General Provisions
This Notice on the Processing of Personal Data (hereinafter referred to as the Privacy Notice or Notice) has been prepared in accordance with the requirements of the General Data Protection Regulation (hereinafter referred to as GDPR) and other legislation so that you know how the
companies of the FO Consulting group (hereinafter collectively referred to as the FO Consulting group) collect and process your data. We recommend you to take the time and read this Privacy Notice in detail.
Personal Data (hereinafter referred to as Personal Data) shall mean any information or set of information by which we may directly or indirectly identify you, in particular by means of an identifier, such as name, e-mail address, telephone number, etc. The Privacy Notice explains how FO Consulting group companies collect and process your Personal Data when:
- you are our customer, i.e. when we provide you with legal, accounting, tax and/or other
services;
- you contact us by submitting an inquiry to us via e-mail, website, social media or
otherwise;
- you communicate or cooperate with us as a partner, supplier or other person who has a
professional, business and/or other civil-contractual relationship with the Company.
Your data controller shall be, in a specific case, one or more individual companies of the FO Consulting group, the customer of which you are, with whom you communicate or have other relationships with. The details and contact details of the companies that make up the FO
Consulting group can be found at https://foconsulting.com/.
The Privacy Notice may be updated and amended. The current version of the Privacy Notice is available at https://foconsulting.com/.
If you have any questions about this Privacy Notice or have any questions, observations or
requests concerning the protection or processing of your Personal Data, please contact us by email at: foconsulting@foconsulting.com.
What kind of your data do we process and why do we process it?
Processing of Customer Personal Data
When you intend to become and/or actually become our customer, we collect and process the following Personal Data about you:
- personal data: name, surname, personal identification number, bank account details, VAT identification number, individual activity certificate and/or business certificate No.;
- contact details: e-mail address, address of the place of residence, telephone number, data of other communication channels (Skype, Facebook Messenger account data, etc.);
- data on work activities (if you are a representative of a customer – a legal entity): the company represented, position, basis of representation;
- Personal Data required to be processed in order to comply with our legal requirements for the prevention of money laundering and terrorist financing, including but not limited to: your personal document data, work activity data, information about the participation
of you and/or your relatives in politics, etc.;
- other data we receive from you, other lawful sources and/or which is generated in the course of providing services to you, executing your orders and/or representing your interests, including but not limited to contracts, procedural documents, business establishment and/or execution documents, financial documents, decisions of courts and other institutions, correspondence of any kind, other communications, extracts from registers, other documents and/or information related to the customer and/or its
activities;
- the history of the performance of the contracts, including but not limited to mutual settlements, the services provided to you and/or our other types of cooperation.
We shall process your Personal Data as a customer for the purpose of providing you with legal, accounting, tax and/or other services (Article 6 (1) (b) of the GDPR), including but not limited to:
- at your request, to take action before concluding the contract;
- to register you as our customer;
- to conclude, administer and execute a service provision agreement;
- to provide you with services, execute your orders and/or represent your interests.
We may also process your, as a customer, Personal Data:
- in compliance with legal obligations under applicable law, e.g. accounting and tax requirements, money laundering and terrorist financing prevention requirements (Article 6 (1) (d) of the GDPR);
- for internal administrative purposes, e.g. for the purpose of business analysis, development and improvement, for the purpose of customer database (CRM) administration (Article 6 (1) (f) of the GDPR);
- to secure our legitimate interests, including, but not limited to, recover debts, defend against actions, claims, complaints (Article 6 (1) (f) of the GDPR);
We collect and process your Personal Data as a customer for as long as the service provision agreement between you and us is in force and/or as long as we provide you with services. At the end of the contractual relationship, we shall continue to store your Personal Data in accordance with the legal requirements for the retention of documents and the limitation period (usually 10 years).
Inquiry Administration
We shall also process your data when you contact us by e-mail, make an inquiry on the website, send us a message on social networks or otherwise.
When making inquiries, please observe at least the following minimum requirements for the protection of your personal information: provide only the data requested in the inquiry form and/or necessary for the purposes for which the inquiry is being made, and do not provide sensitive information about yourself or others, health data, financial data. We process the data contained in your inquiry on the basis of your consent, which you express by contacting us (Article 6 (1) (a) of the GDPR). The data shall be processed until we process the inquiry and provide you with an answer. Subsequently, the data related to the inquiry shall be securely destroyed or, if you become our customer, shall be further processed as provided in the “Processing of Customer Personal Data” Section of this Notice.
Cooperation with Partners, Suppliers, Counterparties
We shall process the Personal Data of different categories of data subjects (partners, suppliers, counterparties, as well as their employees, managers, shareholders, representatives and/or agents). The scope of Personal Data processed depends on the nature and purposes of the business or other legal relationship, but in general, the following may be processed:
- personal data: name, surname, personal identification number and/or date of birth, bank account details, VAT identification number, individual activity certificate and/or business certificate No.;
- contact details: e-mail address, address of the place of residence, telephone number, data of other communication channels (Skype, Facebook Messenger account data, etc.);
- data on employment activity: data on professional activity certificate, qualification certificate, represented company, position, basis of representation (if you are a representative of a legal entity), etc.;
- other data we lawfully collect in order to establish business relationships and/or enter into transactions, e.g. extracts from the register, data on the assessment of the reliability of the contractor;
- history of contract performance, including but not limited to business/economic
This Personal Data shall be collected and processed for the following purposes:
- the establishment, maintenance and development of professional, business and/or other legal relations with the said persons (Article 6 (1) (a) and/or (b) of the GDPR);
- conclusion, administration and execution of transactions, contracts and agreements (Article 6 (1) (b) of the GDPR);
- in compliance with legal obligations under applicable law, e.g. accounting and/or tax requirements (Article 6 (1) (d) of the GDPR);
- for internal administrative purposes, e.g. for the purpose of analysis, development and improvement of activities (Article 6 (1) (f) of the GDPR);
- ensuring our legitimate interests, including but not limited to assessing the reliability of the contractor, defending against actions, claims, complaints (Article 6 (1) (f) of the GDPR);
We store this data to the extent necessary to achieve the purposes for which it is processed, as well as in accordance with the legal requirements for the retention of documents and the limitation period (usually 10 years).
To whom shall we transfer your Personal Data?
We may transfer your Personal Data to:
- the Personal Data processors we use (for example, partners who help us provide services (service providers), cloud, server and other IT service providers, accounting companies, etc.). We have entered into appropriate agreements with all Personal Data processors we use and require them to store, process and treat Personal Data as responsibly as we do and only in accordance with our instructions;
- other FO Consulting group companies that provide or assist in providing services to you and/or FO Consulting group for internal administration purposes, when in a specific case the company receiving the Personal Data acts as an independent Personal Data
controller;
- state institutions and establishments, law enforcement institutions, courts, other persons performing the functions assigned by law, in accordance with the procedure provided for in the legal acts of the Republic of Lithuania;
- Debt collection companies to which claims are transferred to the contractor’s indebtedness, courts, out-of-court redress bodies and insolvency administrators.
We shall not transfer or process your Personal Data outside the European Union or the European Economic Area.