PRIVACY POLICY
UAB “Added
Value”
1. Data Controller
UAB “Added Value” (hereinafter –
the Company), legal entity code 302680320, registered address Šeškinės
g. 6-65, Vilnius. Website: www.addedvalue.lt.
For data protection matters, you
may contact the data protection officer, Arvydas Vainoras, by e-mail at info@avalue.lt.
Please note that this website
uses cookies. By giving your consent, click the “I agree” button or continue
browsing. You may withdraw your consent at any time by changing your web
browser settings and deleting stored cookies. Further information is provided
in the “Cookies” section.
2. How and Why We Collect and Use Your Personal Data
UAB “Added Value” provides
accounting and audit services and therefore requires your personal data, which
may be collected in the ways described below. This Privacy Policy explains what
you can expect when the Company collects personal data about:
•
visitors to the website (www.addedvalue.lt);
•
persons who have contacted us;
•
persons who have purchased our services (clients and
their representatives);
•
job applicants.
3. Contacting Us
Our website provides several
ways for you to contact us. We receive, review and respond to all messages
ourselves. To contact us via the website, you will provide your name, surname,
telephone number and e-mail address. If you contact us by e-mail, we will
process the following data: your name, surname, e-mail address and the content
of the correspondence.
This data is processed in order
to respond to your enquiry and to prepare for the conclusion and performance of
a possible service contract (the legal basis being steps taken at your request
prior to entering into a contract and the legitimate interest of the Company in
communicating with persons who contact it). If you do not provide your contact
details, it will not be possible to contact you.
If an enquiry results in a
service order, the correspondence is retained in accordance with the
established procedure; if no order is placed, the enquiry form and
correspondence are deleted from the Company’s e-mail, except for information
for which other retention periods are set in this Privacy Policy or by law.
4. Data of Clients and Their Representatives
Upon conclusion of a service
contract, we process the data of the client’s representatives (directors,
contact persons): name, surname, position, contact details, and signature on
contractual and business documents. This data is processed in order to conclude
and perform the contract and to fulfil legal (accounting, tax) obligations.
5. Processing of Personal Data When Providing Accounting Services (the
Company as a Data Processor)
When providing accounting
services (bookkeeping, payroll calculation, etc.), the Company, on the client’s
instructions and on its behalf, processes the personal data of third parties –
the client’s employees, counterparties and natural persons – contained in the
client’s accounting documents. In such cases the Company acts as a data
processor, and the client company remains the data controller.
Such processing is carried out
solely in accordance with the client’s documented instructions and is governed
by a separate data processing agreement (Article 28 of the GDPR), which sets
out the subject matter, duration, nature and purposes of the processing, the
categories of data, and both parties’ obligations to ensure the security and
confidentiality of the data.
6. Processing of Personal Data When Performing an Audit
When performing an audit of
financial statements, we may access personal data contained in the documents of
the audited entity. This data is processed in the performance of a legal
obligation and a legitimate interest in carrying out the audit in accordance
with the Law on the Audit of Financial Statements and the International
Standards on Auditing (ISA). Auditors comply with the independence and
confidentiality requirements established by law. Audit working papers are
retained for the period set by law and by the Company’s quality control system.
7. Job Applicants’ Data
Upon receiving your CV or
application, we process the data you provide (name, surname, contact details,
information about your education and experience) for the purpose of the
selection process, on the basis of pre-contractual steps taken at your request.
If your application is not selected, the data is destroyed after the selection
process ends, unless you consent to us retaining it for possible future
recruitment; in such case we retain the data until consent is withdrawn, but no
longer than 1 year from the date of consent.
8. Disclosure of Data
As a rule, we do not disclose
your personal data. However, in order to ensure the proper provision of
services and business continuity, we may disclose information about you to our
employees – administration, accountants, auditors, managers – to the extent
reasonably necessary for the purposes set out in this Privacy Policy.
In certain cases we may be
obliged to transfer personal data where:
•
we are required to disclose the information under the
law, including cases where we must provide data to the tax authority or law
enforcement authorities for the purposes of crime prevention and detection;
•
we must disclose the data in connection with legal
proceedings or in order to obtain legal advice, or disclosure is necessary to
establish, exercise or defend our rights;
•
disclosure is necessary to protect the interests of us
or others (for example, to prevent fraud);
•
disclosure is necessary to protect your vital
interests.
The Company may also engage
service providers (e.g. IT, software, archiving) who process data on the
Company’s instructions under data processing agreements.
9. Data Retention Periods
The Company retains the personal
data it processes no longer than is required by the purposes of the processing
or provided for by law, or until the expiry of any limitation period for
claims. Retention periods established by law (the Law on Accounting, the
General Index of Document Retention Periods, and tax legislation) apply to
accounting and tax-related documents.
10. Your Rights
You have the right to request
that the Company give you access to your personal data being processed, to
request that it be rectified or erased, to restrict its processing, to object
to the processing, as well as the right to data portability.
Where the Company processes your
personal data on the basis of legitimate interests, you have the right, on
grounds relating to your particular situation, to object at any time to the
processing of personal data relating to you.
The right to request erasure, to
restrict processing, the right to data portability and the right to object are
not absolute – the law may set additional conditions for their exercise.
Right to Request Erasure of Data
We will only be able to comply
with such a request if:
•
your personal data is no longer necessary for the
purposes for which it was collected;
•
you withdraw consent and there is no other legal basis
for processing the data;
•
the data is not necessary to establish, exercise or
defend a legal claim.
Right to Restrict Processing
You may request restriction of
the processing of your data:
•
for the period needed to verify the accuracy of the
data, where you contest its accuracy;
•
where the processing is unlawful but you decide not to
request erasure of the data;
•
where the data is no longer needed by us but you
require it for a legal claim;
•
for the period during which it is determined whether
our legal grounds override your objection.
Right to Data Portability
You have the right to
portability of data we obtained from you with your consent or for the purpose
of concluding a contract – at your request, we will transfer a copy of the data
you provided.
11. Cookies
This website uses cookies.
Essential cookies are necessary for the website to function and do not require
consent. For other cookies (e.g. analytical), we ask for your consent. You may
withdraw your consent at any time by changing your browser settings and
deleting stored cookies.
12. Complaints
It is important to us to ensure
the protection of your personal data, and we therefore take any related
complaints seriously. When you contact us with a complaint, we use your
personal data only to examine the complaint, provide a response and assess the
quality of our services. If we receive a complaint about a member of our team,
we may need to disclose your identity to that person; you may state that you do
not wish this, and we will try to take your request into account, although it
may not always be possible to examine a complaint anonymously.
If you are concerned about the
Company’s actions (or inaction) and believe that this Privacy Policy or the law
is not being complied with, you may contact the Company at any time by any
means convenient to you. If the matter cannot be resolved with the Company, you
have the right to lodge a complaint with the State Data Protection Inspectorate
of Lithuania, or with the supervisory authority in the Member State of your
habitual residence, place of work or the place of the alleged infringement.
13. Updates to the Policy
Where necessary, the Company has
the right to update the information set out in this Privacy Policy.
Last updated: ____________

