Privacy Policy

This document (“Privacy Policy”) explains the privacy rules applicable to personal data and other information collected or submitted when you access this website (“Website”) regardless of the device (computer, mobile phone, tablet, etc.) you use.

The data controller of your personal data, as described in this Privacy Policy, is CyberCare, UAB (address: Švitrigailos str. 34, 03230 Vilnius, Lithuania; email: dataprotection@cybercare.cc) together with its subsidiaries and affiliates (together referred to as “CyberCare”, “we”, “us”, or “our”).

By visiting/accessing the Website or by submitting your personal data to us, you confirm that you have read this Privacy Policy and agree to be bound by it. If you do not agree with this Privacy Policy or any provisions hereof, please do not visit/access the Website.

Additional information on your personal data may also be indicated in contractual terms, supplemental privacy statements, or notices.

This Privacy Policy provides you with certain information that must be provided under the General Data Protection Regulation (EU) 2016/679) (“GDPR”) and the local data protection laws. Please note that the California Consumer Privacy Act (“CCPA”) includes concepts similar to the GDPR: for example “business” is similar to “data controller”. For simplicity, when we talk about CyberCare being a “data controller”, we also mean that CyberCare is a “business” in the sense of CCPA. Also, as per definitions in the CCPA, please note that CyberCare does not sell, share, lease, or rent your personal information.

PROCESSING OF YOUR PERSONAL DATA

Communication data:

• Contact information. If you send us an email with a general inquiry, we will process the name and email address you have provided. Such processing is based on our legitimate interest to get in touch with you.

Information collected on our Website:

Cookies. Cookies, pixels, and other similar technologies are usually small text or image files that are placed on your device (collectively referred to as “cookies” in this Privacy Policy) when you visit our Website. This is a standard practice on the Internet. Some cookies are essential for our Website to operate smoothly; others are used to improve Website’s functionality, analyze aggregated usage statistics to improve Website’s performance, and for advertising. While using our Website, you have full control over your cookie preferences. You can manage your choices through the cookie settings widget available on the site, allowing you to accept all cookies, reject non-essential ones, or customize your preferences by selecting specific categories such as necessary, analytics, or advertisement cookies. This ensures you can adjust your consent and settings at any time to suit your preferences.

The Website uses the following cookies:

• Necessary cookies. These cookies are required to enable the basic features of this Website, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data and cannot be disabled.
• Analytics cookies. These cookies are used to understand how visitors interact with our Website, these cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
• Advertisement cookies. These cookies are used to provide visitors with customized advertisements based on the pages visited previously and to analyze the effectiveness of the ad campaigns.

Third-party service providers. We use third-party cookies that assist us in various ways. Some of them are essential, while others serve other purposes. For example, they help us with load balancing, defend against bots, and identify potential security and performance issues. Third-party service providers we currently use include:

Controlling data collection by third-parties. You can control data collection by third-party services like Google and Facebook through your cookie preferences. By managing your cookie settings on our Website, you can choose to disable certain categories of cookies, such as analytics or advertisement cookies. For more specific control:

• Google Services: You can opt out of Google Analytics tracking using the Google Analytics Opt-Out Browser Add-on. To manage targeted advertising preferences, visit Google Ads Settings.

• Facebook: To control data collection by Facebook, you can adjust your ad preferences via Facebook Ads Settings.

GROUNDS FOR PROCESSING OF PERSONAL DATA

Your personal data may be processed:

• Where it is necessary to fulfill our contract with you at your request (e.g., to ensure the secure, reliable, and robust performance of our Website).
• When we have a legal obligation to process certain personal data collected from you.
• Where you have provided your consent to us (e.g., to send marketing communication unless applicable law permits us to contact you without your prior consent).
• We sometimes may process your personal data under the legal basis of our or third parties’ legitimate interest (e.g., to properly administer business communication with you; to detect, prevent, or otherwise address fraud, abuse, security, or technical issues with our Website; to receive knowledge of how our Website is being used).

PERSONAL DATA SHARING AND TRANSFERS

We share personal data globally, both internally within the companies representing the CyberCare brand, and externally with our third-party partners/service providers:

• Other CyberCare group companies. Companies representing the CyberCare brand share infrastructure, systems, web hosting, and technology to ensure efficiency, business continuity, and security, as permitted by applicable law, and in accordance with this Privacy Policy.
• Service providers. We work with various third-party partners who help us manage and improve our recruiting process, including tools and systems we use for this purpose. These third parties include IT developers and support providers, cloud computing services providers, third parties who provide support and advice including in relation to legal, finance, audit, business management, safety/security issues, etc.
• Courts and/or governmental/law enforcement authorities. We may disclose personal data to establish or exercise our legal rights or defend against any legal claims or other complaints. We can also respond to legal requests when we have a belief that the response is required by law in that jurisdiction.

We require the above-mentioned third parties to protect the personal data they receive with appropriate security measures and prohibit them from using the personal data for their own purposes or outside what is necessary to provide the service. Please note that sometimes your personal information may be processed in countries where these providers are based, including locations that may not guarantee the same level of protection of personal data as the one in which you reside. We assess the circumstances involving all cross-border data transfers and have suitable safeguards in place to require that your personal data will remain protected in accordance with this Privacy Policy. For example, in case your personal data is transferred to countries outside the EEA, we make sure there is an adequacy decision from the European Commission with regards to the recipient country or we use standard contractual clauses approved by the European Commission for such transfer of your personal data.

YOUR RIGHTS IN CONNECTION WITH PERSONAL DATA

Please note that there are various data protection laws across different jurisdictions that provide privacy rights to you as a data subject. Subject to those applicable data protection laws, among others, you may have the following rights:

• Delete: request us to erase your personal data.
• Access: know and access personal data CyberCare has collected about you.
• Rectify: rectify, correct, update, or complement inaccurate/incomplete personal data CyberCare has about you.
• Object: object to the processing of your personal data which is done on the basis of our (or others) legitimate interests.
• Transfer: request us to provide you with a copy of your personal data in a structured, commonly used, and machine-readable format or to transmit (if technically feasible) your personal data to another controller (only where our processing is based on your consent and carried out by automated means).
• Restrict: restrict the processing of your personal data (when there is a legal basis for that).
• Withdraw consent: withdraw your consent where processing is based on consent you have previously provided.
• Lodge a complaint: exercise your rights by contacting us directly or, if all else fails, by lodging a complaint with a supervisory authority (State Data Protection Inspectorate in Lithuania or other authority in the Member State of your habitual residence or place of an alleged infringement of the GDPR).

If you want to exercise your rights (or have any questions/comments), you can always reach out to the recruiter handling your application or contact us at dataprotection@cybercare.cc.

PERSONAL DATA SECURITY

We maintain tight controls over the personal data we collect. Our dedicated IT security team has implemented appropriate physical, technical, and organizational measures to protect information about you against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, or access and against all other unlawful forms of processing:

• Physical Measures. We control access to our facilities with access cards. We also use security alarm systems and CCTV. We store devices with personal data information only in locked rooms or cabinets. Our printers are protected by access control measures. A clean desk policy is implemented.
• Technical Measures. We use layered defense with firewalls, anti-malware protection, intrusion detection, and prevention systems. Our infrastructure is regularly updated and regular vulnerability scans are in place to detect possible vulnerabilities. We have security event and incident management solutions to correlate and investigate signals in security tools. Servers are hardened and automated configuration tools are used to manage them. All workplaces are managed from a centralized endpoint management tool. Data at rest and in transit are encrypted. Encryption protocols are used according to the newest security practices.
• Organizational Measures. We adopted information security and data processing policies according to best practices. We have external audits to prove our information security and data processing policies are up to standards. We adopted a constant development culture of security and data protection awareness among our employees (including organizing regular and ongoing training and other awareness activities). We analyze the threat landscape and attack surface and constantly update our security measures. Access to databases containing personal data is granted on a need-to-know basis.

If we detect something suspicious, we will notify you immediately and guide you through steps to stay better protected. However, no company can guarantee the absolute security of internet communications as no technology is completely bulletproof. If you have any reason to believe that your interaction with us is no longer secure, please notify us at dataprotection@cybercare.cc.

PERSONAL DATA RETENTION AND DELETION

CyberCare will store your personal data for the periods mentioned above in this Privacy Policy (Section “Processing of your Personal Data”) if longer terms are not required in order to comply with our legal obligations and/or to resolve disputes. When we no longer have a legal ground to keep your personal data, it will either be securely disposed of, or de-identified through appropriate anonymization means.

OTHER TERMS

Our Website may include links to pages whose privacy practices differ from ours. If you submit personal information to any of those sites, your information will be governed by their privacy policies. Please review such third-party websites’ privacy policies, terms of use, and other policies carefully and make sure you understand them before you engage in any transaction.

We may update this Privacy Policy in the future to reflect any changes in the law, best practices, or our services. Any alterations will come into effect upon posting the revised Privacy Policy, so please check here regularly.