PRIVACY POLICY

In this Privacy Policy (the Privacy Policy) we will provide information on how MB Kondig, registration number 306973833, registered domicile at Kalno g. 22A, LT-11103 Vilnius, the Republic of Lithuania (the Service Provider), processes your personal data on its website https://kondig.com/ (the Website) and in its activities. Capitalized terms not defined in this Privacy Policy shall have the meanings set out in the Terms.

You can communicate with the Service Provider using the following contact information:

Phone:                   +37065833499
Email address:     info@kondig.com

What kind of your personal data do we process?

• Purpose: For fulfilling Orders on the Website
  • Personal data processed: first name, last name, address, phone number, email address.
  • Legal basis: a contract (where the Order is placed by a natural person) or a legitimate interest to perform the Service Provider’s activities (where the Order is placed by a legal person, for the processing of personal data of its representative).
  • Storage period: Ten years after fulfilment of the Order.
• Purpose: Provision of Services
  • Personal data processed: name, address, telephone number, email address, information that the customer may provide during the provision of the Services.
  • Legal basis: contract (in relation to a Coaching Client, as well as in other cases where the client is a natural person) or legitimate interest to perform the Service Provider’s activities (in the case of a legal person, for the processing of the personal data of its representative).
  • Storage period: the data contained in the contract and the invoices shall be kept for 10 years after the execution of the contract; the Service Provider’s notes relating to the provision of the Services shall be kept for one year.
  • The name, surname, telephone number, email address and the fact that the coaching services have been provided to the Coaching Client shall be stored by the Service Provider and provided to a third party, the International Coaching Federation (ICF), for the purpose of its legitimate interest to substantiate the number of coaching sessions provided for the relevant licence.
• Purpose: Provision of candidate selection services
  • Personal data processed: candidate’s name, surname, address, telephone number, e-mail address, information on education, work experience, skills, other information that the candidate may provide in their curriculum vitae (CV), references, other submissions, interviews, or otherwise during the selection process, as well as information that the Service Provider may obtain from the candidate’s former or current employers, other persons, public sources; name, surname, e-mail address, telephone number of the company representative.
  • Legal basis: contract (in respect of data of the Service Provider’s customers who are natural persons) or legitimate interest to perform the Service Provider’s activities (in respect of personal data of candidates who are not the Service Provider’s customers and of the representatives of legal persons) or consent (for the storage of candidates’ data for a longer period than is necessary for the specific selection).
  • Storage period: data contained in the contract and in the invoices shall be kept for 10 years after the execution of the contract; personal data of the selected and recruited candidate shall be retained for two years after the end of the selection process (unless the candidate agrees to longer processing, in which case their personal data shall be retained for the period of time provided for in the consent); personal data of the other candidates shall be retained for six months after the end of the selection process (unless the candidate agrees to longer processing, in which case their personal data shall be kept for the period of time provided for in the consent).
  • The Service Provider shall provide the data of the selected candidates to a third party, the potential employer, who becomes an independent controller of the personal data.
• Purpose: Communication with Website visitors
  • Personal data processed: first name, last name, phone number, email address.
  • Legal basis: taking steps at the request of the data subject prior to entering into a contract / legitimate interest to pursue activities and/or ensure quality.
  • Storage period: one year after the enquiry is solved.
• Purpose: For direct marketing (to send newsletters/ invitations to events, to offer similar Services or Content)
  • Personal data processed: first name, last name, email address, phone number.
  • Legal basis: consent, legitimate interest to offer similar Services or Content to clients.
  • Storage period: two years after the consent or two years after the Services or Content have been purchased.
  • Personal data may be transferred to newsletter sending solutions.
• Purpose: For managing social media accounts
  • Personal data processed: Unique ID, IP address, hardware information.
  • Legal basis: Consent / legitimate interest to communicate with clients.
  • Storage period: For as long as site visitors are such media account followers.
  • Information communicated to us when visiting our social media sites (including notifications, use of “Like” and “Follow” buttons or other communication) will be controlled by us jointly with social media managers as joint controllers.
  • Currently, we maintain the following social media accounts:
• Kondig on Facebook; their privacy policy is available at https://www.facebook.com/privacy/explanation

Please read the third-party privacy policy and contact the service provider directly if you have questions on how they use your personal data.

Whom can we transfer your personal data to?

We may transfer information about you to our employees, agents and such service providers as debt administration/collection companies or companies providing archiving services, also to legal/marketing/IT service providers or subcontractors if it is reasonably required for the purposes stated in this Privacy Policy.

In addition, we may disclose your personal information in cases when required to do so by law or seeking to protect our rights or interests (including the case when your personal data is transferred to others for debt recovery purposes), also when intending to sell part of the company’s business or assets, or to reorganize the company (and during such processes) we are asked to disclose your personal data to any (potential) buyer of such business or assets, or to other participants in the reorganization.

How is your personal data processed?

Your personal data will be processed in accordance with the General Data Protection Regulation (the GDPR), the Law of the Republic of Lithuania on Legal Protection of Personal Data, and other legal requirements. When identifying personal data processing measures and during such processing, the Service Provider should implement appropriate technical and organizational measures envisaged in the laws for the protection of personal data against accidental or unlawful destruction, damage, modification, loss, disclosure, or any other kind of illegal handling and will adopt proper measures considering the risks involved in such personal data processing.

What are your rights?

Below, please find information about your rights associated with the processing of your personal data by the Service Provider and about how such rights may be exercised. If you want more information about your rights or want to exercise them, please contact us at the email address given in this Privacy Policy.

• You may contact us at any time to ask whether any of your personal data is being processed by us. If your personal data is stored or used by us in whatever way, you have the right of access to such data. In order for you to exercise such right, please send us a written request at the email address given in this Privacy Policy. We may ask you to confirm your identity so that your request could be granted. Please observe the principles of reasonableness and good faith when submitting such request.
• If you have given us consent to process your personal data, you may withdraw such consent at any time by sending us an email letter to the email address given in this Privacy Policy.
• You have the right to request us to correct any inaccuracies in your personal data. In that case, we may ask you to confirm the information corrected.
• You have the right to request us to erase your personal data. This right may be implemented in the cases described in Article 17 of the GDPR.
• You have the right to request us to restrict/refrain from processing your personal data.
• You have the right to data portability if processing of such data is carried out by automated means and we have obtained such data from you based on your consent or for the purpose of concluding an agreement. If you opt to exercise this right, we will transmit at your request a copy of the data submitted by you.
• You have the right to object to processing of your personal data pursuant to Article 21 of the GDPR.

How can you exercise your rights?

To enforce your rights, you may submit requests, complaints or claims to us in writing by using the contact information given in this Privacy Policy.

We will respond to your request, complaint or claim in writing in accordance with the applicable laws and will do our best to provide you with the necessary information within the shortest time possible but in no event later than within 30 (thirty) days after receiving your request.

If having received your request, complaint or claim we have doubts about your identity, we may ask the applicant to produce an identity document.

Complaints

If you believe that your rights as the data subject have been and/or may be violated, please immediately contact us at the email address given in this Privacy Policy. We assure you that having received your complaint, we will inform you within a reasonable time about the progress of the complaint investigation, and later about its outcome. If you are not satisfied with such investigation outcome, you may file a complaint with the supervisory authority: in Lithuania, the State Data Protection Inspectorate (https://vdai.lrv.lt/), and a list of supervisory authorities in other EU countries can be found on the website of the European Data Protection Board: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en.

Responsibility

You are responsible for ensuring that the information provided by you is accurate, correct, and complete. You should immediately notify us by email if changes are made to the data you have submitted. Therefore, we will not be held liable for any damage resulting from your failure to provide correct or complete personal data or to give us notice of changes made to such data.

This Privacy Policy was last updated on 31 January 2025

This Privacy Policy has been created by Dokas, a tool for creation of business documents. Dokas legal, MB holds the copyright to its text and permits MB Kondig to use this Privacy Policy for its website https://kondig.com/. No reproduction or other use of this Privacy Policy (either in whole or in part) is permitted without the written consent of Dokas legal, MB. For information on all rights granted, please refer to section 2 of the Dokas Rules. Personal data will be processed in accordance with the Dokas Privacy Policy.