The Legal notice

1. General terms and conditions of use

• The user of the present website of CARMENTA, hereafter referred to as «user», acknowledges that the user has verified that the computer configuration used does not contain any viruses or any other malicious software and that it operates perfectly.

• The user is solely responsible for the selection, use and interpretation of the data which the user consults, searches and transmits on the Internet.

• Baltic Institute of Advanced Technology (BPTI), the responsible for this website, reserves the right to modify the present legal notice at any time. The user shall abide by the conditions of use of the portal contained in the most recent version of the legal notice available on the portal at the time of such use.

2. Contents of the website
BPTI maintains this website to enhance public access to information about the CARMENTA project activities and to inform about the current status of the project in general.
This information is:

• of a general nature only and is not intended to address the specific circumstances of any particular individual or entity;

• not necessarily comprehensive, complete, accurate or up to date;

• sometimes linked to external sites, over which BPTI has no control and for which it assumes no responsibility;

• not professional or legal advice (if you need specific advice, you should always consult a suitably qualified professional).

Our goal is to keep this information timely and accurate. If errors are brought to our attention, we will try to correct them. We reserve the right to correct the content of this website at any time and without notice.
However, BPTI accepts no responsibility or liability whatsoever with regard to the information neither for the presence of viruses or malicious software on the CARMENTA website.
It is our goal to minimize disruption caused by technical errors. However, some data or information on our site may have been created or structured in files or formats that are not error-free and we cannot guarantee that our service will not be interrupted or otherwise affected by such problems. BPTI accepts no responsibility regarding such problems incurred as a result of using this site or any linked external sites.
This disclaimer is not intended to limit the liability of BPTI in contravention of any requirements laid down in applicable national law nor to exclude its liability for matters which may not be excluded under that law.
Any user who discovers inaccuracies, erroneous information or information of a clearly unlawful nature is invited to inform the CARMENTA Communications, Baltic Institute of Advanced Technology, Pilies Str. 16-8, Vilnius.

3. Use of hyperlinks

• This site includes information made available by hyperlinks to other sites which have not been developed by BPTI.

• BPTI shall under no circumstances be liable for hyperlinks to other sites from this site.

• The existence of a link from this site to another site shall not constitute any acquiescence or warranty on the part of BPTI with respect to content or any person who runs such other site.

• The creation of hyperlinks to this site shall be subject to the explicit prior approval of the BPTI.

4. Privacy policy
The purpose of the privacy policy is to inform how personal data is collected and processed, to explain how long it is stored, to whom it is granted, what rights data subjects have and where to apply for its implementation or other issues related to personal data processing.
Personal data is processed in accordance with the General Data Protection Regulation (EU) 2016/679 of the European Union (hereinafter - the Regulation), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legal acts regulating the protection of personal data.
Baltic Institute of Advanced Technologies is guided by the following basic data processing principles:

• personal data is collected only for clearly defined and legitimate purposes;

• personal data is processed lawfully and fairly only;

• personal data is constantly updated;

• personal data is stored securely and for no longer than required by the purposes for which the data is processed or by law;

• personal data shall be processed only by staff of the Institution who are authorized to do so by their operational functions or by duly authorized processors.

5. Definitions
5.1. Data controller - Baltic Institute of Advanced Technology (hereinafter - the Institution), legal entity code 301846141, registered office address Pilies str. 16-8, LT- 01403 Vilnius, Republic of Lithuania.
5.2. Data subject - any natural person whose data is processed by the Institution. The Data Controller collects only that data of the data subject that is necessary for the performance of the activities of the Institution and / or visiting, using, browsing the websites of the Institution, Facebook page, etc. (hereinafter referred to as the Website). The Institution shall ensure that the personal data collected and processed securely and used only for the specific purpose.
5.3. Personal data - shall mean any information relating directly or indirectly to a data subject whose identity is known or can be directly or indirectly established by reference to the data concerned. Processing of personal data means any operation on personal data (including the collection, recording, storage, editing, modification, granting of access, submission of requests, transmission, archiving, etc.).
5.4. Consent - means any voluntary and deliberate consent by which the data subject consents to the processing of his or her personal data for a specific purpose.

6. Sources of personal data
6.1. Personal data is provided by the data subject himself/herself. The data subject applies to the Institution, uses the services provided by the Institution, buys goods and / or services, participates in lotteries or competitions, surveys, research, projects, leaves comments, asks questions, applies to the Institution for information, etc.
6.2. Personal data is obtained by the data subject visiting the Institution's website. The data subject fills in the forms contained in it or for some reason leaves his / her contact details, etc.
6.3. Personal data is obtained from other sources. Data is obtained from other institutions or companies, publicly available registers, etc.

7. Processing of personal data
7.1. By providing personal data to the Institution, the data subject agrees that the Institution will use the collected data to fulfil its obligations
to the data subject in providing the services that the data subject expects.
7.2. The Institution shall process personal data for the following purposes:
7.2.1. Ensuring the assurance and continuity of the Institution's activities. The following data shall be processed for this purpose:
For the purpose of concluding and executing contracts, personal data of suppliers (natural persons) may be processed: name (s), surname (s), personal identification code or date of birth, place of residence (address), telephone number, e-mail address, place of work, obligations, bank current account and bank where this account is located, date, amount, currency and other data provided by the person himself/herself, which the Institution receives in accordance with legal acts in the course of the Institution's activities and / or which the Institution is obliged to manage by law and / or other legislation. E.g. data contained in the business certificate (type of activity, group, code, name, periods of activity, date of issue, amount), number of the individual activity certificate, data or the data subject is a VAT payer, etc. data necessary for the proper performance of the contract and / or legal obligations.
Personal data may be processed by administrating the inquiries, comments and complaints: name (s), surname (s), e-mail address, text of the inquiry, comment or complaint.
7.2.2. Execution and management of the researches and projects. The following data shall be processed for this purpose:
Name (s), surname (s), date of birth (age), address of residence, contact details (telephone number, e-mail address);
Video data and / or audio data;
Other data required for researches and projects carried out by the Institution.
7.2.3. Direct marketing. The following data shall be processed for this purpose:
Name, surname;
Contact details (e.g. phone number, e-mail address);
Name of the person's workplace;
Position held.
7.2.4. For other purposes for which the Institution has the right to process the personal data of the data subject, where the data subject has given his/her consent, where the processing is necessary for the legitimate interest of the Institution or where the processing is required by the relevant legislation.
 
8. Provision of personal data
8.1. The Institution undertakes to respect the obligation of confidentiality vis-à-vis data subjects. Personal data may be disclosed to third parties only if this is necessary for the conclusion and performance of the contract for the benefit of the data subject or for other legitimate reasons.
8.2. The Institution may provide personal data to its data processors, who provide services to the Institution and process personal data on behalf of the Institution. Processors shall have the right to process personal data only in accordance with the instructions of the Institution and only to the extent necessary for the proper performance of their contractual obligations. The Institution shall use only those processors who sufficiently ensure that the appropriate technical and organizational measures are implemented in such way that the processing complies with the requirements of the Regulation and that the rights of the data subject are protected.
8.3. The Institution may also provide personal data in response to requests from a court or public authority to the extent necessary for the proper execution of applicable law and instructions of public authorities.
8.4. The Institution guarantees that personal data will not be sold or rented to third parties.

9. Processing of personal data of minors
9.1. Individuals under the age of 14 may not provide any personal data through the Institution’s website. If a person is under 14 years of age, the written consent of one of the representatives (father, mother, guardian (s)) regarding the processing of personal data is required in order to use the services of the Institution.

10. Term of storage of personal data
10.1. Personal data collected by the Institution are stored in printed documents and / or in the Institution's information systems. Personal data shall be processed for no longer than is necessary for the purposes of the processing or for no longer than required by the data subjects and / or provided for by law.
10.2. Although the data subject may terminate the contract and withdraw from the Institution's services, the Institution must continue to retain the data subject's data in the event of future claims or legal claims until the data retention periods expire.

11. Rights of the data subject
11.1. The right to receive information about the data processing.
11.2. The right of access to processed data.
11.3. The right to request rectification of data.
11.4. The right to request erasure of data ("Right to be forgotten"). This right shall not apply if the personal data requested to be deleted are also processed on another legal basis, such as processing necessary for the performance of the contract or the performance of an obligation under the applicable law.
11.5. The right to restrict data processing.
11.6. The right to object to data processing.
11.7. The right to data portability. The right to data portability must not adversely affect the rights and freedoms of others. The data subject shall not have the right to data portability in respect of personal data which are processed manually in structured files, such as paper files.
11.8. The right to request that a decision based on automated data processing, including profiling, not be limited.
11.9. The right to submit a complaint regarding the processing of personal data to the State Data Protection Inspectorate.
 
12. The institution must enable the data subject to exercise the above-mentioned rights of the data subject, except in cases established by law, when it is necessary to ensure state security or defence, public order, prevention, investigation, detection or prosecution of criminal activities, important state economic or financial interests, official or the prevention, investigation and detection of breaches of professional ethics, the protection of the rights and freedoms of the data subject or of any other person.

13. Procedure for exercise of rights of the data subject
13.1. The data subject may apply to the Institution for the exercise of his rights:
13.1.1. by submitting a written request in person, by post, through a representative or by electronic means - by e-mail: info@bpti.lt;
13.1.2. orally - by phone 8 683 87737 (for callers from other networks and from abroad +370 683 87737);
13.1.3. in writing - at Pilies str. 16-8, LT- 01403 Vilnius, Republic of Lithuania.
13.2. You can also contact the Institution's Data Protection Officer, tel. +370 683 87737, email: dpo@bpti.eu.
13.3. In order to protect the data from unlawful disclosure, the Institution must verify the identity of the data subject upon receipt of a request from the data subject to provide data or exercise other rights.
13.4. The Institution's response shall be provided to the data subject no later than one month from the date of receipt of the data subject's request, taking into account the specific circumstances of the processing of personal data. This period may be extended by two months, if necessary, depending on the complexity and number of applications.

14. Responsibility of the data subject
14.1. The data subject must:
14.1.1. inform the Institution of any changes in the information and data provided. It is important for the Institution to have correct and valid data subject information;
14.1.2. provide the necessary information to enable the Institution to identify the data subject at the request of the data subject and to ensure that it is in real communication or cooperation with the data subject (provide an identity document or by legal means or electronic means to properly identify the data subject). This is necessary for the protection of the data subject's data and that of other persons, so that the information disclosed about the data subject is provided only to the data subject, without prejudice to the rights of other persons.
 
15. Final provisions
15.1. By transferring personal data to the Institution, the data subject agrees to this Privacy Policy, understands its provisions and agrees to abide by it.
15.2. In developing and improving the activities of the Institution, the Institution has the right to unilaterally change this Privacy Policy at any time. The Institution has the right to unilaterally, partially or completely change the Privacy Policy by notifying about it on the website www.carmenta-edidp.eu.  
15.3. Additions or changes to the Privacy Policy take effect from the date of their publication, i. i.e. from the day they are posted on the website www.carmenta-edidp.eu