All personal data are processed in accordance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the Law on Legal Protection of Personal Data of the Kingdom of Sweden.
1. COLLECTION AND USE OF PERSONAL DATA
1.1. Data controller
The personal data presented on or collected by the Website are managed by the Company, therefore, the Company is the controller of the personal data of the Website Visitor’s, as indicated in the GDPR.
1.3. Purposes of personal data processing
The Company processes the personal data of Visitors for the following purposes:
- to provide Visitors with our services that are accessible on the Website (e.g., by providing access to website functions, e.g., browsing, submitting queries, subscribing to newsletters;
- to ensure the functionality of the Website, to improve it, to offer better and adapted services to Visitors;
- to measure, evaluate and improve the functioning of the Website;
- convenient, efficient and functioning of the Website that meets the needs of the Visitor;
- to ensure smooth administration of the Website;
- submission of responses to Visitors’ queries or requests in a timely and proper manner;
- developing and delivering new products or services;
- in case of the Visitor’s consent, the provision of relevant information and interesting offers;
- to contact the Visitor concerning any information and/or request provided;
- to perform statistical and other analysis by continuously improving the content of the Website and services provided by the Company;
- other purposes that are disclosed to Visitors when such personal data is submitted by the Visitor.
1.4. Basis for personal data processing
The Company processes personal data of Visitors as it is required for:
- the implementation of the Company’s legitimate interests (e.g., to administrate and manage the Website, to provide services and etc.);
- fulfilment of obligations when such are determined by the applicable laws.
Visitor consent as a legal basis is used for direct marketing or third parties access to personal data. Visitors may revoke their consent to process their personal data at any time. If the Company does not have other legal basis for the processing of personal data, the Company will terminate processing of such personal data and destroy the data, unless the laws establish the obligation for the Company to retain such personal data.
1.5. The Visitors’ personal data collected on the Website
The Company processes the Visitors’ personal data which is received from the Visitors submitting such data to the Website and using the Website and the services and functions provided by it.
In addition to the following cases, the Company processes the personal data of Visitors when:
- Visitors submit a request using the Website (e.g., name, surname, phone number, e-mail address);
Each time the Visitor visits the Website, the Company collects and processes the following technical personal data:
- IP address of the Visitor’s device;
- date and time of login to the Website;
- data of the operating system of the Visitor’s device;
- information of the Visitor’s internet provider;
- other related technical information may also be collected.
1.6. Storage of personal data
- 30 days after the last contact with the Visitor; or
Longer storage of Visitor’s personal data may only be performed when:
- there is a reasonable suspicion of an unlawful act that is being investigated;
- the Visitor’s personal data is necessary for the proper resolution of the dispute or complaint;
- if the Company has received a complaint (complaints) related to the Visitor, or the Company reasonably believes that the Visitor has committed unlawful actions; or
- under other grounds indicated by laws.
1.7. Transfer of personal data to third parties
Personal data of Visitors may be transferred to the following third parties:
- Certain technical data on the visits of the Visitor on the Website (IP address, cookies, technical information of the Visitor’s browser, other information related to the browser’s activity and browsing the site) may be transmitted or made available to the Website for statistics, analysis and related purposes both for entities operating in the EU and outside the EU (e.g., by using the Google Analytics service by the Company).
- Data for some services provided by the Company may also be transmitted to AB „Avia Solutions Group“, company code: 302541648 (to which the Company belongs) group companies, including those located outside the European Economic Area (EEA). The Company does not transmit the Visitor’s personal data, such as the Visitor’s name, contact details or other data provided by the Visitor to the Website and provided in the account, to the entities indicated above. Please note that in non-EEA States, personal data may be subject to less protection than within the EEA, but the Company carefully evaluates the conditions under which such Visitor data will be processed and stored after being transferred to the above-mentioned entities.
- The Company would like to draw the Visitor’s attention to the fact that, during the visit of each Visitor to the Website, third parties may collect various technical information generated during the visits of Visitors (IP address, cookies, and technical information used by the Visitor’s browser, other information related to the browser activity and browsing the Website).
- The Company also uses the services provided by third parties (such as third-party servers, website design, administration services, online traffic and website analysis, statistics) that may require access to the Visitor’s personal data to the appropriate extent. In this case, the Company ensures that the data processors comply with the obligations of confidentiality and ensure adequate personal data protection.
1.8. Processing of the personal data of minors
The processing of personal data of minors on the basis of consent for the provision of information society services is lawful if the minor is at least 16 years of age. If such a minor is less than 16 years of age, such processing is legal only if the consent was given or processing was allowed by the minor’s parents or carers, and therefore:
- if you are under 18 years of age but already have 16 years of age, using the services available on our Website, you confirm that you have the consent of your parents, guardians for disclosure of your personal information to the Company;
- if you are under the age of 16 years, you can use the Services and content available on our Website only with the consent of your parents, carers, to the Company.
2. RIGHTS OF WEBSITE VISITORS
Visitors are given certain rights related to the protection of their personal data. These rights are:
- to know (be informed) about the processing of your personal data;
- to know your personal data which is processed by the Company;
- to request correction or addition, adjustment of your inaccurate, incomplete personal data;
- to require the destruction of personal data when they are no longer necessary for the purposes for which they were collected;
- to request the destruction of personal data if they are processed illegally or when you withdraw your consent to the processing of personal data or do not give such consent, when is necessary;
- to disagree with the processing of personal data or withdraw the previously agreed consent;
- to request to provide, if technically possible, the provision of your personal data in an easily readable format according to your consent or for the purpose of performing the contract, or request the transfer of data to another data controller.
In order to fulfill your rights, please contact us by contacts listed in this policy. We will respond to your request no later than 30 calendar days after receiving it and the date of submission of all the documents required to reply.
Upon receipt of your request, we will respond to you within 30 calendar days of receipt of your claim and from the date of submission of all documents necessary to prepare the answer.
By refusing to comply with your requirement, we will clearly indicate the grounds for such refusal.
If you disagree with our actions or the response to your request, you can complain to the competent state authority – the State Data Protection Inspectorate (for more information – www.ada.lt). In all cases, we recommend that you contact us before making a formal complaint so that we can find the right solution.
3. DATA PROTECTION
The Company, by implementing technical and organizational measures, protects Personal data of Visitors from loss, misuse, unauthorized access, disclosure or modification.
The Company recommends that the Visitors comply with the following minimum safeguards for personal data protection:
- do not visit suspicious websites;
- do not open links of uncertain origins;
- update their software;
- independently take care of using antivirus protection
Unfortunately, the transmission of any information on the Internet is not completely secure. Although the Company makes efforts to protect the Visitor’s personal data, it is not possible to ensure the full security of personal data when Visitors provide the data on the Website, therefore, Visitors must assume the risks associated with the transfer of personal data to the Website.
In the event of breach on personal data security that may cause a serious threat to the rights or freedoms of the Visitors and after determination of the circumstances under which unauthorized access to personal data has been obtained, the Company will immediately inform the Visitor.
4. GENERAL PROVISIONS