Privacy policy

1. General Provisions

1.1. This privacy policy (hereinafter – the Policy) regulates the main principles and rules regarding the collection, processing and storage of personal data carried out by UAB "Vitardus", company code 110591855, address of registration: Vito Gerulaičio g. 1-1, Vilnius, Lithuania (hereinafter – we, the Company), and terms of operation of our website https://www.pipelinepharma.com/(hereinafter - the Website).

1.2. We strive to ensure that the users of our services, visitors of the Website, users of services provided on the Website and other persons whose personal data we process, would trust our services and would be informed in a transparent manner of how we process their data. In this Policy you shall find information on how we collect and use (or would like to collect and use) your personal data.

1.3. Before using the Website and/or using the services or products provided by the Company, you must thoroughly read and become familiar with the Policy. By using the Website and/or services or products provided by the Company, you confirm that you agree to adhere to the Policy and to the collection and use of information in relation to this Policy.

1.4. The Company adheres to these principles of data processing:

1.4.1. Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject (principle of lawfulness, fairness and transparency);

1.4.2 Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes (principle of purpose limitation);

1.4.3. Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (principle of data minimisation);

1.4.4. Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (principle of accuracy);

1.4.5. Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required to safeguard the rights and freedoms of the data subject (principle of storage limitation);

1.4.6. Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (principle of integrity and confidentiality);

1.4.7 We are responsible for following, and be able to demonstrate compliance with, the abovementioned principles (principle of accountability).

1.5. This Policy has been prepared in accordance to the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter – the GDPR), the Act on Legal Protection of Personal Data of the Republic of Lithuania, other laws of the European Union and the Republic of Lithuania.

2. Personal data processing, storage

2.1. You are responsible for ensuring that the data you provide is precise, correct and detailed. Input of incorrect data is considered to be a violation of the Policy. If the data provided changes, you must immediately inform the Company about it. The Company shall under no circumstances be responsible for damages if you provide incorrect and (or) incomplete personal data or did not request addition and (or) correction of data when it changes.

2.2. The Company will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

3. Processing of personal data for the purpose of selecting candidates for employment

3.1. If you decide to contact us for recruitment, we will process personal data submitted by you as candidate for recruitment purposes.

3.2. Legal basis for processing personal data is Article 6 (1) (a) (Your consent given by submitting your data) and (b) (processing in order to take steps prior to entering into a contract) of the GDPR.

3.3. We process personal data for candidate selection purposes for the length of an employment procedure, unless we receive your consent to keep your data for longer.

3.4. Personal data processed for this purpose may be made available to companies that provide IT support services, acting as data processors.

3.5. Whereas the laws of the Republic of Lithuania impose additional restrictions on the information of candidates that can be processed, we shall ensure that only the allowed personal data of you as the candidate is processed.

4. Processing of personal data for the search of new clients

4.1. We process personal data for the purpose of searching for potential clients. For this purpose, we process the following employee personal data of potential clients: full name, email address, phone number, workplace (company name and country), position. We may either receive the data directly or from LinkedIn social network.

4.2. Legal basis for the processing of personal data are GDPR Article 6 (1) (f) – our legitimate interest to contact employees of our potential clients and offer our services.

4.3. We retain data processed for this purpose for 2 years from the last contact.

4.4. Personal data processed for this purpose may be made available to companies that provide IT support, cloud and CRM maintenance services, acting as data processors.

5. Processing of personal data for the provision of services and keeping contact with the clients

5.1. When registering for the account, we collect your full name, email address, phone number, workplace (company name and country). When signing up for a paid plan, the Company will also collect company name, company registration number, Value Added Tax (VAT) number, company address and other data that is required in the account registration or any other form.

5.2. Legal basis for the processing of personal data are GDPR Article 6 (1) (b) - conclusion and execution of the contract, (c) - execution of legal accounting obligations applicable to us.

5.3. Where your personal data are necessary for us to perform the contract or to fulfil our legal obligations, the submission of personal data is necessary as we otherwise will not be able to provide you with our services.

5.4. We may provide another customer with your data when a coordinated transaction between two customers (seller and buyer) occurs and customers are introduced by email.

5.5. We retain data processed for this purpose for 2 years from the end of the business relationship with the client or until you as an employee work for the client.

5.6. Personal data processed for these purposes may be made available to companies that provide IT support, cloud, email sending and CRM maintenance services, acting as data processors.

5.7. If you choose to sign in with your social media account, the Company receives necessary data from the social network provider (for example, LinkedIn Corporation).

6. Processing of personal data for accounting purposes

6.1. When you use our paid services, we process the following personal data for the accounting purposes: full name, address, workplace and position, email address, phone number, VAT number.

6.2. Legal basis for the processing of personal data is GDPR Article 6 (1) (c) - execution of legal accounting obligations applicable to us.

6.3. We retain data processed for this purpose for 10 years.

6.4. Personal data processed for this purpose may be made available to companies that provide IT support and accounting software maintenance services to us as data processors.

7. Recording of telephone conversations

7.1. For the purpose of quality control of the services provided and telephone consultations, we record telephone conversations. Accordingly, when You call us on the telephone lines listed below, we will process the following personal data:

7.1.1. Call log data (phone number and date of call);

7.1.2. Telephone conversation recording.

7.2. We receive the data from call recording systems.

7.3. If you would like to contact us and do not wish your conversation to be recorded, please kindly contact us by email (the email addresses are listed in the Website’s contact section).

7.4. Legal basis for the processing of personal data is is Article 6 (1) (f) of the GDPR – our legitimate interest in ensuring and improving the quality of customer service.

7.5. We retain data processed for this purpose for 6 months.

7.6. We do not transfer your data we process for this purpose to third parties, but for their processing we use call centre service providers and companies that provide IT services to us, acting as data processors.

8. Procedures and retention periods of personal data storage

8.1. By processing and storing your personal data we shall implement organizational and technical measures that would ensure protection of personal data from accidental or unlawful destruction, modification, disclosure and any other means of unlawful processing. Users should be aware, however, that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, therefore absolute security may not be guaranteed.

8.2. If you are our client, we will retain your information for as long as your account is active or as needed to provide you our services.

8.3. We will also retain personal data we process on behalf of our clients for as long as needed to provide services to our client. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

8.4. In the event that your certain personal data will be required for the purpose of bringing, enforcing or defending legal claims, we will retain them to the extent that they are necessary to achieve such purposes in a judicial, administrative or extrajudicial procedure.

9. Your rights

9.1. You as a data subject shall at any time have the right to access your personal data processed by the Company after making a request; to receive information on how your personal data is processed; to rectify incorrect, incomplete or inaccurate personal data; and to ask to suspend personal data processing actions when the data processing does not comply with laws and requirements of the Policy.

9.2. To the extent that the processing of personal data is based on consent, you have the right to withdraw the consent at any time without affecting the legitimacy of consent-based data processing prior to the withdrawal of consent.

9.3. You can exercise your rights by submitting a written application by e-mail support@pipelinepharma.com or by sending a request by mail to us Vito Gerulaičio g. 1-1, Vilnius, Lithuania.

9.4. If you are not satisfied by an answer of the Company or think that it processed your personal data in a way that does not comply with legal requirements, you can file a complaint with the supervisory authority that inspects personal data processing in your country.

10. Contact information and complaint submission

10.1. If you have any questions regarding the protection of personal data, please kindly contact us by e-mail support@pipelinepharma.com

11. Processing of personal data carried out by third parties

11.1. Under certain conditions we can disclose your information to other parties than described above:

11.1.1. In order not to violate the law or to respond to a mandatory claim in court proceedings (for example, upon receipt of a court request to provide data);

11.1.2. To confirm the legitimacy of our actions;

11.1.3. To protect our rights, assets or secure them;

11.1.4. In other cases, with your consent or legitimate request.

11.2. Any personal data you provide to us may be transferred to competent authorities in the cases expressly provided for by law.

11.3. The Website provides links to our accounts on social networks. By using third-party services such as visiting our Facebook social network account may be subject to third-party terms and conditions. It is therefore advisable to familiarize yourself with the terms they apply when using such third-party services:

11.3.1. You may find Privacy Policy of the Facebook social network by following this address: https://www.facebook.com/policy.php.

11.3.2. You may find Privacy Policy of the Twitter social network by following this address: https://twitter.com/en/privacy.

11.3.3. You may find Privacy Policy of the LinkedIn social network by following this address: https://www.linkedin.com/legal/privacy-policy.

11.4. We would also like to draw your attention to the fact that the Website contains links to the websites of other persons, companies or organizations, and that we are not responsible for the content of such websites and/or the methods used by them to enforce their privacy policies, so, before submitting any information about yourself on another website, you should consult their terms and conditions, privacy policy and other information provided on the other website.

12. Final provisions

12.1. Legal relations related to this Policy shall be governed by the law of the Republic of Lithuania.

12.2 We are not accountable for damages, including damages resulting from interference with usage of the Website, damage or loss of data arising from an act or omission by you or third parties acting on your behalf, including incorrect input of data, other mistakes, conscious malicious behaviour and other wrongful use of the Websites. We shall also not be held responsible for any interference of the Website log in and / or functioning and (or) resulting damage that arises from acts or omissions of third parties not associated with the User, including issues with electricity, web access, etc.

12.3. This Policy shall be reviewed and, if necessary, updated at least once every two years. Policy additions or changes shall take effect from the date of their publication on the Websites.

12.4. If you use the Website and our services after the Policy update, we will assume that you do not object and are familiar with the changes made.