PRIVACY POLICY
MB “Decoend” (hereinafter referred to as “Decoend“) informs about the processing of personal data and the applicable data protection. This policy provides information on whose personal data is processed, for what purposes personal data is processed, the legal basis, scope of processing, protection applied, processing period, etc. This privacy policy will be referred to as the Policy in the text below.
The Policy is intended for individuals who visit the Decoend website, contact Decoend for the services provided or goods sold, or otherwise engage in business, contractual, or other relationships involving data processing.
Decoend processes personal data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as the Regulation), the Republic of Lithuania Law on Legal Protection of Personal Data, the Republic of Lithuania Law on Electronic Communications, and other directly applicable legal acts regulating the protection of personal data, as well as instructions from competent authorities and its internal regulations.
I. DATA CONTROLLER AND CONTACT DETAILS
The data controller is MB “Decoend,” legal entity code 305655596, phone +370 675 09397, email info@decoend.com
II. PROCESSED PERSONAL DATA, PURPOSES, LEGAL BASIS, AND STORAGE PERIOD
Personal data
Decoend processes personal data of the following categories of data subjects: potential clients, clients, their representatives, employees, job applicants, third parties, partners. The term “personal data” in this policy means information or its fragments related to the mentioned data subjects or information by which a person can be directly or indirectly identified. Decoend may collect and process data about you: 1) when you provide certain personal data for specific purposes specified in this policy; 2) when you provide your personal data to fulfil an order or contract, or to take actions at your request before entering into a contract; 3) when you register for a visit through the Decoend website by filling out forms or contact Decoend for
services using the specified contacts, contacting Decoend staff or partners, and in all other ways; 4) when you report a problem or contact Decoend staff regarding services or products; 5) when you communicate with Decoend staff in other ways and for other reasons.
Decoend processes and stores only those personal data specified in the company’s internal documents and necessary to achieve specific purposes. If it is possible to achieve the goals without certain personal data, they will not be processed and stored, except when the law requires the processing and storage of such personal data. Decoend may supplement the personal data you provide with other information if it is necessary to achieve specific goals. Decoend makes every effort not to store outdated or unnecessary information and ensures that personal data and other information are constantly updated and accurate.
Purposes, legal basis, and storage periods
Decoend, in order to respond to inquiries from potential clients, interested parties (on the website, by email, phone, or other means of communication), to establish contractual relationships, maintain communication, protect the company’s legitimate interests, may process the following personal data of the mentioned individuals: name, surname, email address, phone number, email correspondence (other communication information). This personal data is stored for 30 days and destroyed if the person does not order services. If services are ordered and the person becomes a client, the personal data is stored for the specified period.
Decoend, in order to fulfill its contractual obligations (e.g., offer and/or provide the requested service) under the contract, establish and maintain contractual relationships, communication, protect the company’s legitimate interests, and for other legitimate purposes, processes personal data of clients and their representatives: name, surname, date of birth, personal code (if necessary), address of residence, email address, phone number, bank account number, email correspondence (other communication information). This personal data is processed during the validity of contractual relationships and for 10 years after the end of contractual relationships. Email and other communication information is stored for 3 years but may be extended to 10 years if necessary for the company’s interests. Decoend will also process financial data for accounting and other legal obligations, i.e., payment history, bank account number, etc. The legal basis for processing the specified data is a contract or taking actions at the request of the data subject before entering into a contract, legitimate interests, or legal obligation.
Decoend may process personal data to defend the company’s rights and legitimate interests, to process and manage received inquiries, requests, and complaints, and to recover debts, etc.
Decoend processes employee and job applicant data and informs them separately.
Decoend may process personal data for which the individual has clearly given consent (e.g., for direct marketing purposes). Consent obtained for direct marketing purposes or other purposes is valid for 3 years.
Decoend may retain your personal data for a certain period after the end of contractual relationships to ensure its legal interests if a dispute arises or if required by law. Your personal data will not be stored longer than reasonably necessary, taking into account the purposes for which the data is collected.
Decoend’s internal rules specify storage periods for specific data, and statutory deadlines are also established. Storage of your personal data beyond what is specifically stated in the Policy may only occur when: 1) it is necessary for the company to defend against claims, demands, or lawsuits and to enforce its rights; 2) there are reasonable suspicions of unlawful activity being investigated; 3) data is necessary for the proper resolution of a dispute or complaint; 4) there are other legal grounds.
After the expiration of the processing and storage period of personal data, Decoend irreversibly destroys the data. If certain personal data is processed based on consent, upon the cessation or withdrawal of such consent, Decoend destroys the data processed with that consent, and the written consent form is kept for an additional 1 year.
III. TRANSFER OF YOUR DATA
In accordance with the Regulation and the Law on Legal Protection of Personal Data, for the purposes of data processing, Decoend may transfer your personal data to third parties only to the extent necessary to fulfill an order and provide a service, ensuring that the relevant third parties maintain the confidentiality of personal data and ensure proper protection.
If necessary for the above-mentioned purposes, Decoend has the right to transfer personal data to its suppliers, strategic partners, and others who assist in fulfilling
your orders, conducting commercial activities, and establishing cooperation. Decoend requires data recipients to use the information received only for the purposes for which the data was transferred and in compliance with legal requirements. Data processors engaged by Decoend have the right to process personal data only according to its instructions and to the extent necessary to properly fulfill contractual obligations. When engaging data processors, efforts are always made to ensure that data processors have implemented appropriate organizational and technical security measures and maintain the confidentiality of personal data.
Your personal data may be processed by data processors providing Decoend with accounting, data center and/or server rental, IT maintenance, legal, and other services.
Data may also be provided to competent authorities or law enforcement agencies, such as the police or regulatory authorities, but only upon request and only in the cases provided for by law.
IV. PROTECTION OF PERSONAL DATA
Decoend has implemented organizational and technical measures to protect personal data against accidental or unlawful destruction, alteration, disclosure, and against any other unlawful processing.
Decoend has implemented the following measures to protect personal data:
- Restricted access to personal data: access to personal data is limited and controlled based on the principles of need-to-know and least privilege.
- Employee training: employees who have access to personal data are regularly trained in data protection and security.
- Encryption of personal data: where necessary and technically feasible, personal data is encrypted to protect it from unauthorized access.
- Secure communication channels: Decoend uses secure communication channels (SSL certificates) to protect the transmission of personal data.
- Regular security audits: Decoend conducts regular security audits and assessments to identify and address potential vulnerabilities.
Despite the security measures taken, it is important to note that no system or transmission of data over the internet is completely secure. Therefore, Decoend cannot guarantee the absolute security of personal data. If there is a reason to believe that the security of personal data has been compromised, Decoend will inform you and the relevant authorities in accordance with legal requirements.
V. YOUR RIGHTS
You have the right to:
- Access your personal data: You have the right to know what personal data Decoend processes about you and to request a copy of your personal data.
- Rectify your personal data: If your personal data is inaccurate or incomplete, you have the right to request the rectification or completion of your personal data.
- Erase your personal data: You have the right to request the erasure of your personal data if the data is no longer necessary for the purposes for which it was collected, and there are no legal grounds for further processing.
- Restrict the processing of your personal data: You have the right to request the restriction of the processing of your personal data under certain circumstances, such as when you contest the accuracy of the data or when the processing is unlawful.
- Data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
- Object to the processing of your personal data: You have the right to object to the processing of your personal data in certain situations, such as when the processing is based on legitimate interests.
- Withdraw your consent: If Decoend processes your personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
- To exercise your rights, please contact Decoend using the contact details provided in this Policy.
Decoend will respond to your request within one month of receiving it. In exceptional cases, this period may be extended by an additional two months if necessary, taking into account the complexity and number of requests. Decoend will inform you of any such extension within one month of receiving your request, together with the reasons for the delay.
If Decoend does not take action on your request, it will inform you of the reasons for not taking action and provide you with information about other available remedies.
VI. DIRECT MARKETING
Decoend may use your personal data for direct marketing purposes with your consent. Direct marketing includes sending information about Decoend’s services, offers, news, etc. If you have given your consent for direct marketing, you have the right to withdraw your consent at any time by contacting Decoend.
Decoend will provide you with the opportunity to refuse or opt-out of receiving direct marketing communications, and you can exercise this right at any time.
VII. COOKIES
Decoend uses cookies on its website to improve the user experience, analyze website traffic, and for other legitimate purposes. Cookies are small text files that a website stores on your computer or mobile device when you visit the site. For more information on how Decoend uses cookies, the types of cookies used, and how to manage cookies, please refer to Decoend’s Cookie Policy, which is available on the Decoend website.
VIII. CHANGES TO THE PRIVACY POLICY
Decoend may update or change this Policy at any time, in whole or in part. The updated Policy will be published on the Decoend website: https://decoend.com/
The date of the last update: 3rd of December, 2020.
Decoend encourages you to review the Policy regularly to stay informed about how your personal data is processed and protected.