We do not knowingly collect or solicit personal data from anyone under the age of 14. If you are under 14, please do not attempt to send any personal data about yourself to us. If we acknowledge that we have collected personal data from a child under age 14, we will delete that information as quickly as possible. In addition, if you believe that a child under 14 may have provided us personal data, please contact us at any time by e-mail at [email protected].
Unless otherwise specified in this Policy, the concepts used in the Policy shall be treated as they are described in General Data Protection Regulation No 2016/679 (the “GDPR”).
- DATA CONTROLLER
EUROAPOTHECA, UAB (the “Euroapotheca” or “we”) is the data controller of your personal data and responsible for this website.
The data of all data subjects in Euroapotheca is processed legally, transparently and honestly, with predetermined goals and only to the extent necessary to achieve them. When processing your personal data, we adhere to the GDPR, the Lithuanian Law on the Legal Personal Data Protection, as well as recommendations of supervisory authorities and/or personal data processing requirements.
Whenever we collect your personal data, we make sure:
- We ask for permission to collect it, if it is necessary under GDPR;
- We explain why we need the data and how we will use it;
- We only use personal data for the agreed reason and for the time it is needed;
- We check and update privacy information on a regular basis;
- We do not share data with anyone unless we have a legal or legitimate reason, or we have permission from you.
If you have any questions regarding this Policy or you still cannot find the information you need, you can contact us at any time. Our full contact details are provided at the end of this Policy.
This Policy applies to all users of our Website anywhere in the world. Unless covered by a separate privacy notice, this notice also applies to:
- Employees/representatives of companies/business partners who are entering/willing to enter into a contract with us (i.e., contact persons);
- Candidates: individuals who request or seek to join our team;
- Social media platforms users: people who chose to follow us on social media, comment/react to our posts or interact with us in another form via our social media accounts;
- Shareholders, beneficiaries, management body members;
- Persons requesting information on our services or otherwise contacting us.
- WHAT IS PERSONAL DATA?
“Personal data” consists of any information that relates to an identified or identifiable living individual and/or information from which individual can be identified, directly or indirectly. For example, information which identifies you may consist of your name, address, telephone number, location data, an online identifier (e.g., cookies identifiers and your IP address) or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. When we combine other information (i.e., information that does not, on its own, identify you) with personal data, we treat the combined information as personal data.
Please do not send any personal data, about yourself if you do not want that information to be used in this way. By using any of the services on this Website or by providing Euroapotheca with any information about yourself, you understand that your personal data will be used as set out below.
- PERSONAL DATA PROCESSING PURPOSES AND LEGAL GROUNDS
Euroapotheca will process your personal data for (i) the conclusion and execution of a contract with you (Article 6(1)(b) of the GDPR) and/or (ii) with your consent (Article 6(1)(a) of the GDPR) and/or (iii) when we have to comply with a legal obligation (Article 6(1)(c) of the GDPR) and/or (iv) where we (or EUROAPOTHECA group of companies) have a legitimate interest to do so (Article 6(1)(f) of the GDPR), balancing this interest against your interests and fundamental rights. Such legitimate interests may be administrative functions within EUROAPOTHECA group of companies, complying with your requests for information, etc.
Euroapotheca collects personal data for the following purposes:
TO MANAGE REQUESTS AND/OR COMPLAINTS
For the purpose of handling your queries and/or complaints submitted by e-mail, post, social accounts or phone, we may collect the following personal data: name, surname, profile name, e-mail address, phone number, subject matter and text of your query.
The above-mentioned personal data will be processed on the basis of your consent (expressed by your active steps – submitting a request/complaint) and our legitimate interests (to manage and administer your request/complaint and/or to protect/defend our rights and interests).
Euroapotheca will store the personal data related to your request/complaint for 2 years following the receipt of your query/complaint.
FOR RECRUITING PURPOSES
We may collect and use your personal data for the recruiting purpose – in particular, to determine your qualifications for employment and to make a hiring decision (whether to enter into a contract with you). This includes assessing your skills, qualifications, and background for a particular role, verifying your information, carrying out reference and/or background checks (where applicable), and generally managing the hiring process and communicating with you about it. We also may keep records related to your hiring processes in order to comply with legal or regulatory requirements.
For the above–mentioned purpose we may collect, use and store the following categories of personal data about you: name, surname, age or date of birth, your e-mail address, phone number, address of the place of residence, languages, computer skills, information about expected salary, data about your education, profession, experience, attended courses, training sessions, seminars, development of qualification, licences held, social media accounts, subject matter and text of your query, pictures and other information provided by you in your CV, motivational letter, through interviews or other forms of assessment.
We may collect personal data about candidates from the following sources: directly from you, job search portals and recruiting agencies (all above–mentioned personal data), our employees (referrals), your named referees and former/current employers (your qualifications, professional skills, business qualities, performance during previous/current employment, etc. Please note that we can request such information from your current employer only if we have your separate consent for this), from publicly accessible sources, such as LinkedIn Ireland Unlimited Company, LinkedIn Corporation, and other business-related social media sources and/or collaboration platforms (your full name, e-mail, work history, and other data included on your profile).
During the recruitment process, we generally do not collect or process any “sensitive personal data” (i.e., information that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs; trade-union membership; genetic data, biometric data; health-related data; data concerning your sex life or sexual orientation). However, in exceptional circumstances, we might be required or permitted by law to process sensitive personal data (i.e., Euroapotheca may be required to collect information about your gender and disabilities for the purposes of equal opportunities monitoring, to comply with anti-discrimination laws or for government reporting obligations). In addition, information about your physical or mental condition may be collected in order to consider accommodations we need to make for the recruitment process and/or subsequent job role.
It is in our (and sometimes EUROAPOTHECA group of companies) legitimate interests to decide whether to appoint you to the role since it would be beneficial to our business to appoint a suitable candidate to that role. If you fail to provide personal data when requested, which is necessary for us to consider your application (e.g., work history or evidence of qualifications), we may not be able to process your application further.
Euroapotheca will store the personal data about the candidate for as long as the selection to the specific position is taking place and 6 months after. Sometimes, if we choose another candidate, we may request your separate consent for the purposes of future recruitment processes and contacting you accordingly. Such personal data will be stored 2 years following the receipt of your consent or until the day you withdraw your consent.
TO COMPLY WITH OUR CONTRACTUAL OBLIGATIONS
We process personal data when you or your organization enter (or wants to enter) into the agreement with us regarding the delivery of goods and/or services. We may use the following personal data to fulfill our agreement with you or your organization: name, surname, position and company name, telephone number, address of the place of residence, e-mail address, date of birth, individual activity certificate number, VAT identification number or tax reference number, bank name and account, payment details.
We may also have a legal obligation to process such data to comply with various regulations, such as payment of taxes. Additionally, the processing is necessary for conducting negotiations relating to any future engagement between the parties. The processing may also be necessary for our legitimate interests. We may also process personal data when it is needed in protection of our rights, such as dealing with legal disputes, including incidents that occur during the provision of goods/services.
In general, your personal data is processed for the duration necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. For example, if you are engaged as a supplier/vendor to provide a certain service, we may retain your data for the duration of your service agreement and store it for an additional period, in accordance with our general retention policy (e.g., payment details shall be stored 10 years after the transaction). Additional periods may be necessary to enable us to protect the rights conferred to us by the law for the period fiscal statute of limitation. However, we do not undertake to keep these data for the entire period mentioned above and we may delete or anonymise your personal data earlier if we do not have a legal obligation to keep it.
Please note that if you fail to provide personal data when requested, which is necessary for us (e.g., bank account), we may not be able to enter into the agreement with you.
TO MANAGE AND ADMINISTER OUR SOCIAL NETWORKS
For the purpose of managing and administering our social networks (e.g., “Facebook”, “Instagram”, “LinkedIn” and “YouTube” accounts), we may collect the following personal data you provided voluntarily: your name, surname, social network profile name, pictures, and/or public comments.
Euroapotheca processes the above-mentioned personal data on the basis of your consent (expressed by your active steps, e.g., when you chose to write a comment, react to our posts or follow our accounts) and our legitimate interests (to communicate with our followers/commentators and/or to protect/defend our rights and interests).
Please keep in mind that comments published on our social media platforms are public. If you want to communicate with us in private or have a question you need us to answer, do not post to our social networks. Instead, please contact us at any time by e-mail at [email protected].
In addition, please note, that we reserve the discretion to delete or not allow comments that contain:
- Abusive, vulgar, offensive, threatening or harassing language, personal attacks of any kind, unsupported accusations, defamatory language or offensive terms that target specific individuals or groups;
- Suggestions or encouragement of illegal activity;
- Promotion or endorsement of commercial services, products, or entities.
If material provided by a user contains violations of the Policy, we will remove the comment in its entirety. Also, we reserve the right to ban from our social media platforms users who repeatedly violate our Policy.
Euroapotheca will store the personal data related to our social network until such social network account is actively used by us, unless you decide to delete (or ask us to delete) your personal data earlier on.
TO PERFORM OUR DUTIES TO SHAREHOLDERS, BENEFICIARIES, MANAGEMENT BODY MEMBERS
In its activities Euroapotheca shall collect, use, retain, share, or otherwise process its shareholders’, beneficiaries’, management body members’ personal data. Such personal data may include: name, title, address, phone number, e-mail address, date of birth, identification documentation such as passport information or national insurance number, shareholder records (including shares held, share purchases, share disposals, dividend entitlements and payments, votes, proxy appointments) and copies of enquiries, complaints and other correspondence.
We may process the above-mentioned data: for the purpose of internal administration, in order to fulfil our legal obligations (e.g., the requirement to provide the data of the board and its members in the annual report), to communicate with you (e.g., to notify you of meetings, financial results). We may also process your personal data to further our legitimate interest in managing our relations to shareholders, beneficiaries and/or management body members.
The above-mentioned personal data shall be stored, for as long as it is required to achieve the objectives for which they are processed and in compliance with the requirements for the storage of data of such type stipulated by legal acts, limitation periods applicable for establishing or defending legal claims and, if such claims are established, for as long as it is required for such purposes, or Euroapotheca is deemed to have a legitimate interest in storage, for example, due to liability risks arising from applicable laws.
TO ENSURE SECURITY AT OUR PREMISES
Euroapotheca from time to time receives visitors (e.g., business partners, vendors, other counterparties, also their employees, representatives, employees’ family members, and other persons) at its premises. In addition, all visitors must sign in at the reception and show some form of identification. We process only the following personal data of our guests: name, surname, date of visiting, signature.
The above-mentioned data is collected and processed to ensure safety (i.e., to make sure that visitors will not be exposed to danger, pose threats to our premises and property, and/or distract our employees from their work).
Please note that we do not use any kind of video surveillance equipment in our premises. However, video surveillance is carried out in the premises of the AKROPOLIS building (at the front entrance to our premises). The owner (i.e., the data controller) of the mentioned video surveillance cameras is AKROPOLIS GROUP, UAB (company code 302533135, address Ozo g. 25, https://www.akropolis.lt/en/privacy-policy). Therefore, we encourage you to seek out and read its privacy notice to understand how your data retrieved by video surveillance is collected, used and protected.
TO COMPLY WITH KNOW YOUR CUSTOMER (KYC) REGULATIONS
For the purpose of KYC checks (when needed and in the amount needed) Euroapotheca collects the following personal data: name, surname, organization, job title or role, office address, e-mail address, phone number, main activity, copy of the ID document including date of birth, personal identification code, photograph, passport/ID number, nationality and country of residence, countries in which the potential client or represented company maintains or intends to maintain business relationships, business activities’ links to special areas, status of a politically exposed person (if exists), political affiliation, payment arrangements and source of funds/income, directorships, shareholdings, bankruptcy, place of birth, place of residence, taxpayer code, certificates of conviction.
The personal data processed for the purpose of KYC checks will be processed on the bases of Euroapotheca legal obligation and public interests (prevention or detection of illegal activities). Such personal data will be stored for 10 years from the date of our last interaction with that client and in compliance with our obligations under the relevant laws.
TO ENSURE THE FUNCTIONALITY OF THE WEBSITE
When you visit our Website, we may collect certain user information automatically from your device. For the purpose to ensure the functionality of the Website and to collect statistical information. Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website is of interest to them. We use this information only for our business purposes, including internal analytics purposes and to improve the quality and relevance of our Website to our visitors.
Specifically, the user information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g., country or city-level location) and other technical information. We may also collect user information about how your device has interacted with our Website, including the pages accessed and links clicked.
Some of this information may be collected using cookies and similar tracking technology, as explained further below.
Cookies are not required for many parts of our services, hence you can accept/reject, manage and/or delete cookies according to your preferences. However, some of our Website services may not function properly if you disable cookies (e.g., remembering your language preferences).
In any case, the processing of personal data with the help of cookies is based on your explicit choice using the Website’s cookie banner which you can change at any time.
If you need more information about cookies, visit aboutcookies.org (you will find detailed, independent information on how to disable cookies through your browser preferences and how to remove cookies that are already on your computer). In order to remove cookies from your mobile phone, you should find this information in the user guide for your phone.
- LOG DATA
We receive information when you view content on or otherwise interact with our services, which we refer to as “Log Data”. This Log Data includes information such as your IP address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device information (including device and application IDs), search terms (including those not submitted as queries), and cookie information. We also receive Log Data when you click on, view, or interact with links on our services.
The above-mentioned information is always provided by your browser and automatically logged by most websites. Log Data is stored in a secure location and used only for our business purpose of internal analysis of traffic patterns within our Website and its security.
- DATA SHARING AND TRANSFERS
Any information that you provide, including any data collected by using cookies, may be shared with third parties (data processors) which provide us with services, help us to administer our Website and protect its data and act on our behalf (suppliers of database software, providers of database administration services, providers of cloud services, etc). We ensure that the processing of personal data by such third parties will be based on legal ground and will be performed in accordance with our lawful instructions and in compliance with the GDPR requirements.
Euroapotheca may share personal data with the following categories of third parties (data processors, data recipients or separate data controllers) as necessary:
- Within the family of companies controlled by EUROAPOTHECA for internal reasons, primarily for business and operational purposes;
- If we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of our assets, your personal data will likely be among the assets transferred;
- When legally required to do so (e.g., to cooperate with law enforcement investigations or other legal proceedings);
- With our service providers who provide information technology and system administration services, translation, marketing, accounting, postal or courier, event management and coordination or other services.
Euroapotheca will not transfer your personal data to third countries (countries outside the European Economic Area (the “EEA”), unless this is assessed as necessary. Euroapotheca informs that personal information collected with the help of cookies providers can be transferred to a non-EEA country (e.g., US, when Google Analytics are used). However, we will ensure that such transfers are in compliance with relevant data protection laws, including, if applicable, EU Standard Contractual Clauses, or a European Commission positive adequacy decision.
In other words, your rights and protections remain with your data and we make every effort to ensure that the recipients of your personal data protect it.
- HOW DO WE SECURE YOUR INFORMATION?
We maintain tight controls over the personal data we collect. Our dedicated IT security team has implemented appropriate and GDPR compliant technical and organizational measures to protect information about you against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. And if we do detect something risky that we think you should know about, we will notify you immediately and help guide you through steps to stay better protected.
However, please remember that, unfortunately, the transmission of data via the Internet is never completely secure. A common Internet scam is known as “spoofing” or “phishing“. This occurs when you receive an e-mail from what appears to be a legitimate source requesting personal data from you. Please be aware that we will not send you any e-mails requesting you to verify credit card, bank information, or any other personal data. If you ever receive an e-mail that appears to be from us requesting such information from you, do not respond to it, and do not click on any links appearing in the e-mail.
If you have any reason to believe that your interaction with us is no longer secure, please notify us at [email protected] and we will immediately investigate it.
- LINKED WEBSITES
For your convenience, the Website may include links to the websites that are owned, published and maintained by third parties (the “linked sites”). It could as an example be social media platforms/services. If you click on the linked sites, that website operator might figure out that you came from our Website. Such operators may also collect other personal data from you, such as cookie identifiers or your IP address.
In addition, we are not responsible for the accuracy or reliability of any such third-party websites, and this Policy does not apply to, the privacy practices of any linked sites or of any companies that we do not own or control.
- YOUR RIGHTS
With respect to your personal data you have the following rights:
- Access the information we process about you;
- Have such information corrected, updated, erased or blocked;
- Receive a copy of your information;
- To object to processing activities;
- If the processing of your personal data is based on your consent, you are entitled to revoke such consent at any time (revocation of your consent will not affect the lawfulness of the processing carried out prior to your revocation of consent);
- To receive your personal data provided to us in a structured, commonly used and machine-readable format and have the right to transmit that personal data to another controller.
To exercise these rights, you should make a written request at [email protected]. We will send you a confirmation within 5 days and do our very best to deal with the issue within 30 days. If the issue is difficult or requires a lot of work it may take longer, but we will keep you updated. In order to ensure data protection and properly exercise your rights, Euroapotheca has the right to ask you to provide proof of your identity.
Also, you have the right to complain if you do not feel that we are living up to our responsibilities when it comes to your data. We have appointed the data protection officer (the “DPO”), who takes your complaint very seriously. You can contact our DPO on this e-mail [email protected]. However, you always have the right to complain to the authorities as well, but because we take privacy matters very seriously, we would really appreciate it, if you would talk to us first. The authority having the right to look at us, is the Lithuanian State Data Protection Inspectorate, address L. Sapiegos str. 17, 10312 Vilnius, Lithuania, e-mail [email protected], website https://vdai.lrv.lt/.
Please note that some of the rights listed above may be limited where our legitimate interests or legal obligations override your interests and rights (particularly, in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations).
- SPECIAL INFORMATION FOR PARENTS
This Website is not directed to children and we do not knowingly collect personal data from children. However, our policy is to comply with the law when it requires parent or guardian permission before collecting, using or disclosing personal data of children. We are committed to protecting the privacy of children and we strongly encourage parents and guardians to take an active role in their children’s online activities.
If a parent or guardian becomes aware that his/her child has provided us with his/her personal data without their consent, please contact us – we will delete his/her data from our files.
- CHANGES TO THE POLICY
We are constantly trying to improve our Website, so we may need to change, modify, add or remove any portion of the Website, the Website content and/or this Policy, in part or in its entirety, at any time based on new functions or regulations. We will alert you to material changes by placing a notice on our Website when we are required to do so by applicable law. Any changes to this Policy are effective from the date of their publication – you can see when this Policy was last updated by checking the date at the top of this page. You undertake to review this Policy periodically to become aware of any changes.
- DETAILS OF THE WEBSITE AND OWNERSHIP
The Website, content of the Website, code of the Website, design, domain name, all copyrights, trademarks, databases, corporate names and other intellectual property or other property related to the Website and/or its contents are fully owned by Euroapotheca and/or licensors and/or content providers are protected by national and international intellectual property laws and other legislation.
Unless expressly permitted by Euroapotheca, you have no right, in any form and by any means, to copy, capture, reproduce in any form or manner, launch, publish, transfer, sell, translate, reprocess, submit, licence, modify, create derivative works from or based upon, republish, edit, transmit, retransmit or otherwise make public, publicly perform or display, frame, distribute or use, in part or in its entirety, the Website, the Website content or Website code.
While we use all reasonable efforts to ensure the accuracy of materials on our Website and to avoid disruptions, we are not responsible for inaccurate information, disruptions, discontinuance or other events. The Website content is provided “as is” without warranties or representations of any kind, either express or implied, including, without limitation, any warranties of merchantability, fitness for a particular purpose, title, non-infringement and freedom from computer viruses which may cause you damage, either direct (e.g., computer failure) or indirect (e.g., loss of profit).
Under no circumstances shall Euroapotheca be liable for any damages suffered by you or any third party, including, without limitation, any direct or indirect, incidental, punitive, special or consequential damages (including, without limitation, any reputational damages, any lost profits, damages for business interruption, or loss of information, programs or other data) that result from access to, link to, use of or inability to use this site or due to any breach of security associated with the transmission of information through the Internet. Any reliance upon materials on this Website shall be at your own risk (i.e., you are solely responsible for, and assume all risks associated with, your access, link to and use of this Website and its content).
- GOVERNING LAW AND JURISDICTION
This Policy is applied and interpreted in accordance with the laws of the Republic of Lithuania. All disputes arising from the Policy are settled in the courts of the Republic of Lithuania.
- DATA CONTROLLER DETAILS
For any information regarding the Website please contact us:
Legal entity code: 300854822
Address: Ozo str. 25, Vilnius
Phone: +370 5 204 2122
E-mail address: [email protected]
Also, as mentioned, we have appointed the DPO who is responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, please contact our DPO at [email protected].