APPROVED
by order No. 20230320/01/ICT
of the Director of UAB Servisa ICT
of 20/03/2023
Version 1.1

UAB Servisa ICT Privacy Notice
1. General provisions
This document (hereinafter referred to as the “Privacy Notice“) sets out the basic principles of the collection, processing and storage of Personal Data of the Customer (the definition of the term is provided below) by UAB Servisa ICT (the data is collected in the Register of Legal Entities of the Republic of Lithuania, legal entity code – 300586363, registered address – Raudondvario pl. 131B-4, LT-47191, Kaunas, telephone: +370 37 329 000, email: info@servisaict.lt) (hereinafter referred to as the “Company” or “we”).
This Privacy Notice is designed to protect and defend the Customer’s Personal Data against unauthorized use.
When processing Personal Data, the Company complies with the Regulation, Law of Republic of Lithuania on Legal Protection of Personal Data, Law of the Republic of Lithuania on Electronic Communications and other directly applicable legal acts regulating the protection of Personal Data, as well as with the orders and recommendations of the competent authorities.

2. Definitions of terms in Privacy Notice
Personal Data shall mean any information relating to a natural person (data subject) whose identity is known or can be identified, directly or indirectly, by reference to the data concerned.
Customer (hereinafter could also be referred to as “you”) shall mean any person who orders, purchases or uses our services; who has expressed an intention to use or is using the Company’s services; intends to buy or buys the Company’s products; or is otherwise associated with the Company’s services or products.
Processing shall mean any operation (including collection, saving, storage, modification, access, querying, transmission, etc.) of Personal Data.
Login data shall mean the Internet Protocol (IP) address and Internet Service Provider (ISP), used to connect your device to the Internet (browser type and version, time zone preferences, browser plugin type and version, operating system and platform, login location, font encoding, any Uniform Resource Locator (URL), and the products you view).
Regulation shall mean Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

3. Principles for processing Personal Data
The Company is guided by the following basic principles for the processing of Personal Data:
o Personal Data is collected for specified and legitimate purposes;
o Personal Data is processed accurately and in good faith;
o The processing of Personal Data is legitimate only in cases where:
– The data subject gives consent, e.g., to receive commercial information;
– The creation or performance of a contract where one of the parties is the data subject;
– The Company is required by law to process Personal Data;
– The processing of Personal Data is necessary for the purposes of the legitimate interest pursued by the Company or by the third party to whom the Personal Data is provided, and when the interests of the data subject are not paramount.
o Personal Data is regularly kept up to date;
o Personal Data is stored for no longer than the stated purposes of the data processing require;
o Personal Data is processed only by those employees who have the right to do so;
o All information about the processing of Personal Data is confidential.

4. Types of the information collected
Depending on the types of products/services provided, the Company may collect the following Customer Data:
o Basic Customer Information: name, surname, personal identification number, address, copy of an identity document (if provided) and details, telephone number, email address;
o Information about the products/services purchased by the Customer: information about the services selected/provided and the duration of their use, information related to the assessment of the quality of the services/products, information regarding the return of the products, after-sales guarantee service, etc., data on the Customer’s insolvency risk assessment;
o Information about payment for products/services: data on invoices submitted to the Customer, data on payments made by the Customer or other persons, information on debt management (including the transfer of data to a third party);
o Information about the Customer’s consent to direct marketing: information about the Client’s consent/non-consent to receive commercial information (news, programme offers, special offers, etc.), to participate in opinion surveys, to the use of data, to the provision of the Client’s personal data to third parties, and to the assessment of the insolvency risk;
o Communication and Customer Service information: data about browsing on the Company’s websites and self-service websites (collected using cookies and similar technologies); recordings of telephone conversations during calls to the Company’s representatives, information about communication with the Company (via self-service, email, customized apps, etc.). For more information on the use of cookies, please see clause 13 of the Privacy Notice.
o Other information: prize winners’ information, information about survey participants, newsletter subscribers.

5. Purposes of data processing
The Company uses the collected data in order to provide you with its services/products, as well as to provide you with support, to send messages, offers and information about special offers, to protect its and third parties’ rights and interests, to ensure the security of Personal Data and to comply with applicable law.
Purposes of information processing:
o for the conclusion and performance of the contract (provision of products/services), their quality assurance, and the provision of customer service and other information. Failure to provide Personal Data will prevent the Customer from concluding the Contract and fulfilling its obligations;
o for direct marketing and provision of general information about new products and services (unless you have decided not to receive such notifications);
o for bookkeeping;
o for legal obligations, such as debt management and collection;
o to administer and improve the Company’s website, to keep it secure and to ensure that the content is presented on your device in the most effective way;
o to fulfil legal obligations under the law;
o for other purposes for which the Company has the right to process your Personal Data, where you express your consent, when the processing is necessary for the Company’s legitimate interest or where the Company is obliged to process the data by the relevant legal acts. We may also process Personal Data for another purpose if we have obtained the data subject’s consent to do so or if we have the right to process the data on the basis of legitimate interest.

6. Ways of collecting data
We collect information about you in the following ways:
o When you provide information to the Company yourself (e.g., by completing the Company’s applications, contracts and/or other documents including through our partners, on our website, electronically, by submitting enquiries, via mail, email, telephone, live video chat, other means of communication);
o When we receive information about you from third parties that we cooperate with (e.g., partners, public authorities, etc.).

7. Duration of data processing
The Company processes Personal Data only for the period of time necessary to fulfil and meet the purposes set out in this Privacy Notice, taking into consideration the type of products/services provided to Customers and the type of contracts concluded with them, unless a longer storage period for Personal Data and related documents is specified or permitted under applicable regulatory law and is necessary (e.g., compulsory document storage periods, limitation period, etc.).

8. Data transfer
For the purposes set out in the Privacy Notice, the Company may transfer your data to the following recipients:
o Data processors that provide services and process your data on behalf of, in the interests of and on the order of the Company (e.g., IT service providers, auditors, advisors, etc.). Data processors process your Personal Data only in accordance with the instructions specifically given to them, undertake to ensure adequate protection, confidentiality and organizational and technical measures complying with the security requirements for the processing of Personal Data received from the Company, as more specifically discussed in the contracts concluded between the Company and the subcontractors for the processing of the data.
o Entities involved in the administration of the debts and database of the debtors. Data shall be provided only to the extent and under the conditions authorized by law.
o Entities authorized to receive information in accordance with legal requirements (e.g., courts, state and municipal authorities, etc.), only to the extent necessary for the adequate enforcement of applicable law.
o Companies within the ACME Group, to which the Company belongs, when it is necessary to ensure the adequate provision of services.
o Other third parties on any other legitimate basis or with your consent which may be obtained on a case-by-case basis.
The data processors to whom the Company transfers your Personal Data may be located outside the Republic of Lithuania, the European Union or the European Economic Area. Data will only be transferred to such processors when allowed by law and only if appropriate or adapted protective measures and techniques are in place to ensure the protection of your privacy.

9. What rights does the Customer have?
o The Customer has the following rights: contact us to discuss any questions arising from the Company’s processing of Personal Data;
o to receive confirmation from the Company as to whether or not Personal Data relating to the Customer is being processed and the right to access Personal Data that is being processed and the information relating to it (if such Personal Data is being processed);
o to receive Personal Data provided by the Customer themselves which is processed on the basis of their consent or for the fulfilment of a contract, either in writing or in a commonly used electronic format, and, if possible, to request the transfer of such data to another service provider;
o request the amendment of their Personal Data if the data is inaccurate or to supplement incomplete data;
o request the deletion of their Personal Data as a Customer of the Company, which is processed with the Customer’s consent, if the Customer withdraws the relevant consent. This right is not applicable if the Customer’s Personal Data requested to be deleted is also processed on another legal basis, such as if processing is necessary for the performance of a contract or the performance of an obligation under applicable law;
o request the restriction of the processing of their Personal Data, e.g., for a period of time in which the Company will analyse whether the Customer has the right to request it, and the deletion of their Personal Data is practically possible;
o oppose the processing of the Customer’s Personal Data where the processing is based on legitimate interests of the Company or of third parties, as well as where the Personal Data is processed for the purposes of direct marketing, including profiling;
o oppose the application of fully automated decision-making, including profiling, where such decision-making has legal implications or similar significant effects on the Customer. This right is not applicable if such decision-making is necessary for the purpose of concluding or performing a contract with the Customer, and is permitted under applicable law or when the Customer has given their consent to it;
o withdraw their consent to the processing of Personal Data.
The Customer shall exercise their rights by submitting a specific request to the contacts specified in this Privacy Notice. Information regarding the exercise of the Customer’s rights is provided free of charge. The Company shall, no later than 1 month after receiving the request, provide the Customer with information on the actions taken following the Customer’s request for the exercise of their rights, or the reasons for inaction.
The time period for submitting the requested information may be extended by a further 2 months if necessary, depending on the complexity and number of requests. If the Customer submits a request using electronic means, the information to the Customer must also be provided using electronic means.
Request for the exercise of rights received from the Customer may be rejected or charged an appropriate fee if the request is clearly unfounded or excessive, as well as in other cases provided in the regulatory acts.
If the Customer believes that their Personal Data is being processed in violation of their rights and legitimate interests under applicable law, the Customer shall have the right to submit a complaint regarding the processing of Personal Data to the State Data Protection Inspectorate.

10. Privacy Notice update
The Privacy Notice may be updated, if necessary, i.e., the Company has the right to change the Terms and Conditions of the Privacy Notice for justified reasons, and upon updating the Privacy Notice, the information will be published on the website administered by the Company (www.servisaict.eu), indicating the number of the version of the Privacy Notice and the date of approval.

11. Contact information
Feel free to contact us with any questions, requests or comments regarding the Company’s Privacy Notice, the processing of Personal Data or the exercise of the rights of data subjects via email: info@servisaict.lt.
Address: Raudondvario pl. 131B, LT-47191, Kaunas.

12. Other information
The Company’s websites www.servisaict.eu and spm.servisaict.eu may include links to third party websites in their service descriptions. When you use third party applications, services or websites, even if they are accessible through the Company’s websites and products, this Privacy Notice does not apply to the processing of data by such third parties, applications, services or websites. The processing and collection of data by third parties and their services are governed by the Privacy Policies and terms of service of those third parties, which we recommend you to read:
1. APPLE – Privacy Policy: https://www.apple.com/legal/privacy/lt/
Contact information:
Apple Distribution International
Hollyhill Industrial Estate, Hollyhill, Cork,T23 YK84, Ireland,
Email: privacyeurope@apple.com

2. ASUS – Privacy Policy: https://www.asus.com/lt/Terms_of_Use_Notice_Privacy_Policy/Privacy_Policy
Contact information:
ASUSTeK COMPUTER INC.
Personal Data Protection Committee
15, Li-Te Rd., Taipei 112, Taiwan
Email: privacy@asus.com
3. EPSON – Privacy Policy: https://www.epson.eu/GDPR
Contact information:
Epson Europe B.V.( Data Protection Administration)
Azie Building, Atlas Arena,
Hoogoorddreef 5,
1101BA Amsterdam Zuid,
The Netherlands
Email: ServicePrivacy@epson.eu
4. Sharp
The administrator of the Personal Data is Sharp Consumer Electronics Poland sp.z o.o. with registered address at Ostaszewo 57B, 87-148 Łysomice. The administrator has assigned a Data Protection Officer, who can be found through: iod.pl@sharpconsumer.eu, and who can be contacted on Personal Data protection issues. Questions regarding the processing of consumer requests should be directed to the email address provided by the party involved.
Personal data will be processed in order to support our customers in the legitimate interests of the processor, by providing technical support to them. Providing the data is necessary for the efficient handling of notifications, failure to provide them will result in no consultation. The data will be kept for as long as necessary to process the complaints.
Personal data may be accessible to couriers and postal service providers and may also be transferred to SHARP Group companies. SHARP Group companies may operate in countries that do not have the same level of data protection as the data processor’s country. Nevertheless, all necessary measures shall be taken to ensure an adequate level of protection of Personal Data transferred. This includes the obligation of entities in third countries to provide adequate protection under contracts signed on the basis of standard contractual clauses approved by the European Commission to reduce the risk of differences in standards of Personal Data protection.
Every person has the right to obtain access to, correction or deletion of, or restriction of the processing of their personal data, as well as the right to data portability. They also have the right to object to the processing of their data, to submit a complaint to a supervisory authority at any time and to withdraw their consent, without prejudice to the lawfulness of the processing carried out on the basis of the consent until the withdrawal of consent.
Every person has the right to object to the processing of their personal data in accordance with the legitimate interests of the processor, including processing for marketing purposes and processing based on automated decision-making, including profiling.
5. Lenovo – Privacy Policy: https://www.lenovo.com/lt/lt/privacy/
Contact information:
Lenovo Group Ltd
privacy@lenovo.com
U.S. postal mail at Lenovo, Attn: Privacy Program, 1009 Think Place, Morrisville, North Carolina, USA 27560.

13. Information about cookies
Cookies are small text files containing a small amount of information that are sent to your browser from a server and stored on your computer, mobile phone or other device when you are browsing a website. Each time you visit the same website, cookies send information back to this website. We use cookies to personalize content and ads, to provide access rights to protected areas, to provide social media features and to analyse web traffic. We share website usage information with our social media, advertising and analytics partners that may add it to other information you provide or collect through the services. Cookies are used to process your IP address, browsing information such as the areas of the website visited, time spent on the website, etc. Some cookies are set by third party services used on our sites.
We may only store cookies on your device in accordance with the law if they are necessary for the operation of this website. For all other types of cookies, we must obtain your prior consent: