This privacy policy is intended for the persons who cooperate, or intend to cooperate with UAB Edisoft Systems (hereinafter the “Company”), use the services provided by the Company, monitor the Company’s activities in the social media accounts administered by the Company or visit the website edisoft.io/eu
Data controller
UAB Edisoft Systems, Company Code 300592601, Address: Švitrigailos St. 11M, Vilnius.
Tel.: +370 5 2150949
E-mail: info@edisoft.lt
Personal data management principles
The company processes personal data in accordance with the European Union’s General Data Protection Regulation (EU) 2016/679 (hereinafter the “Regulation”), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the processing of personal data.
Personal data is obtained directly from the data subject, from the data subject’s activities while using the services and from customers (legal entities).
The company also follows the following basic principles in processing personal data:
-
Personal data is collected only for defined and legitimate purposes.
-
Personal data is processed lawfully and fairly.
-
Personal data is constantly updated.
-
Personal data is stored securely and for no longer than is required for the established purposes of the data processing or legal acts.
-
Personal data is processed only by those employees of the Company who have been granted such rights, according to their work functions.
When processing personal data, the Company implements technical and organisational measures that ensure the protection of the personal data against its accidental or illegal destruction, alteration or disclosure, as well as against any other illegal processing.
The data subject is responsible for ensuring that the personal data provided by him is accurate, correct and complete. If the data provided by him changes, he must immediately inform the Company about such a change. The company will not be responsible for damage caused to the person and/or to third parties due to the fact that the data subject has provided incorrect and/or incomplete personal data, or did not apply for an addition and/or change of the data after it changed.
Purposes of processing personal data
The company processes personal data for, but not limited to, the following purposes:
-
Administration and execution of its contractual relations (provision of services specified on the website), proper fulfilment of its contractual obligations, and maintaining relations with suppliers, partners and customers for cooperation and business development.
-
Electronic Data Interchange (EDI) and other services.
-
Conclusion and execution of employment contracts and the internal administration of the Company.
-
Administration of requests.
-
The Company’s internal documentation.
-
Publicising and increasing awareness of the Company’s activities.
-
Implementation of legal obligations applicable to the Company.
-
Selection of potential employees.
Processing of personal data for the purpose of providing services
In cases where the data subject uses the services provided by the Company, the Company processes the data subject’s personal data, which the data subject provides directly to the Company. In addition, the personal data of the data subjects is obtained from data controllers, who grant the Company the right to process the personal data of the data subjects when the Company acts as a data processor in its activities. When providing the personal data of the data subjects to the Company, data controllers are responsible for providing information to the data subjects about the transfer of their personal data to the Company.
Processing of personal data for the purpose of employment in the Company
Potential employees of the Company provide the Company with the following types of personal data: CV, name, contact information, etc. Potential employees are informed about the processing of their personal data by the Company, during the first verbal contact or by e-mail. Potential employees can also familiarise themselves with the processing of their personal data in this privacy policy.
The personal data submitted when applying for a position advertised by the Company is processed for the purpose of concluding an employment contract with a potential employee.
If the data subject applies for a specific position advertised by the Company, but does not receive a job offer, after the end of the selection for a specific position announced by the Company, upon the receipt of the data subject’s consent, the personal data of the data subject is stored for a period of 3 months after the end of the selection.
Processing of personal data for the purpose of publicising and increasing awareness of the Company’s activities
For the purpose of publicising the Company’s activities and raising awareness (direct marketing), the Company may process the following personal data of the data subject: name, surname, name of the represented company, e-mail, postal address and phone number. Consent for personal data to be processed for direct marketing purposes is expressed by the data subjects subscribing to the Company’s newsletter on the website. Giving consent for direct marketing is voluntary, it is not a condition of contractual relations with the Company, and it does not affect the relationship between the data subject and the Company. The withdrawal of such consent does not negate the legality of the data subject’s personal data processing, which was carried out before such a withdrawal of consent.
Based on the basis of legitimate interest, the Company may send informational messages to the existing customers of the Company without separate consent, if the data subject did not object to it, while giving the data subject the opportunity to disagree or refuse to receive such information in the future.
If the information sent for the purpose of the Company’s direct marketing is no longer relevant, the data subject may revoke their consent for direct marketing at any time, by contacting the Company by e-mail at: info@edisoft.lt.
Personal data retention period
The personal data processed by the Company is stored in printed documents and/or in the Company’s information systems in an electronic format. Personal data is retained for no longer than is necessary to achieve the purposes of the data processing, or for no longer than is required by the data subjects and/or provided for by the legal acts. Generally, personal data is retained for a period of 10 years after the end of the contractual relationship.
Although the data subject may terminate their contract with the Company, the Company must continue to store the data subject’s personal data due to possible future requirements or legal claims, until the data storage terms expire.
The company strives not to store outdated or unnecessary information, and to ensure that personal data and other information is constantly updated, corrected and destroyed in a timely manner.
Providing personal data
The company undertakes to comply with the obligation of confidentiality in relation to the personal data of the data subjects. Personal data may be disclosed to third parties only if it is necessary for the conclusion and execution of a contract with the data subject, or for other legitimate reasons. The Company undertakes to transfer the data received from data subjects to third parties only to the extent and only in cases where it is necessary to enter into contracts with the Company and/or to fulfil the obligations set out in the legal acts.
The Company may also provide the personal data of data subjects to its data processors (subcontractors) who provide services to the Company and process personal data on behalf of the Company. Such data processors have the right to process the personal data only in accordance with the Company’s instructions and only to the extent that it is necessary in order to properly fulfil the obligations stipulated in the contract. The company uses only those data processors who ensure that the appropriate technical and organisational measures will be implemented in such a way that the data processing meets the requirements of the Regulation and ensures the protection of the data subject’s rights.
The company may also provide the personal data of data subjects in response to requests from the court or state authority, to the extent necessary for the proper execution of valid legal acts and state authority orders.
Provision of data outside the EU/EEA
The company does not provide the personal data of data subjects outside the European Union or the European Economic Area.
Rights of the data subject
The data subject has the following rights:
-
To receive information about the personal data of the data subject processed by the Company, where the data was obtained, how the personal data was collected and on what basis it is being processed.
-
To apply to the Company with a request to correct the data subject’s personal data, to stop its processing, and to destroy it if the data is incorrect, incomplete or inaccurate, or if it is no longer necessary for the purposes for which it was collected. In such a case, the data subject must submit a request, upon the receipt of which the Company will check the provided information and take the necessary actions.
-
To apply to the Company with a request to destroy the personal data or to stop the processing of such personal data, except for its storage, in the case that, after familiarising himself with his personal data, the data subject determines that the personal data is being processed illegally or unfairly.
-
To not consent to the processing of the data subject’s personal data, when the data is processed or intended to be processed due to a legitimate interest pursued by the Company or a third party to whom the personal data is provided.
-
To withdraw the given consent to process the data subject’s personal data at any time.
The data subject has the right to exercise all his rights by contacting the Company by e-mail at: info@edisoft.lt.
If it is not possible to resolve an issue with the Company, the data subject has the right to apply to the State Data Protection Inspectorate (https://vdai.lrv.lt/), which is responsible for the supervision and control of the legal acts regulating the protection of personal data.
Social media accounts administered by the Company
The company manages an account on the social network LinkedIn. The information that a person submits in a social media page (by sending messages, writing posts, or by using the “Like” and “Follow” buttons and other communications) or that is obtained when a person visits the Company’s social media is controlled by the social network. The LinkedIn social network collects information about what type of content a person sees, what they do on the social network, who they communicate with and other information. Therefore, the Company recommends reading the privacy policy of the LinkedIn social network.
More information about LinkedIn privacy policy can be found here: https://www.linkedin.com/legal/privacy-policy.
The Company, as the administrator of the social network page, selects the appropriate settings, considering its target audience and the goals of managing and promoting its activities. The controller of the social network enables the Company to create an account on the social network and administer it. The controller can limit the changes to certain settings; thus, the Company cannot influence what information about the data subject will be collected by the controller of the social network after the Company has created an account on the social network.
All such settings may affect the processing of personal data when the data subject visits the Company’s social media page or reads the Company’s posts. The social network controller processes the data subject’s personal data for the purposes determined by the social network controller and based on their privacy policy. However, when the data subject uses the social network to communicate with the Company, visits the Company’s social media page or monitors the posts, the Company receives information about the data subject. The volume of the received data depends on the account settings selected by the Company, agreements with the social network controller regarding the additional services, and the cookies used by the social network controller.
Links to other pages
The Edisoft website may contain links to other websites. It is worth noting that Edisoft is not responsible for the content of these websites, their privacy policies and the data that these sites may collect, even if they use the Edisoft company logo. The privacy policies of other sites may differ, so we recommend that you familiarise yourself with them in each case.
Amazon integration service
The Company provides Amazon integration services for its customers and acts as an intermediary between the Amazon Seller marketplace and the customer. Data required for the provision of this service is retrieved from the Amazon Seller marketplace via the API methods approved and provided by Amazon Services Europe S.à r.l. Some of the data retrieved may contain personal information. In this regard, the Company acts as a data processor of the data provided by the data controller (Amazon Services Europe S.à r.l).
When processing this data, the Company implements all technical and organisational measures that will ensure the protection of the data from its accidental or illegal destruction, alteration or disclosure, as well as from any other illegal processing.
The data retrieved from Amazon marketplace is converted to the formats required by the clients and is transferred to them by secure electronic channels. Data at rest is encrypted and stored for no longer than 30 days after an order delivery. At the end of the data retention period, the data is destroyed.
Cookies
Cookies are small text documents with a unique identification number that are saved on the visitor’s computer or other device. They help to ensure the operation of the website, to collect statistical information about the pages visited and to provide targeted marketing offers.
Necessary cookies are stored on the website visitor’s device, without the individual consent of the visitor. Functional, statistical and marketing cookies are only recorded if the user clicks the “I agree” button in the cookie notification.
Cookies used on the website:
| Cookie name | Issuer | Description | Retention period | Group |
|---|---|---|---|---|
|
region |
Edisoft |
The user’s region is set. Speeds up page loading. |
1 day |
Necessary |
|
session |
Edisoft |
User session identifier. |
Session |
Necessary |
|
privacy-policy |
Edisoft |
Checking whether the user agrees to the use of cookies for statistical and marketing purposes. |
1 year |
Necessary |
|
_gat |
|
A cookie is used to limit the frequency of requests. |
1 minute |
Statistical |
|
_ga |
|
The cookie helps to collect statistical information about the use of the page. |
2 years |
Statistical |
|
_gid |
|
The cookie helps to identify unique users. |
1 day |
Statistical |
|
APISID |
|
The cookie is used for Google advertising services. |
2 years |
Marketing |
|
SID |
|
The cookie is used for Google advertising services. |
2 years |
Marketing |
|
HSID |
|
The cookie is used for Google advertising services. |
2 years |
Marketing |
|
DV |
|
The cookie is used for Google advertising services. |
1 day |
Marketing |
|
SSID |
|
The cookie is used for Google advertising services. |
4 years |
Marketing |
|
SIDCC |
|
The cookie is used for Google advertising services. |
15 months |
Marketing |
|
OGPC |
|
The cookie enables the use of Google maps on the website. |
1 month |
Marketing |
|
ANID |
|
The cookie is used for Google advertising services. |
13 months |
Marketing |
|
NID |
|
The cookie is used for Google advertising services. |
6 months |
Marketing |
|
AID |
|
The cookie is used for Google advertising services. |
13 months |
Marketing |
|
OTZ |
|
The cookie is used for Google advertising services. |
17 months |
Marketing |
|
1P_JAR |
|
The cookie is used for Google advertising services. |
30 days |
Marketing |
|
_fbp |
|
The cookie is used for advertising services. |
3 months |
Marketing |
|
_fr |
|
The cookie is used for advertising services. |
3 months |
Marketing |