In this Privacy Policy (hereinafter referred to as the Privacy Policy) you will find information about how UAB Skrivanek vertimų biuras (hereinafter referred to as Skrivanek, Company, We) collects, stores and processes your personal data.
We comply with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the GDPR), as well as with the requirements of any other data protection legislation, in relation to the protection of your personal data.
Data controller
The controller of the personal data processing operations described in this Privacy Policy, which determines the purposes and means of data processing, is UAB Skrivanek vertimų biuras, legal entity code 300023429, address Švitrigailos st. 11B, Vilnius, Lithuania.
Data Protection Officer
If you would like to clarify, find out how the Company processes your personal data, or if you intend to exercise your rights as a data subject, please contact the Company’s designated Data Protection Officer: Rusnė Juozapaitienė, e-mail rusne@duomenuapsauga.eu, tel. No. +370 698 34316 (MB Asmens duomenų apsauga).
Application of the Privacy Policy
By reading this Privacy Policy (hereinafter referred to as the Privacy Policy), you will be able to find out how and for what purposes we process your personal data, where we obtain it, to whom we provide it, where we store it, and what your rights are as a subject of personal data.
The term “personal data” used in this Privacy Policy shall mean any information that may help identify your identity, both directly and indirectly.
Terms used in this Privacy Policy (e.g. data controller, data processor) shall be understood as defined and interpreted in the General Data Protection Regulation.
The Privacy Policy shall be governed by the law of the Republic of Lithuania.
Employees, shareholders and members of the governing bodies of the Company shall be informed about the processing of their personal data in accordance with the procedure approved by the Company’s internal legal acts.
Sources of Personal Data
We shall process your personal data obtained from the following sources:
a) When you submit it to us. You provide us with your personal data when you use our services, send us your CV, cover letters, communicate with us by telephone, e-mail or during meetings.
b) When you use our website. When you use our website, certain information (e.g. Internet Protocol (IP) address, type of web browser used) shall be collected automatically.
c) From devices. For example, when you visit the Company’s territory and premises where video surveillance is carried out.
d) From third parties. We may also receive your personal data from third parties in accordance with the procedure established by law and/or this Privacy Policy, for example, we receive your personal data from our customers. Our customer must inform the data subjects of such transfers of personal data before the data is transferred to Us.
e) From Skrivanek Holding SE group companies and offices.
Purposes of the Processing of Personal Data
Selection of employees, trainees, suppliers
When selecting employees, trainees, translation or training service providers, we shall process the following personal data of potential employees, trainees, service providers: name, surname, other information provided by the data subject in the curriculum vitae (CV), cover letter.
Data retention period: at the time of selection or for 1 year (with the data subject’s consent).
Legal basis: conclusion of a contract (Article 6(1)(b)) – in the case of application for a specific position. Consent of the data subject (Article 6(1)(a)) where the data are stored for future selections or where there is no application for a specific position.
Provision of foreign language course services (invoicing, preparation of cash receipts)
For the purposes of administering the language school and the provision of foreign language courses, we shall process the following personal data of language school participants: name, surname, telephone number, e-mail address, level of proficiency in the foreign language, the foreign language, the name of the workplace (in the case of a contract concluded with a legal entity), position (in the case of a contract concluded with a legal entity), the details of the representation (in the case of a contract concluded with a legal entity) and the signature.
Data retention period: 10 years after the end of the contract. VAT invoices and cash receipts are retained for 10 years from the date of issue.
Legal basis: the conclusion and performance of a contract with the data subject if the contract is concluded with a natural person (Article 6(1)(b)). Legitimate interest to process personal data of representatives of legal entities where the contract is concluded with a legal entity or an entity which concludes a contract on behalf of another entity (Article 6(1)(f)).
Data recipients: State Tax Inspectorate.
Provision of a foreign language assessment and determination service
When providing the foreign language assessment and determination service, we shall process the following personal data of the service recipients: name, surname, telephone number, e-mail address, foreign language proficiency level.
Data retention period: 10 years.
Legal basis: conclusion and performance of a contract with the data subject (Article 6(1)(b)).
Data recipients: Skrivanek PL.
Inquiry administration
We shall process the following personal data of interested parties in the course of providing our services: name, surname, company, telephone number, e-mail, service of interest, text of the message, name of the Facebook account (in the case of contact via Messenger).
Data retention period: 1 month.
Legal basis: legitimate interest in communicating with interested parties (Article 6(1)(f)).
Data recipients: Meta Platforms when contacted via Messenger.
Provision of translation and document validation services (invoices, cash receipts) for natural persons
When providing translation and document validation services, we may process the following personal data of our translation customers (natural persons and representatives of legal entities): name, surname, telephone number, e-mail address, signature, documents to be translated and the personal data contained therein.
Data retention period: translated documents shall be retained for 5 years after the order has been processed. VAT invoices and cash receipts are retained for 10 years from the date of issue. Other data shall be retained for 10 years after the end of the contract.
Legal basis: conclusion and performance of a contract with the data subject (Article 6(1)(b)). Legitimate interest to process personal data of representatives of legal entities where the contract is concluded with a legal entity or an entity which concludes a contract on behalf of another entity (Article 6(1)(f)).
Data recipients: State Tax Inspectorate.
Provision of translation and document validation services (invoices, cash receipts) for legal entities
When providing translation and document validation services, we may process the following personal data of the employees/representatives of the customers of our translation services (legal entities): name, surname, telephone number, e-mail address, signature, documents to be translated and the personal data contained therein.
Data retention period: translated documents shall be retained for 5 years after the order has been processed. VAT invoices and cash receipts are retained for 10 years from the date of issue. Other data shall be retained for 10 years after the end of the contract.
Legal basis: legitimate interest to process personal data of representatives of legal entities where the contract is concluded with a legal entity or an entity which concludes a contract on behalf of another entity (Article 6(1)(f)). The processing is necessary for the data controller to comply with statutory requirements (Article 6(1)(c)).
Data recipients: State Tax Inspectorate.
Administration of service providers (payment for services rendered, qualification, quality and eligibility)
When purchasing services, we carry out the administration and selection of service providers and may process the following personal data of the providers (translators, teachers, editors, layout designers, content creators, etc.): name, surname, personal identification number, address, telephone number, e-mail address, current bank account number, bank, participation in training/courses/educational programmes, diplomas, references, education, level of proficiency, level of foreign language skills, foreign language spoken, evaluation of the trial translation, individual’s signature and copy of the individual activity certificate.
Data retention period: copyright agreements shall be retained for 50 years. VAT invoices and cash receipts are retained for 10 years from the date of issue. Other data shall be retained for 5 years after the end of the cooperation agreement.
Legal basis: conclusion and performance of a contract with the data subject (Article 6(1)(b)). The processing is necessary for the data controller to comply with statutory requirements (Article 6(1)(c)). Legitimate interest to process personal data of representatives of legal entities where the contract is concluded with a legal entity or an entity which concludes a contract on behalf of another entity (Article 6(1)(f)).
Data recipients: State Tax Inspectorate, State Social Insurance Fund Board under the Ministry of Social Security and Labour.
Document management (clerical work)
In order to register and manage documents, we shall process the following personal data of senders, addressees, and other persons whose personal data are included in the drafting of letters: name, surname, e-mail address, telephone number.
Data retention period: 10 years.
Legal basis: legitimate interest in possession of documents (Article 6(1)(f)).
Data recipients: public authorities and bodies.
Company due diligence (ISO and other audits)
In order to carry out audits of the Company’s activities, we shall process all personal data of the Company’s customers, shareholders and service recipients.
Data retention period: data shall be retained for 10 years.
Legal basis: legitimate interest in carrying out inspections and audits of the company’s activities (Article 6(1)(f)).
Data recipients: external auditors.
Identification of existing customers
In order to identify customers and other persons visiting the Company’s premises, we shall process the following personal data: name, surname, e-mail address, telephone number.
Data retention period: 10 years after identification.
Legal basis: legitimate interest in customer identification (Article 6(1)(f)).
Improving the website, updating marketing campaigns, visitor statistics (use of cookies)
In order to improve the website, to provide and personalise marketing offers, to collect and analyse website visitor statistics and to ensure the functionality of the website, the Company’s website uses cookies, plugins and similar technologies. For this purpose, the Company shall process the following personal data: visitors’ computer browser and its version, language choice, region, browsing time, time zone, other information collected by cookies.
Data retention period: the retention period of personal data depends on the specific cookie used to collect the personal data, but in all cases the retention period shall not exceed 2 years.
Legal basis: consent of the data subject (Article 6(1)(a)), on which basis personal data collected by means of non-essential cookies are processed. Legitimate interest in ensuring that the website and the functionalities on the website are maintained (Article 6(1)(f)).
For detailed information about cookies, please refer to the Company’s Cookie Policy at https://skrivanek.lt/en/cookie-policy/.
Marketing (customer satisfaction surveys)
In order to obtain customer feedback on our services, we shall process the following personal data of the Company’s customers: e-mail address, telephone number, name, surname, company.
Data retention period: 3 years.
Legal basis: consent of the data subject (Article 6(1)(a)). Legitimate interest in improving the quality of services (Article 6(1)(f)).
Debt recovery
In order to ensure compliance with contracts and debt management, we shall process the following personal data of debtors: name, surname, company, telephone number, e-mail address, debt data.
Data retention period: 10 years after full fulfilment of the commitments.
Legal basis: Legitimate interest in the recovery of debts (Article 6(1)(f)).
Data recipients: debt collection companies.
Promotion of the Company’s visibility (social media management)
The Company manages social media accounts together with social media administrators in order to increase its visibility. The information that you provide on social networks or that you receive when you visit our accounts is controlled by the social network operators. We therefore recommend that you read the privacy notices of social network operators.
As the administrator of social media accounts, we choose the appropriate settings based on our target audience and our performance management and promotion objectives. Social network operators may have restricted the ability to change certain essential settings, and thus We may not be able to influence what information social network operators collect about you.
Data retention period: The information is provided in the privacy notices of social network operators.
Legal basis: Our legitimate interest in raising the profile of the Company (Article 6(1)(f) GDPR).
Recipients of Personal Data
We may provide your personal data to the following persons, taking into account the basis for the provision of the data and to ensure the security of the data transmitted to:
- state authorities, law enforcement agencies and other persons in accordance with the procedure established by the legislation of the Republic of Lithuania or where the provision of data is necessary for the purpose of asserting, exercising or defending the Company’s legal claims;
- debt collection companies;
- auditors, other consultants, notary offices, bailiff offices;
- SE Centre of Registers;
- public authorities and bodies;
- State Tax Inspectorate;
- social network administrators;
- the Board of the State Social Insurance Fund under the Ministry of Social Security and Labour;
- in the case of a dispute, to the people who provide us with legal services, attorneys;
- other group companies;
- data processors.
The Company engages data processors who will process personal data in accordance with Our instructions and to the extent determined by Us to the extent necessary to achieve the purposes of the data processing. When we engage data processors, we aim to ensure that they also have appropriate organisational and technical security measures in place and maintain the confidentiality of personal data.
With your consent, we may also provide personal data to other recipients.
We may also provide your data to protect your vital interests (for example, if you feel unwell on our premises and we need to seek medical help).
If we disclose your personal data to other groups of data recipients than those specified in this Privacy Policy, we will inform you thereof no later than at the time of the first disclosure of the data, unless we have already provided such information to you previously.
Transfer of Personal Data Outside the EU
We generally process and store data subjects’ personal data within the territory of the European Union or the European Economic Area (EU/EEA), but we may also transfer personal data outside the EU/EEA where this is necessary to fulfil the purposes for which the data are collected and processed.
We shall transfer your personal data outside the EU/EEA in accordance with the requirements of Chapter V of the GDPR if at least one of the following measures is implemented:
- The European Commission has recognised that the country to which the data is transferred ensures an adequate level of protection of personal data;
- A contract is concluded in accordance with standard terms and conditions approved by the European Commission;
- In case of compliance with codes of conduct or other safeguards under the General Data Protection Regulation;
- We have the individual and freely given consent of the data subject for the transfer of data outside the EU/EEA.
Profiling and Automated Decision-Making
The Company does not engage in profiling and automated decision-making that would result in significant consequences for you or have a significant impact on you.
Your Rights as a Data Subject
As a personal data subject, you shall have the following rights:
Right to information: You shall have the right to be fully informed about how your personal data is processed. This includes information on the purposes for which your data is collected, the legal basis for processing, the recipients of the data and the retention periods.
Right of access: You may request access to the personal data we hold about you. This allows you to check the accuracy and lawfulness of the data processed and how it is used.
Right to rectification and completion: If you notice that your personal data is inaccurate or incomplete, you shall have the right to have it corrected or completed.
Right to erasure (right to be forgotten): You shall have the right to request the erasure of your personal data when it is no longer necessary for the purposes for which it was collected. You may also request the deletion of your data if its processing is unlawful or if you have withdrawn your consent and there are no other legitimate grounds for keeping it.
Right to object and withdraw consent: You may object to the processing of your personal data in certain cases, for example when it is used for direct marketing purposes. In addition, if the processing is based on your consent, you shall have the right to withdraw this consent at any time.
Right to restrict data processing: In certain circumstances, you may request a temporary suspension of the processing of your personal data. This may apply when checking the accuracy of your data, in the event of a dispute, or when you want your data to be retained but not further processed.
Right to data portability: You shall have the right to receive your personal data in a structured, commonly used and computer-readable format and, where technically feasible, to transmit it to another data controller. This allows for seamless data portability and enables you to switch service providers if you wish to do so.
Right to complain: If you believe that your rights in relation to the processing of your personal data have been violated, you shall have the right to lodge a complaint with the competent supervisory authority, i.e. the State Data Protection Inspectorate, L. Sapiegos st. 17, Vilnius, e-mail address ada@ada.lt, website https://vdai.lrv.lt, as well as with the competent court of the Republic of Lithuania.
Right to compensation: If you have suffered damage as a result of the unlawful processing of your personal data, you shall have the right to claim indemnification for the damage caused.
These rights are essential tools to help protect your privacy and data protection. As a responsible data controller, we are committed to respecting these rights and ensuring that your personal data is processed fairly, securely and lawfully.
Procedure for Exercising Your Rights
You may exercise your rights as a data subject by sending a request by e-mail with an electronic signature to: info@skrivanek.lt, by visiting Our office, by post, by sending a request to: Švitrigailos st. 11B, LT-03228 Vilnius, or by contacting the Company’s Data Protection Officer.
The request for the exercise of the data subject’s rights must be legible, signed and contain the name, surname, address and/or other contact details of the data subject for the purpose of communication or for the purpose of obtaining a reply.
If the data subject exercises his/her rights through a representative, the representative shall indicate his/her name, surname, address and/or other contact details by which he/she wishes to receive a reply, as well as the name of the data subject and any other data necessary for the proper identification of the data subject, and shall provide the document or a copy thereof.
Final Provisions
The website may contain links to third-party websites, to legislation, as well as links to social networks (the possibility of sharing the content of the website on social networks). It should be noted that third-party websites linked to the Company’s website shall be subject to the privacy policies of such websites and the Company shall not accept any liability for the content of the information provided by such websites, the operation of such websites or the provisions of their privacy policies.
Update of the Privacy Policy
We may review and amend this Privacy Policy at any time. The amendments shall enter into force on the date of their publication on the websites.
We recommend that you always get acquainted with the most up-to-date version of the Privacy Policy.
The Privacy Policy was last updated on 4 September 2023.