Your Personal data controller is:
UAB BLUE EMI LT
Legal entity code
Registered office address
Antano Tumėno g. 4, Vilnius, Republic of Lithuania
This Policy has been prepared in accordance with:
the General Data Protection Regulation;
the Law of the Republic of Lithuania Law on Legal Protection of Personal data;
the Law of the Republic of Lithuania on Electronic Communications; and
other applicable legal acts as well as the instructions and recommendations of the supervisory authorities.
When processing your Personal data we at all times adhere to:
this Policy and the legal acts indicated in Paragraphs 1.3.1 – 1.3.4 of this Policy;
the principles of (i) legality; (ii) good faith; (iii) transparency, (iv) limitation (reduction) of scope and duration, (v) accuracy of data processing. We do not collect, do not require Data subjects to provide and do not process any Personal data that is not necessary.
This Policy may be subject to updating and the updates will be indicated by changing the version the top of this page. Following the update of this Policy, the latest version is published on the Website www.blueemi.com. If we make any material changes, we will notify you by email (sent to the email address specified in your account), by means of a notice on our services prior to the change becoming effective, or as otherwise required by the applicable legal acts.
If you have any questions about this Policy or the protection of your Personal data, please submit your request immediately using the contact details disclosed above.
The capitalised terms in this Policy shall have the following meanings:
Company of we – company holding an electronic money institution licence No. 93, supervised by the supervisory authority Bank of Lithuania UAB BLUE EMI LT, legal entity code: 305682465, registered office address: Antano Tumėno g. 4, Vilnius, Republic of Lithuania;
Data subjects or you – Company’s customers, visitors to our Website, customers that are using the services provided by us via the Website, their representatives, ultimate beneficial owners, candidates for employment in the Company;
Personal data – any information related to a natural person whose identity is known or may be determined directly or indirectly using such data as a personal code, one or more characteristics of a physical, physiological, psychological, economic, cultural or social nature characteristic of a person, etc.;
System – software solution that is available on the Website, that is developed for the provision of our services;
Website – www.blueemi.com
YOUR PERSONAL INFORMATION
Personal information is typically data that identifies an individual or relates to an identifiable individual. This includes information you provide to us, information which is collected about you automatically, and information we obtain from third parties. The definition of personal information depends on the applicable law based on your physical location.
We will ask you to provide us with some important information about yourself to us to access our services. This information is either required by law (e.g. to verify your identity), necessary to provide the requested services, or is relevant for certain specified purposes, described in greater detail below.
If you choose not to share certain information with us, we may not be able to serve you as effectively or offer you our services. It is also your responsibility to keep sharing your updated information so that the services can be provided without any hindrances.
personal identification information: full name, personal identification code (in the case of an alien – date of birth (where available – personal identification code or any other unique sequence of symbols granted to that person, intended for personal identification), nationality, gender, signature, photographs, phone number, home address, and/or email.
formal Identification Information: government issued identity document such as passport, national identity card, state ID card, passport number, national identity card details, and/or any other information deemed necessary to comply with our legal obligations under financial or anti-money laundering laws.
information about the operations you make on our services, such as the name of the recipient, your name, the amount, and/or timestamp of the operation.
Automatic data collection:
As permissible by the applicable legal acts, we may collect certain types of information automatically, whenever you interact with our Website or use our services to improve upon providing you with relevant, secure and more streamlined services. Information collected automatically could include: (i) Geo location/tracking details, browser fingerprint, operating system, browser name and version, and/or personal IP addresses; (ii) authentication data, security questions and other data collected via cookies and similar technologies.
PRINCIPLES THAT WE FOLLOW WHEN PROCESSING YOUR PERSONAL DATA
We process your personal data only to the extent necessary to achieve the relevant clearly defined and legitimate purposes, taking into account the protection of your privacy.
We ensure that the data is processed accurately, fairly and lawfully and is processed only for purposes that meet the purposes specified before the collection of personal data.
We process all data in strict accordance with the clear and transparent requirements for the processing of personal data established by legal acts.
We store the data in a form that allows you to be identified for no longer than is necessary for the purposes for which the personal data are processed.
When processing your data, we apply appropriate technical and organizational measures to ensure the security of personal data, including protection against unlawful processing of data and against accidental loss, destruction, damage.
PERSONAL DATA PROCESSING PURPOSES
We process your Personal data for the following purposes:
for the purpose of our service provision;
for the purpose of direct marketing;
upon your queries submitted for us;
for the purpose of compiling statistics and/or reports.
The basis, scope, data retention periods as well as other circumstances related to the processing of your Personal data, in each case, are defined in detail hereinbelow.
Processing of Personal data for the purpose of our service provision
The Website is maintained and administrated by the Company, with the help of which you shall be able to use the services that we provide.
While providing our services, we adhere to the Republic of Lithuania Law on the Prevention of Money Laundering and Terrorist Financing, as well as other applicable legal acts and contracts and/or agreements concluded with our customers.
In order for the proper provision of our services, we also process your Personal data for the following purposes:
implementation of the money laundering and terrorist financing prevention requirements (in accordance with the applicable legislation and our internal policies and procedures);
implementation of other requirements applicable for our services and operations.
We manage this Personal data of you, that is required for the provision of our services:
Basic Personal data
Name, surname, personal code (if available), date of birth, age, country of residence, etc.
Phone number, e-mail address, home address
User login data
Login name used for connecting/logging in into the website
Information about the transactions executed in the Website
Beneficiary details, date and time of the transaction executed, transaction amount, purpose of the transaction etc.
Other due diligence data
Video from the identification live video feed, your photograph
We may receive the data disclosed in Paragraph 5.6 either from your, or from other sources (such as – state databases, systems administered by State Enterprise Centre of Registers, etc.) or third parties performing your due diligence for the purpose of the compliance with the money laundering ant terrorist financing prevention. We note that in all cases the legal basis for the processing of this data is the performance of the contract you have concluded with us.
The Company shall retain such Personal data for the purpose of providing our services for 10 years from the date of performance of the agreement or execution of an operation, unless any relevant legal acts provide longer retention terms for such data.
Processing of Personal data for the purpose of direct marketing
Based on your communication preferences, we may send you marketing communications through the channel of your choice (e.g. emails) to deliver targeted marketing and to provide you with promotional offers. Our marketing will be conducted in accordance with your advertising marketing preferences and as permitted by applicable law. Based on your communication preferences, we may also send you marketing communications (e.g. emails) to inform you about our events to deliver targeted marketing and to provide you with promotional offers. Our marketing will be conducted in accordance with your advertising marketing preferences and as permitted by applicable legislation.
We manage this Personal data of yourself, that is required for the purpose of direct marketing:
Basic Personal data
Name, surname, date of birth
E-mail address, phone number
Data subjects are the sources of the relevant Personal data processing, meaning that you yourself submit your Personal data via our Website that is afterwards processed by us for the abovementioned purpose.
You shall always be able to opt-out of receiving marketing communications from us. If you do not want us to send you marketing communications, please submit a request via email email@example.com
Your consent shall constitute the legal basis for the processing of your Personal data disclosed in Paragraph 5.10 of this Policy.
The Company shall retain such Personal data for the purpose of direct marketing for 3 years from the submission of this Personal data for us, unless the consent is withdrawn before the expiry of this term.
Processing of Personal data upon submission of queries by you
When you contact us by e-mail, Website, telephone or in any other way, we shall process the Personal data provided by you in order to administer the received queries, ensure the quality of services being provided and, if necessary – to comply with various legal requirements and protect the interests of us. The legal basis for the processing of this data in the cases provided for is the legitimate interest of the data controller.
When submitting a query, please observe at least the minimum requirements for the protection of personal information – do not provide excessive Personal data that is not necessary for the intended purpose, i.e. for drawing up of a query, complaint, letter or request.
The Personal data provided by you along with the query for us is generally retained for up to 3 years. The retention period may depend on the content and nature of the Personal data provided for us, as well as other circumstances. Where it is necessary for the protection of the rights and legitimate interests of us (or other persons), proper administration of queries, handling of a complaint or settlement of a dispute, as well as in other cases specified in legal acts, your Personal data may be retained for a longer period.
Processing of Personal data for statistical and / or reporting purposes
We may process the Personal data provided by you for statistical purposes, we, as a company providing payment services as an electronic money institution under the applicable legal acts, are subject to legal requirements related to the submission of reports on our or your financial activities to the Financial Crime Investigation Service under the requirements of the Republic of Lithuania Law on the Prevention of Money Laundering and Terrorist Financing.
Personal data processed for this purpose is normally retained for up to 3 years. The retention period may be longer, depending on the content and nature of the data processed and the requirements of the applicable legislation.
We will not use your Personal data for purposes other than those purposes we have disclosed to you, without your permission. From time to time, and as required under the applicable legislation, we may request your permission to allow us to share your personal information with third parties. In such instances, you may opt out of having your personal information shared with third parties or allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorization. If you choose to limit the use of your personal information, certain features or services may not be available for you.
Processing of Personal data of the candidates for employment in the Company
We process your personal data (CV, motivational letter, etc.) when you provide the respective data as a candidate to the job position proposed by the Company. The basis for processing the respective personal data is your consent, expressed by submitting the respective data.
The retention period of data you submit depends on the duration of the selection process of the respective position carried out by the Company. After the respective selection process is finished, the Company will process your personal data only if you give a separate consent.
If you submit your CV, motivational letter or other personal data to the Company when no selection is published, the respective personal data may be retained and used for later selections of the staff for up to 1 year.
By sending your CV, motivational letter or other personal data for the use for selection procedures that are carried out or will be carried out in the future, please abide by at least the minimum requirements of data protection and do not provide excess information that is not related to your candidacy.
Processing of Personal data when visiting our Website
After visiting the Website, the Company can process the IP address of the website visitor, as well as other network data, if they are provided. Such data is collected with the help of cookies and/or similar technological solutions on the basis of user consent.
To ensure the proper functioning of the Website, sometimes we save small data files – cookies – to your device. A cookie is a small text file that we store on your computer or mobile device when we visit the Website. Due to cookies, the Website can “remember” your actions and preferences for a certain period of time (such as registration name, language, font size and other display options), and you do not need to re-enter them each time you visit the Website or browse its various pages.
We store the data collected with the help of cookies, which is used for analysis, for up to three years. Please note that cookies are usually valid for a short time, depending on the type of cookie (during a session, a week or a month), but in some cases it can also be valid for up to five years.
RECIPIENTS OF THE PERSONAL DATA
In the course of its activities, we may use certain service providers (for example, companies providing data storage services, companies developing and maintaining software, companies providing communication services, etc.) to which your Personal data may be transferred. Your Personal data will only be transferred to the respective service providers if and to the extent necessary for the provision of their respective services.
The data recipient may also provide your Personal data to the following data recipients:
state institutions and registers.
courts, notaries, bailiffs, law enforcement agencies, etc.;
other third parties involved in the provision of our services and / or having a legal basis to obtain such data.
In all cases, reasonable efforts shall be made to ensure, in pursuance of legal requirements, that Personal data are not lost or misused.
INFORMATION WE COLLECT FROM THIRD PARTIES
From time to time, we may obtain information about you from third party sources as required or permitted by applicable legal acts. These sources may include:
Public Databases, Credit Bureaus & ID Verification Partners: We obtain information about you from public databases and identification verification partners for purposes of verifying your identity in accordance with applicable law. Identification verification partners use a combination of government records and publicly available information about you to verify your identity. Such information may include your name, address, job role, public status on any sanctions lists maintained by public authorities, and other relevant data. We obtain such information to comply with our legal obligations, such as the Republic of Lithuania Law on the Prevention of Money Laundering and Terrorist Financing. In some cases, we may process additional data about you to assess risk and ensure our services are not used fraudulently or for other illicit activities. In such instances, processing is necessary for us to continue to perform our contractual obligations with you and others.
Joint Marketing Partners & Resellers: For example, unless prohibited by applicable law, joint marketing partners or resellers may share information about you with us so that we can better understand which of our Services may be of interest to you.
Advertising Networks & Analytics Providers: We may work with such providers to provide us with de-identified information about how you found our Website and how you interact with Website.
YOUR PERSONAL DATA USAGE
Our purpose in collecting personal information is to provide you with a secure, smooth, efficient, loss prevention, anti-fraud purposes and customized experience. We may use this information in the following ways:
to maintain legal and regulatory compliance: most of our core services are subject to laws and regulations requiring us to collect, use, and store your personal information in certain ways. For example, we must identify and verify customers using our services in order to comply with anti-money laundering legal acts. This includes collection and storage of your photo identification. In addition, we use third parties to verify your identity by comparing the personal information you provide against third-party databases and public records.
to enforce our terms in our user agreement and other agreements: In order to uphold the terms outlined in our user agreement and other agreements, we handle sensitive information, including your identification and financial data. It is of utmost importance for both us and our customers that we actively monitor, investigate, prevent, and mitigate any potentially prohibited or illegal activities. Additionally, we enforce our agreements with third parties and strive to prevent and detect violations of our user agreement or agreements for other services. Furthermore, we may need to charge fees based on your utilization of our services. To fulfil these objectives, we closely monitor your interactions with our services. Any personal information gathered may be utilized for these purposes. Failure to process your personal information for these intentions may result in the termination of your account.
to detect and prevent fraud and/or funds loss: we process your personal information in order to help detect, prevent, and mitigate fraud and abuse of our services and to protect you against account compromise or funds loss.
to provide service communications: for the purpose of delivering service-related communications, we may send you administrative or account-related information. These communications are meant to keep you informed about our services, notify you about relevant security issues or updates, and provide operation-related information. Please note that you cannot opt out of receiving critical service communications, including emails sent for legal or security purposes.
to provide customer service: we process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the services.
to ensure quality control: in order to maintain quality control, we handle your personal information for the purpose of staff training and quality assurance. This enables us to consistently deliver accurate information to you. Without processing personal information for quality control, you may encounter problems on our services, such as inaccurate transaction records or other disruptions.
to engage in marketing activities: we might send you marketing communications (such as emails) tailored to your communication preferences. These communications aim to deliver targeted marketing content and offer you promotional deals. Our marketing efforts will adhere to your advertising marketing preferences and comply with relevant legal acts.
YOUR RIGHTS AS A DATA SUBJECT
As a data subject, you have the following rights:
Access to your Personal data and find out how they are being processed. You have the right to receive a confirmation that your Personal data are being processed us, as well as the right to access your Personal data being processed and other related information.
Request correction of incorrect, inaccurate or incomplete data. If you believe that the information about you processed by the us is inaccurate or incorrect, you are entitled to request that this information be changed, updated or corrected.
Request deletion of your Personal data (“right to be forgotten”). In certain circumstances specified in the legal acts (e.g. when Personal data are being processed unlawfully, the basis for processing the data has disappeared, etc.), you are entitled to request us delete your Personal data.
Request restriction of the processing of your Personal data. In certain circumstances specified in the legal acts (e.g. when Personal data is processed unlawfully, etc.), you are entitled to request that we restrict the processing of your data.
Request to transfer of your Personal data to another data controller or provide it directly in a form convenient for you. In certain cases, you are entitled to transfer the data, which are processed by us with your consent and are processed by automated means, to another data controller.
Disagree with the processing of your Personal data even if hey are being processed on the basis of a legitimate interest, unless there are legitimate reasons for such processing or they are intended to be used for bringing, enforcing legal claims or defending against them.
Revoke your consent to the processing of your Personal data. In cases where your Personal data are being processed on the basis of a separate consent, you are entitled to revoke your consent to the processing of your Personal data at any time. In this case, the we will stop processing your particular Personal data.
Kindly direct any inquiries regarding the exercise of your rights as data subjects to us in written form via email at firstname.lastname@example.org
If you believe that your Personal data is being processed unlawfully or that your rights related to the processing of Personal data are being violated, please reach out to us via email at email@example.com. We will address your inquiries and either provide a satisfactory resolution or reject the queries with reasons for rejection within 30 calendar days from the date of query submission. In case the query involves a significant amount of Personal data, the specified period of 30 calendar days may be extended by an additional 30 calendar days after giving prior notice. The response to your query will be sent to you via email. Once we have examined your query, we will inform you about the results and the actions we have taken to address your concerns. Alternatively, we will provide you with guidance on further steps you can take if your query remains unresolved or unsatisfactory.
You also have the right to contact the State Data Protection Inspectorate if you believe that your Personal data are being processed in violation of your rights or legitimate interests arising from the relevant legal acts. You can forward complaints to the State Data Protection Inspectorate in accordance with the complaint submission and examination procedures established by the Inspectorate, which can be found at: https://vdai.lrv.lt/lt/veiklos-sritys-1/skundu-nagrinejimas. However, before contacting the State Data Protection Inspectorate, we encourage you to first contact the Data Controller immediately. Thereby we will be able to find the solution to the problem most expeditious and optimal for both parties.
The Company reserves the right to update this Policy. In such cases, the we undertake to publish the updated version of the Policy on the Website.
In case of any questions related to Personal Data protection or this Policy, it is recommended to immediately contact us via email at firstname.lastname@example.org.