Privacy policy

UAB “KRAST”, legal entity code 305597207, registered office address Laisvės pr. 10, LT 04215 , Vilnius, Lithuania; correspondence address Pramonės pr. 16, LT 51186, Kaunas, Lithuania, email: info@kinetiniaifasadai.lt (hereinafter – the Company) understands that personal data protection is important to our clients, suppliers, partners, and other individuals whose personal data we process (hereinafter – data subjects), therefore takes all necessary measures to ensure the privacy and rights implementation of each data subject.

This privacy notice provides all information about how personal data is processed in our activities, including information about the purposes and legal grounds for personal data processing, what data is collected and further processed, how long it is stored, to whom it is provided, what rights you have and where you can apply for their implementation or any other issues related to personal data processing.

The Privacy Notice has been prepared based on the following legislation:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter – GDPR or Regulation);
• Republic of Lithuania Law on Legal Protection of Personal Data No. XIII-1426 of 30 June 2018 (hereinafter – LLPPD);
• Republic of Lithuania Law on Electronic Communications No. IX-2135 of 15 April 2004;

Depending on the nature of our cooperation, we process personal data:

• Received directly from the data subject (You), e.g., when you send us inquiries or messages through the indicated contacts, sign service provision or cooperation agreements with us.
• that is generated when You use our services, e.g., when you use our network and services, i.e., make phone calls, send text messages (SMS), visit our websites, mobile app, etc.;
• that we receive from other sources, e.g., when there is a basis, from other institutions or companies, e.g., when providing services under service agreements with municipalities. Also from banks, publicly available registers, credit bureaus (e.g., UAB “Creditinfo”), insurance companies.

To ensure a level of security appropriate to the risks in data processing, the Company has implemented appropriate technical and organizational measures. The Company, when selecting and implementing appropriate technical and organizational measures to ensure data processing security, follows:

• ENISA guidelines: https://www.enisa.europa.eu/publications/guidelines-for-smes-on-the-security-of-personal-data-processing
• Good information security practices;
• SDPI guidelines: https://vdai.lrv.lt/uploads/vdai/documents/files/02_%20VDAI_saugumo_priemoniu_gaires-2019-08-09.pdf

For data processing, the Company employs only those data processors who ensure compliance with GDPR and the same level of personal data security as established in the Company’s personal data protection policy.

We provide a list of categories of data recipients employed by the Company:

• state institutions as provided by law: State Tax Inspectorate, Sodra, Labor Exchange, Environmental Protection Department and Environmental Protection Agency, municipalities and municipal enterprises, etc.;
• companies providing data center, hosting, cloud, website administration and related services, software development, provision, maintenance and development companies, information technology infrastructure service providers, communication service providers;
• companies providing accounting, archiving, physical and/or electronic security, property management and/or other business services;
• Subcontractors;
• bailiffs, entities providing legal and/or debt collection services, companies performing financial audits;
• law enforcement institutions upon their request or on our initiative if there are suspicions of criminal activity, as well as courts and other dispute resolution institutions; tax administrators.

You have the right to refuse to provide your personal data, however, the provision of your personal data is necessary and essential for implementing the purposes specified in this privacy policy, therefore if you do not provide your personal data, the Company may not be able to implement the listed purposes.

According to GDPR provisions, you as a data subject can exercise the following rights:

1. Right to access personal data. I.e., submit a request for information on whether your personal data is being processed, and if personal data is being processed, you have the right to access your personal data being processed.
2. Right to rectify personal data. I.e., submit a request to correct your personal data if you find that our processed personal data is incorrect, incomplete, or inaccurate.
3. Right to erasure (right to “be forgotten”). I.e., submit a request to delete your personal data if you believe your data is being processed unlawfully or unfairly.
4. Right to restrict data processing. I.e., Submit a request to restrict (suspend) the processing of your personal data, except for storage – in cases where, for example, you request to correct your personal data (while the accuracy of personal data is being verified and/or corrected), it is determined that personal data is being processed unlawfully and you do not agree to the data being deleted, you have expressed disagreement regarding the processing of your personal data, etc.
5. Right to data portability. I.e., submit a request to transfer your personal data that is processed by automated means to you and/or another data controller in a structured, commonly used and machine-readable format.
6. Right to object to data processing. I.e., express objection to personal data processing when data is processed on the legal basis of legitimate interest or public interest.
7. Right to demand that you not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you;
8. Right to withdraw consents given to us at any time, regarding personal data processing, e.g., for direct marketing.

1. 1. Sending us a free-form request by email to info@kinetiniaifasadai.lt. The request must be signed with an electronic signature or accompanied by a notarized copy of an identity document so that we can verify your identity.
   2. Sending a request by registered mail to Pramonės pr. 16, LT 51186 Kaunas, Lithuania the request must be signed. The request must be accompanied by a notarized copy of your identity document.

The request must be legible, signed, and must include the data subject’s name, surname, place of residence, and other data for the desired form of communication, information about which of the data subject’s rights and to what extent the data subject wishes to exercise.

We will provide a response to your request no later than within 30 (thirty) calendar days from the date of receiving the request. In exceptional cases requiring additional time, we, having notified you, will have the right to extend the deadline for providing the requested data or examining other requirements specified in your request up to 60 (sixty) calendar days from the date of your request.

If you have questions regarding the information provided in this privacy notice or the protection of your personal data and the implementation of your rights in the Company, please contact the Company’s data protection officer in any way convenient for you:

• by email: info@kinetiniaifasadai.lt.
• in writing at: Pramonės pr. 16, LT 51186 Kaunas, Lithuania

If we cannot find a solution suitable for both parties, you have the right to contact the State Data Protection Inspectorate at: L. Sapiegos g. 17, Vilnius, email: ada@ada.lt.

A cookie is a small text file that a website saves on your computer or mobile device browser when you visit the website. Because of it, the website can “remember” your actions and preferences (e.g., registration name, language, font size, and other display preferences) for a certain time, so you don’t have to re-enter them every time you visit the website or browse through its various pages.

Information collected by cookies allows us to ensure your ability to browse more comfortably and learn more about website users’ behavior, analyze trends, and improve the website.

You can learn which cookies are used on this page and how to manage them in each page’s cookie control panel.