Privacy&Policy

Thank you for visiting our website. We are pleased that you are interested in Cidentify and our services. The protection of personal data is particularly important to us. When processing personal data, Cidentify complies with the Law on Legal Protection of Personal Data of the Republic of Lithuania, the General Data Protection Regulation as well as our internal data protection regulations.

This privacy policy contains information on how Cidentify handles personal data that is collected on the web site www.cidentify.com and explains how we handle your personal data in the course of your engagement in our services.

General information

The Controller

Person responsible for data processing is:

Cidentify (mažosios bendrijos)
Perkūnkiemio st. 13-91, LT-12114 Vilnius.
Lithuania

Web: www.cidentify.com
Email: info@cidentify.com
Phone: +370 682 91432

(“Cidentify“, “we“, “us“, and “our“)

What is the purpose of collecting personal data?

Cidentify needs your personal data to provide our services. The data you provide us with in the course of you using our services will only be used and processed for the purpose it was collected for. In order to provide our services, we will only use the information that you have given directly to us.

What personal data do we collect?

We collect your personal data that is relevant to our services or that you provide to us in the course of using our services.

Commercial and business services

We process data of our contractual and business partners, e.g. customers and interested parties (collectively referred to as "contractual partners") in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g. to answer enquiries.

We process this data to fulfil our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organisation. We only disclose the data of the contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the contractual partners (e.g. to participating telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities).

We inform the contractual partners which data is required for the aforementioned purposes before or in the course of data collection, e.g. in online forms, by means of special labelling (e.g. colours) or symbols (e.g. asterisks or similar), or in person.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration and response to requests, visit action evaluation, interest-based and behavioural marketing, profiling (creating profiles of users). And, the Legal bases are Contractual performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR), Legal obligation (Art. 6 para. 1 p. 1 lit. c. GDPR), and our Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR).

Consulting

We process the data of our clients, customers as well as interested parties and other clients or contractual partners (uniformly referred to as "clients") in order to be able to provide them with our consulting services. The data processed, the type, scope, purpose and necessity of its processing are determined by the underlying contractual and client relationship.

If it is necessary for the fulfilment of our contract, for the protection of vital interests or required by law, or if we have the client's consent, we disclose or transfer the client's data to third parties or agents, such as authorities, subcontractors or in the area of IT, office or comparable services, in compliance with the requirements of professional law.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration and response to requests, visit action evaluation, interest-based and behavioural marketing, profiling (creating profiles of users). And, the Legal bases are Contractual performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR), Legal obligation (Art. 6 para. 1 p. 1 lit. c. GDPR), and our Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR).

Offering services

We process the data of our users, registered users and any test users (hereinafter uniformly referred to as "users") in order to be able to provide our contractual services to them as well as on the basis of legitimate interests in order to ensure the security of our offer and to be able to develop it further.

The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration and response to requests, visit action evaluation, interest-based and behavioural marketing, profiling (creating profiles of users). And, the Legal bases are Contractual performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR), Legal obligation (Art. 6 para. 1 p. 1 lit. c. GDPR), and our Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR).

Technical services

We process the data of our customers and clients (hereinafter uniformly referred to as "customers") in order to enable them to select, purchase or commission the selected services or works as well as associated activities and to pay for and deliver them or to execute or provide them.

The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration and response to requests, visit action evaluation, interest-based and behavioural marketing, profiling (creating profiles of users). And, the Legal bases are Contractual performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR), Legal obligation (Art. 6 para. 1 p. 1 lit. c. GDPR), and our Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR).

Commercial services

We process the data of our customers and clients (hereinafter uniformly referred to as "customers") in order to enable them to select, purchase or commission the selected services or works and associated activities as well as their payment and delivery or execution or performance.

The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration and response to requests, visit action evaluation, interest-based and behavioural marketing, profiling (creating profiles of users). And, the Legal bases are Contractual performance and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. GDPR), Legal obligation (Art. 6 para. 1 p. 1 lit. c. GDPR), and our Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR).

User account / registration

It is also possible for you to register an account. For this purpose, you will need to provide us with your email address and password .Providing those will enable you to log in more easily without having to enter your data again when you use our services next. Cidentify stores the data you enter to set up a customer account. We will hold your data for further orders as long as you maintain your registration. You have the right to access, correct or delete your registration data at any time. The legal basis for the storage is Art. 6 Para. 1 lit. a ) GDPR.

Social Media Log In

You may also sign up using social log in from Facebook and Google. Using those however, is subject to the relevant providers privacy obligations. The legal basis for the storage is Article 6 lit. f) GDPR.

Passwords

You should never disclose your password for accessing our portal to any third party and you should change it regularly. If you want to leave your account, you should press the logout and close your browser to prevent anyone from gaining unauthorised access to it.

Blog and Comment Data

Within the Blog you may be able to display certain profile information, share certain details, engage with others, exchange knowledge and insights, post and view relevant content. Content and data is publicly viewable. You have choices about the information on your profile. You don’t have to provide additional information on your comment; however, comment information helps you to get more from our Services. It’s your choice whether to include sensitive information on your comment and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be available. The legal basis for the storage is Article 6 lit. f) GDPR.

Contacting Us

If you contact us via e-mail or our contact formthe data you provide will be stored so that your message can be forwarded to the correct contact person. This is done in accordance with Article 6 lit. f) GDPR to process your request. Your data provided will not be used for any other purposes, in particular not for advertising.

Newsletter

We send newsletters, e-mails and other electronic notifications with promotional information and only with the consent of the recipients or a legal permission. Apart from that, our newsletters contain information about our products, offers, promotions and Cidentify. Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other email addresses. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. The legal basis for the storage is Art. 6 Para. 1 lit. a) GDPR.

When will your personal data be deleted?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, the data processed by us will be deleted or restricted in their processing in accordance with Art. 17 and 18 GDPR. If the data is not deleted because they are required for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

When do we disclose your Personal Data?

We may share your information with organisations that help us provide the services described in this policy and who may process such data on our behalf and in accordance with this policy, to support our online offer and our services. If you wish to learn more about how the relevant provider process your personal data, please follow the link embedded in the above mentioned providers name.

Typically and unless otherwise stated in this policy, data may be shared on the basis of our contractual and pre-contractual obligations, in accordance with Art. 6 para. 1 lit. b) GDPR. Equally, if you have consented to it, or where there we have a legal obligation to do so or on the basis of our legitimate interests (e.g. when using agents, hosting providers, tax, business and legal advisors, customer care, accounting, billing and similar services that allow us to perform our contractual obligations, administrative tasks and duties efficiently and effectively). If we commission third parties to process data on the basis of a so-called "processing agreement", this is done on the basis of Art. 28 GDPR.

In relation to meta data obtained about you, we may share a cookie identifier and IP data with analytic service providers to assist us in the improvement and optimisation of our website which is subject to our Cookies Policy.

We may also disclose information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

Do you have questions about data protection?

If you have any questions or suggestions on the subject of data protection, please contact us.

Additional information

On what legal basis and how do we collect your personal data?

In accordance with Art. 13 GDPR the following informs you about the legal basis of us processing your data and unless the legal basis is not specifically mentioned, the following applies:

Consent – This is where we have asked you to provide explicit permission to process your data for a particular purpose. (Art. 6 Para. 1 lit. a and Art. 7 GDPR)

Contract – This is where we process your information to fulfil a contractual arrangement we have made with you. (Art. 6 Para. 1 lit. b GDPR)

Answering your business enquiries – This is where we process your information to reply to your messages, e-mails, posts, calls, etc. (Art. 6 Para. 1 lit. b GDPR)

Legitimate Interests - This is where we rely on our interests as a reason for processing, generally this is to provide you with the best products and service in the most secure and appropriate way. (Art. 6 Para. 1 lit. f GDPR). Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.

Legal Obligation – This is where we have a statutory or other legal obligation to process the information, such as for the investigation of crime. (Art. 6 Para. 1 lit. c GDPR)

Your Rights

You have a number of ‘Data Subject Rights’ below is some information on what they are and how you can exercise them.

Right to information: You can request information from us as to whether and to what extent we process your data.

Right to rectification: If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure: You may request that we erase your data if we are processing it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations. Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no legal or statutory obligation to retain data in this respect.

Right to restriction of processing: You may request us to restrict the processing of your data if you dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data, the processing of the data is unlawful, but you object to erasure and request restriction of data use instead, we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, oryou have objected to the processing of the data.

Right to data portability: You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and this processing is carried out with the aid of automated procedures. If technically feasible, you may request us to transfer your data directly to another controller.

Right to object: If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the assertion, exercise or defence of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right of complaint: If you are of the opinion that we violate data protection law when processing your data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision. If you wish to assert any of the aforementioned rights against us, please contact us using info@cidentify.com. In case of doubt, we may request additional information to confirm your identity.

Where the processing of your personal information is based on consent, you have the right to withdraw that consent without detriment at any time.

The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information.

We encourage you to get in touch if you have any concerns with how we collect or use your personal information.

What are the categories of data subjects?

Customers, interested parties, visitors and users of the online offer as well as our business partners.

Collection, use and storage of personal data

When you use the online offer, Cidentify collects different data from you, partly also so-called personal data. This is information that relates to an identified or identifiable natural person.

Social Media

You can find us in various social media networks. Through this, we would like to provide you with a broad, multimedia offer and exchange information with you on topics that are important to you. In addition to the respective provider of a social network, we also collect and process personal user data on our profile pages. This notice also informs you about the data we collect from you on our social media sites, how we use it and how you can object to the use of the data. For the respective data processing purposes and data categories, please refer to the respective offer listed in more detail below. The social media activities operated by us and detailed below are carried out on the basis of a balancing of interests pursuant to Art. 6 (1) f GDPR.

We would like to point out that social media networks may process user data outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. For details, please refer to the privacy policies of the relevant social media networks.

International transfers

There is no transfer by us to third countries outside the EU/EEA or to an international organisation unless appropriate safeguards are in place. These include the EU standard contractual clauses and an adequacy decision by the EU Commission.

Children Data

Children need particular protection when collecting and processing their personal data because they may be less aware of the risks involved. Compliance with the data protection principles and in particular fairness is central to all our processing of children’s personal data. Where we process a child’s personal data consent from whoever holds parental responsibility for the child is obtained. Children have the same rights as adults over their personal data. These include the rights to access their personal data; request rectification; object to processing and have their personal data erased.

Technical information

What happens with links to external pages?

For technical reasons, certain data must be collected and stored when you visit this web site. The following information is collected without your intervention and stored until automatic deletion after 10 days:

When accessing www.cidentify.com

For technical reasons, certain data must be collected and stored when you visit this web site. The following information is collected without your intervention and stored until automatic deletion after 10 days:

• • IP address of the requesting computer,
• • Date and time of access,
• • Name and URL of the file accessed,
• • website from which the access was made (referrer URL),
• • the browser used and, if applicable, the operating system of your computer.

How Is Your Personal Data Transmitted?

The internet servers of our provider meet current security standards. We try to protect your personal data against loss, misuse, unauthorised access, disclosure, alteration and deletion. The transmission of your personal data to the servers is carried out according to the security standards of the TLS method.

Online Payment, Secure data transmission and Credit card information

The transmission of your personal information during an order transaction is encrypted using industry standard Secure Socket Layer ("SSL") technology, (SSL encryption version 3). Any credit card information you provide will not be stored by us, but will be encrypted and collected directly from our payment service provider via hypertext transfer protocol secure ("https"). We may share information with our payment service provider, and you may need to provide credit or debit card information directly to the provider in order to process payment details and authorise payment following a secure link. The information which you supply to in such cases is not within our control and is subject to our payment service provider’s own Privacy Notice and Terms and Conditions.

Integration Of Services And Contents Of Third Parties

We use within our online offer on the basis of our legitimate interests (Art. 6 para. 1 lit. f. GDPR), content or services offered by third-party providers in order to integrate their content and services.

This always requires that the third-party providers of this content are aware of your IP address, since the content or service could not send to your browser without the IP address. The IP address is thus required for the display of this content and we endeavor to use providers that only use your IP address for the delivery of the content or services. However, Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as be linked to such information from other sources.

Automated decision-making and profiling

We do not use automation for decision-making and profiling.

Do Not Track

Do Not Track is a privacy preference you can set in most browsers. We support Do Not Track because we believe that you should have genuine control over how your info gets used and our site responds to Do Not Track requests.

Do Not Sell My Personal Information

We do not sell information that directly identifies you, like your name, address or phone records.

Hosting

The services for hosting and displaying the website are partly provided by our service providers as part of processing on our behalf. Unless otherwise explained in this privacy policy, all access data and all data collected in forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our relationship with them, please contact them as described in this privacy policy.

Content Delivery Network

For the purpose of a shorter loading time, we use a so-called Content Delivery Network ("CDN") for some offers. With this service, content, e.g. large media files, are delivered via regionally distributed servers of external CDN service providers. Therefore, access data is processed on the servers of the service providers. Our service providers work for us within the framework of order processing. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.

Changes

This policy and our commitment to protecting the privacy of your personal data can result in changes to this policy . Please regularly review this policy to keep up to date with any changes.

Queries and Complaints

Any comments or queries on this policy should be directed to us. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us.