our services and to ask for your opinion on the quality of products and services.
The legal basis for data processing – your consent expressed at the time of the conclusion of the contract.

If you are our Client, we may use your Personal Data (e-mail address and (or) phone number) for direct marketing purposes in order to provide you with offers and information about our similar services or products that we believe may be of interest to you, as well as ask for your opinion on the quality of the products and services we provide, even without your consent. You may object to receiving or opt-out of such messages at any time by clicking on the link at the end of each such such message.

 

We offer a chat feature for website visitors to contact us with questions or get the information they need. When you contact us or ask us a question using the Tawk.to chat application on our Website or using the inquiry form and wish to receive an answer, we process: 

  • Name
  • E-mail address
  • Phone number
  • Other personal data that you provide in your request

The purpose of data processing – to communicate with Users and answer the questions asked and to contact the User if we cannot answer the request at the time of its receipt.
The legal basis for data processing – your consent.
Data transmission – tawk.to is a third-party plug-in used on our Website that processes data as data processors under the Company’s instructions only to ensure the proper provision of services and in accordance with the Data Processing Addendum (https://www.tawk.to/data-protection/dpa-data-processing-addendum/)
Data storage period – the data are stored for 5 years.

 

When we wish to share success stories on our Website, when we have successfully implemented various solutions for our clients, we manage: 

  • Name and surname of the Client’s representative
  • Company’s name, position held
  • Photograph of the Client’s representative
  • Client’s feedback on our services and solutions
  • Video record with customer feedback on our services and solutions

The purpose of data processing – to share your feedback on our services as a client.
The legal basis for data processing – the consent of the client or his representative.
Data storage period – data are stored for 5 years.

 

When you apply to job advertisements published by us and seek employment with the Company, we process:

  • Name and surname
  • Contact details (phone number, e-mail address)
  • Information about education (educational institution, period of study, acquired education and (or) qualification)
  • Information about work experience (previous workplace, period of employment, position, responsibilities and (or) achievements)
  • Information about raising of qualification (trainings or courses attended, certificates obtained, valid licenses obtained)
  • Information about language skills, knowledge of information technologies, other competencies
  • Other information provided in the CV, cover letter or other application documents (including copies of documents confirming education and professional qualifications)
  • Information provided in recommendations and (or) references from former/current employers
  • During the selection process, your evaluation information as a candidate (summary of the interview with the candidate, opinions and insights of the person/persons conducting the selection, the results of the candidate’s testing (if testing is carried out)

The purpose of data processing – to carry out selections to take a vacant position in the Company – in order to assess your suitability for the proposed position/responsibilities
The legal basis for data processing – your consent, expressed when you apply for vacancies announced by the Company and by sending your personal data, including your CV and other documents, to the Company, and the legitimate interest of the Company to assess your suitability as a candidate for specific positions and to select the most suitable candidate.
Data Storage Period – data is stored until the end of the specific selection. If the Company does not choose your candidacy and does not propose to enter into an employment contract after the selection for the relevant job position, your personal data obtained and processed during the selection process will be stored for 1 (one) month after the end of the selection.

 

If you give your consent to save your data, provided in the selection for a job position, in the candidate database, so that we can contact you directly in the future and offer you to participate in the selection for the announced job position, we process:  

  • Name and surname
  • Contact details (phone number, e-mail address)
  • Information about education (educational institution, period of study, acquired education and (or) qualification)
  • Information about work experience (previous workplace, period of employment, position, responsibilities and (or) achievements)
  • Information about raising of qualification (trainings or courses attended, certificates obtained, valid licenses obtained)
  • Information about language skills, knowledge of information technologies, other competencies
  • Other information provided in the CV, cover letter or other application documents (including copies of documents proving education and professional qualifications)
  • Information provided in recommendations and (or) references from former/current employers
  • During the selection process, your evaluation information as a candidate (summary of the interview with the candidate, opinions and insights of the person/persons conducting the selection, the results of the candidate’s testing (if testing is carried out)

The purpose of data processing – to contact you directly with an offer to apply for a newly created or vacant position in the Company.
The legal basis for data processing – your consent.
Data storage period – 12 months from the date of receipt of consent.

The website uses links to external websites of third parties – the Company’s accounts in social networks FacebookYouTubeLinkedInThe use of third-party websites to which Our Website links is subject to the respective privacy policies of those websites. The Company does not assume any liability for the content of information not provided by the Company on these websites, processing of personal data and (or) their activities.

 

When we administer the Company’s social network accounts and you visit the Company’s social network accounts (LinkedIn, Facebook, YouTube), follow us or discuss, we process: 

  • Name, surname or the name of your social network account
  • Your photograph
  • Reactions to the content provided by the Company (likes, reactions, comments, shares)
  • Other data publicly available in your account or provided by you in your comments or communications with the Company through your social media account

The purpose of data processing – to inform clients and other persons about the Company’s activities, to communicate with persons browsing or following the accounts, to give persons the opportunity to discuss on our social network accounts and to answer their questions.
The legal basis for data processing – your consent.
Data storage period – data is stored as long as the Company’s or your social network account is valid, unless you express a desire to delete your data in our social network accounts earlier.

WHO CAN WE TRANSMIT YOUR PERSONAL DATA TO?

For the processing of your personal data, we may use third parties – service providers (data processors) who help us provide services to you: companies providing financial and accounting services, companies providing data center services or website hosting services, companies providing information technology maintenance services, advertising and marketing services, including newsletter sending services, and other service providers to whom your personal data is disclosed only to the extent necessary to provide specific services.

The data processors used by us can process your personal data only in accordance with clear instructions or directions given by us and cannot use them for other purposes or transfer them to other persons. In each specific case, only necessary personal data or access to them are provided to the data processor, i.e. only such personal data as are necessary to fulfill the specific processing purpose or to provide the service. To ensure the security of your personal data, we use only those data processors who undertake and can comply with appropriate data security requirements and confidentiality obligations.

Data may also be transmitted to state bodies and institutions performing the functions assigned to them by law (e.g. law enforcement authorities).


WHERE DO WE PROCESS YOUR PERSONAL DATA?

We process your personal data only in the territory of the European Union / European Economic Area (EU/EEA). Currently, when processing your personal data, we do not transmit them to third countries. If there is a need to transmit data to third countries, we will inform you about this before carrying out the transmission and ensure the legality and security of the transmission (application of the necessary transmission mechanisms and security measures).

WHAT RIGHTS TO YOU HAVE?

When you come to the Company or apply by e-mail duomenuapsauga@softera.lt, you, as a data subject, have all the rights established by the Regulation:

  • to know about the processing of personal data – to receive information about whether we process your personal data, and if such personal data is processed, the right to access your personal data
  • to apply with a request to correct personal data if you determine that your personal data being processed is inaccurate or incorrect
  • to apply with a request to suspend the processing of personal data, with the exception of storage – in the event that upon familiarization with the personal data, it is determined that the data are incorrect, incomplete or inaccurate or processed illegally
  • to apply with a request to delete personal data (“right to be forgotten”), except when your data must be stored based on the legal obligations imposed on the Company or the establishment, execution and defense of legal requirements
  • not to consent to the processing of personal data, when these data are processed or intended to be processed due to a legitimate interest pursued by the Company
  • to receive the personal data concerning you, which you have provided to the Company, are processed by automated means and the processing of which is based on consent or contract, in a commonly used and machine-readable format and to forward it to another data controller (right to data portability) when technically possible
  • to withdraw your consent to the processing of personal data at any time by submitting a notification to the Company in the specified manner – by clicking on the link at the end of the e-mail (in the case of direct marketing) or by sending your request to the Company by e-mail duomenuapsauga@softera.lt

You can exercise your rights personally or through representatives. To exercise your rights, you must come to the Company in person and submit a request, or you can submit your request via electronic means of communication by e-mail duomenuapsauga@softera.lt. In fulfilling your request, we have the right and duty to check your identity, which we will always try to do in the simplest and most convenient way for you. When submitting an application, you can verify your identity in one of the following ways:

  • if the request is submitted directly upon arrival at the Company – upon presentation of an identity document to our employee
  • if the request is submitted by means of electronic communication, it must be signed with an electronic signature or it must be submitted from the e-mail address which you used when registering on our Website and which we have in our database and can identify you with

If there are reasonable doubts as to the identity of the natural person who submitted the request, we have the right to ask you to provide additional information necessary to confirm your identity (e.g., what was the purpose of your application to the Company, what services or products were you interested in or wished to know more about, etc.).

The request must be clear, it must include your name, information about what rights you wish to exercise and to what extent, and information about how you would like to receive a response. If you submit the request by electronic means, the information is also submitted by electronic means, except in cases where you request it to be submitted in a different way in advance.

We try to examine your submitted requests and provide you with information as soon as possible, but no later than within 30 calendar days from the date of receipt of the request. If due to certain circumstances, such as the complexity of the submitted request (if it is necessary to seek help from data processors) or the number of Requests processed by the Company, the Company may not be able to examine the request in time, the examination period may be extended for no longer than two months, and we will inform you about this.

Requests are handled and information and data are provided free of charge, but we have the right in certain cases to either refuse you to exercise your rights (where the request is unreasonable or disproportionate or is repetitive), or the provision of information and data may be charged depending on the administrative fees relating to the provision of information or notifications or actions requested, in accordance with the requirements of legal acts and the rates set by the Company (if obvious abuse of rights, unreasonably repeated requests to provide information, data, extracts, documents, etc. are detected).

If you believe that the Company’s actions or inaction violate your rights or the requirements of legal acts, you have the right to file a complaint with the supervisory authority – the State Data Protection Inspectorate.


VALIDITY OF THE PRIVACY POLICY

This Privacy Policy is valid from 18 April 2024. We regularly review the Privacy Policy and update or supplement it from time to time. We will notify you of any update by uploading it in advance on our Website https://www.softera.lt/privatumo-politika/