Privacy policy

This Privacy Policy explains how VCISO, MB, operating the website smartciso.lt (the “Website,” “we,” “us,” or “our”) collects, uses, and protects your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

1. Data Controller

Data Controller: Vciso, MB

Website: smartciso.lt

Email for Privacy Queries: info@smartciso.lt

2. Data We Collect and Why

We may collect and process the following categories of personal data, depending on your interaction with our Website:

2.1. Information You Provide to Us

• Contact Data: Name, email address, phone number, and company name when you fill out a contact form or request a consultation.
  • Purpose: To respond to your inquiries, provide the requested services, or send relevant updates.
  • Legal Basis (GDPR): Consent (Art. 6(1)(a)) and/or Performance of a contract or steps prior to entering a contract (Art. 6(1)(b)).

2.2. Data Collected Automatically

When you visit our Website, we may automatically collect certain information from your device, primarily using cookies (see Section 5).

• Technical Data: IP address, browser type, operating system, and platform.
• Usage Data: Information about how you use our Website (e.g., pages visited, time spent on pages).
• Purpose: To operate, maintain, and improve our Website, and for basic analytics.
• Legal Basis (GDPR): Legitimate interests (Art. 6(1)(f)) for the technical functioning of the website and consent (Art. 6(1)(a)) for non-essential analytics cookies.

3. Data Sharing and Transfer

We may share your personal data with the following parties where necessary and legally permitted:

• Service Providers: Third-party companies that provide services to us, such as web hosting and analytics (e.g., Google Analytics). These providers process your data only on our behalf.
• Legal Authorities: Where required by law, we may disclose your information to comply with a legal obligation or respond to a court order.

We strive to process your data within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place.

4. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. This includes satisfying any legal, accounting, or reporting requirements.

• Contact Data: Typically retained for the duration of our business relationship or until you withdraw consent.

5. Cookies Policy

Our Website uses cookies to enhance your experience. You can manage your cookie preferences via your browser settings or the cookie consent banner on the Website.

6. Your GDPR Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

• The right to be informed.
• The right of access (to request a copy of your data).
• The right to rectification (to correct inaccurate data).
• The right to erasure (‘right to be forgotten’).
• The right to restrict processing.
• The right to object to processing.
• The right to data portability.
• The right to withdraw consent at any time.

To exercise any of these rights, please contact us using the contact details in Section 1.

7. Right to Lodge a Complaint

If you believe that Vciso, MB has not complied with its GDPR obligations, you have the right to lodge a complaint with a supervisory authority. The supervisory authority in Lithuania is the State Data Protection Inspectorate (VDAI).

8. Changes to This Privacy Policy

We may update this policy from time to time by posting a new version on our Website. We encourage you to review this policy periodically for any changes.