1. Purpose of this Privacy Policy

1.1. This Privacy Policy sets out the terms and purposes of the processing of Users' Personal Data on the Website. By reading this Privacy Policy, Users will know how and for what purposes the Data Controller manages the User Data, with whom it is shared and what rights it grants to the User.

1.2. By using the Website and submitting their Personal Data, each User agrees that this Data will be processed in accordance with this Privacy Policy.

1.3. The provisions contained in this Privacy Policy have been prepared and on this Website Personal Data is processed in accordance with the requirements of the legal acts of the Republic of Lithuania and the Regulations.

2. Terms used

2.1. The following terms are used in this Privacy Policy to mean the following:

• 2.1.1. "Personal Data" or "Data" means any information about an identified or identifiable User, directly or indirectly (Data Subject).


• 2.1.2. "Data Processing" means any operation or sequence of operations performed by automated or non-automated means on Personal Data or Personal Data Sets, such as Data Collection, Recording, Sorting, Systematization, Storage, etc.


• 2.1.3. "Processor" means the Partners of the Data Controller as well as other natural or legal persons who process the Personal Data on behalf of the Data Controller.


• 2.1.4. Duomenų valdytojas is UAB Galminas Group, legal entity code 305432903, registered office at Vytauto st. 27-21, Gargždai, Republic of Lithuania.


• 2.1.5. "Website" means a website operated by a Data Controller at https://dipwork.com.


• 2.1.6. "Partners" are the Data Controllers of the Data Controller - legal entities with which the Data Controller constantly cooperates in order to recruit Users to partners in European countries.


• 2.1.7. "Privacy Policy" means this Privacy Policy, which sets out the basic rules for the collection, storage, processing and storage of Personal Data of the Data Controller applicable to Users when using the Website.


• 2.1.8. "Regulation" means the 2018 May 25 Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, which enters into force in the European Union and repeals Directive 95/46 / EC.


• 2.1.9. "User" means a natural person who has visited the Data Controller's Website and registered there by providing his / her Personal Data.

2.2. The other terms mentioned in this Privacy Policy are understood as they are explained in the Regulation, which you can access by clicking this link here.

3. Personal data is being processed

3.1. In order to register on the Website, the User must, and in other cases may provide the following Personal Data to the Data Controller:

• • Name


• • Last name


• • Email address


• • User photo


• • A copy of your driver's license


• • Copy of ID card / passport


• • Residence address (city)


• • Date of birth


• • Specialty (workspace)


• • Job status (employed or not)


• • Desired departure time


• • References from former workplaces


• • Information on education and qualifications


• • Salary information


• • Professional skills (work ability, ability to read drawings, language skills)


• • Work experience


• • Phone number


• • Health records and health data


• • Payroll bank account numbers


• • Social Security Number

3.2. The Data Controller also uses cookies on the Website to collect Data that reveals the characteristics of the use of this Website, the User's behavior or the automatically generated visit statistics. You can find more information about the cookies used on this Website in Section 6 of this Privacy Policy.

3.3. Personal Data provided by Users may be combined with Data obtained from other public or available sources. Such Data may be obtained by the Data Controller from the Users' former workplaces, feedback on other websites or social networks (for example, through an account on Facebook, LinkedIn, or Youtube). Such received Data is subject to the same rules as set forth in this Privacy Policy.

4. Purposes of the processing of personal data

4.1. Personal data provided by users is processed for the following purposes:

• 4.1.1. For the purpose of providing the Services. The Data Controller collects the Users' personal data and uses them to provide the following services:
  
  
  • • Registration of job candidates and job offers. Data controller as Collecting Consumer Personal Data on the Website helps Users to get the job they want in European countries. The Data Controller informs the Users about their respective job offers by e-mail. email, phone, or SMS.
  
  
  • • Registering and matching construction companies to find employees. The Data Controller registers on the Website construction companies or individuals who are looking for employees in the Scandinavian countries, stores the data of their managers or representatives, and brings them together with Users looking for such work accordingly. Such construction companies or individuals seeking to become employers of the Data Controller's Users are not considered Users within the meaning of this Privacy Policy and may exercise the rights set forth in this Privacy Policy only to a limited extent. The Data Controller informs potential employers about the relevant candidates by e-mail. email, phone, or SMS.


• 4.1.2. For the purpose of improving the website in order to offer more convenient services. The Data Controller collects Data about Users, statistics of their browsing on the Website, behavior in order to assess the functionality of the Website and to better improve the availability and convenience of the services offered.


• 4.1.3. For communication purposes. To enable the Data Controller to contact and answer any questions or requests the User may have.

5. Disclosure of Personal Information

5.1. The Data Controller ensures that the Users' Personal Data will not be sold, provided or otherwise transferred to third parties without a legitimate basis, as well as used for purposes other than those for which they were collected. The Data Controller may transfer the Data only in accordance with this Privacy Policy and the legal acts of the Republic of Lithuania.

5.2. The Data Controller may transfer the User's Personal Data to third parties only:

• 5.2.1. where required by law and necessary to achieve the purposes of this Privacy Policy;


• 5.2.2. if the individual consent of the User has been obtained for this Data transfer;


• 5.2.3. when it is necessary for the Data Controller to fulfill the concluded agreement with the User and to provide the services properly - to the Data Controller's Partners and branches in the Scandinavian countries;


• 5.2.4. Data transfer is mandatory upon request to law enforcement authorities in accordance with the procedure established by the legal acts of the Republic of Lithuania;


• 5.2.5. in other cases provided for in the Regulation and legal acts of the Republic of Lithuania.

5.3. For the purposes of providing the Services, the Data Controller transfers the Users' Personal Data to the Partners and the Data Controller's branches in the Scandinavian countries, which help the Users to find a job or employees. These companies may not use the transferred Data for purposes other than the provision of services to the Data Controller. These companies are required to process the Data transferred in accordance with this Privacy Policy only in accordance with the instructions given by the Data Controller and the applicable legal acts of the Republic of Lithuania. The Data Controller has entered into a separate data processing agreement with each of these companies, which contains the essential provisions of this Privacy Policy.

6. Use of cookies

6.1. On the Website, the Data Controller uses cookies, which are small text documents with a unique identification number and which are transmitted from the Website to the user's computer hard drive so that the Data Controller can distinguish the User's computer and see its activities on the Website.

6.2. With cookies, the Data Controller collects the following Data: IP address, browser type, demographic data, other Data that records the User's behavior on the Website.

6.3. The website uses the following types of cookies:

• 6.3.1. Session cookies. Session cookies allow to identify the User during one visit to the Website, to see his behavior, clicks during the session and to remember them when traveling from one page to another. Session cookies are temporary and are deleted as soon as you close your browser or log out of the website.


• 6.3.2. Analytical cookies. These cookies are used for the statistical analysis of the website visitors' navigation methods.

6.4. The Data Controller uses the Data received from the cookies used on the Website for the following purposes:

• 6.4.1. To identify users;


• 6.4.2. Analyze website visit statistics, User behavior;


• 6.4.3. To improve the quality of the services available on the Website.

6.5. With the help of computer settings, the user can edit the settings for the use of cookies, i.e. y. delete (block) cookies or part of them. The user can find more information about all cookie settings at http://www.allaboutcookies.org. The user can find more information about Google Analytics cookies and their settings at http://tools.google.com/dlpage/gaoptout. It is important to note that the package Depending on your cookie settings, some features of the Website may not work.

7. Data retention periods

7.1. The Data Controller shall retain the Personal Data of Users for the period specified in the applicable laws and other legal acts of the Republic of Lithuania and in this Privacy Policy, but not longer than is necessary to achieve the Data Processing purposes of this Privacy Policy.

7.2. After the User registers on the Website and submits his / her Personal Data or submits them to the Data Controller's Office, the Data Controller undertakes to keep them for no longer than 5 (five) years from the User's last visit to his / her account. , for a maximum of 5 (five) years from the last contact of the User with the Data Controller, unless a separate consent of the User has been obtained for storing the Data for a longer period. 5 (five) calendar days before the end of the 5 (five) year term, in both cases by the e-mail specified by the User. An inquiry is sent to the e-mail address, telephone or SMS message as to whether the User agrees to further processing of the Data. If the User expresses his disagreement or does not provide a response within the said 5 (five) calendar days, the Data Controller shall delete all Data related to the User, as well as the account in the system, if it has been created.

7.3. The Data Controller seeks not to store outdated and outdated Personal Data, therefore when the User updates them in his account, the old information is replaced with the current one. Historical information is stored if it is necessary in accordance with the procedure established by legal acts or for the performance of the activities of the Data Controller.

8. User Rights

8.1. Users have the following rights on the website:

• 8.1.1. know what personal data is being processed and for what purpose;


• 8.1.2. Access your Personal Data and download it to your computer in an easy-to-read format.


• 8.1.3. request that Personal Data be corrected or supplemented if it is inaccurate or no longer relevant;


• 8.1.4. request the deletion of Personal Data in the event of one of the provisions of Article 8.5 of the Privacy Policy. specified condition (right to be forgotten);


• 8.1.5. require the Data Controller to restrict the processing of the User's personal data in the event of one of the provisions of Article 8.7 of the Privacy Policy. specified condition;


• 8.1.6. require the transfer of Data to another data controller p. 8.8 of the Privacy Policy. in the order specified (right to transfer);


• 8.1.7. submit a complaint to the State Data Protection Inspectorate regarding illegal processing of Personal Data or Data Violation;


• 8.1.8. do not consent to the processing of Personal Data when such Data is processed or intended to be processed for direct marketing purposes.

8.2. The User has the right to submit any requests or instructions related to the processing of the User's Personal Data to the Data Controller in writing using the contact details (e-mail or postal address) specified in this Privacy Policy.

8.3. Together with the request, the User must submit his / her identity document or identify himself / herself by permitted electronic means of communication, except in cases where the written request is submitted directly, when it is possible to identify the User at the time of submitting the request.

8.4. Upon receipt of such a request or instruction, the Data Controller shall, not later than within 30 (thirty) days from the date of the request, submit a response and perform the actions specified in the request or refuse to perform them, indicating the reasons for the refusal. If necessary, depending on the complexity and number of applications, this period may be extended by a further two months. In this case, within 30 (thirty) days from the date of receipt of the request, the Data Controller shall inform the User about such extension, together with the reasons for the delay.

8.5. When the User requests the deletion of his / her Data, the Data Controller undertakes to delete the Personal Data without undue delay, if this can be justified by one of the following reasons:

• 8.5.1. Personal data are no longer necessary for the purposes for which they were collected or otherwise processed;


• 8.5.2. The User revokes the Consent on which the processing of Personal Data is based and there is no other legal basis for the processing of Personal Data;


• 8.5.3. The User does not consent to the processing of the Data in the legitimate interest of the Data Controller and the Data Controller does not establish overriding legitimate reasons for further processing of the Data;


• 8.5.4. Personal data has been processed illegally;


• 8.5.5. Personal data must be deleted in accordance with a legal obligation established by the law of the European Union or the Republic of Lithuania.

8.6. The Data Controller implements the erasure of the Data by encrypting the Users' Personal Data in such a way that it is impossible to trace and determine to whom it belongs.

8.7. The data controller is unreasonably obliged immediately restrict the processing of the User's Personal Data in one of the following cases:

• 8.7.1. The User disputes the accuracy of the Personal Data for the period during which the Data Controller can verify the accuracy of the Personal Data;


• 8.7.2. The processing of personal data is illegal and the User does not consent to the deletion of Personal Data and instead requests a restriction on their use;


• 8.7.3. The Data Controller no longer needs Personal Data for the purposes set forth in Section 4 of this Privacy Policy, but it does need it for the User in order to make, enforce or defend legal claims;


• 8.7.4. The User has objected to the processing of Personal Data on the legitimate grounds of the Data Controller's interest, pending verification that the Data Controller's legitimate reasons outweigh the User's reasons.

8.8. The User has the right to transfer the Data held about him / her to another data controller, and the Data Controller to whom the Personal Data has been provided must not create obstacles to this when:

• 8.8.1. Data processing is based on the User's Consent or Agreement;


• 8.8.2. Data is processed by automated means.

8.9. In exercising his right to Data Portability, the User has the right to request that the Data Controller transfer his / her Personal Data directly to another Data Controller, when this is technically possible.

8.10. The Data Controller reserves the right to refuse the User's requests, except for requests to refuse direct marketing offers and to apply to an out-of-court dispute resolution body, when necessary to ensure: (i) compliance with the legal obligations imposed on the Data Controller; (ii) public order or the prevention of criminal offenses; (iii) the protection of the rights and freedoms of consumers or others; or (iv) in the case of other provisions of Article 23 of the Regulation. 1 d. specified cases. In any case, if the Data Controller refuses to comply with the Users' requests, the Data Controller shall clearly state the reasons for such refusal.

8.11. All answers shall be provided to the User in a concise, transparent, comprehensible and easily accessible form, in clear and simple language. The Data Controller shall provide a copy of the processed Personal Data in electronic or paper format free of charge at the User's choice, and upon repeated request of the User, the Data Controller may charge a reasonable fee based on the administrative costs of making such a copy, not exceeding 50 (fifty) euros.

8.12. If the User notices illegal processing of his / her data or a dispute with the Data Controller arises, he / she has the right to apply to the out-of-court dispute resolution institution in Lithuania - the State Data Protection Inspectorate, at any time in accordance with the procedure indicated on its website.

9. Changes to the Privacy Policy

9.1. The Data Controller has the right to update this Privacy Policy, taking into account the amendments to the laws and by-laws of the Republic of Lithuania.

9.2. The Data Controller recommends that Users visit the Website regularly to find the latest version of the Privacy Policy. The Data Controller may notify of changes to the Privacy Policy using the contact details provided by the User.

10. Contact information

All documents and questions related to this Privacy Policy can be sent to the following contacts:

When sending by post - Vytauto st. 27-21, Gargždai, Republic of Lithuania.

Sending e-mail info@dipwork.com

Last updated on May 25, 2018