I.SECTION
GENERAL POLICIES
This privacy policy (hereinafter referred to as the Policy) regulates the processing of personal data by UAB DS-1, operating at Zietelos g. 3, Vilnius, e-mail info@ds-1.lt, company code 181123848 (hereinafter referred to as the Data Controller), and the terms and conditions of the website http://www.ds-1.lt/ (hereinafter referred to as the Website) managed by the Data Controller.
This Policy is intended for individuals who visit this Company's website (http://www.ds-1.lt/), use the information on the website, and utilize the services provided therein.
A data subject in this Policy is any natural person whose personal data is processed by UAB DS-1.
By using the services and continuing to browse the website, the Visitor (website user) confirms that they have read this Policy, understand its provisions, and agree to comply with them.
The data controller ensures that, by adopting and implementing this Policy, it seeks to implement the following fundamental principles relating to the processing of personal data:
Personal data shall be processed in a lawful, fair and transparent manner in relation to the data subject (principle of lawfulness, fairness and transparency);
Personal data shall be collected for specified, explicit and legitimate purposes and shall not be further processed in a manner that is incompatible with those purposes;
Further processing of personal data for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered incompatible with the initial purposes (principle of purpose limitation);
Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (principle of data minimization).
Every effort shall be made to ensure that personal data are accurate and, where necessary, kept up to date within a reasonable period of time after the change.
Every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without delay (principle of accuracy);
Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
Personal data may be stored for longer periods if the personal data will be processed solely for archiving purposes, in the public interest, for scientific or historical research purposes, or for statistical purposes, after implementing the appropriate technical and organizational measures necessary to protect the rights and freedoms of the data subject (principle of storage limitation);
Personal data, taking into account the general nature of the personal data processed by the Data Controller, shall be processed in such a way that appropriate technical or organizational measures are applied to ensure the security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage (integrity and confidentiality principle);
The data controller is responsible for ensuring compliance with the above principles and must be able to demonstrate that they are being complied with (principle of accountability).
This Policy has been drawn up in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania (hereinafter referred to as the ADTAĮ), and other legal acts of the European Union and the Republic of Lithuania. The terms used in the Policy shall be understood as defined in the GDPR and the ADTAĮ.
We recommend that you take the time to read this Privacy Policy in detail.
If you do not agree with the processing of your personal data as set out in this Privacy Policy, you have the right not to provide your personal data to the Company. Also, if we process certain of your Personal Data on the basis of your consent to the processing of personal data, you may withdraw such consent at any time, without affecting the lawfulness of the processing based on consent before its withdrawal.
This Privacy Policy explains how the Company collects and uses your personal data when you:
You visit the Website managed by the Company and/or the Company's social media accounts or use the opportunities they provide;
You purchase the services provided by the Company;
You purchase the services provided by the Company;
You agree to receive direct marketing messages sent by the Company or subscribe to the Company's newsletter;
You provide your goods or services to the Company;
You contact the Company's customer service department;
You otherwise communicate or cooperate with the Company as a customer, supplier, or other person who has a business or consumer relationship with the Company.
Contact details of the person responsible for personal data protection at the Company: email: povilas@ds1.lt.
II. SECTION
PURPOSES OF PERSONAL DATA PROCESSING AND CATEGORIES OF PERSONAL DATA COLLECTED
Depending on who you are (customer, supplier, website visitor, etc.) and how you interact with the Company (in person, online, by phone, etc.), the Company may process different types of your Personal Data.
Below are the categories of Personal Data we can collect:
*Providing the marked data is necessary if you wish to enter into a contract with the Company or submit an inquiry on the website.
III. SECTION
TO WHOM YOUR PERSONAL DATA IS PROVIDED
The company will not transfer your personal data to any third parties without your prior consent, except in the cases described below.
We may transfer your data to third parties who assist us in our operations and in the administration of the Services. Such parties may include companies providing data center, hosting, and related services, companies developing, providing, supporting, and maintaining software, companies that provide information technology infrastructure services, companies that provide communication services, companies that analyze and provide services related to internet browsing or internet activity, security services provided by security services, etc.
In each case, we only provide the data processor with the data necessary to perform a specific task or provide a specific service.
The data processors we use may only process your personal data in accordance with our instructions. In addition, they must ensure the security of your data in accordance with applicable laws and written agreements with us.
Data may also be provided to competent government or law enforcement agencies, such as the police or supervisory authorities, but only at their request and only when required by applicable law or in cases and in accordance with procedures provided for by law, in order to protect our rights, the safety of our customers, employees, and resources, and to assert, exercise, and defend legal claims.
IV. SECTION
HOW WE ENSURE THE SECURITY OF YOUR DATA
In order to protect your data, the Company takes appropriate measures in accordance with data protection and data security laws and regulations, including requiring the Company's service providers/data processors to use appropriate measures to protect your personal data and its confidentiality.
Depending on current technology, the cost of implementing measures, and the nature of the data to be protected, the Company has implemented technical and organizational measures to protect against risks such as the destruction, loss, alteration, unauthorized disclosure, or unauthorized access to your data.
V. SECTION
YOUR RESPONSIBILITIES
We would like to remind you that it is your responsibility to ensure, as far as you are concerned, that the data you provide to us is accurate, complete, and up to date. In addition, if you provide us with data about other individuals, it is your responsibility to obtain and provide us with such information in accordance with legal requirements. For example, you must inform other persons whose data you provide to the Company about the content of this Privacy Policy and obtain their consent to the provision of such personal data.
VI. SECTION
YOUR RIGHTS
Data protection laws give you many rights in relation to the processing of your personal data.
You have the right to access your personal data that we process:
You have the right to request confirmation from us as to whether we are processing your personal data and, if so, to request access to your personal data that we process. To exercise the above right, please submit a written request to us by email at povilas@ds1.lt.
You have the right to request that inaccurate information about you be corrected
If you believe that the information about you is incorrect or incomplete, you have the right to request that it be corrected. To exercise the above right, please submit a written request to us by email at povilas@ds1.lt
You have the right to object to the processing of your personal data:
You have the right to object to the processing of personal data when personal data is processed based on our legitimate interests. However, despite your objection, we will continue to process your data if there are legitimate reasons for doing so. To exercise the above right, please submit a written request to us by email at povilas@ds1.lt.
You have the right to request the deletion of your personal data (right to be forgotten):
Under certain circumstances, you have the right to request that we delete your personal data. However, this provision does not apply if we are required by law to retain the data. To exercise the above right, please send us a written request by email to povilas@ds1.lt.
You have the right to restrict the processing of your personal data:
Under certain circumstances, you also have the right to restrict the processing of your personal data. To exercise the above right, please submit a written request to us by email at povilas@ds1.lt.
You have the right to lodge a complaint about the improper processing of personal data with the State Data Protection Inspectorate directly or by email at ada@ada.lt.
VII. SECTION
INFORMATION ABOUT COOKIES USED
The Data Controller uses cookies on the Website to distinguish between different users of the Website. With the help of cookies, the Data Controller aims to ensure a more pleasant experience for individuals browsing the Website and to improve the Website itself.
Cookies are small text files that are stored on the user's browser or device (personal computer, mobile phone, or tablet).
The company uses the following categories of cookies:
Strictly necessary cookies: these cookies are essential for the system to function. For example, some cookies allow us to identify registered users and ensure that they can access the entire system. If a user refuses these cookies, they may not be able to see the entire content of the system;
Performance cookies: cookies that allow us to analyze how users use the system and monitor the system's performance. This allows the Company to select appropriate offers and quickly identify and eliminate any problems, thus ensuring a high quality of browsing. For example, performance cookies allow us to track which pages are most popular and identify why error messages appear on some pages;
Functional cookies: cookies that allow us to remember user preferences and adapt them to the website/mobile application so that the Company can provide improved features;
Targeted cookies: The Company may use cookies to show users advertisements promoting the Company's services that are of interest to specific users.
The website http://www.ds-1.lt/ uses the following cookies:
The cookies used on the website do not allow the identity of the website user to be determined. Visits to the website are recorded anonymously, identifying the personal computer, mobile phone, or tablet and IP address, and the information collected is not provided to third parties, except in cases provided for by law.
By opening the website and clicking the "I agree" button in the pop-up window, the user agrees to the storage of cookies on their computer, mobile phone, or tablet.
To revoke their consent, the user can delete or block cookies by selecting the appropriate settings in their browser, which allows them to refuse all or some cookies. Please note that using browser settings that block cookies (including essential cookies) may cause problems when using all or part of the website's features.
Personal data collected by cookies is processed in accordance with the Law on Legal Protection of Personal Data of the Republic of Lithuania, the Law on Electronic Communications of the Republic of Lithuania, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and other legal acts regulating the protection of personal data.
In accordance with the requirements of the law, security measures are applied on the website to prevent the unlawful disclosure and unlawful use of personal data.
VIII. SECTION
FINAL REGULATIONS
Legal relations related to this Policy shall be governed by the laws of the Republic of Lithuania.
The data controller shall not be liable for any damage, including damage caused by disruptions in the use of the website, loss or damage to data resulting from the actions or inaction of the person themselves or third parties acting with the person's knowledge, errors, deliberate damage, other improper use of the website.
The Data Controller shall also not be liable for any disruptions in accessing and/or using the Website and/or any damage caused by the actions or inaction of third parties not related to the Data Controller or the individual, including disruptions in the supply of electricity or Internet access, etc.
The data controller has the right to partially or completely change the Policy.
Additions or changes to the policy shall take effect on the date of their publication on the website.
If, after the Policy has been supplemented or amended, the person continues to use the website and/or the services provided by the Data Controller, it shall be deemed that the person does not object to such supplements and/or amendments.
For all data processing matters, you can contact us by email at povilas@ds1.lt.
This Privacy Policy is effective as of June 21, 2021.
INEGRATED MANAGEMENT SYSTEM POLICY
The integrated management system policy is developed taking into account the company's strategy, vision, mission, and values. The main goal of UAB DS1 is to be a leader in services and to fully satisfy the needs and requirements of our customers and the expectations of society by pursuing balanced development. In implementing these principles, we commit ourselves to:
Work in accordance with a management system that complies with ISO 9001:2015, ISO 9001:2015/AMD1:2024, ISO 14001:2015, ISO 140001:2015/AMD1:2024, ISO 45001:2018, ISO 45001:2018/AMD1:2024, ISO/IEC 27001:2022, ISO/IEC 27001:2022/AMD1:2024, ISO 50001:2018, ISO 50001:2018/AMD1:2024 standards and to continuously improve it.
Ensure compliance with European Parliament and Council directives, Lithuanian environmental and energy laws, and other requirements;
Ensure continuous improvement of the company's energy performance and efficiency, as well as the sustainable and rational use of all types of energy and information security resources;
Implement the best technical solutions currently available, promote the purchase of energy-efficient products and services;
Work with reliable suppliers and manufacturers to ensure that the products or services they provide, as well as their employees' working conditions, technologies, and product manufacturing controls, comply with our company's policies, objectives, and legal requirements.
Continuously improve ongoing relationships with partners and suppliers, manage continuity of standards throughout the supply chain;
Utilize the intellectual potential of employees in addressing energy issues;
Ensure employee education so that everyone understands the impact of their work on energy conservation and environmental protection efficiency; raise awareness in the areas of information security and cyber security;
Climate change does not have a significant impact on the company; The company participates in climate change mitigation initiatives, cares about reducing environmental pollution and sustainability;
Take measures to ensure that this Integrated Management System policy is understood by all employees and becomes their primary goal.
Comply with applicable laws and other regulatory requirements, develop and implement measures to reduce environmental pollution, use natural resources rationally and economically, identify hazards, assess risks, and plan for their management and prevention.
Plan and perform work and strive for the best economic results not only by saving resources, but also by creating and maintaining safe and healthy conditions.
Ensure safe and healthy working conditions for employees, help employees understand their own responsibility for protecting their own safety and health and that of those around them, ensure safe and healthy working conditions, commit to eliminating hazards, commit to consulting with employees and involving them in health and safety activities;
To instill environmental awareness in employees, to prevent pollution, and to manage waste safely and responsibly;
Focus on training and development for employees at all levels so that they can achieve their goals.
Continuously review and update process evaluation criteria so that the integrated management system helps to improve the Company's operations.
Communicate openly with interested parties and take their requirements into account.
Implement preventive measures for accidents and incidents;
Continuously improve the effectiveness of the integrated management system, taking into account employee suggestions based on performance results and feedback from customers and partners.
All employees are familiar with the integrated management system policy and company objectives and are clearly aware of their responsibilities. This ensures that laws and other regulations are complied with.
INFORMATION SECURITY AND CYBERSECURITY POLICY
The integrated management system policy is developed taking into account the company's strategy, vision, mission, and values. The main goal of UAB DS1 is to be a leader in services and to fully satisfy the needs and requirements of our customers and the expectations of society by pursuing balanced development. In implementing these principles, we commit ourselves to:
Work in accordance with a management system that complies with ISO 9001:2015, ISO 9001:2015/AMD1:2024, ISO 14001:2015, ISO 140001:2015/AMD1:2024, ISO 45001:2018, ISO 45001:2018/AMD1:2024, ISO/IEC 27001:2022, ISO/IEC 27001:2022/AMD1:2024, ISO 50001:2018, ISO 50001:2018/AMD1:2024 standards and to continuously improve it.
Ensure compliance with European Parliament and Council directives, Lithuanian environmental and energy laws, and other requirements;
Ensure continuous improvement of the company's energy performance and efficiency, as well as the sustainable and rational use of all types of energy and information security resources;
Implement the best technical solutions currently available, promote the purchase of energy-efficient products and services;
Work with reliable suppliers and manufacturers to ensure that the products or services they provide, as well as their employees' working conditions, technologies, and product manufacturing controls, comply with our company's policies, objectives, and legal requirements.
Continuously improve ongoing relationships with partners and suppliers, manage continuity of standards throughout the supply chain;
Utilize the intellectual potential of employees in addressing energy issues;
Ensure employee education so that everyone understands the impact of their work on energy conservation and environmental protection efficiency; raise awareness in the areas of information security and cyber security;
Climate change does not have a significant impact on the company; The company participates in climate change mitigation initiatives, cares about reducing environmental pollution and sustainability;
Take measures to ensure that this Integrated Management System policy is understood by all employees and becomes their primary goal.
Comply with applicable laws and other regulatory requirements, develop and implement measures to reduce environmental pollution, use natural resources rationally and economically, identify hazards, assess risks, and plan for their management and prevention.
Plan and perform work and strive for the best economic results not only by saving resources, but also by creating and maintaining safe and healthy conditions.
Ensure safe and healthy working conditions for employees, help employees understand their own responsibility for protecting their own safety and health and that of those around them, ensure safe and healthy working conditions, commit to eliminating hazards, commit to consulting with employees and involving them in health and safety activities;
To instill environmental awareness in employees, to prevent pollution, and to manage waste safely and responsibly;
Focus on training and development for employees at all levels so that they can achieve their goals.
Continuously review and update process evaluation criteria so that the integrated management system helps to improve the Company's operations.
Communicate openly with interested parties and take their requirements into account.
Implement preventive measures for accidents and incidents;
Continuously improve the effectiveness of the integrated management system, taking into account employee suggestions based on performance results and feedback from customers and partners.
All employees are familiar with the integrated management system policy and company objectives and are clearly aware of their responsibilities. This ensures that laws and other regulations are complied with.
The Company's Management commits to:
Communicate the importance of information security, provide support, and continuously improve employee qualifications.
To deepen employees' knowledge in the areas of information security management and advanced technologies by sharing experience and conducting internal and external training;
Allocate the necessary resources to ensure the functioning of the information security management system;
Managing the impact of climate change on the integrated management system;
Analyze and evaluate observed or potential information security breaches and incidents, take appropriate action to resolve them and prevent their recurrence;
Effectively manage cybersecurity incidents and actively participate in their resolution;
Set measurable information security objectives each year that are linked to the company's strategic goals, and review the relevance and appropriateness of the information security policy;
Prepare a business recovery and continuity plan and implement measures for prevention and preparedness for emergencies.
