1. FUNDAMENTAL PRINCIPLES
1.1. We prioritize the protection of your privacy and the security of your personal information. This privacy policy (referred to as „Privacy Policy”) describes our methods for processing and storing your personal data, explains your rights, and provides additional information regarding data handling practices.
1.2. The term „personal data” referenced in this Privacy Policy (referred to as „Personal Data”) encompasses any information or combination of information that can identify you directly or indirectly, including but not limited to your name, surname, email address, phone number, and similar identifiers.
1.3. Our data processing activities comply with the General Data Protection Regulation No. 2016/679 (EU) (referred to as „GDPR”), Lithuanian Republic legislation, and guidance from supervisory authorities.
1.4. This Privacy Policy applies when you utilize our website at https://www.netseptyni.lt/ (referred to as „Website”), access the client service system available on our Website, use web hosting and related services (referred to as „Services”), visit our social media profiles on LinkedIn, YouTube, Twitter, Instagram, Facebook and other platforms (referred to as „Social Media Accounts”), show interest in our offerings, contact us via telephone, electronic communication channels, or reach out regarding other matters.
1.5. The Website and Social Media Accounts may contain links to external websites, including business partner sites and promotional platforms for our services. When following links to external websites, please note that these sites maintain their own privacy policies, and we accept no responsibility for their policies or Personal Data collection practices. Please review the relevant privacy policy before submitting Personal Data to external websites or using their services.
1.6. By using the Services, visiting the Website or Social Media Accounts, contacting us, subscribing to our communications, completing job application forms, or reaching out for any other purpose, you acknowledge that you have read and accepted the terms of this Privacy Policy, including the specified purposes, methods, and procedures for Personal Data use. If you disagree with this Privacy Policy, you may not use the Services, Website, Social Media Accounts, or contact us regarding services, proposals, or other matters.
1.7. This Privacy Policy may be modified periodically. We encourage you to visit the Website regularly to review the current version of the Privacy Policy.
2. COMPANY IDENTIFICATION
2.1. The Website and Social Media Accounts are managed and administered, and the Services are provided by the data controller UAB Net septyni, a private limited liability company established in the Republic of Lithuania, legal entity registration number 303177902, address Savanoriu pr. 155, LT-50174, Kaunas, with data collected and processed in the Register of Legal Entities of the Centre of Registers (referred to as „Company” or „we”).
2.2. When receiving and processing Personal Data through client use of the Website and Social Media Accounts, we function as the data controller. When providing Services to clients and processing data entrusted to us, we operate as the data processor. Our data processor activities are outlined in the Data Processing Agreement.
3. PERSONAL DATA COLLECTION AND PROCESSING
3.1. Your Personal Data is processed through the following methods:
3.1.1. Direct provision by you during registration, Website usage, Service ordering, email or telephone communication, etc.
3.1.2. Automatic collection during your use of the Website and Social Media Accounts, including service usage history, IP address, cookies, Website visit history, settings, accessed URL links, etc.
3.1.3. Receipt from third parties, including public registers, state or municipal authorities, our partners, and other entities such as payment institutions regarding transactions.
3.1.4. Provision by third parties with your consent, including companies ordering our Services (our clients) who may specify your contact details or designate you as an authorized person.
3.2. We process Personal Data to offer and deliver Services, fulfill contractual obligations, pursue legitimate interests (ours or third parties’), and comply with legal requirements.
3.3. Individuals providing Personal Data are responsible for its accuracy, completeness, and relevance, as well as obtaining consent from data subjects whose information is shared with us. We may request confirmation of authorization to provide Personal Data (e.g., during service ordering or registration). When necessary (e.g., upon inquiry about data receipt), we will identify the data source.
3.4. Personal Data processing purposes, data types, retention periods, and legal bases:
| Processing Purpose | Personal Data Types | Retention Period | Legal Basis |
|---|---|---|---|
| Account registration, user identification, Service ordering and provision | Name, surname, username, email, password, phone number, employer information, position, representative relationship, service and account usage history, ordered and used service information and modifications | During account usage and 10 years after last login | Contract performance necessity (GDPR Article 6(1)(b)); Legitimate interests (GDPR Article 6(1)(f)) |
| Service quality assurance and proper usage, Service communication, ordering and extension | Name, surname, username, email, password, phone number, service and account usage history, telephone conversation records, ordered and used Service information and modifications, quality issue resolution information, request content and responses, live chat | During issue administration and 5 years after completion and last contact. Telephone records kept 6 months | Data subject consent (GDPR Article 6(1)(a)); Contract performance necessity (GDPR Article 6(1)(b)); Legitimate interests (GDPR Article 6(1)(f)) |
| Business agreement conclusion and performance, internal administration | Name, surname, phone number, address, position, employer, representative relationship, individual activity certificate details, other cooperation-required data | During Service provision/cooperation and 10 years thereafter, unless longer retention mandated by Lithuanian Chief Archivist Order No. V-100 of March 9, 2011 | Contract performance necessity (GDPR Article 6(1)(b)); Legitimate interests (GDPR Article 6(1)(f)) |
| Financial operations, accounting, debt management | Name, surname, email, phone number, position, employer, address, representative relationship, account number, credit institution, ordered and used Service information and modifications, payment information, debt information, payment processing and approval company data | According to regulatory legal acts and Lithuanian Chief Archivist Order No. V-100; Otherwise during contract/cooperation period and 10 years after expiry | Contract performance necessity (GDPR Article 6(1)(b)); Legal obligation compliance (GDPR Article 6(1)(c)); Legitimate interests (GDPR Article 6(1)(f)) |
| Job candidate assessment and selection | Name, surname, email, phone number, address, education and activity details, curriculum vitae content, correspondence content, other selection-necessary or candidate-provided information | During selection period and 1 year after completion with final candidate consent; Non-specific selection data stored 1 year after receipt | Data subject consent (GDPR Article 6(1)(a)); Legitimate interests (GDPR Article 6(1)(f)) |
| Information channel management (Website, Social Media Accounts), functionality and security assurance, quality improvement | IP address, cookie and setting data, browser information, login date and time, mobile device model and manufacturer, mobile operating systems (iOS, Android), password usage information, Social Media Account integration data | Website data stored per Cookies section; Non-cookie Website data stored maximum 1 year from collection unless consent withdrawn; Social Media Account information stored per network owner terms | Data subject consent (GDPR Article 6(1)(a)); Legitimate interests (GDPR Article 6(1)(f)) |
| Newsletter delivery, surveys, direct marketing | Name, surname, email address, survey announcement/questionnaire data, newsletter opening information | Data processed 3 years from consent grant or until consent withdrawal | Data subject consent (GDPR Article 6(1)(a)); Legitimate interests (GDPR Article 6(1)(f)) |
| Dispute and claim resolution | Name, surname, workplace address, position, legal entity representative relationship, phone number, email, claim or similar document content, dispute/claim-related information/documents | Throughout dispute/claim handling period and 10 years after non-judicial resolution and 10 years after judicial resolution completion | Legal obligation compliance (GDPR Article 6(1)(c)); Legitimate interests (GDPR Article 6(1)(f)) |
You have the right to object to data processing or withdraw consent when Personal Data is processed based on your consent.
3.5. Our Social Media Accounts provide company information and activities, may organize contests and surveys, and share job advertisements. Social Media Account users are subject to this Privacy Policy and the social network controllers’ privacy policies. When contacting us via Social Media Accounts, we may access certain user account information depending on privacy settings, including profile name, surname, picture, gender, email address, and location. Information provided during Social Media Account communication may become public depending on privacy settings.
3.6. We may use your provided contacts to send Service-related messages, including order confirmations, Service expiry notifications, and terms changes. These notices are necessary for Service provision and are not considered advertising.
3.7. To ensure proper and safe Service provision, we may contact you at your provided phone number when Services are expiring or security risks are detected. These communications are necessary for proper Service provision and do not constitute promotional calls.
3.8. You may change and update your information through your Website account or by contacting us. We may periodically request confirmation that your information is current and accurate.
3.9. For payment processing, we do not collect payment data and collect payments in Swedbank account. Please review Swedbank’s privacy policy.
3.10. We may publicly announce non-identifying data and provide it to partners to demonstrate general service usage trends.
4. DATA PROCESSING PRINCIPLES AND PRACTICES
4.1. We respect your privacy by collecting and processing only Personal Data necessary for specified processing purposes.
4.2. During Personal Data processing, we:
4.2.1. Comply with applicable legal requirements, including GDPR
4.2.2. Process Personal Data lawfully, fairly, and transparently
4.2.3. Collect Personal Data for specified, explicit, and legitimate purposes without further incompatible processing, except as legally permitted
4.2.4. Take reasonable steps to ensure inaccurate or incomplete Personal Data is corrected, supplemented, processing stopped, or erased promptly
4.2.5. Retain data in identifiable form only as long as necessary for processing purposes
4.2.6. Only provide Personal Data to third parties or make it publicly available as specified in this Privacy Policy or applicable legal acts
4.2.7. Ensure secure Personal Data processing through technical and organizational security measures and grant access only to employees requiring it for job functions
5. DATA SHARING AND TRANSFERS
5.1. Your Personal Data will only be transferred as specified in this Privacy Policy.
5.2. We may share your Personal Data with:
5.2.1. Partners, consultants (auditors, lawyers, tax consultants), and Personal Data processors (additional service providers, IT companies, advertising and marketing service companies, accounting service companies). We require processors to store, process, and handle Personal Data as responsibly as we do and only under our instructions.
5.2.3. State or municipal authorities, law enforcement, pre-trial investigation institutions, courts, and other dispute-considering institutions as required by Lithuanian law
5.2.4. Other third parties including payment institutions
5.2.5. Companies intending to purchase or purchasing Company business, engaging in joint activities, cooperating, or belonging to the same group
5.2.6. Domain Registry services:
- .LT Registry (https://www.domreg.lt/) operated by Kaunas University of Technology (Lithuania) – acts as data controller for .LT domain registrations
- .LV Registry (https://www.nic.lv/) operated by NIC.LV (Latvia) – acts as data controller for .LV domain registrations, processing personal data according to their privacy policy and .LV domain registration terms
5.3. We typically process Personal Data within the European Economic Area but may transfer data outside the EEA under these conditions:
5.3.1. Transfers only to reliable partners ensuring service provision
5.3.2. Signed contracts including standard contractual clauses ensuring Personal Data security
5.3.3. European Commission adequacy decision for partner’s country
5.3.4. Special permit from Lithuanian State Data Protection Inspectorate
5.3.5. Your consent for EEA external transfer
5.4. When acting as data processors, clients grant general permission to involve sub-processors. Sub-processor changes are communicated through Data Processing Agreement updates and written notice before processing begins.
6. YOUR RIGHTS
6.1. As a data subject, you have the following Personal Data rights:
6.1.1. Right to be informed about Personal Data processing
6.1.2. Right to access Personal Data and processing information
6.1.3. Right to request rectification or completion of incomplete Personal Data
6.1.4. Right to request erasure or processing cessation (except storage)
6.1.5. Right to request processing restriction under legitimate grounds
6.1.6. Right to data portability (exercisable with appropriate technical measures preventing other persons’ data breach risk)
6.1.7. Right to object to processing based on Company or third-party legitimate interest, including profiling (we may continue processing only with compelling legitimate grounds overriding your interests, rights, and freedoms or for legal claim establishment, exercise, or defense)
6.1.8. Right to withdraw consent for direct marketing processing, including profiling related to direct marketing (profiling may be conducted for customized solution and suggestion offers; you can withdraw automated processing consent or object)
6.2. To stop Personal Data processing for direct marketing, contests, surveys (including profiling), withdraw consent in your account, click newsletter links, or email [email protected].
6.3. We may refuse exercising rights except for direct marketing objection or consent-based processing when GDPR provisions prevent request satisfaction or when crime prevention, investigation, detection, professional ethics protection, and data subject, Company, and third-party rights protection is required.
6.4. Exercise some rights independently through account settings and information changes. Submit Personal Data processing requests or instructions via email [email protected]. We may request forms completion and identity document presentation for better request understanding. Email requests may require in-person visits or written requests depending on content.
6.5. Upon receiving Personal Data processing requests or instructions, we will respond within 1 month, performing specified actions or informing of refusal. This period may extend by 2 additional months considering complexity and request number, with 1-month extension notification.
6.6. When Personal Data is erased per your request, we retain information copies necessary for legitimate interest protection, state authority obligation compliance, dispute settlement, malfunction identification, or agreement compliance.
7. NEWSLETTER AND MARKETING COMMUNICATIONS
7.1. With your consent, we use Personal Data for direct marketing to provide newsletters, proposals, and service information we believe may interest you, and to request service quality and experience feedback.
7.2. Communications are sent via email, SMS, account messages, or telephone. Your contact details may be shared with partners/processors providing communication delivery and quality assessment services.
7.3. We collect information about communication recipients, including opened messages and clicked links, to provide more relevant and customized communications.
7.4. You may withdraw direct marketing consent fully or partially anytime by:
7.4.1. Changing email subscription settings in your customer system account
7.4.2. Following unsubscription instructions in electronic communications (clicking „unsubscribe” links)
7.4.3. Sending notice to the email address specified in this Privacy Policy (identity confirmation may be requested)
7.5. Newsletter consent withdrawal may result in continued receipt for a brief period due to pre-scheduled sending intervals and reasonable mailing list removal time.
7.6. Consent withdrawal does not automatically require Personal Data destruction or processing information provision; separate requests are needed.
7.7. We may use your email and telephone contacts for direct marketing about similar services without consent if you are an existing customer who did not object when providing data. You may object anytime by:
7.7.1. Changing email subscription settings in your customer system account
7.7.2. Following objection instructions in electronic communications
7.7.3. Sending objection notice to the Privacy Policy-specified email address
8. DATA STORAGE AND SECURITY
8.1. Personal Data is processed responsibly and securely, protected against loss, unauthorized use, and alteration. We implement physical and technical measures protecting collected information from accidental or unlawful destruction, damage, alteration, loss, disclosure, and other unlawful processing. Security measures correspond to processing risks.
8.2. Our employees have written commitments not to disclose or disseminate Personal Data to unauthorized third parties.
8.3. We avoid storing outdated Personal Data; when data is updated (account information corrections), only current information is stored. Historical information is retained when legally required or necessary for activity performance.
9. COOKIES AND TRACKING TECHNOLOGIES
9.1. Cookies are small text files storing information (often number and letter sequences identifying devices but may contain other information) used in device browsers (computers, tablets, mobile phones) according to settings and stored on device hard drives. „Cookies” in this Privacy Policy describes cookies and similar technologies including pixel tags, web beacons, and clear GIFs. Cookie usage ensures better and more effective Website functioning.
9.2. We use cookies to analyze information flows and user behavior, promote trust, ensure security, proper Website functioning, improvement, preference remembering for content personalization, and Social Media Account linking.
9.3. You can choose cookie acceptance. If disagreeing with browser or memory cookie storage, mark consent in the cookie bar, change browser settings, disable cookies (all, individually, or in groups), or follow official device instructions. Note that cookie opt-out may slow browsing, restrict Website functions, or block Website access. For detailed cookie opt-out information, see http://www.AllAboutCookies.org or https://www.google.com/privacy_ads.html.
9.4. We may use mandatory cookies necessary for Website functioning, analytical cookies, functional cookies for visit analysis and user preference adaptation, performance cookies, third-party cookies, and advertising cookies showing personalized and general advertising.
9.5. Google LLC tools used:
9.5.1. Google Analytics for Website usage analysis, report creation, and activity planning and forecasting. Google Analytics data is typically stored on Google Inc. servers in the USA. Prevent Google Analytics analysis by changing browser settings, saving an opt-out cookie (may be deleted with all cookies). Download and install browser add-on from https://tools.google.com/dlpage/gaoptout?hl=en to prevent Google data recording and processing.
9.5.2. Google Remarketing for re-advertising on Google Inc. partner network websites. Disable customized advertising and opt-out Google Inc. cookies at https://www.google.com/settings/ads (may save opt-out cookie deletable with all cookies).
9.5.3. Google Tag Manager for website usage analysis services. Cookie-generated information about Website usage (including IP address) is transmitted to and collected on Google servers in the USA for Website usage analysis, popularity report preparation, and related service provision. Google may transfer information to third parties if legally required or if processing on Google’s behalf. Google will not relate IP addresses with other Google-held data. More information: https://support.google.com/tagmanager/answer/9323295?hl=en.
9.6. Other tools:
9.6.1. Meta Pixel for remarketing to re-contact within 180 days and information analysis on Ads Manager platform for interest-based advertising on Facebook and other websites using this tool. More information: https://www.facebook.com/business/tools/meta-pixel.
9.6.2. LinkedIn Insight tag measures LinkedIn page traffic, advertisement effectiveness, and displays updated posts/advertisements. LinkedIn provides anonymized information including page traffic, follower numbers, reach and actions, new followers, and demographic distribution. More information: https://www.linkedin.com/legal/cookie-policy.
10. DATA PROCESSOR ACTIVITIES
10.1. We act as data processor when providing clients hosting and server services, managing Personal Data of client website visitors and employees. Data is received from clients or collected during service provision and processed for proper service delivery during website administration, system operation task resolution, proper functioning, and service provision.
10.2. Data is not processed longer than the client service agreement period unless longer processing is required to prove proper service provision. Client-controlled personal data processing terms are set in the Data Processing Agreement.
11. CONTACT INFORMATION
11.1. For Privacy Policy questions, contact us:
Email: [email protected] Address: Savanorių pr. 155, Kaunas, Republic of Lithuania Telephone: +370 639 69600
11.2. For Personal Data processing complaints, submit written complaints with maximum information. We will cooperate and attempt immediate issue resolution.
11.3. If believing GDPR rights have been violated, file complaints with our supervisory authority – State Data Protection Inspectorate (https://vdai.lrv.lt/). We seek prompt and amicable dispute settlement; please contact us first.
12. FINAL PROVISIONS
12.1. We may amend this Privacy Policy. Amendments are published on the Website through updated Privacy Policy uploads or other usual communication methods. Privacy Policy supplements or amendments take effect on specified update dates unless other effective periods are indicated.
12.2. Continued Website usage, service ordering, Social Media Account usage, or contact after Privacy Policy amendments indicates agreement with amended terms and conditions.