Privacy Notice
1. What is being presented in this Privacy Notice and what is it for?
While performing its activity, Energy Cells (hereinafter ‘the Company’ or ‘we’) processes (collects, stores, etc.) your personal data. While processing this information, the Company follows the General Data Protection Regulation of the European Union (hereinafter ‘GDPR’) and other statutes of law regulating the protection of personal data.
Here, we provide general information about the processing of your personal data within the Company: from where we receive your personal data and to whom we may provide it, for what grounds or purposes we are processing it, what kind of rights you have and how can you implement them, and other relevant information.
2. Who is responsible for the protection of your personal data?
The Company is responsible for the protection of your personal data. The Company is also the controller of such data determining the purposes and measures regarding the processing of information associated with you. Point 11 of this Privacy Notice provides the contact data of the Company as the data controller.
3. Why and what kind of data about you do we collect?
Line No
Why do we collect information about you?
What kind of information about you do we collect?
Why do we have the right to collect the information you submit?
For how long do we use or store information about you?
1.
We are performing tests of the reliability of candidates qualifying to take up respective positions through an inspection process.
Name, surname, position for which the person qualifies, date of submitting and/or withdrawing the consent regarding the inspection of the person’s reliability, signature, personal data indicated in Article 16 of the Law on Corruption Prevention of the Republic of Lithuania and in Article 17 of the Law on the Protection of Objects of Importance for National Security of the Republic of Lithuania. (The scope depends on the information that respective institutions provide to the Company.)
For this purpose, the special category of personal data may be processed, if they were provided to us by the institutions conducting the inspection of the candidate (State Security Department of Lithuania, Special Investigation Service of the Republic of Lithuania, Ministry of Interior of the Republic of Lithuania).
We have the right to process your personal data in accordance with the statutes of law (Article 6 Part 1 Point C of the GDPR).
We have your consent (Article 6 Part 1 Point A of the GDPR).
2.
2. We organise and perform public procurements.
Name, surname, personal identification number or date of birth, address, telephone number, position, having regard to the object of the procurement and qualification requirements, other personal data (any criminal record is inspected, whether the tax obligations associated with the object of the procurement were performed, qualification requirements indicated in the procurement documents), name, surname, personal identification number or date of birth, address, telephone number, position, bank account number, copy of the individual activity or business certificate of the representative of the supplier that won the procurement. The supplier that won the procurement may be requested to provide curriculum vitae, copies of diplomas, acquired certificates, quantities of performed agreements, criminal record certificate, settlement with STI, SoDra, etc.
We have the right to process your personal data in accordance with the statutes of law (Article 6 Part 1 Point C of the GDPR).
3.
We conclude and execute agreements with you and comply with the related tax obligations.
Name, surname, personal identification number or date of birth, telephone number, e-mail address, bank account number, signature, grounds of representation (Power of Attorney, Articles of Association etc.), number of the Power of Attorney, duration, position, settlement information, settlement period, other information associated with the conclusion and performance of the agreement having regard to the nature of the agreement.
We conclude an agreement with you and perform it (Article 6 Part 1 Point B of the GDPR).
4.
We are performing internal and external communications meant to make the Company’s activities public.
In the case of media representatives: name, surname, position, telephone number and e-mail address.
In the case of persons conducting training and other visitors: name, surname and position.
We have the lawful interest to process your personal data (Article 6 Part 1 Point F of the GDPR).
5.
We are administrating the internal channel regarding the submission of information regarding infringements (trust line) and are performing internal investigations on the grounds of the received information.
If the information is not provided anonymously, the data, which the person indicates, is collected: name, surname, telephone number, personal identification number, e-mail address, circumstances indicated in the announcement, date of submitting the announcement, decision regarding the information about the performed actions and adopted decisions.
We have the lawful interest to process your personal data (Article 6 Part 1 Point F of the GDPR).
We have the right to process your personal data in accordance with the statutes of law (Article 6 Part 1 Point C of the GDPR).
6.
We examine the complaints, proposals or requests provided by you.
Name, surname, e-mail address, telephone number, signature, date of application, number of application (registration number) and information indicated therein, examination result, if the person who submitted the request, complaint or proposal had communication via e-mail, the personal data recorded in this communication.
We have the lawful interest to process your personal data (Article 6 Part 1 Point F of the GDPR).
7.
We carry out a security check of the Company’s contractors and subcontractors’ employees, who, due to their assigned functions, are granted access without escort to the facilities and assets managed by the Company for the purpose of ensuring national security
Name, surname, personal identification number, date of birth, position of the employees of the contractors/sub-contractors, date of signing the consent, signature.
We have the right to process your personal data in accordance with the statutes of law (Article 6 Part 1 Point C of the GDPR).
We have your consent (Article 6 Part 1 Point A of the GDPR).
8.
We strive to ensure the protection of the Company’s objects and persons visiting them
In the case of access control – the name, surname, date, time of entry into and exit from the object by a person, data on movement at the object;
In the case of video surveillance, the video data of persons entering the field of surveillance of video surveillance cameras;
When visitors participate in excursions to the company’s objects – name, surname, signature, workplace.
We have the lawful interest to process your personal data (Article 6 Part 1 Point F of the GDPR).
We have the right to process your personal data in accordance with the statutes of law (Article 6 Part 1 Point C of the GDPR).
When we receive personal data from you, we request that you provide only that information which is necessary to implement the above-indicated goals. Please do not provide such information as political view, nationality or religion.
You may familiarise yourself with the Privacy Policy of Candidates to the positions of UAB ‘Energy Cells’ employees here.
4. Where do we receive your personal data from?
Most of information you provide yourself; however, we may receive certain personal data from legal entities for which you work (e.g. UAB ‘EPSO-G’ group companies) or represent (e.g. suppliers, with whom we conclude agreements).
5. To whom we may transfer your personal data?
We may transfer your personal data to our partners and service providers as well as to the below-listed entities insofar as it is necessary to achieve the goals indicated in Point 3 and allowed in accordance with the valid statutes of law:
5.1 banks performing settlement operations;
5.2 courts, supervision, law enforcement and other state institutions;
5.3 companies providing data centre, hosting, cloud, website administration and associated services, companies creating, supporting and developing software, companies providing information technologies infrastructure services, companies providing communication services.
When we transfer personal data to other third parties as the data processors whose services we are using, prior to using their services we make sure these parties apply appropriate technical and organisational measures ensuring secure processing of personal data and an appropriate level of data protection in accordance with the valid statutes of law of the European Union.
6. Will your personal data be transferred beyond the boundaries of the European Economic Area?
At the moment, the Company does not transfer your personal data to third countries (beyond the boundaries of the EEA ). If it becomes necessary to transfer your personal data beyond the boundaries of the EEA in accordance with the purposes indicated in this Privacy Notice, we will follow the requirements enshrined in the GDPR and will inform you about such transfer.
7. How do we protect your personal data?
To ensure that the information about you is protected against unauthorised granting of access, disclosure, accidental loss, change or destruction, or other unlawful processing, we have installed and are further implementing appropriate levels of technological and organisational measures to protect the safety of your personal data.
8. What rights do you have?
GDPR and other statutes of law provide you with rights, envisage the cases when you can use these rights, a procedure, which you must adhere to, as well as exclusions when you cannot use the rights granted to you. When the statutes of law allow, you have the right to:
8.1 know (be informed) about the processing of your personal data;
8.2 familiarise yourself with the personal data being processed;
8.3 request rectification of personal data;
8.4 demand deletion of personal data (‘the right to be forgotten’), if this can be substantiated by one of the reasons indicated in Article 17 Part 1 of the GDPR;
8.5 restrict the processing of personal data – you may request a restriction of the processing of personal data, when one of the cases indicated in Article 18 Part 1 of the GDPR is applicable;
8.6 object to the processing of personal data;
8.7 withdraw consent to process personal data, when we process your personal data on the grounds of consent.
If you think that by processing your personal data the Company infringes the data protection law, you have the right to submit a complaint with a supervisory authority, in particular, in the Member State where your habitual residence or the place where the alleged violation of the GDPR occurred and to apply for judicial remedies. In the Republic of Lithuania the Supervisory authority is the State Data Protection Inspectorate by post: L. Sapiegos g. 17, LT-10312 Vilnius or via the website (https://vdai.lrv.lt).
9. How can you implement your rights?
If you want to implement the rights indicated in Point 8 of the Privacy Notice, you must:
9.1 forward the request to the Company or to the Personal Data Protection Expert via e-mail: [email protected];
9.2 personally deliver the request to the head office of the Company at the address: Ozo g. 12A-1, LT-08200, Vilnius, providing your identity affirming document;
9.3 forward the request to the Company or to the Personal Data Protection Expert by post: Ozo g. 12A-1, LT-08200, Vilnius.
10. How will we inform you about the changes to this Privacy Notice?
We may at any time update or amend this Privacy Notice. Such updated or amended Privacy Notice will come into force from the day of publishing it on our website.
After updating the Privacy Notice, we will inform you about what is, in our opinion, essential changes by publishing them on our website. If you want to find out when the Privacy Notice was updated last time, you may look at the date it was updated, which is indicated at the bottom of the page.
11. The contact information of the Data Controller and the Personal Data Protection Expert
Should you have any questions, observations or complaints about how we collect, use and store information about you, or should you want to implement your rights as the data subject, you may address the Company via e-mail: [email protected], 12A-1 Ozo Str., Vilnius, tel. +370 659 00748.
Updated: 01 August 2023