Privacy Policy

GENERAL PROVISIONS

We care about your privacy and the security of your data, so we have developed this Privacy Policy (hereinafter the “Privacy Policy”), which explains how we process and protect your personal data, what your rights we ensure, and provides other information about the processing of your personal data.

As used in this Privacy Policy, the term “personal data” (hereinafter referred to as “Personal Data”) means any information or set of information by which we may directly or indirectly identify you, such as your name, email address, telephone number, etc.

When processing Personal Data, we comply with the provisions of the General Data Protection Regulation No. 2016/679 (EU) (hereinafter - GDPR) and the requirements of the legal acts of the Republic of Lithuania, as well as the instructions of the controlling authorities.

The Privacy Policy applies when you visit the GoRamp website of the transport services management system, which we administer, available at https://goramp.eu/ (hereinafter the “Website”), our accounts on Facebook, LinkedIn and Instagram social networks (hereinafter “Social Accounts”), view the information provided by us, order the services we offer, use the ordered services to post information, access information or exchange information on the Website, contact us by phone, electronic communication channels, express your interest in our offers or apply for other issues.

The Website may contain links to third party websites or social network accounts (such as the websites of users of our services). The websites or social network accounts accessed through such links are not subject to this Privacy Policy. Please review their privacy policies before submitting your Personal Data to these websites or accounts.

If you order services from us and use them, visit our Social Accounts, contact us, subscribe to our newsletter, we consider that you have read and agree to the terms of the Privacy Policy and the purposes, methods, and procedures for the use of Personal Data set out therein. If you do not agree with the Privacy Policy, you may not use the Website, Social Accounts, or contact us for offers of our services.

This Privacy Policy is subject to change, so please visit the Website from time to time to read the latest version of the Privacy Policy published.

 

 

WHO ARE WE?

We are UAB Gorampa, a private limited liability company established in the Republic of Lithuania, legal entity code 304436133, address Švitrigailos g. 8-507, Vilnius, data are collected and processed in the Register of Legal Entities of the Centre of Registers, State Enterprise (hereinafter the “Company” or “us”).

We manage the Website and Social Accounts and act as a Personal Data Controller in offering and providing services, performing the Company’s day-to-day operations, or complying with legal requirements.

When Personal Data are provided using our services (for example, an employer who orders services from us, provides the employee’s Personal Data in a service account created and controlled by the employer), we act as a processor of Personal Data. Such processing of Personal Data are subject to the terms and conditions of Us as a processor of Personal Data set out in the personal data processing agreement. 

 

 

WHAT YOUR PERSONAL DATA DO WE PROCESS?

We process your Personal Data obtained in the following ways:

When you provide us with Personal Data, for example, register on the Website, order our services, contact us by e-mail or telephone, etc.;

When we collect your Personal Data when you use our Services and the Website, Social Accounts, such as the history of use of the Services, your IP address, the history of your visits to the Website, your choices, open URL links, etc.;

When we receive Personal Data from other parties, for example, when we receive information from public registers, state or local government institutions or bodies, our partners, other third parties, such as payment institutions, about payments made, etc.;

When your personal data, with your consent, is provided to us by other persons, including companies using our services, for example, when such Companies indicate your contacts, refer to you as an authorized person, and so on.

We process personal data as data controllers in order to offer and provide services, to fulfil our contractual obligations, as well as pursuing our or third parties’ legitimate interest, in compliance with legal regulations or obligations.

The person providing Personal Data to us, both when providing his/her Personal Data and Personal Data of other persons (such as employees, representatives), is responsible for the correctness, completeness, and relevance of such Personal Data, as well as for the consent of the data subject for his/her Personal Data provision to us. We may ask you to confirm that a person has the right to provide us with Personal Data (for example, by filling in service order or registration forms). If necessary (for example, a person inquires us about receiving his/her Personal Data), we will identify the provider of such data.

We process your Personal Data for the following purposes and under the following conditions:

Personal Data processing period
Legal basis for the processing of Personal Data
Provision of Services, use of registered user’s account and user identification
First name, surname, username, e-mail, password, phone number, work address, workplace, position, relationship with the legal entity represented, service and account usage history, content and messages associated with the services and account, content of other users
During the period of use of the account and 5 years after the last login to the account, and in case of revocation of the consent – until the expiry of the consent (when data are processed on the basis of consent)
Consent of the data subject to the processing of such data (Article 6(1)(a) GDPR)
Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Service quality administration and fraud prevention
First name, surname, username, e-mail, password, phone number, work address, workplace, position, relationship with the represented legal entity, history of use of services and account, content and messages related to services and account, information required to resolve service quality issues
During the issue administration period and 5 years after the end of the issue administration or last contact
Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Consultations on services, administration of inquiries
First name, surname, e-mail, phone number, place of work, position, relationship with the represented legal entity, contents of the request and response to the request
During the question administration period and 5 years after the end of the question administration or the last contact, and in case of revocation of the consent – until the expiry of the consent (when data are processed on the basis of consent)
Consent of the data subject to such data processing (Article 6(1)(a) GDPR)
Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Sending service messages
First name, surname, username, e-mail, phone number, information about ordered and used services and their changes
During the issue administration period and 1 year after the end of the issue administration or the last contact, and in case of revocation of the consent – until the expiry of the consent (when data are processed on the basis of consent)
Consent of the data subject to such data processing (Article 6(1)(a) GDPR)
Conclusion and execution of contracts necessary for the company’s activities, other internal administration
Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
First name, surname, phone number, e-mail, position, place of work, address, relationship with the legal entity, when the legal entity is represented, self-employment certificate data, other data required for cooperation
During the period of provision of services/cooperation and 5 years after the end of provision of services/cooperation unless a longer storage period is mandatory in accordance with the Index of General Document Storage Periods approved by order No. V-100 of the Chief Archivist of the Republic of Lithuania of 9 March 2011.
Data processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) GDPR)
Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Execution of financial operations, accounting, debt management
First name, surname, e-mail, phone number, position, place of work, address, relationship with the represented legal entity, when a legal entity is represented, account number, credit institution, payment information, debt information, data transferred by the company collecting the contributions and confirmations of payments
According to the regulatory legal acts, as well as in accordance with the Index of General Document Storage Periods approved by order No. V-100 of the Chief Archivist of the Republic of Lithuania of 9 March 2011.
Data processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) GDPR)
When the data does not fall within the above-mentioned storage area – the period of validity of the contract/cooperation between the parties and 10 years after the end of the contract/relationship (last contact)
Data processing is necessary for to fulfil a legal obligation imposed on the data controller (Article 6(1)(c) GDPR)
Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Evaluation and selection of candidates for the offered job
First name, surname, e-mail, phone number, address, education and activity data, content of the CV, other information required for the selection/evaluation of the candidate or provided by the candidate
The selection period and 3 months after the selection if the candidate's consent to the retention of data after the selection has been obtained.
Consent of the data subject to such data processing (Article 6(1)(a) GDPR)
When data are received not for a specific selection, they shall be stored for 3 months after the date of their receipt
Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Management, ensuring operation, security, and quality improvement of electronic information submission channels (Website, Social Accounts)
IP address, data collected with the help of cookies and settings, browser used, date and time of connection, mobile device model and manufacturer, mobile device operating system (iOS, Android), password usage information.

Data collected through the integration of social accounts
Website data are stored as described in the “Cookies and Other Tracking Technologies” section of this Privacy Policy. 

Website data that is not included in the cookie information is stored for a maximum of 1 year from the date of collection, unless the person revokes his/her consent (when the data are processed on the basis of consent. 

Information in social accounts is stored according to the conditions set by the owner of this network
Consent of the data subject to such data processing (Article 6(1)(a) GDPR)

Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Sending news, conducting surveys, direct marketing, advertising services
First name, surname, e-mail address, phone number, the data requested in the survey announcement/questionnaire
Data are processed for 5 years from the receipt of consent
Consent of the data subject to such data processing (Article 6(1)(a) GDPR) 

Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Settlement of disputes and claims
First name, surname, workplace address, workplace position, contact with the represented legal entity, phone number, e-mail, the content of the claim or other similar document, information/documents related to the dispute/claim
The entire period of the dispute/claim and 3 years after the end of the out-of-court dispute/claim resolution and 10 years after the end of judicial proceedings.
Data processing is necessary to fulfil a legal obligation imposed on the data controller (Article 6(1)(c) GDPR) 

Legitimate interests of the data controller or a third party (Article 6(1)(f) GDPR)
Personal data being processed
Purpose of the processing of Personal Data

You have the right to refuse or revoke your consent to the processing of your Personal Data at any time when these are processed on the basis of your consent. 

We post information about ourselves and our activities in Social Accounts, we can also organize surveys here and share advertisements about the employees we are looking for. In addition to this Privacy Policy, users of social accounts are also subject to the privacy policies and rules of the managers of social networks that include Social Accounts. When you contact us on Social Accounts, we may see certain user account information depending on the social network privacy settings chosen by the account user, such as profile first name, surname, image, sex, e-mail address, location, if the user makes this information publicly available. If a user publishes information by communicating with us on Social Accounts, depending on the privacy settings chosen, the published information may be made public (for example, displayed on our specific Social Account).

On the Website, we provide registered service users with the opportunity to see the information specified in the service user’s account, personal contacts, written messages, communicate, place orders, and track the history of services. This information will not be visible to unregistered users. It will also not be visible when a user’s account is inactive (for example, if the user does not renew the service agreement with us).

In some cases, we may send you messages related to ordering or providing our services, for example, informing you about the confirmation of the service order, the expiration date of the ordered services, changes in the provision of services. Such notices are necessary for the proper provision of our services and are not considered promotional notices.

You have the right to change and update your information provided to us. In some cases, we need to have accurate, up-to-date information about you, so we may ask you periodically to confirm that the information we hold about you is correct.

 

 

HOW DO WE USE YOUR PERSONAL DATA AND WHAT PRINCIPLES DO WE KEEP?

We collect and process only such Personal Data as is necessary to achieve the Personal Data Processing Purposes we have specified.

When processing your Personal Data

We comply with the requirements of current and applicable legislation, including GDPR;

We process your Personal Data in a lawful, fair, and transparent manner;

We collect your Personal Data for specified, clearly defined and legitimate purposes and do not process them in a way incompatible with those purposes, except to the extent permitted by law;

We take all reasonable steps to ensure that Personal Data that is inaccurate or incomplete, in accordance with the purposes for which they are processed, would be rectified, supplemented, suspended, or destroyed without delay;

We hold them in such a form that your identity can be established for no longer than is necessary for the purposes for which the Personal Data are processed;

We do not provide Personal Data to third parties or disclose them, other than as set forth in the Privacy Policy or applicable law;

We ensure that your Personal Data are processed securely. 

 

 

TO WHOM AND WHEN DO WE TRANSFER YOUR PERSONAL DATA?

We will only transfer your Personal Data as described in this Privacy Policy.

Information published on the Website and/or Social Networks may be viewed by other service users and/or Visitors to Social Accounts. We require users of the Services to comply with our Terms of Use. We also reserve the right to provide information about you if required to do so by law or if required by law enforcement, prosecuting authorities, or other authorities with the authority to give binding instructions regarding the provision of information.

We may transfer your Personal Data to:

Our partners or consultants such as auditors, lawyers, tax, business consultants, investors and so on.

Personal Data processors that we use, such as ancillary service providers, companies providing advertising and marketing services, accounting services, IT programming services, cloud and hosting services, IT security, maintenance, and technical service providers, etc. We require data processors to store, process and handle Personal Data as responsibly as we do and only in accordance with our instructions.

Social network platform operators (so that we can publish your content to Social Network accounts):

LinkedIn Ireland Unlimited Company (Ireland);

LinkedIn Corporation (USA) (data are transferred according to EU standard contractual clauses);

Facebook Ireland Ltd. (Ireland);

Facebook, Inc. (US) (data transferred according to EU standard contractual clauses).

State or local self-government institutions and authorities, law enforcement and pre-trial investigation institutions, courts and other dispute resolution institutions, other persons performing functions assigned by law, in accordance with the procedure provided for by legislation of the Republic of Lithuania. We provide these entities with mandatory information required by law or specified by the entities themselves;

Other third parties, such as payment institutions, etc.;

If necessary, to companies that intend to buy or would buy the Company's business or would conduct joint activities with us or would cooperate in another form, as well as to companies established by us.

We normally process Personal Data within the European Economic Area, but in some cases your Personal Data may be transferred outside the European Economic Area (hereinafter “EEA”). Your Personal Data will only be transferred outside the EEA under the following conditions:

Data are transferred only to our reliable partners who ensure the provision of our services to you;

Data processing or provision agreements have been signed with such partners, which ensure the security of your Personal Data;

The Commission of the European Union has decided on the eligibility of the country in which our partner is established, i.e., an adequate level of security is ensured; or

You have given your consent to the transfer of your Personal Data outside the European Economic Area.

 

 

WHAT RIGHTS DO YOU HAVE? 

As a data subject, you have the following rights with regard to your Personal Data:

To know (to be informed) about the processing of your Personal Data (right to know);

To access your Personal Data and the way they are processed (right of access);

To request the correction or, depending on the purposes of the processing of Personal Data, supplementing of incomplete Personal Data (right to rectification);

To request the erasure of your Personal Data or the suspension of your Personal Data processing activities (excluding storage) (right to erase and right to “be forgotten”);

To request us to restrict the processing of Personal Data for one of the legitimate reasons (right to restrict);

The right to transfer data (right to transfer). This right will be exercised only if there are grounds for its exercise and appropriate technical measures to ensure that the transfer of the requested Personal Data does not pose a risk of security breach to the data of other persons;

The right to object the processing of your personal data when we process Personal Data on the basis of a legitimate interest of the Company or a third party, including profiling. If you object, we will only be able to further process your Personal Data for compelling legitimate reasons that take precedence over your interests, rights, and freedoms, or to make, enforce or defend legal claims;

Revoke your consent to the processing of your Personal Data when this data are processed or intended to be processed for direct marketing purposes, including profiling as far as such direct marketing is concerned (based on the Personal Data you provide, profiling may be carried out for direct marketing purposes in order to offer you individually tailored solutions and proposals. You can revoke your consent to the processing of personal data by automated processing, including profiling, or object to it at any time).

If you do not want your Personal Data to be processed for direct marketing purposes, you may opt out of such processing for the purposes of conducting surveys, including profiling, without giving reasons for the refusal (disagreement) by writing an e-mail to info@goramp.eu or in another way specified in the message provided to you (for example, by clicking on the relevant link in the newsletter).

We may refuse to implement your rights listed above, except for refusal to process your Personal Data for direct marketing purposes or in other cases where Personal Data are processed with your consent, where GDPR provisions allows us to disregard your request, or where in cases provided for by law, the prevention, investigation, and detection of criminal offenses, breaches of official or professional ethics must be ensured, as well as the protection of the rights and freedoms of the data subject, us and others.

You can exercise some of your rights as a data subject by changing the settings of the user account and the information contained therein. You may submit any request or instruction related to the processing of Personal Data to us in writing by e-mail info@goramp.eu. When you make such a request, we may, in order to better understand the content of your request, ask you to complete the necessary forms, as well as provide an identity document or other information that will help us verify your identity. If you make a request by e-mail, depending on its content, we may ask you to come to us or make a written request.

Upon receipt of your request or instruction regarding the processing of Personal Data, we will, no later than within 1 month from the date of the request, provide a response and perform the actions specified in the request or inform you why we refuse to perform them. If necessary, the specified period may be extended by a further 2 months, depending on the complexity and number of applications. In this case, we will notify you of such an extension within 1 month of receiving the request.

If Personal Data are deleted at your request, we will retain only copies of information that is necessary to protect the legitimate interests of us and others, to comply with government obligations, to resolve disputes, to identify disruptions, or to comply with any agreements you have with us. 

 

 

WILL WE SEND YOU NEWS? 

You can give us your consent if you wish to receive our offers and information about our services, activities and offers. You can also give us your consent to help us evaluate the quality of our services.

With your consent, the news of your choice will be sent to you by e-mail or SMS to the telephone number specified by you, as well as by notifications in your account. After receiving your consent, we can inquire about the quality of our services and maintenance by e-mail, message in your account or by contacting the telephone number provided by you, as well as invite you to fill in quality assessment forms.

We will try not to abuse the right to share news, which you have provided to us. After sending the news, we can collect information about the people who received it, for example, which message the people opened, what links they clicked on, and so on. Such information is collected in order to offer you relevant and more tailored news.

Your contacts may be passed on to our partners/processors who provide us with news delivery or quality assessment services.

If you agree to receive news or share an opinion about the quality of our services, you may withdraw your consent at any time in accordance with Section 6.2 of the Privacy Policy or in the manner specified with the submitted news. Then we will immediately stop sending news to your contacts.

Withdrawal of consent does not automatically oblige us to destroy your Personal Data or provide you with information about the Personal Data we process, so you must make such a request separately in order for us to perform these steps as well.

In order to show you more relevant personalized advertising, our advertising partners use various mobile and web cookies. Personalized advertising will be shown to you only with your consent, which is valid on all devices (Android, iOS, web, etc.). Advertising personalization cookies are used to measure a group, activate contextual advertising, and/or target campaigns. If you give us you permission to use cookies, a user profile with a pseudonym will be generated, but it will not be possible to identify the person’s identity. We have no control over these third-party tracking technologies and their use. These service providers are subject to confidentiality agreements with us and other legal restrictions. Third-party cookies are governed by the privacy policies of third parties. You can refuse personalized cookies by changing your browser settings or by other means, which are described in Chapter 9 of the Privacy Policy.

 

 

HOW DO WE PROTECT YOUR PERSONAL DATA?

Your Personal Data are processed responsibly, securely and is protected from loss, unauthorized use, and alteration. We have put in place physical and technical measures to protect the information we collect from accidental or unlawful destruction, damage, alteration, loss, disclosure, as well as from any other unlawful processing. Security measures for personal data shall be determined taking into account the risks arising from the processing of Personal Data.

Our employees have made a written commitment not to disclose or distribute your Personal Data to third parties.

 

 

HOW DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

Cookies are small files that are stored in the browser of a Website visitor’s device when you browse websites. Other technologies, including data we store on your browser or device, identifiers associated with your device, and other software may be used for similar purposes. Cookies are widely used to make websites work or to function better and more efficiently. In this policy, all of the above technologies are referred to as “cookies”.

We use cookies to analyse information flows and user behaviour, to promote trust and ensure security, as well as to ensure the proper functioning of the Website, its improvement, memorization of your chosen settings, to personalize the content displayed to you, to link the Website to Social Accounts.

You can choose whether you want to accept cookies. If you do not agree to cookies being stored on the browser of your computer or other device, you can mark it in the cookie acceptance bar, change the settings of the browser you are using and disable cookies (all at once or one by one or in groups). To opt out of cookies on your mobile device, you must follow the official instructions for that device. Please note that in some cases, refusing cookies may slow down your browsing experience, restrict the functionality of certain websites or block access to the website. For more information, visit http://www.AllAboutCookies.org or https://www.google.com/privacy_ads.html.

You may opt out of the use of third-party cookies for advertising purposes by visiting the Network Advertising opt-out page at http://www.networkadvertising.org/managing/opt_out.asp.

We may use mandatory cookies that are necessary for the operation of the Website, analytical cookies, functional cookies to analyse Website traffic, memorize user preferences and adapt them to the Website so that we can provide enhanced features, performance cookies, third-party cookies that use third parties, advertising cookies to display personalized and general advertising to you.

We use the following Google Inc. products that record cookies:

Google Analytics – analyses how you use the Website, generates reports based on this analysis, helps to plan and forecast the activities of the Website and services. Data collected by Google Analytics is typically transmitted and stored on a Google Inc. server in the United States. We have implemented IP anonymity on the Website, so that Google Inc. would hide your IP address in the EU and EEA countries. You can change your browser settings to prevent Google Analytics from analysing information. In this case, you will be given an opt-out cookie. However, if you delete all cookies, the opt-out cookie may also be deleted. You can also prevent Google from capturing data by downloading and installing a browser plug-in from https://tools.google.com/dlpage/gaoptout?hl=en.

Google AdSense – allows to evaluate your use of the Website in relation to the advertisements displayed and to provide information-based reports. Data collected by Google AdSense is typically transmitted and stored on a Google server in the United States. If you do not want to receive customized ads, you can change your settings at https://www.google.com/settings/ads as needed. In this case, you will be given an opt-out cookie. However, if you delete all cookies, the opt-out cookie may also be deleted.

Google Remarketing – allows to repeatedly show ads on sites in the Google Inc. partner network. If you do not want to receive customized ads, you can change your settings at https://www.google.com/settings/ads as needed. In this case, you will be given an opt-out cookie. However, if you delete all cookies, the opt-out cookie may also be deleted.

 

 

CONTACT US

If you have any questions about the information provided in this Privacy Policy, please contact:

E-email: info@goramp.eu 

Address: Jakšto g. 9A, Vilnius, LT-01108, Lithuania.

Phone: +370621888875

If you wish to make a complaint about our processing of Personal Data, please provide it to us in writing, providing as much information as possible. We will cooperate with you and try to resolve any issues immediately.

If you think that in accordance with the GDPR your rights have been violated, you can submit a complaint to our supervisory authority – the State Data Protection Inspectorate, more information and contact details can be found on the Inspectorate’s website (https://vdai.lrv.lt/). We strive to resolve all disputes promptly and peacefully, so we invite you to contact us first.

 

 

FINAL PROVISIONS

We may change this Privacy Policy. We will notify you of any changes on the Website by posting an updated Privacy Policy or by other usual means of communication. Amendments or modifications to the Privacy Policy will be effective from the updating date specified in the Privacy Policy unless a different effective date is specified.

If you continue to use the Website, order services from us, place ads using our Social Accounts, contact us after we have changed the terms of the Privacy Policy, you will be deemed to have agreed to the changed terms of the Privacy Policy.