Select services
1 CONTROLLER
The company „YIT Lietuva" UAB (business ID: 133556411) and other companies in YIT Group
Contact information of the head office:
Karaliaus Mindaugo Ave. 35
LT 52600, Kaunas
Lithuania
Tel. +370 374 523 48
"YIT Lietuva" is responsible for processing of personal data at group level for the purposes and on the legal basis defined in this policy, e.g. group level marketing and sales; financial and other administration and business management; customer relationship management; and analysis and development of products, services, customer relationship and businesses.
Each company in YIT Group is responsible for processing of personal data for its own purposes on the legal basis defined in this policy, e.g. for the performance of a contract or the management of the customer relationship with the data subject. For such purposes, it can process personal data which has been collected for the same purposes by other companies in the group.
2 CONTACT POINTS IN PRIVACY QUESTIONS
For processing personal data contact:
"YIT Lietuva" UAB
+370 374 523 48
info@yit.lt
3 LEGAL BASIS FOR AND PURPOSE OF THE PROCESSING OF PERSONAL DATA
The legal basis for processing personal data of consumer customers´ (i.e. data subjects) are:
Personal data are processed for following purposes:
4 DATA SUBJECTS AND CATEGORIES OF PERSONAL DATA
The Controller processes personal data of its prospective, current, and former customers. Following categories of personal data are processed for the purposes described above:
National identity numbers are processed only for purposes permitted by law when it is important to identify the data subject for example in the sale or rental of apartments; granting of credit, or debt collection.
Only basic data and marketing data as defined above are processed for the purposes of direct marketing.
5 REGULAR SOURCES OF INFORMATION
Personal data are collected directly from the data subject when the data subject is registering or using a service; sending request for contact or information or filling in a form; purchasing or ordering, contracting, participating events, otherwise interacting with the Controller personally, by phone or digitally.
6 DISCLOSURE AND TRANSFER OF DATA
The Data Controller may disclose personal data to other companies, whose products or services the Controller markets and sells to the data subjects for example to landlords and providers of housing services.
Data will not be disclosed to other external parties except when it is necessary to comply with the legal or contractual obligations of the Controller.
Controller may outsource ICT, marketing, communication and other functions to third party suppliers, vendors, or other sub-contractors. In such case the Controller may transfer personal data to these sub-contractors to the extent necessary for the provision of their services. These sub-contractors will process personal data on behalf of the Controller and must comply with the Controller´s instructions and this privacy policy. Controller will ensure through contractual measures that the personal data is processed in compliance with the legislation.
Personal data will not be regularly transferred outside the European Union or the European Economic Area. However, if any transfer outside the EU or EEA is necessary, the Controller will ensure that the country to which the data is transferred is approved as having a sufficient level of privacy protection by the European Commission, or by using standard contractual clauses approved by the European Commission.
7 DATA PROTECTION AND RETENTION
Access to personal data will be permitted only to persons who need to process data as a part of their employment or other duties. Digital data is protected by firewalls, passwords and other technical means. All data is kept in locked premises secured with physical access control.
After the customer relationship personal data will be retained until contractual as well as legal rights and obligations have been fulfilled and to the end of retention and liability periods, provide for in regulations and laws of the personal data controller.
After the customer relationship, the Controller may keep anonymized data as well as the above described basic data (excluding national identity number) and marketing data of the data subject for direct marketing purposes.
8 ACCESS, RECTIFICATION AND OTHER RIGHTS OF THE DATA SUBJECT
Data subjects have the right to know what kind of personal data has been collected and processed by the Controller. Upon the data subject´s request, we will rectify, remove or supplement any incorrect, unnecessary, incomplete or outdated personal data.
Data subjects are entitled to prohibit the use of the data for direct advertising, telemarketing and other forms of direct marketing, as well as to prohibit the use of the data for use in questionnaires and market research.
Data subjects may also withdraw consents they have given, object to or restrict processing of their data in cases defined by law, and the right to complain to the supervisory authority.
The requests can be submitted to contact persons defined in section 2 above. The Controller may need to ask additional information to confirm the identity of the data subject.