Privacy Policy

1. Introduction

VertiFibre One ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us.

We adhere to the Lithuanian Law on Legal Protection of Personal Data, the European Union General Data Protection Regulation (GDPR), and other applicable data protection laws. We encourage you to read this privacy policy carefully to understand our practices regarding your personal data.

2. Data Controller

VertiFibre One, located at Tilžės g. 38, Klaipėda, 91255 Klaipėdos m. sav., Lithuania, is the data controller responsible for your personal data. This means we determine the purposes and means of processing your personal data.

Our Data Protection Officer (DPO) can be contacted at:

• Email: dpo@eastnorddata.com
• Phone: +370 685 56600
• Mail: Tilžės g. 38, Klaipėda, 91255 Klaipėdos m. sav., Lithuania

3. Personal Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped as follows:

3.1. Information You Provide to Us

• Identity Data: includes first name, last name, title, position, and company name.
• Contact Data: includes email address, telephone numbers, and physical address.
• Technical Requirements Data: includes information about your infrastructure needs, technical specifications, and service requirements.
• Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.

3.2. Information We Collect Automatically

• Technical Data: includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
• Usage Data: includes information about how you use our website and services.

4. Legal Basis for Processing

We will only process your personal data when the applicable law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Consent: Where you have given us explicit consent to process your personal data for a specific purpose.
• Contract Performance: Where processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
• Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

5. Purposes of Processing

We use your personal data for the following purposes:

• To register you as a new customer
• To provide and manage our services to you
• To manage our relationship with you, including notifying you about changes to our terms or privacy policy
• To process and deliver your orders
• To administer and protect our business and this website
• To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
• To use data analytics to improve our website, products/services, marketing, customer relationships, and experiences
• To make suggestions and recommendations to you about goods or services that may be of interest to you

6. Recipients of Personal Data

We may share your personal data with the following categories of recipients:

• Service Providers: We may share your personal data with service providers who perform services on our behalf, such as IT and system administration services, payment processing, and professional services including legal and accounting.
• Business Partners: We may share your personal data with our business partners who provide complementary services that integrate with our own.
• Regulatory Authorities and Law Enforcement: We may disclose your personal data to regulatory authorities, law enforcement agencies, or other third parties where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

7. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

8. International Data Transfers

All our infrastructure and data processing activities take place within Lithuania and the European Economic Area (EEA). We do not transfer your personal data outside the EEA.

In the unlikely event that we need to transfer your personal data outside the EEA in the future, we will ensure that a similar degree of protection is afforded to it by implementing appropriate safeguards in accordance with applicable data protection laws.

9. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Your Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These rights include:

• Right to Access: You have the right to request a copy of the personal data we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
• Right to Erasure: You have the right to request that we delete your personal data in certain circumstances.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
• Right to Data Portability: You have the right to request that we transfer your personal data to you or to a third party in a structured, commonly used, machine-readable format.
• Right to Object: You have the right to object to our processing of your personal data in certain circumstances, including for direct marketing purposes.
• Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

If you wish to exercise any of these rights, please contact our Data Protection Officer using the contact details provided above.

You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

You also have the right to lodge a complaint with the Lithuanian State Data Protection Inspectorate or another EU supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of your personal data infringes data protection laws.

11. Cookies and Similar Technologies

We use cookies and similar tracking technologies to track the activity on our website and hold certain information. For detailed information about the cookies we use, the purposes for which we use them, and how you can control them, please see our Cookie Policy.

12. Children's Privacy

Our services are not intended for children under the age of 16, and we do not knowingly collect personal data from children under 16. If we learn we have collected or received personal data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact our Data Protection Officer using the contact details provided above.

13. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new privacy policy on this page and updating the "Last Updated" date at the top of this policy. You are advised to review this privacy policy periodically for any changes.

14. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact our Data Protection Officer:

• Email: dpo@eastnorddata.com
• Phone: +370 685 56600
• Mail: Tilžės g. 38, Klaipėda, 91255 Klaipėdos m. sav., Lithuania