Privacy Policy
This document (“Privacy Policy”) explains how CyberCare, UAB, together with its subsidiaries and affiliates (together referred to as “CyberCare”, “we”, “us”, or “our”), collects, uses, protects, discloses, and deletes your personal data when you use our services and/or access this website (“Website”) regardless of the device (computer, mobile phone, tablet, etc.) you use. Please note that we only collect and use the bare minimum of information needed.
Introduction
Please read this Privacy Policy carefully to understand our policies and practices regarding your personal data. By using our services and/or visiting the Website, you confirm that you have read this Privacy Policy and agree to be bound by it. If you do not agree with any part of this Privacy Policy, please refrain from accessing/using our services and the Website.
The company responsible for handling your personal data is CyberCare, UAB (Švitrigailos str. 34, 03230 Vilnius, Lithuania). We are the “data controller” as specified under many privacy laws, like the European Union’s General Data Protection Regulation (“GDPR”) and the United Kingdom’s Data Protection Act 2018.
This Privacy Policy provides you with certain information that must be provided under the GDPR and the local data protection laws. Please note that the California Consumer Privacy Act (“CCPA”) includes concepts similar to the GDPR: for example “business” is similar to “data controller”. For simplicity, when we talk about CyberCare being a “data controller”, we also mean that CyberCare is a “business” in the sense of CCPA. Also, as per definitions in the CCPA, please note that CyberCare does not sell, share, lease, or rent your personal information.
Contractual terms, supplemental privacy statements, or notices may also provide more information on your personal data. Information on how we process job applicants data can be found here: https://cybercare.cc/privacy-notice-for-job-applicants/.
Processing of your personal data
To provide our services and operate our Website, we need to process certain information that can identify you (referred to as “personal information,” “personal data,” or simply “data”). The specific types of data we collect depend on how you interact with us, our services, and the Website, as well as the applicable legal requirements.
When you contact us
- Purpose: To respond to your inquiries and communicate with you. When you contact us with a general inquiry, we may process the contact information you provide, such as your name and email address, as well as the content of your inquiry. We retain this information only for as long as necessary to address your inquiry and for a reasonable follow-up period thereafter, unless a longer retention period is required or permitted by applicable law.
Legal basis: The processing is based on our legitimate interest in responding to inquiries and maintaining effective communication.
When you subscribe to our newsletters
- Purpose: To send you newsletters, updates, and other marketing communication. When you subscribe, we process your email address and subscription preferences. We may send you such communications for up to one (1) year from the date of subscription, unless you opt out earlier.
Legal basis: The processing is based on your consent, which you may withdraw at any time by using the unsubscribe link included in each communication or by contacting us directly.
When you interact with the Website
- Purpose: To enable you to use the Website, ensure its proper functioning, and, where applicable, analyze aggregated usage statistics and support advertising activities. Cookies, pixels, and other similar technologies are usually small text or image files that are placed on your device (collectively referred to as “cookies” in this Privacy Policy) when you visit our Website. This is a standard practice on the Internet. Some cookies are essential for our Website to operate smoothly; others are used to improve Website’s functionality, analyze aggregated usage statistics to improve Website’s performance, and for advertising. While using our Website, you have full control over your cookie preferences. You can manage your choices through the cookie settings widget available on the site, allowing you to accept all cookies, reject non-essential ones, or customize your preferences by selecting specific categories such as necessary, analytics, or advertisement cookies. This ensures you can adjust your consent and settings at any time to suit your preferences.
Legal basis: The processing is based on the performance of a contract, insofar as it is necessary to enable you to access and use our Website; our legitimate interests in ensuring the proper functioning, security, and stability of the Website; and, where applicable, your consent provided when visiting the Website.
The Website uses the following cookies:
- Necessary cookies. These cookies are required to enable the basic features of this Website, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data and cannot be disabled.
- Analytics cookies. These cookies are used to understand how visitors interact with our Website, these cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
- Advertisement cookies. These cookies are used to provide visitors with customized advertisements based on the pages visited previously and to analyze the effectiveness of the ad campaigns.
Third-party service providers. We use third-party cookies that assist us in various ways. Some of them are essential, while others serve other purposes. For example, they help us with load balancing, defend against bots, and identify potential security and performance issues. Third-party service providers we currently use include:
| Service Provider | Purpose (category) | Link to Privacy Policy |
| CookieYes Limited | Necessary (remembers cookie consent preferences) | CookieYes Privacy Policy |
| Meta Platforms,Inc. | Advertisement | Facebook Privacy Policy |
| Google LLC | Advertisement, Analytics | Google Privacy policy |
Controlling data collection by third-parties. You can control data collection by third-party services like Google and Facebook through your cookie preferences. By managing your cookie settings on our Website, you can choose to disable certain categories of cookies, such as analytics or advertisement cookies. For more specific control:
- Google Services: You can opt out of Google Analytics tracking using the Google Analytics Opt-Out Browser Add-on. To manage targeted advertising preferences, visit Google Ads Settings.
- Facebook: To control data collection by Facebook, you can adjust your ad preferences via Facebook Ads Settings.
Personal data sharing and transfers
Your personal data may be processed:
- Where it is necessary to fulfil our contract wit h you at your request (e.g., to ensure the secure, reliable, and robust performance of our Website).
- When we have a legal obligation to process certain personal data collected from you.
- Where you have provided your consent to us (e.g., to send marketing communication unless applicable law permits us to contact you without your prior consent).
- We sometimes may process your personal data under t he legal basis of our or third parties’ legitimate interest (e.g., to properly administer business communication wit h you; to detect, prevent, or ot her wise address fraud, abuse, security, or technical issues wit h our Website; to receive knowledge of how our Website is being used).
We share personal data globally, both internally within the companies representing the CyberCare brand, and externally with our third-party partners/service providers:
- Other CyberCare group companies. Companies representing the CyberCare brand share infrastructure, systems, web hosting, and technology to ensure efficiency, business continuity, and security, as permitted by applicable law, and in accordance with this Privacy Policy.
- Service providers. These third parties include IT developers and support providers, cloud computing services providers, third parties who provide support and advice including in relation to legal, finance, audit, business management, safety/security issues, etc.
- Courts and/or governmental/law enforcement authorities. We may disclose personal data to establish or exercise our legal rights or defend against any legal claims or other complaints. We can also respond to legal requests when we have a belief that the response is required by law in that jurisdiction.
We require the above-mentioned third parties to protect the personal data they receive with appropriate security measures and prohibit them from using the personal data for their own purposes or outside what is necessary to provide the service. Please note that sometimes your personal information may be processed in countries where these providers are based, including locations that may not guarantee the same level of protection of personal data as the one in which you reside. Nevertheless, we have implemented appropriate safeguards to ensure that your personal data remains protected in accordance with this Privacy Policy and all applicable data protection laws. These safeguards may include:
- Relying on adequacy decisions issued by the European Commission or other relevant authorities.
- Using Standard Contractual Clauses (“SCCs”) approved by the European Commission (or other relevant authorities) together with any additional legal, technical, and organizational measures required.
These measures help ensure that your personal data receives an adequate level of protection regardless of where it is processed.
Your rights in connection with personal data
Please note that there are various data protection laws across different jurisdictions that provide privacy rights to you as an individual. Subject to the applicable data protection laws and any other applicable factors, you may have the following rights:
- Delete: request us to erase your personal data.
- Access: know and access personal data CyberCare has collected about you.
- Rectify: rectify, correct, update, or complement inaccurate/incomplete personal data CyberCare has about you.
- Object: object to the processing of your personal data which is done on the basis of our (or others) legitimate interests.
- Transfer: request us to provide you with a copy of your personal data in a structured, commonly used, and machine-readable format or to transmit (if technically feasible) your personal data to another controller (only where our processing is based on your consent and carried out by automated means).
- Restrict: restrict the processing of your personal data (when there is a legal basis for that).
- Withdraw consent: withdraw your consent where processing is based on consent you have previously provided.
- Lodge a complaint: exercise your rights by contacting us directly or, if all else fails, by lodging a complaint with a supervisory authority (State Data Protection Inspectorate in Lithuania or other authority in the Member State of your habitual residence or place of an alleged infringement of the GDPR).
If you want to exercise your rights (or have any questions/comments), you can always reach out to the recruiter handling your application or contact us at dataprotection@cybercare.cc.
Personal data security
We maintain control over the personal data we collect to ensure that it is adequately protected. Our dedicated IT security team has implemented appropriate physical, technical, and organizational measures to protect information about you against accidental or unlawful destruction, or accidental loss, alteration, unauthorized disclosure, or access, and against all other unlawful forms of processing. These safeguards include:
- Physical measures. We control access to our facilities using secure electronic access systems. We also use security alarm systems and CCTV. Devices with personal data are stored only in locked rooms or cabinets, while our printers are protected by access control measures. We also follow a clean desk policy.
- Technical measures. We use a layered defense with firewalls, anti-malware protection, and intrusion detection and prevention systems. Our infrastructure is regularly updated, with vulnerability scans carried out periodically to detect possible gaps. We have security event and incident management solutions in place to correlate and investigate signals in security tools. Our servers are hardened and managed using automated configuration tools. All our workplaces are managed using a centralized endpoint management tool. We encrypt data at rest and in transit, using encryption protocols in accordance with the latest security practices.
- Organizational measures. We have adopted information security and data processing policies in accordance with the best practices. We have undergone external audits to prove that our information security and data processing policies meet the required standards. When it comes to our employees, we consciously foster a culture of continuous improvement with regard to security and data protection awareness (including organizing regular and ongoing training, as well as engaging in other activities to raise awareness). We analyze our organization’s threat landscape and attack surface to continuously update our security measures. Finally, access to databases containing personal data is granted only on a need-to-know basis.
If we detect something suspicious, we will notify you immediately and guide you through steps to stay better protected. However, no company can guarantee the absolute security of internet communications as no technology is completely bulletproof. If you have any reason to believe that your interaction with us is no longer secure, please notify us at dataprotection@cybercare.cc
Personal data retention and deletion
CyberCare will store your personal data for the periods mentioned above in this Privacy Policy (Section “Processing of your Personal Data”) if longer terms are not required in order to comply with our legal obligations and/or to resolve disputes.
When we no longer have a valid reason to retain your personal data, it will either be:
- Permanently and securely deleted using industry-standard data destruction methods, or
- Irreversibly anonymized so it can no longer be linked to you.
Children’s data
We do not offer our services or Website to children and, therefore, do not knowingly collect or solicit personal data from anyone under the age of eighteen (18).
Other terms
Limitation of liability: It is important that you use our services and the Website carefully and responsibly — if your actions violate someone else’s privacy, rights, or any applicable laws, the responsibility lies with you and you alone. CyberCare is not liable for any consequences resulting from your unlawful, intentional, or careless actions, or for events that go beyond what CyberCare could reasonably control or foresee.
Links to other websites: Our Website may contain links to third-party websites (such as social media platforms), which are not operated by us. If you follow a link to one of these websites and share your personal data with them, that data will be handled according to their own privacy policies, which may differ from ours. We strongly encourage you to review them before providing any personal information.
Updates to this Privacy Policy: We may update this Privacy Policy in the future to reflect any changes in the law, best practices, or our services. Any alterations will come into effect upon posting the revised Privacy Policy, so please check here regularly.
Contact us
If you have any questions, concerns, or complaints about this Privacy Policy or our handling of your personal data, or if you wish to exercise your privacy rights, please contact us directly at dataprotection@cybercare.cc.