• December 9, 2024
  • Sasnavos st. 18, LT-68113 Marijampole

PRIVACY NOTICE

PRIVACY NOTICE

General Provisions

UAB “Mantinga Logistics”, legal entity code 300603706, registered office address at Sasnavos str. 18, LT-68113, Marijampolė, tel. + 37034356883, (hereinafter - we, the Company) understands that the protection of personal data is important for our customers, suppliers, partners and all persons (hereinafter - data subjects) who cooperate or use the services of the Company. For this reason, we take all necessary measures to ensure the privacy of each data subject and the exercise of personal data protection rights.

You can contact our appointed personal data protection officer and all data protection-related issues by e-mail at asmensduomenys@mantinga.lt .

In this privacy notice, we present all information about how we, acting as data controllers, process personal data, including information about the purposes and legal grounds for the processing of personal data, what data is collected and further processed, how long it is stored, to whom they are provided, what rights you have and where you can apply for their implementation or any other issues related to the processing of personal data.

Our employees and members of the management body are informed about the processing of their personal data in accordance with the procedure laid down in the internal legal acts of the Company.

The Privacy Notice is prepared based on the following legal acts:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter - the GDPR);
  • Law on Legal Protection of Personal Data of the Republic of Lithuania No XIII-1426 (hereinafter - LPPDL);
  • Law on Electronic Communications of the Republic of Lithuania No IX-2135;
  • Guidelines from the State Data Protection Inspectorate (hereinafter - SDPI).

This Privacy Notice is an integral part of the Personal Data Protection Policy approved by the Company.

How do we collect your data?

Depending on the nature of our cooperation, we process the following personal data:

  • Received directly from the data subject (you), for example, when you send us inquiries, share your experience via specified contacts, send us your CV in order to apply for job vacancies;
  • Which are generated when you use our services, for example, when you visit our website;
  • Which we receive from other sources such as public authorities, insurance companies, and other third parties.

For what purposes and what personal data do we process?

Purpose of data processing 

Legal basis for data processing

Data categories

Duration of data storage

Data processors

Conclusion and execution of contracts with customers

Execution of the contract, Chapter 6 (1)(b) of GDPR

Name, surname, telephone number, place of residence, bank details, personal document number, individual activity certificate number, personal identification number, VAT payer‘s number, e-mail, the content of correspondences and the information given therein

10 years after the contract expires

UAB “Terra IT”

Execution of orders for transportation abroad

Execution of the contract, Chapter 6 (1)(b) of GDPR

Name, surname, personal identification number (if a natural person), telephone number, e-mail address of the customer or his representative

Driver‘s name, telephone number, vehicle plate number

10 years

UAB “Terra IT”

Execution of orders for transportation in Lithuania

Execution of the contract, Chapter 6 (1)(b) of GDPR

Name, surname, personal number (if a natural person), telephone number, e-mail, address of customer or his representative

10 years

UAB “Terra IT”

Order execution analytics

Execution of the contract, Chapter 6 (1)(b) of GDPR

Name, surname, personal number (if a natural person), address

5 years

UAB “Terra IT”

Debt administration

Legitimate interest, Chapter 6 (1)(f) of GDPR

Name, surname, telephone number, place of residence, bank details, personal document number, individual activity certificate number, personal identification number, VAT payer‘s number, e-mail

10 years

Recipients are not used

Accounting of customer invoices

Legitimate interest, Chapter 6 (1)(f) of GDPR

Name, surname, telephone number, place of residence, bank details, personal document number, individual activity certificate number, personal identification number, VAT payer‘s number, e-mail

10 years

UAB “Mantinga Group”

Search for suppliers

Legitimate interest, Chapter 6 (1)(f) of GDPR

Name, surname, telephone number, address, position, e-mail, photo

5 years

Recipients are not used

Conclusion and execution of contracts with partners

Execution of the contract, Chapter 6 (1)(b) of GDPR

Name, surname, telephone number, bank details, personal document number, individual activity certificate number, personal identification number, VAT payer‘s number, e-mail, position

10 years after the contract expires

Recipients are not used.

Handling complaints and inquiries

Legitimate interest, Chapter 6 (1)(f) of GDPR

Contact details, the content of addressing

5 years after the response to the request

Recipients are not used.

Sending newsletters for direct marketing purposes

Consent, Legitimate interest, Chapter 6 (1)(a) and (f) of GDPR

E-mail address, newsletter readability statistics, number of openings, time, date

Until withdrawal of consent or 3 years

Recipients are not used.

Selection of candidates for vacancies

Consent, Legitimate interest, Chapter 6 (1)(a) and (f) of GDPR

Name, surname, date of birth, education, marital status, work experience, contact information, curriculum vitae, CV submission date, interests, results of competence test

Until the end of the selection, if consent is given - 2 years after the end of the selection

“Mantinga” UAB

Filming of the area for the purposes of property protection, prevention and investigation of incidents at workplace

Legitimate interest, Chapter 6 (1)(f) of GDPR

All information obtained by filming the person, without audio recording

14 days, unless the data is used as evidence in incident investigations or pre-trial investigations

Recipients are not used.

How do we protect your data?

In order to assess the level of security appropriate to the risk in the processing of data, the Company has implemented all appropriate technical and organisational measures. When selecting and implementing appropriate technical and organisational measures to ensure the security of data processing, we are guided by:

Who do we provide your data to?

For processing personal data, the Company only uses data processors that ensure compliance with the GDPR and the same level of security of personal data as set out in our personal data protection policy.

Here we provide a list of categories of data recipients of the Company:

  • State institutions in accordance with the procedure laid down by the laws;
  • Companies providing data centres, hosting, cloud, website administration and related services, creating, providing, supporting and developing software, companies providing information technology infrastructure services, companies providing communication services;
  • Subcontractors;
  • Law enforcement authorities at their request or on our initiative, if there is a suspicion that a criminal offence has been committed, as well as courts and other dispute settlement bodies;
  • Personal data may be made available to other companies of the group of companies for the purpose of internal administration on the basis of legitimate interest.

Do we provide your data outside the European Union and the European Economic Area?

We ensure that your data is processed in accordance with the requirements and standards established by European Union legislation and inform you that your data is processed only within the limits of the European Union and the European Economic Area.

Or

Your data may be transferred outside the European Union and the European Economic Area by signing contracts that meet the requirements of the European Union with data processors.

Data may be transferred outside the European Union and the European Economic Area when such transfer is necessary for the conclusion, execution of contracts, and proper provision of services provided by the Company. In such cases, we ensure that we take the necessary steps to ensure that the data transfer is properly performed and that the rights of data subjects are protected.

When providing data outside the European Union and the European Economic Area, the Company follows the decision of the European Commission on the adequacy of the state concerned, as well as on standard contract terms and conditions.

Consequences of failure to provide data

You have the right to refuse to provide your personal data, but the provision of your personal data is required and necessary for the purposes set out in this Privacy Notice, therefore, if you do not provide your personal data, we would not be able to achieve the objectives listed.

What rights do you have and how can you exercise them?

In accordance with the provisions of the GDPR, you, as a data subject, can exercise the following rights:

  1. 1. The right to access personal data. I.e. to submit a request for information on whether your personal data is being processed and if your personal data is processed, you have the right to access your personal data processed.
  2. The right to rectification of personal data. I. e. to submit a request for rectification of your personal data if you determine that the personal data processed by us are incorrect, incomplete or inaccurate.
  3. 3. The right to delete the data (the right to be forgotten). e. to request to delete your personal data if you believe that your data is being processed unlawfully or fraudulently.
  4. The right to restriction of the processing. I.e. to submit a request to restrict (suspend) the processing of your personal data, except for storage: in the case, for example, when you request the rectification of your personal data (as long as the accuracy of your personal data is checked and/or it is corrected), it is determined that the personal data is processed unlawfully and you do not agree to the deletion of the data, you have expressed an objection to the processing of your personal data, etc.
  5. The right to data portability. I.e. to submit a request to transfer your personal data, which is processed by automated means, to you and/or another data controller in a structured, commonly used and computer-readable format.
  6. The right to object to data processing. I.e. to express an objection to the processing of personal data where the data is processed on the legal grounds of legitimate interest or public interest.
  7. The right to require not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on you or similarly significantly affects you.
  8. 8. The right to withdraw the consent given to us for processing personal data at any time, for example, for direct marketing.

You can exercise your rights as follows: 

  • By sending us a free-form request at the following e-mail address: asmensduomenys@mantinga.lt. The request must be signed with an electronic signature or the request must be accompanied by a copy of the personal document certified by a notary so that we can verify your identity.
  • When sending a request by registered mail at the address Sasnavos str. 18, LT-68113, Marijampolė, the request must be signed. The request must be accompanied by a copy of your identity document certified by a notary.
  • You can also exercise your rights through a representative. In this case, your representative must provide his/her name, surname, contact details, a copy of the personal identity document certified by a notary, and information about you, namely: name, surname, and other data on the basis of which we could identify you as a data subject, as well as provide a copy of the document justifying your representation certified by a notary.

The request must be legible, signed, and it must include the name, surname, place of residence of the data subject and other data of the desired form to maintain communication, information about which of the data subject’s rights and to what extent the data subject wishes to exercise them.

We will respond to your request at least within one month from the date of receipt of the request. In exceptional cases requiring additional time, we will have the right to extend the time limit for considering the presentation of the requested data or other requirements specified in your request up to two months from the date of your address.

Where can you address for the questions related to personal data?

If you have any questions regarding the information given in this Privacy Notice or regarding the protection of your personal data and the exercise of your rights in the Company, please contact our representative responsible for data protection in any way convenient to you:

If a mutually satisfactory solution cannot be found, you have the right to apply to the State Data Protection Inspectorate at the following address L. Sapiegos str. 17, Vilnius, e-mail at ada@ada.lt .

Cookies

A cookie is a small text file that a website places on your computer or mobile device browser when you visit the website. This allows the website to “remember” your actions and preferences (such as your registration name, language, font size and other display options) for a certain period of time so that you do not have to re-enter them every time you visit the website or browse its different pages.

The information collected by cookies allows us to ensure your ability to browse more conveniently and learn more about the behaviour of website users, analyse trends and improve the website.

You can find out what cookies are used on this page and how to manage them in the cookie control panel on each page.

What cookies we use?

In order to ensure that you can use the website more conveniently and efficiently, we use the following cookies:

  • Required:
Cookie nameCookie purposeExpiration
wp-wpml_current_languageUsed to maintain a user session.Valid until the browser is closed
PHPSESSIDUsed to maintain a user session.Valid until the browser is closed
  • Google Analytics:
Cookie nameCookie purposeExpiration
ga - Google AnalyticsTo collect information about website traffic.2 years
_gat - Google AnalyticsTo regulate the number of requests.10 minutes.
gid_Google AnalyticsFor tracking purposes to distinguish between users.24 hours.
_utma - Google analyticsTo collect statistical information about website traffic.2 years
_utmz - Google analyticsTo collect statistical information about website traffic.6 months.

Final Provisions of the Privacy Notice

The Privacy Notice is amended at the discretion of the Data Controller or in the event of a change in the requirements of applicable legal acts.

The website publishes an up-to-date version of the Privacy Notice and therefore it is recommended to familiarise yourself with the latest version.

The Privacy Notice was last updated on 11 January 2024.