We acknowledge the significance of safeguarding your personal data, and therefore, we collect and process only those data necessary for conducting our activities. We handle personal data lawfully, transparently, and fairly, for predefined purposes and only to the extent required to achieve those purposes. When processing personal data, our aim is to ensure accuracy, security, confidentiality, proper retention, and protection.
In processing your personal data, we adhere to the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as GDPR), the Republic of Lithuania Law on Personal Data Legal Protection, as well as other legal acts and data processing requirements established by supervisory authorities.
1. Purpose of this document
1.1. By reading this privacy policy (hereinafter referred to as the Privacy Policy), you will learn how and for what purposes we process your personal data, where we obtain them, to whom we provide them, how we store them, and what rights you, as a data subject, have.
1.2. The Privacy Policy sets out the terms and conditions governing the use of our website https://www.talenteek.com (hereinafter referred to as the Website), our account on the social network LinkedIn https://www.linkedin.com/in/erikasirutyte/ (hereinafter referred to as the Account), or other terms and conditions related to the processing of personal data in the course of our activities. Please carefully read this Privacy Policy because each time you visit the Website and/or our Account, you agree to the terms and conditions of the Privacy Policy. If you do not agree with these terms, please do not visit our Website and/or our Account or use our services.
1.3. The term “personal data” used in this Privacy Policy refers to any information that can identify you directly or indirectly. Personal data include, for example, your surname, first name, email address, telephone number, location data, and internet identifier, as well as your characteristics and other personal data as defined by the GDPR.
1.4. In this Privacy Policy, we do not request and do not process your special categories of personal data that reveal your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as health data, genetic data, biometric data (for the purpose of uniquely identifying you), and information about your sex life.
1.5. Other terms used in the Privacy Policy have the meanings as defined in the GDPR, the Republic of Lithuania Law on Personal Data Legal Protection, and other applicable legal acts.
2. Who we are
2.1. We are MB P&C konsultacijos, with our registered office at Balžio 39, LT-10151 Vilnius, registration code 305603304, phone +37067422898, email erika@talenteek.com; (hereinafter referred to as “we”).
2.2. In accordance with the provisions of the law, we are the controller of your personal data in the cases and to the extent specified in this Privacy Policy.”
3. Principles we follow when processing personal data
3.1. When processing your personal data, we:
3.1.1. Comply with applicable and relevant legal requirements, including GDPR.
3.1.2. Process your personal data in a lawful, fair, and transparent manner.
3.1.3. Collect your personal data for specified, clear, and legitimate purposes and do not further process them in a manner incompatible with those purposes, except as permitted by law.
3.1.4. Take all reasonable measures to ensure that inaccurate or incomplete personal data, considering the purposes for which they are processed, are corrected, supplemented, erased, or their processing is suspended without delay.
3.1.5. Retain personal data in a form that permits identification of data subjects for no longer than necessary.
3.1.6. Do not disclose or make personal data available to third parties, except as specified in this Privacy Policy or applicable legal provisions.
3.1.7. Ensure that your personal data are processed in a way that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, through the implementation of suitable technical or organizational measures.
4. How we collect your personal data
4.1. We process your personal data obtained through the following means:
4.1.1. When you provide them to us: You provide us with your personal data and other information by using the Website, visiting our Account, writing to us, or communicating with our team (submitting complaints and/or queries, etc.), when you submit your CV to us, complete tasks or tests. Please note that when you contact us in writing or via email, we will retain the correspondence details.
4.1.2. When you use any of our Website and/or our Account: When you use the internet Website and/or visit our Account on social media, certain information (e.g., Internet Protocol (IP) address, type of web browser used, number of visits, etc.) is automatically collected, as detailed in section 6 of this Privacy Policy.
4.1.3. When we receive your personal data from other individuals as required by laws and/or in accordance with this Privacy Policy. In such cases, when we receive data from sources other than data subjects, we require that data subjects are informed about the processing of their personal data (purpose, conditions, and circumstances, as detailed in this Privacy Policy). Furthermore, in cases where personal data of another data subject is provided to us, we require that the data subject providing the personal data is familiar with this Privacy Policy.
4.1.4. You may always request the correction of inaccurate personal data and exercise other rights as a data subject, as specified in this Privacy Policy, GDPR, and other applicable legal acts.
5. Purposes and methods of processing your personal data
5.1. The specific scope of personal data we process and how we process it depends on the specific relationship between you and us. We may process your personal data for the following distinct purposes:
5.1.1. For the Purpose of Providing Services
We process your personal data to provide our services to you and other individuals:
To identify suitable candidates for our clients, assess whether candidates are suitable for the proposed job, and present candidates to employers.
After specific recruitment project is finished, to which you submitted your data, we process your personal data in our database to be able to offer you future job and career opportunities, identify suitable candidates for our clients, assess whether candidates are suitable for the proposed job, and present candidates to employers.
For this purpose, we provide or transmit your data to our clients – employers looking for employees. Together with us, they will be the data controllers of your personal data. We will not disclose more of your personal data to clients than we process under this Privacy Policy. We have contracts with our clients in which both parties commit to safeguarding your personal data.
Data Processing Duration: For this purpose, we will process your data according to the retention periods established in the General Document Retention Schedule approved by the Lithuanian Chief Archivist’s Office, but not longer than 10 years from the end of the contract with you.
We obtain data for this purpose from you directly (e.g., data provided in your CV, data collected during communication, etc.), collected when you use our website and/or other websites, and obtained from other individuals (e.g., current or former employers or acquaintances’ recommendations, social networks, public information sources, etc.).
5.1.2. For Direct Marketing Purposes
We may process your personal data (such as your name, surname, contact details, e.g., email address or phone number) for direct marketing purposes.
Legal Basis for Data Processing: Your freely given consent (Article 6(1)(a) of the GDPR), or our legitimate interest in providing you with information or news about our activities, provided that such direct marketing complies with the criteria set out in Article 81(2) of the Republic of Lithuania Law on Electronic Communications (Article 6(1)(f) of the GDPR).
Data Processing Duration: Data is stored for 2 years from the receipt of your consent or until its withdrawal, whichever occurs first. If we process data based on our legitimate interest, data for this purpose will be stored and processed for 2 years after the termination of our contractual relationship.
We obtain data for this purpose directly from you. We may disclose data to the subjects specified in section 7 of this Privacy Policy.
5.1.3. For the Purpose of Contractual Relationships and Communication with Our Partners and Clients
To identify a customer or supplier, carry out trading of products, solutions, and services, process and administer customer or supplier orders, issue customer invoices, or accept supplier accounting documents, and fulfill other obligations of the Company as a seller or buyer or as a service provider or customer, we process personal data.
Legal Bases for Data Processing: The execution of an agreement with the data subject (partner) (Article 6(1)(b) of the GDPR) and our legitimate interest in concluding agreements with partners (legal entities) (Article 6(1)(f) of the GDPR).
Data Processing Duration: For this purpose, we will process your data according to the retention periods established in the General Document Retention Schedule approved by the Lithuanian Chief Archivist’s Office, but not longer than 10 years from the end of the contract with you.
We obtain data for this purpose from you directly and from third parties. We may disclose data to the subjects specified in section 7 of this Privacy Policy.
5.1.4. For the Purpose of Improving the Website and Services, in order to provide better and tailored services.
We use your personal data, including data collected when you use our website and visit our Account, to improve and develop the website and offer better and more tailored services. For this purpose, we obtain data from you (via cookies when you use the website) and from other individuals (including, but not limited to, social network administrators through their use of cookies).
Legal Basis for Data Processing: Your freely given consent (Article 6(1)(a) of the GDPR), or our legitimate interest in ensuring the proper functioning of the Website (only with essential cookies) (Article 6(1)(f) of the GDPR).
For more detailed information about the categories of personal data processed for this purpose and the specifics of processing, as well as how we use cookies and similar technologies, please refer to section 6 of this Privacy Policy.
5.1.5. For Ensuring the Quality Control of Our Activities, Utilizing Other Functionalities of the Website, and Communication with Us (Handling Complaints and/or Queries and Communication)
When you contact us (or when we contact you in response to your query), we process information received during written, email, or other communication, which may include personal data such as the date and time of contact, the subject of the communication, name, surname, email address, phone number, social network account name, a photo from a social network, the date of the communication, relevant company information, the content of the complaint and/or query, the date, time, and duration of the call, other communication information that is voluntarily provided by the person making the inquiry.
Legal Bases for Data Processing: The execution of an agreement with you (Article 6(1)(b) of the GDPR) and our legitimate interest in evaluating feedback from our customers for the purpose of improving the quality of our activities and services provided (Article 6(1)(f) of the GDPR).
Data Processing Duration: For this purpose, we store your data for 2 years from the date of their recording.
We obtain data for this purpose directly from you, and from third parties, including but not limited to distributors, compliance services providers, etc., who are involved in our activities. We provide or transfer data to individuals providing Website administration services, legal services, and compliance services.
5.1.6. For the Purpose of Candidates Joining Our Team
If you apply to join our team, we may process your personal data, including data provided in your CV or the completed application form, data collected during communication, such as your name, surname, email address, phone number, city, gender, date of birth, education, fields of activity, information about professional (including volunteer) experience, completed professional projects, knowledge of foreign languages, and a link to your LinkedIn social network account.
Legal Basis for Data Processing: The purpose of concluding an agreement (employment contract) regarding your joining our team (Article 6(1)(b) of the GDPR).
Data Processing Duration: For this purpose, we will store data for no longer than 30 calendar days from the day when a specific recruitment process is completed, or we inform you that there is no opportunity to join our team, unless we have received your separate consent to store the data for a longer period (i.e., the Candidate Database Administration) – in such case, personal data is stored for the period indicated at the time of your consent (usually 1 year from the date you gave your consent to us).
We obtain data for this purpose from you directly and from third parties (e.g., legal entities providing employment services), if there is a legal basis – from current or former employers. We provide or transfer data to individuals providing Legal Services, Compliance Services, and Employment Services.
5.1.7. For Legal Requirements and Dispute Resolution
We may also process all the above-mentioned personal data to express, execute, or defend legal claims. For this purpose, we will process personal data based on our legitimate interest in expressing, executing, or defending legal claims (Article 6(1)(f) of the GDPR). We will process them for this purpose until the end of the relevant legal proceedings (e.g., the examination of a claim, the issuance of a court or arbitration decision), and, if a final decision of a court or other dispute resolution institution regarding the claim is made – for 1 year from the date of such decision.
5.1.8. For Other Purposes, When Required by Applicable Laws or There Are Legitimate Interests or Other Legal Bases for Processing Personal Data.
6. How we use cookies
7. Whom do we disclose your personal data to
7.1. We guarantee that your personal data will not be sold, provided, or otherwise transferred to third parties without a legal basis or used for purposes other than those for which they were collected. We will not disclose your personal data to anyone else except in accordance with this Privacy Policy and applicable laws. However, we reserve the right to provide information about you if required by law or if legitimate authorities or law enforcement agencies demand it.
7.2. We may share your personal data with companies that assist us in conducting our activities, including direct marketing. From such partners, we require that your data be processed only in accordance with our instructions and the data protection laws that apply to your data. We enter into agreements with these entities, obliging them to strictly adhere to the requirements of personal data protection.
7.3. Third parties. We do not transfer your personal data to third parties outside the EU / EEA unless it is deemed necessary. We may transfer your personal data outside the EU / EEA if we have obtained your explicit consent or if it is necessary and appropriate safeguards are in place, such as an adequacy decision or standard contractual clauses under the GDPR. We make every effort to ensure that data transfers in this manner comply with GDPR requirements and implement appropriate measures to ensure the security of your personal data. More information about such measures can be obtained by contacting us directly at the phone number or email address provided above.
8. How long do we retain your personal data
8.1. We keep your personal data no longer than required for the purposes of data processing or as specified by applicable laws, if they establish a longer data retention period.
8.2. We aim not to retain outdated or irrelevant personal data, so updated information (e.g., corrections, changes, etc.) is stored only with current information. Historical data is retained if required by law or to protect our legitimate interests.
8.3. Specific data retention periods for each purpose of personal data processing are provided separately in Section 5.1 of this Privacy Policy.
9. How do we protect your personal data
9.1. Unfortunately, transmitting information over the internet is not entirely secure. While we make every effort to protect your personal data, we cannot guarantee 100% data security when you transmit data to the Website, and you assume the risk associated with data transmission to the Website.
9.2. We implement appropriate technical and organizational measures that comply with GDPR requirements to protect your personal data from accidental or unlawful destruction or loss, alteration, unauthorized disclosure, or use, as well as other unlawful forms of processing.
9.3. If we become aware of a personal data security breach that may pose a high risk to your rights and freedoms, we will notify you without undue delay, indicating the nature of the data breach.
9.4. Among other measures, the website uses a Letsencrypt.org SSL certificate:
9.4.1. Verified website identity.
9.4.2. Encryption of all data transmitted between the server and the browser.
9.4.3. Ensuring data integrity and authenticity.
9.4.4. More information at https://letsencrypt.org.
10. External websites
10.1. The Website may contain links to external websites – websites of our business partners or websites where we have accounts to promote our services. When following such links to any of these websites, please note that these websites and the services accessible through them have their own separate privacy policies, and we do not assume responsibility or obligations for these policies or for the collection of personal data, such as contact or location information, on these websites. We recommend reviewing these policies before providing any personal data on these websites or using any services.
11. What rights do you have
11.1. When processing personal data, we ensure your rights in accordance with the GDPR and the Republic of Lithuania Law on Personal Data Legal Protection. As a data subject, you have the following rights:
- The right to be informed and the right to access personal data
You have the right to receive information about the processing of your personal data in a transparent, understandable, and easily accessible form, in clear and plain language. This is provided for in this Privacy Policy. If any part of this Privacy Policy is unclear to you, please feel free to contact us using the contact details provided above.
You also have the right to receive confirmation from us as to whether your personal data is being processed, and if so, to access information about how we process your personal data.
- The right to request correction of personal data
You have the right to request that we correct inaccurate or incomplete personal data about you.
- The right to request the erasure of personal data (“the right to be forgotten”)
You have the right to request that we delete or remove personal data concerning you where there is no compelling reason for us to continue processing them, where your personal data is no longer necessary for the purposes for which they were collected or processed, you have withdrawn your consent, and there is no other legal ground for the processing, or when other exceptions as provided in Article 17 of the GDPR apply. Please note that Article 17(3) of the GDPR includes exceptions to the cases mentioned above, where it may be necessary to process personal data. If such exceptions apply to your case, we will inform you accordingly.
- The right to request the restriction of personal data processing
You have the right to request that we restrict or stop the processing of your personal data in the following situations:
-If you dispute the accuracy of personal data, until their accuracy is verified.
-If the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of their use.
-If we no longer need the personal data for the purposes of processing, but you require them to establish, exercise, or defend legal claims.
-If you have objected to processing pending the verification of whether our legitimate grounds override yours.
-When personal data processing is restricted, such data may only be processed (except for storage) with your consent, for the establishment, exercise, or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of important public interest.
- The right to data portability
You have the right to receive your personal data that you provided to us in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller if:
-The data are processed based on your consent or a contract, and
-The data are processed by automated means.
-You also have the right to request that we transmit your personal data directly to another controller, where technically feasible.
- The right to object
You have the right to object at any time to the processing of your personal data when the data are processed for the performance of a task carried out in the public interest or for the purposes of legitimate interests pursued by us.
In such a case, we will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or unless the processing is necessary for the establishment, exercise, or defense of legal claims.
- The right to withdraw consent
If your personal data is processed based on your consent, you have the right to withdraw that consent at any time. The withdrawal of consent will not affect the lawfulness of the data processing based on consent before its withdrawal.
11.2. We will strive to ensure the exercise of your rights as a data subject and create all the necessary conditions for these rights to be effectively exercised. However, we reserve the right not to fulfill your requests when it is necessary to ensure:
11.2.1. Compliance with legal obligations imposed on us;
11.2.2. National security or defense.
11.2.3. Public order, prevention, investigation, detection, or prosecution of criminal offenses.
11.2.4. Essential state economic or financial interests.
11.2.5. Prevention, investigation, and detection of service or professional ethics violations; or
11.2.6. Protection of your or other individuals’ rights and freedoms.
11.3. You can submit requests related to the exercise of your rightsby mail, or by electronic means of communication. Upon receiving your request, we may request identity documents and any other necessary additional information related to your request.
11.4. Upon receiving your request, we will respond to you no later than within 30 calendar days from the receipt of your request and the submission of all necessary documents required for the response.
11.5. If we consider it necessary, we will suspend the processing of your data, except for storage, until your request is resolved. Upon your withdrawal of consent, we will immediately cease the processing of your personal data for specific purposes, except in cases provided for in section 11.2 of this Privacy Policy and as required by applicable laws, legal obligations, court decisions, or mandatory instructions from other authorities.
11.6. When refusing to fulfill your request, we will clearly state the reason for such refusal.
11.7. If you disagree with our actions or response to your request, you have the right to complain to the competent supervisory authority.
12. To whom can you submit a complaint
12.1. If you believe that your rights under GDPR or other applicable data protection laws have been violated, you may submit a complaint to the supervisory authority. The supervisory authority in Lithuania is the State Data Protection Inspectorate of the Republic of Lithuania, located at L. Sapiegos g. 17, 10312 Vilnius, Lithuania, email ada@ada.lt, website https://vdai.lrv.lt/.
13. Information about the Website and its owners
13.1. The website, its content, code, design, domain name of the website, all copyrights, trademarks, databases, names, and other intellectual property or other property related to the website and (or) its content fully belong to us, except for intellectual property objects (trademarks, logos, and others) related to our partners or suppliers, and are protected by national and international intellectual property protection laws and other regulations.
13.2. Without clear permission from us, you have no right to copy, record in any form and by any means, reproduce, present, publish, transmit, sell, process, provide, license, modify, republish, edit, broadcast, re-broadcast, or otherwise publicly display or demonstrate, adapt, distribute, or use any part of the content or code of the website or any part thereof, as well as create derivative works based on it.
14. How will this Privacy Policy be changed
14.1. All changes to our Privacy Policy will be posted on the website. In case of significant changes and (or) a need, we will inform you about them. The new terms of the Privacy Policy may also be provided on the website, and you may need to read and agree to them in order to continue using the website and (or) our services.
14.2. The Privacy Policy was last updated on November 3, 2023.
15. How to contact us
15.1. Please send all questions related to this Privacy Policy or contact us using the contact details provided in Section 2 of this Privacy Policy.