Privacy Policy
We appreciate the importance of protecting your personal data and therefore only collect and process such data as is necessary for our operations. We process personal data lawfully, transparently and fairly, in accordance with our predetermined purposes and only to the extent necessary to achieve those purposes. In processing personal data, we aim to keep it accurate, secure, confidential, properly stored and protected.
We process your personal data in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 (the ‘Regulation’) of 27 April 2016, the Law on Legal Protection of Personal Data of the Republic of Lithuania, as well as any other legislative requirements for the processing of personal data.
1. WHAT IS THIS DOCUMENT?
1.1. This Privacy Policy of Nordic Metrology Science UAB (hereinafter referred to as the ‘Privacy Policy’) establishes the privacy terms and conditions for the use of our website https://nordicmetrology.com/, our social media accounts (‘Accounts’) on Facebook (https://www.facebook.com/nordicmetrologyscience/) and LinkedIn (https://lt.linkedin.com/company/nordic-metrology-science) (hereinafter collectively referred to as the ‘Accounts’), and for contacting us by email, telephone or other means of communication, as regards our processing of your personal data.
1.2. Please read this Privacy Policy carefully to fully understand our practices regarding the processing of your personal data. This document will tell you how we process your personal data, the sources of your personal data and your rights as a data subject.
1.3. For the purposes of this Privacy Policy, Personal Data shall refer to any information that identifies you, whether directly or indirectly. Personal data may include your full name, date of birth, email address, location data and internet identifier, and any characteristics specific to you, etc.
1.4. The terms of this Privacy Policy apply to our customers who have purchased, are purchasing or intend to purchase services from us, as well as to our business partners (including their employees), to individuals who submit requests or make claims to us, either directly at our laboratories or by means of remote communication (by telephone, email, etc.). This Privacy Policy applies to all persons who visit our website https://nordicmetrology.com/, regardless of whether they are our customers, and to any actions that such visitors may take on our website. The Privacy Policy also describes how we process the personal data of all other persons as part of our business activities and the conclusion and performance of contracts.
2. WHO ARE WE?
2.1. The website https://nordicmetrology.com/ (the ‘Website’) is operated and managed by Nordic Metrology Science UAB, legal entity code 120229395, registered office address Dariaus ir Girėno g. 38, LT-02189 Vilnius, email address [email protected], contact telephone number +370 5 233 3393.
3. WHAT PRINCIPLES DO WE FOLLOW?
3.1. When processing your personal data, we shall:
3.1.1. comply with the requirements of current and applicable legislation, including the Regulation;
3.1.2. process your personal data in a lawful, fair and transparent manner;
3.1.3. collect your personal data for specific, explicit and legitimate purposes and will not process your personal data in a way that is inconsistent with those purposes, except to the extent permitted by law;
3.1.4. take all reasonable measures to ensure that any inaccurate or incomplete personal data, as regards the purposes for which they are processed, are immediately rectified, supplemented, no longer processed or destroyed;
3.1.5. store your personal data in such a way that allows identification for no longer than is necessary for the purposes for which the personal data are processed;
3.1.6. not disclose personal data to third parties and not make such data public, except as provided for in the Privacy Policy or as required by law;
3.1.7. ensure that your personal data is processed in a manner that allows for appropriate technical or organisational measures to ensure adequate security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage.
4. WHY DO WE PROCESS YOUR PERSONAL DATA?
4.1. We process your personal data for the following purposes:
4.1.1. For the purpose of concluding, performing and managing contracts for the provision and receipt of services, including verification and/or calibration and/or testing and/or inspection of measuring instruments.
We process your personal data to conclude and perform contracts for the verification and/or calibration and/or testing and/or inspection of measuring instruments. For this purpose, we may process the following personal data: full name, date of birth, personal identification number, VAT identification number, contact details (telephone number, email address, residential address), correspondence, bank account number, personal data provided by you (e.g. business license/individual economic activity certificate number). These data are processed for contractual purposes and/or to take action at your request prior to concluding a contract, and/or for the performance of statutory obligations, and/or for legitimate interest.
For this purpose, your personal data is stored for the duration of the contract for the verification and/or calibration and/or testing and/or inspection of measuring instruments or other services, and for a period of 10 years following the end of the contract, if the retention period of personal data is not otherwise specified by the legislation of the Republic of Lithuania. In the absence of a formal contract, we retain your personal data for a maximum period of 3 years following the verification and/or calibration and/or testing and/or inspection or other services for measuring instruments, if the retention period of personal data is not otherwise specified by the legislation of the Republic of Lithuania.
4.1.2. For direct marketing purposes.
We process your personal data with your consent for the purpose of providing you with newsletters, including offers and information about our products and/or services, events and other information, as well as for the purpose of improving our services.
For this purpose, we process the following personal data: email address, telephone number, and/or full name.
To this end, we obtain such personal data from you.
For this purpose, we also provide or communicate your data to companies that provide automated newsletter services;
For this purpose, we store your personal data for 2 years from the moment you give your consent to the processing of your personal data.
4.1.3. For the purpose of resolving potential or actual disputes with data subjects. We process information collected through telephone, email, the Website, or other means of communication when you contact us (or when we contact you following your request).
For this purpose, we process the following personal data: full name, email address, telephone number, residential address, Internet Protocol (IP) address, content of the complaint and/or request, date and time of your submission, communication details, content of any comments you wish to make public.
For this purpose, we may obtain your personal data from you, and we may create personal data ourselves as part of our handling of your query or complaint (e.g., we may contact third parties about the background of your complaint and record it, etc.).
For this purpose, we retain your data for 3 years from the date of its recording; in cases where there is reason to suspect that a crime or other unlawful act has been identified or an internal investigation has been initiated, the retention period is extended until the end of the relevant investigation and/or proceeding.
4.1.4. For the purpose of selecting candidates to join our team or complete an internship. We process your personal data to identify and select candidates who match our requirements for a job or internship and to assess their suitability for the role.
For this purpose, we process your personal data obtained from you (e.g., details provided in your CV and cover letter, as well as data collected during our interactions, such as your name, surname, email address, telephone number, education, areas of expertise, information on professional experience, proficiency in foreign languages, links to your social media accounts (if made available by you), details of any special needs or preferences, and any other information you have provided yourself.
For this purpose, we retain the data for the duration of the recruitment process for the proposed job or internship, and destroy it immediately after the recruitment process has ended.
4.1.5. For debt management purposes.
For this purpose, we process your full name, date of birth, personal identification number, residential address, information on payments, nature and amount of the debt, telephone number and email address.
For this purpose, we obtain your personal data directly from you and from third parties (e.g., court, bailiff, etc.).
For this purpose, we provide or communicate your data to courts, bailiffs, notaries, state and local authorities.
For this purpose, we retain your data until the debt has been settled/paid and in accordance with the limitation period of 10 years established by the Civil Code of the Republic of Lithuania.
4.1.6. For the purpose of ensuring a high standard of service and efficient resolution of disputes. With a view to improving the quality of our service, as well as to resolve disputes effectively, we record telephone exchanges when you call us on +370 5 233 3393.
For this purpose, we process personal data we receive from you, including your full name, voice, telephone number, date, time, length and content of the call.
Telephone conversations are recorded with your consent when you continue the call after the message has been played. You have the right to object to your call being recorded by ending the call.
For this purpose, we retain your data for 3 months from the date of the call recording.
4.1.7. For the purpose of improving our Website and providing you with better services.
We use your personal data, including the personal data we obtain when you use and/or visit our Website, to improve and enhance the Website and to offer you better and more personalised services. For this purpose, we use personal data we receive directly from you, personal data collected when you use our Website, and personal data we receive from others.
Please refer to Section 7 of this Privacy Policy for information on how we use cookies and similar technologies.
5. HOW DO WE COLLECT AND PROCESS YOUR DATA?
5.1. We process your personal data obtained in the following ways:
5.1.1. When you provide us with personal data.
5.1.2. When you use our Website, some information (such as your Internet Protocol (IP) address, etc.) is collected automatically.
5.1.3. When we receive your personal data from other persons as provided for by the legislation and/or this Privacy Policy.
5.2. You provide us with your personal data and other information by using our Website and/or visiting and deliberately participating in our Accounts, i.e. by writing to us or communicating with our team, by making enquiries and/or submitting complaints, instructions, comments, etc., or by subscribing to our newsletter. If you contact us in writing or by email, we retain the details of your correspondence as provided for in Clause 4.1.3 of this Privacy Policy.
5.3. The information you provide may include your full name, email address and telephone number, as well as the body of the message and other details.
5.4. When you use the Website and/or visit our Accounts, we automatically collect certain non-personal information (e.g., Internet Protocol (IP) address, your choice of web browser, number of times you have visited the Website, pages viewed and time spent on the Website, origin of your access to the Website, information about the device you are using, language, country, etc.). This information is used to improve the content, functionality and appeal of the Website and our social media Accounts.
5.5. You may always request rectification of inaccurate personal data and exercise your other rights as a data subject as outlined in this Privacy Policy and applicable legislation.
6. DO WE USE YOUR PERSONAL DATA FOR DIRECT MARKETING?
6.1. Yes, we may use your personal data for direct marketing purposes to provide you with offers and information about our services which we believe may be of interest to you. However, we only use your personal data for this purpose if you have given us your informed consent.
6.2. For this purpose, we process your personal data as specified in Section 4.1.2 of this Privacy Policy.
6.3. It is your choice whether you consent to us using your personal data for direct marketing purposes. You can express your choice by giving your consent, which you can withdraw at any time.
6.4. By authorising us to process your data for the purpose of direct marketing, you also authorise us to contact you for the same purpose by email, telephone, text messages/SMS, or other means of communication (e.g. Facebook, LinkedIn, etc.).
6.5. Even if you have consented to the processing of your personal data for direct marketing purposes, you can easily withdraw this consent at any time for all or part of the processing operations. You can do this in the following ways:
6.5.1. unsubscribe as described in the electronic notifications and/or offers (e.g., by clicking on the unsubscribe link in the newsletter), or
6.5.2. visit us (addresses available on https://nordicmetrology.com/kontaktai) and make a request. In the request, please clearly state your full name and other registration details so we can identify you properly.
6.5.3. Send us your request by email to [email protected]. The request should clearly state your full name and other registration details so that we can identify you properly.
6.6. Withdrawing your consent does not automatically compel us to destroy your personal data or to provide you with information about the personal data we process; if you wish us to do so, you must make this request separately.
7. HOW DO WE USE COOKIES?
7.1. For detailed information, please refer to the Cookie Policy here: https://nordicmetrology.com/cookies-policy/.
8. HOW DO WE PROTECT YOUR PERSONAL DATA?
8.1. Your personal data are processed within the territory of the European Union/European Economic Area (EU/EEA).
8.2. The processing of personal data may entail the transfer of such data to third countries outside the European Economic Area (EEA) which are not subject to the European Commission’s Adequacy Decision. Certain circumstances may also require processors acting on behalf of Nordic Metrology Science UAB to transfer personal data outside the EEA. In such cases, the transfer of personal data is subject to compliance with Articles 46-47 or 49(1) of the Regulation, in particular the standard contractual clauses, with additional security measures.
8.3. Transmitting information over the internet is unfortunately not completely secure. Whilst we take great care to protect your personal data, we cannot guarantee the security of the data when you transmit it to the Website; you accept the risks associated with the transmission of data to the Website. Once we receive your data, we will apply strict procedures and security measures to protect your data against unauthorised access.
8.4. In the unlikely event that we learn of a security breach of your personal data which may pose a serious threat to your rights or freedoms, we take immediate steps to notify you as soon as we become aware of the breach and identify the information accessed.
8.5. In compliance with the requirements of the Regulation, Nordic Metrology Science UAB has implemented the following organisational and technical measures to protect the personal data processed and to minimise the risk of loss, leak or other breach of the processed data:
8.5.1. internal and external data encryption;
8.5.2. depersonalisation of personal data;
8.5.3. data loss prevention software;
8.5.4. hardware and software measures allowing the recovery of access to and use of protected personal data in the event of a physical or technical breach;
8.5.5. physical and electronic control of employee access to the personal data processed;
8.5.6. various security measures to prevent unauthorised access to company premises.
9. EXTERNAL WEBSITES
9.1. The Website may contain links to external websites where we operate accounts and advertise our services. When clicking on the links to any such websites, please note that these websites and the services available through them have their own separate privacy policies, and we do not accept any responsibility or liability for these policies or for the personal data (contact or location data) collected on these websites or through these services. Please consult these policies before submitting personal data to these websites or using any of the available services. You should also refer to the privacy notices of any third parties operating these websites and contact the service providers directly if you have any questions about the way they use your personal data.
10. WHAT ARE YOUR RIGHTS?
10.1. when processing your personal data, we guarantee your rights in accordance with the Regulation and the Law on Legal Protection of Personal Data of the Republic of Lithuania. As a data subject, you may enjoy the following rights:
10.1.1. to know (to be informed) about the processing of your personal data;
10.1.2. to have access to your personal data that we process;
10.1.3. to request that false, inaccurate or incomplete personal data be rectified, supplemented or clarified;
10.1.4. to request that your personal data be destroyed when they are no longer required for the purposes for which they were collected;
10.1.5. to request the destruction of all personal data where the processing is unlawful or where you withdraw or withhold your consent to the processing of such personal data and such consent is necessary;
10.1.6. to object to the processing of your personal data or to withdraw your previous consent;
10.1.7. to request that the processing of your personal data be suspended (except for retention) in the event of disputes or in order to verify the lawfulness of the processing, the accuracy of the data, or where we no longer need your personal data, but you do not wish us to delete it;
10.1.8. to request that your personal data obtained on the basis of your consent or for the performance of a contract be made available, where technically feasible, in a readily readable format or to request that they be transferred to another data controller.
10.2. You may submit requests relating to the exercise of your rights to us in person, by post or by electronic means. Once we have received your request, we may ask you for proof of identity, as well as other additional information needed to address your request.
10.3. We aim to respond to your request no later than 30 calendar days from the date of receiving the request and all the documents necessary for us to provide a response.
10.4. If we consider it necessary, we may suspend the processing of your data, except for retention, until your request is resolved. If you lawfully withdraw your consent, we agree to cease processing your personal data immediately, and not later than within 30 calendar days, except in cases where we are required by law to continue to process your data, whether by applicable legislation, by legal obligations imposed on us, by court judgements, or by binding orders from competent authorities.
10.5. Should we refuse to comply with your request, our grounds for such refusal will be made explicit.
10.6. Should you disagree with our actions or our handling of your request, you may lodge a complaint against our actions and decisions with the competent public authority.
11. HOW CAN YOU LODGE A COMPLAINT?
11.1. If you wish to lodge a complaint about our processing of your personal data, please do so in writing, including as much information as possible, using the contact details provided in Section 2.1 of this Privacy Policy. We aim to cooperate with you and resolve any concerns you may have without delay.
11.2. If you believe that your rights have been compromised under the Regulation or any other applicable personal data protection legislation, you may lodge a complaint with our supervisory authority, the State Data Protection Inspectorate of the Republic of Lithuania. More information and contact details are available on the Inspectorate’s website at https://vdai.lrv.lt/. However, we would kindly urge you to first work with us in resolving any potential disputes.
12. HOW WILL THIS PRIVACY POLICY BE AMENDED?
12.1. This Privacy Policy becomes effective on the day of its publication on the Website. The Privacy Policy is available on the Website at all times. This Privacy Policy does not constitute an agreement between us and you regarding the processing of your personal data. We may amend this Privacy Policy at any time. Any changes to the Privacy Policy are communicated on the Website. Amendments and/or additions to the Privacy Policy become effective as soon as they are published on the Website. We kindly advise you to review our Privacy Policy regularly.