1. INTRODUCTION
1.1. This Privacy Policy (the Policy) describes what personal data Wallter, UAB (the Wallter, we, us) collects and how we process them, with whom we share our clients, potential clients, candidates and visitors (You, Clients) Personal Data, which we collect when You visit and browse our website https://wallter.com/ (the Website), or when You open an account with us and use our electronic money and payment services (the Services), or when You contact us and communicate with us and provide Your Personal Data through the Website.
2. WHO WE ARE
2.1. Wallter is an electronic money institution providing Services to Clients in EEA/non-EEA countries and wishing to be a one-stop-shop for global payments. We offer financial services such as opening an IBAN account, domestic and cross-border payment execution (SEPA and SWIFT payments), issuing pre-paid cards, etc. Our goal is to enable Clients to perform global payments conveniently, quickly, and securely from anywhere, at any time.
2.2. We respect privacy of our Clients as well as potential Clients, applicants for an open job position at Wallter, suppliers to whom we are outsourcing operational functions and random visitors to our Website and we are committed to protecting Your privacy. Wallter Website and Client onboarding procedure are both operated together with other entities of Wallter group, located in the Israel and Romania. These entities operate as data processors and act strictly upon Wallter’s instructions.
2.3. Please, take some time and read carefully this Policy and get acquainted with the terms and conditions of Processing of Your Personal Data and information about Your privacy rights. If You provide Personal Data on behalf of someone else, You are required to inform them about Processing of their data and to refer them to this Policy. Do not hesitate to contact us if You have any questions regarding Processing of Your Personal Data or exercise of Your rights.
2.4. Data Controller
Wallter, UAB, a private limited liability company incorporated and registered under the laws of the Republic of Lithuania, legal entity’s code: 304740691, having its registered office address at Vilniaus St 28-201, Vilnius LT-01402, Lithuania, email: [email protected], is acting as data controller of Your Personal Data.
2.5. Data Protection Officer
In case of any questions regarding this Policy and/or the Processing of Your Personal Data, please contact our Data Protection Officer UAB “Privacy Partners“ at [email protected].
2.6. This Policy should be read and applied in conjunction with our General Terms and Conditions and Cookie Policy as they together set out the basis on which any Personal Data Walter obtained from You or collected from other sources (e.g. third parties, State registers, the Internet), or which You provide to us, through our Website or in connection with Your E-Money account (as defined in the General Terms and Conditions) will be processed.
2.7. When You complete any form, speak with our staff, make an inquiry or submit any details to us (including our data processors acting on behalf of us) or using our Website, we will process (collect, use, disclose, store, etc.) Your Personal Data in the manner described in this Policy.
3. DEFINITIONS
3.1. Unless otherwise defined, capitalised terms used herein shall have the following meanings:
Data Subject shall mean You or any natural person (including the director / representative or the true beneficiary of a legal person), who is using / has expressed and intention to use Wallter Services or is otherwise related to Wallter and / or the services provided by Wallter, and whose data is processed by Wallter.
GDPR (Regulation) shall mean Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
Personal Data shall mean any information, directly or indirectly related to You, which is received directly from You or from other sources and may be used to identify You.
Processing any operation which is performed on Personal Data or on sets of Personal Data, such as collection, recording, organization, structuring, storage, adaptation, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or other destruction.
3.2. The other definitions used in this Policy shall be understood as they are defined in the GDPR and other legislation governing the protection of Personal Data.
4. WHEN AND HOW WE PROCESS YOUR PERSONAL DATA?
4.1. We will only collect and process Your Personal Data when we have a legitimate purpose, and/or the law allows or requires us to do so. Most commonly, we will collect and process Your Personal Data in the following circumstances:
4.1.1. when we need to perform the contract, we have entered with You, or we are about to enter into, and we need to take certain steps at Your request;
4.1.2. when we need to comply with a legal or regulatory obligation;
4.1.3. when it is necessary for our legitimate interests and Your interests and fundamental rights do not override those interests;
4.1.4. when You consented to data collection and Processing for the particular purpose.
4.2. Your Personal Data is collected using different methods, including direct interactions when You provide us Your Personal Data by submitting forms online (e.g. on our Website) or when You communicate with us using various means of communication (phone, email, Whatsapp, Skype, etc.) as well as receiving Your data from third parties or publicly available sources, or by using automated technologies such as cookies and other tracking technologies.
5. WHAT PERSONAL DATA DO WE PROCESS?
5.1. The Personal Data we process (collect, use, store and share, etc.) about You depends on who You are and how we interact with You: whether You are our Client and user of our Services, or You express Your wish to become a Client, or You just a simple visitor to our Website and just browsing it, or whether You apply for an open job position at Wallter, or You a supplier to whom we are outsourcing operational functions. When we refer in this Policy to “Personal Data” we are referring to data about You (or other natural person) from which You could be identified directly or that makes You identifiable indirectly by one or more factors related and specific to You such as Your name, contact details, online identifier and even Your IP address.
5.2. The data we process is also directly related to the Processing purposes – we process only p Personal Data that is necessary for a particular legitimate and lawful purpose. The purposes for which Your Personal Data is processed depend on whether You are just a visitor to our Website or whether you are a Client or potential Client, a candidate for employment or a supplier to whom we are outsourcing of operational functions.
5.3. If You wish to open an E-money Account
5.3.1. First of all You must create a user login account in order to start the Client onboarding process, for this purpose we shall process:
- Your name (first name, last name)
- Phone number
The purpose of Processing To create a personal account and proceed to Client onboarding process
Legal basis for Processing (i) The necessity to take steps at Your request before entering a contract and (ii) Our legitimate interest to protect against possible fraud
The period of data storage (i) 8 years after the end of contractual relationship (closing Your account); (ii) If the Client onboarding process is unsuccessful and E-money Account is not opened, the data is stored for 2 years
5.3.2. To perform a Client onboarding and make a decision on opening an E-money Account You must login to Wallter onboarding page and submit Your application by providing information and documents necessary to verify if we can open an E-money Account; for this purpose, we shall process:
If You are a Private Client
- Your name (first name, last name)
- Personal code (if applicable) and/or date of birth
- Email address
- Phone number
- Residence address (Post code, City, Country)
- Living permit copy and data on the document (if applicable)
- ID card/ Passport copy and data on these documents
- Citizenship
- Politically Exposed Person status (or relative to PEP)
- Relation to US (citizen and/or tax resident)
- Tax identification number (TIN, if applicable) and tax residence country
- Occupation/Employment status (employer, position)
- Source of Funds and Source of Wealth details
- Technical data (IP address, location, creation date)
- Selfie/photograph of Your face.
If You are a Corporate Client
- Your name (first name, last name)
- Company name and position
- E-mail address
- Phone number
- Personal code (if applicable) and/or date of birth
- ID card / Passport copy and data on these documents
- Citizenship
- Residence address / Country of residence
- Tax identification number (TIN, if applicable) and tax residence country
- Politically Exposed Person status (or relative to PEP)
- Relation to the US (citizen or not)
- Counterparties (Company/Individual name; country)
- Agreement with counterparties
- If Client is an obligated entity – corporate Client’s customer personal information (Name, date of Birth, ID, etc.)
- Information concerning company’s director and authorized signatory, shareholders, ultimate beneficial owners (first name, last name, email, phone, date of birth, passport/ID card copy and data on these documents, relation to the US (citizen or not), PEP status (or relative to PEP), position within the company, residential address, selfie/photograph of the face, living permit copy and data on the document (if applicable))
- Technical data (IP address, location, creation date)
The purpose of Processing (i) To open and administer E-money Account and (ii) Possible fraud prevention
Legal basis for Processing (i) The performance of the contract or necessity to take steps at your request before entering a contract and (ii) Our legitimate interest to protect against possible fraud
The period of data storage (i) 8 years after the end of contractual relationship (closing Your account); (ii) If the Client onboarding process is unsuccessful and E-money Account account is not opened, the data is stored for 2 years
5.4. When we implement the Know Your Customer (KYC) principle and Anti-Money Laundering (AML) requirements
5.4.1. As part of our services, we are obligated to collect certain Personal Data and information and conduct obligatory KYC and AML procedures, including identity check, we will collect and process Personal Data of You, as our Client, or Client’s representative (if you are applying for a corporate account), their shareholders/ultimate beneficial owners (UBO):
- Your name (first name, last name)
- Photograph of your face
- ID card / Passport copy and data on these documents
- Identity check status
- Involvement in court procedures or relevant criminal record
- Applicable sanctions
- Status as PEP
- Counterparties (Company/Individual name; country);
- Agreement with counterparties
- If Client is an obligated entity – corporate Client’s customer personal information (name, date of birth, ID and etc.)
- Source of fund/source of wealth
The purpose of Processing To verify Client’s identity and to perform other obligatory KYC/AML procedures
Legal basis for Processing To comply with legal obligation (KYC/AML requirements set in the legislation – the Law on the Prevention of Money Laundering and Terrorist Financing of the Republic of Lithuania)
The period of data storage 8 years after the end of contractual relationship (closing Your account)
5.5. If You have an E-money Account and make and/or receive payments
5.5.1. When You are making and/or receiving payments (SEPA, SWIFT transfers or domestic payments) using Your E-money Account we shall process:
- Your name (first name, last name)
- Company name and counterparties
- Account number
- Payment details (transaction ID, sender, receiver, payment date, purpose, amount)
- Technical data (IP address, location, Log in time, user ID, etc.)
- Multiple required support documents and personal data specified in there (invoice, purchase declaration, service agreement, ID card/Passport copy, settlements, proof of account, websites, statements, others on demand)
The purpose of Processing Execution of payment transactions
Legal basis for Processing (i) The performance of the contract between us and You as a Client and
(ii) To comply with legal obligation (the Law on Payments of the Republic of Lithuania)
The period of data storage 8 years after the payment is completed
5.6. If You ask for a pre-paid card
5.6.1. When you wish to get physical or virtual pre-paid card from our partner UAB “Creditco”, we will collect Your Personal Data as necessary for issuing a pre-paid card and will transfer Your data to our partner who will be Processing Your data as an independent data controller according to its General Terms and Conditions https://creditco.lt/wip/ and Privacy policy https://creditco.lt/legal/?link=3.
If You are a Private Client
- Your name (first name, last name)
- Residential address (post code, city, country)
- Email address
- Phone number
- Date of birth
- Passport number and expiry date
- Bank account details
- Cardholder signature
- Technical data (IP address, location)
If You are a Corporate Client:
- Cardholder name and/or company name (to be displayed on the card)
- Cardholder details (full name, residential address, (postal code, city, country), email, date of birth, phone number, passport number and expiry date)
- Bank account details
- Cardholder’s position in the company
- Name of company’s director
- Authorized person’s signature
- Cardholder signature
- Technical data (IP address, location)
The purpose of Processing To issue and administer a payment card
Legal basis for Processing The performance of the contract between us and You as private or corporate Client or necessity to take steps at Your request before entering a contract
The period of data storage 8 years after the end of contractual relationship (closing Your account)
5.7. If You communicate with us or we answering to Your requests
5.7.1. When You contact us, including via e-mail and our Website, phone or using other communication tools (such as Whatsapp, Skype, etc.) to answer to Your requests and provide You with information and/or support we shall process:
- Your name (first name, last name) or login name
- E-mail address
- Phone number
- Other personal information You provide in your communication with us or is necessary to respond to Your request
- Company name and position
The purpose of Processing (i) To answer to Your requests/questions and provide information You have requested
Legal basis for Processing (i) The performance of the contract between us and You as our Client (for our clients) or (ii) Your consent (other persons)
The period of data storage (i) 5 years after the end of contractual relationship (closing Your account); (ii) If the E-money Account is not opened, the communication data is stored for 2 years
5.7.2. When we need to clarify information and/or data provided by potential Clients and/or our Clients (e.g. business activities, structure of ownership, etc.) we organize online meetings via Microsoft Teams or other means of communication, with Your consent, we shall record those meetings and process:
- Your name (first name, last name)
- Company and your position
- Your image including others who is participating in the meeting
- Recorded meeting
- Other personal information that is received and recorded during the meeting
The purpose of Processing To clarify information provided by potential Clients and/or our Clients
Legal basis for Processing (i) The performance of the contract between us and You as our Client or necessity to take steps at your request before entering a contract or (ii) Legitimate interest of the Company
The period of data storage (i) 5 years after the end of contractual relationship (closing Your account); (ii) If the E-money Account is not opened, the communication data is stored for 2 years
5.8. If You file a complaint with us
5.8.1. When You file any complaint in connection with our Services, we are obliged to handle the complaint, and we must therefore process:
- Your name (first name, last name)
- Company name and position
- Your address
- Your e-mail address, if your complaint is submitted or replied by e-mail
- Other personal information You provide in Your complaint and/or documents
- Date and method of receipt of the complaint
- Date of our reply
- The substance of the complaint
- The services or products complaint about
- The outcome of the complaint
The purpose of Processing Handling of Clients’/third parties’ complaints
Legal basis for Processing To comply with legal obligation (Resolution of the Board of the Bank of Lithuania No. 03-105 for Rules for examining financial market participants complaints; Resolution of the Board of the Bank of Lithuania No 03-23 for Rules for the Out-of-Court Resolution of Disputes between Consumers and Financial Market Participants)
The period of data storage 3 years from the date of the final resolution of the complaint
5.9. If You participate in the affiliate program
5.9.1. When You sign with us Referral Agreement and wish to introduce Wallter services to potential Clients, we shall process:
If You are Affiliate Partner – legal entity:
- Your name (first name, last name)
- Phone number
- Company name and position
- Signature
If You are Affiliate Partner – natural person:
- Your name (first name, last name)
- Country of citizenship
- Personal code (if applicable) and/or date of birth
- Residential address
- Phone number
- Signature
The purpose of Processing To ensure the implementation of affiliate program
Legal basis for Processing The performance of the contract between us and You or necessity to take steps at Your request before entering a contract
The period of data storage 8 years after the end or termination of the Referral Agreement
5.10. If You are an outsourced service provider of particular Wallter operational functions
5.10.1. When we are outsourcing operational functions to You, we shall process:
If you are service provider – legal entity:
- Your name (first name, last name)
- Information about company’s representative (full name, date of birth, position, country of residence, citizenship)
- Information about shareholders/UBO (if they are natural persons) (full name, personal code/date of birth, country of residence, citizenship, holding in shares (%))
- Signature
If you are service provider – natural person:
- Your name (first name, last name)
- ID card/Passport number, country and date of issue, date of expiry
- Personal code/date for birth
- Citizenship
- Residential address (city, country, postal code)
- Mobile number, e-mail address
- Signature
The purpose of Processing To perform due diligence and risk assessment of potential/current service provider
Legal basis for Processing To comply with legal obligation (Resolution of the Board of the Bank of Lithuania No. 03-166 on the approval of the rules on the outsourcing of operational functions of financial market participants)
The period of data storage 8 years after the end or termination of the contract
5.11. If You are applying for an open position in our company (Recruitment process)
5.11.1. Wallter is constantly growing company and we always looking for motivated persons who would like to start a career in FinTech. If you are applying for a job at Wallter in response to our job advert, whether advertised on our Website or profile on social media, or you are participating in recruitment performed by recruitment agency, we shall process Personal Data of job applicant and potential candidates for employment in order to assess the suitability of the candidate for a particular position he/she is applying for. During the recruitment process we shall process the data that You provide us with Your resume or application and/or we receive from other sources (e.g. recommendations from Your previous employers):
- Your name (first name, last name)
- Contact details (phone number, email)
- Education
- Work/professional experience (previous employers, positions including job description, certificates)
- Other information that You provide on your CV and cover letter (including but not limited to photograph, date of birth, residential address, etc. which are not mandatory and provided by sole intention of the applicant)
- Recommendations from previous employers
- Results/findings of the interview with the candidate including information from personality tests
- Communication with the candidate
- Information from screening against sanctions, including received from public data sources (for selected candidates for the respective position prior to entering employment contract)
The purpose of Processing Identifying and evaluating candidates for potential employment (assessing his/her suitability for position) and contacting candidates
Legal basis for Processing (i) Your consent (by applying for an open position and sending Your CV and other documents to Wallter) and (ii) Legitimate interest to select eligible candidates
The period of data storage Until the recruitment process is completed, but not longer than 1 year from the date of Your consent.
5.11.2. With Your additional consent we shall process (store) Your CV and/or additional information in our database of suitable candidates for future recruitments – if You were not offered to sign an employment contract but we believe that a particular candidate could fit for another position in the future
The purpose of Processing To contact a potential candidate and to offer to participate in selection for a an open position
Legal basis for Processing Your consent
The period of data storage 36 months
5.12. If You are a visitor of our Website
5.12.1. As You visit or interact with our Website, we may automatically collect technical data about Your equipment, browsing actions and patterns. We need to know what services are or could be most interesting and useful for our Clients, from which countries they come to our Website, how often they return, which browsers they use, on which devices the Website is browsed. We collect this Personal Data by using cookies, session logs and other similar technologies that helps to improve our Website, make Your browsing experience and our business decisions better as well as to enhance security. Please see our Cookie Policy for further details. Data we collect and process depends on cookie but usually it will be:
- IP address
- Your location (region You came from to our Website)
- Your device You are browsing from and the browser You use
- What content You are interested on our Website (the pages, subdomains You visit and the content You read)
- Referrer website (the sites that linked You to our Website, if any)
- Other data (depending on cookie or technology used)
The purpose of Processing To improve our Website and users experience, and ensure security
Legal basis for Processing (i) Our legitimate interest (IT security, marketing) and (ii) Your consent for Processing data for particular purpose (e.g. the use of cookies)
The period of data storage – depends on technologies used for data collection (more can be found on our Cookie Policy)
5.13. Links to other sites
5.13.1. Our Website may contain links to other sites, e.g. links to social media websites such as Wallter’s LinkedIn profile (https://www.linkedin.com/company/wallter-payments-ltd/); mandatory information from supervision authority (https://www.lb.lt/en/frd/view_license?id=446). This Policy is applicable only with respect to our Website and Services, but not any other sites. Therefore, we strongly recommend reviewing privacy policies of any websites that you may reach by following those links presented on our Website. We have no control and no responsibilities about any content or data processing by controllers of such other websites.
5.14. If You shall not provide us Your Personal Data
5.14.1. In case we need to process Personal Data by legal obligation or under the terms of a contract we have entered with You (or if we need to take steps at Your request prior to entering a contract) and You do not provide us with this Personal Data, we may not be able to comply with legal requirements and provide Services to You or will not be able to conclude and execute a contract with You.
6. DIRECT MARKETING
6.1. We may engage in various marketing activities and try to improve our services and user experience and/or provide our Clients with information about new products and services that might be interested in. You can subscribe to our newsletter on Website or to consent to Your Personal Data being processed for marketing purposes. You can fill in contact forms on our Website to receive information about our services. By subscribing to our newsletter, You will receive our latest blog posts, podcasts and updates from industry experts as well as we may ask You to evaluate our services or give us Your feedback. By filling in contact forms You will receive information about our services and regular information about our promotions, discounts, and special offers, or new product release. For this purpose, we shall process:
- Your name
The purpose of Processing To provide You with new information about our services or which could be interesting for You
Legal basis for Processing Your consent
The period of data storage 5 years from the consent
7. WHO CAN WE SHARE YOUR DATA WITH?
7.1. We put our best efforts to keep Your data safe and always require the highest level of security and confidentiality from our employees and partners.
7.2. We may share Your Personal Data with other Wallter group entities located in Israel and Romania and/or our trusted service providers. We use third party service providers to undertake processing operations on our behalf, and this may require us to share Your Personal Data with them when they provide services to Wallter. If our service providers need access to Your Personal Data to provide services to Wallter, this will be done only according to data processing agreements we shall sign with all our data processors. Nevertheless, we will control and shall always remain responsible for the use of Your Personal Data. The categories of entities that may have access to Your Personal Data:
- providers of information technology (IT) services such as hosting services and other key operational systems such as banking modules;
- providers of KYC/AML and fraud prevention services;
- other professional service providers such as accountants, legal consultants, audit firms etc.;
- our business partners who are a necessary part of the provision of our products and services (including payment card providers, other financial institutions, correspondent banks, etc.);
- State institutions to whom we are obliged to provide data (State Tax Inspectorate, Bank of Lithuania, Financial Crime Investigation Service, the police and/or other lawful enforcement agencies, courts, etc.);
- third parties who referred You to us initially and to whom we owe a commission payment because of the referral. Where the commission payment is based on transaction volumes, numbers or types of transactions, we may share that information with that third party, but we will not disclose the full details of each of Your transactions without Your further written consent;
- a prospective buyer of our business or a buyer of a substantial number of the shares in our business, if Wallter is involved in a merger, acquisition, or sale of all or a portion of its assets, You may be notified via email and/or a prominent notice on our Website of any change in ownership or uses of Your Personal Data, as well as any choices You may have regarding your Personal Data.
7.3. We may also provide Your data (or allow access to Your data) for our IT support service providers on case-by-case basis in case of specific incident resolution, e.g. customer service issue, security incident investigation, etc.
7.4. In some cases, when we provide Your Personal Data to third parties, those third parties may process Your Personal Data as independent data controllers. In such cases, we are not responsible for the Processing of Your Personal Data performed by such third parties.
7.5. We may also disclose Your data if required to do so by law or if we believe that such action is necessary to protect and defend the rights, property or personal safety of Wallter, its directors, employees.
7.6. Some of our service providers and partners are established outside the European Union (EU) or the European Economic Area (EEA) thus in certain situations we may need to transfer Your Personal Data outside the EU/EEA. Whenever we transfer Your data to the third countries outside the EEA, we ensure that an adequate degree of protection is afforded to Your data by ensuring at least one of the following safeguards is implemented:
- transfer Your data to countries that ensure an adequate level of protection of Personal Data by decision of the European Commission (“Adequacy Decision countries”);
- transfer of Your data based on appropriate safeguards implemented by data controller or processors, i.e. at least we will enter into agreements, such as standard contractual clauses (SCC) and require data receivers to provide the appropriate level of protection for the data;
- we may seek your consent for transfers of Your Personal Data for specific purposes.
8. WHAT ARE YOUR RIGHTS?
8.1. As a Data Subject You have certain rights in relation to the Processing of Your Personal Data. You can exercise the rights that are mentioned bellow by contacting us at [email protected].
- The right of access – You may, at any time, request access to the Personal Data that we hold which relates to You and receive a copy of data that we hold about You to enable You to check that it is correct and to ensure that we are Processing that Personal Data lawfully.
- The right to rectification– You may, at any time, request us to correct Personal Data that we hold about You which You believe is incorrect or inaccurate. We may ask You to verify any new data that You provide to us and may take our own steps to check that the new data You have supplied us with is right.
- The right to erasure (right to be forgotten) – You may also ask us to erase Personal Data if You do not believe that we need to continue retaining it. We are not always obliged to erase Personal Data when asked to do so; if, for any reason, we believe that we have a good legal ground to continue Processing of Your Personal Data that You have asked us to erase (e.g. Your Personal Data is still processed for other legitimate purposes or we have to comply with a legal obligation or for the establishment, exercise or defense of legal claims). If Personal Data is erased under Your request, we will only retain such copies of the information as are necessary for us to protect our or third parties’ legitimate interests, comply with governmental orders, resolve disputes, troubleshoot problems, or enforce any agreement You have entered with us.
- The right to restrict processing – in those situations when Processing of Your Personal Data is based on our legitimate interest You are entitled to ask us to stop Processing it in that way if You feel that our continuing to do so impacts on Your fundamental rights and freedoms or if You feel that those legitimate interests are not valid. You may also ask us to stop Processing Your Personal Data in these situations:
(i) if You dispute the accuracy of Personal Data we are Processing and want us to verify that data’s accuracy;
(ii) where it has been established that our use of the data is unlawful, but You do not want us to erase it;
(iii) where we no longer need to process Your Personal Data (and would otherwise dispose of it) but You wish for us to continue storing it to enable You to establish, exercise or defend legal claims.
- The right to data portability – You can ask us to provide You or transmit those data directly to another controller of Your choice, where technically feasible, certain Personal Data that we hold about You in a structured, commonly used machine-readable format. However, You must keep in mind that You may exercise the right of data portability only on data that is processed based on Your consent or on a performance of a contract between You and us and that is being processed by automated means. We can guarantee only transferring data to You on such occasions and cannot be responsible with technical compatibility of other party systems where data transfer is requested.
- The right to withdraw consent regarding processing of Personal Data – You may withdraw Your given consent for Processing of Personal Data for particular purposes at any time by informing us by email [email protected] or following the procedure that was specified before obtaining Your consent (e.g. clicking the link at the end of our message).
- The right to object (to automated decision making and profiling) – You have the right to be informed about the existence of any automated decision making and profiling of Your Personal Data and where appropriate, be provided with meaningful information about the logic involved, as well as the significance and the envisaged consequences of such Processing that affects You.
- The right to lodge a complaint with a supervisory authority – if You think that Your rights have been violated, You may file a complaint to a State Data protection Inspectorate (L. Sapiegos str. 17, LT-10312 Vilnius , phones: +370 5 271 2804 / 279 1445, fax +370 261 9494, email [email protected])
8.2. How can you exercise your rights?
8.2.1. You can submit a request by sending it by mail or e-mail or by submitting it through our Contact form on our Website, choose My personal data topic https://wallter.com/contact-us/. The request must provide sufficient details that allow us to properly understand, evaluate, and respond to it (should be clear, include Your name, information about what rights and to what extent You wish to exercise, and how You would like to receive a response and the request must be signed). If You submit Your application electronically, the information will also be provided electronically, unless You request in advance to provide it in different way.
8.2.2. Your request must also provide sufficient information that allows us to reasonably verify You are the person or an authorized representative of a person whose Personal Data we are Processing. If Your request is submitted by an authorized representative, a written authorization (power of attorney) and information that verifies the identity of the representative must be enclosed with the request.
8.2.3. We cannot provide You with the information or exercise Your other rights if we cannot verify Your identity. If we cannot identify You from the information provided or if we have reasonable doubts about Your identity, we may request to provide additional information about yourself.
8.2.4. We will endeavor to process Your requests and provide You with the information as soon as possible, but no later than 30 calendar days from the date of receipt of Your request. If due to certain circumstances, such as the complexity of the submitted request (e.g. if it is necessary to seek the assistance of data processors) or the large number of other requests processed by us, the period may be extended up to two further months. In such case we will inform You of any extension within one month of the receipt of Your request together with the reasons for the delay.
8.2.5. Requests are processed and information and data are provided free of charge, but we reserve the right, in certain cases, to either waive Your rights (where the request is unreasonable or disproportionate or repetitive), or the provision of information may be subject to charges – a reasonable fee considering the administrative costs of providing information or communication.
9. UPDATES OF THE PRIVACY POLICY
9.1. We may change this Policy from time to time based on changes to applicable laws and regulations or other requirements applicable to us, changes in technology, or changes to our business. Any changes we make to this Policy in the future will be posted on our Website at https://wallter.com/privacy-policy/. We may also notify you directly via e-mail about the changes and the effective date of the updated Policy. We encourage You to review the information and any changes to our Policy regularly. If You continue to use our services after the effective date that will mean that You have accepted the changes.
9.2. If You have any questions about our Policy or Processing of Your Personal Data, please contact us or our Data Protection Officer by contacts mentioned above.