Privacy Policy

Privacy Policy

1. Purpose, Key Terms, and Principles

1.1. In this privacy policy (hereinafter – Privacy Policy), we provide you with information on how LW group companies (hereinafter – LW group or – we) process your personal data when you visit the LW group website https://www.lwgroup.eu (hereinafter – Website), contact us by email or phone, provide us with data directly at our office address, as well as personal data that LW group receives when executing contracts with legal entities (clients, suppliers, or partners), if you are their employee or representative.

1.2. The controller of the personal data specified in this Privacy Policy is any one or all of the companies belonging to the LW group: UAB “LW group” (company code 302989402, registered address: Ozo g. 12a-1, LT-08200 Vilnius), UAB “LW logistics” (company code 301695764, registered address: Konstitucijos pr. 21A, LT-08105 Vilnius), UAB “LW containers” (company code 304403329, registered address: Gedimino pr. 44A-201, LT-01110 Vilnius), UAB “LW Trans” (company code 304388051, registered address: Konstitucijos pr. 21A, LT-08105 Vilnius), UAB “Fe trade” (company code 304938253, registered address: V. Nagevičiaus g. 3, LT-08237 Vilnius).

Depending on which company carries out any of the purposes specified in this Privacy Policy, the data controller is the respective company acting as a separate and individual data controller, unless otherwise explicitly stated.

1.3. The purpose of the Privacy Policy is to establish the main data processing rules of each company belonging to the LW group, ensuring compliance with the General Data Protection Regulation (EU) 2016/679 and other applicable legal acts, and their proper implementation.

1.4. If you have any questions related to this Privacy Policy or have requests, complaints related to the processing of your personal data, or wish to exercise your rights as a data subject, please contact us by email at privacy@lwgroup.eu.

2. Collection, Processing, and Storage of Personal Data

2.1. This section of the Privacy Policy provides information on what personal data and for what purposes we collect and process:

2.1.1. Contract Conclusion and Execution We collect and process personal data of clients, business partners, suppliers, and other contractors (representatives, contact persons, hired specialists, and employees, etc.) to conclude and execute contracts, develop business, protect legitimate interests, and comply with applicable legal requirements. Sources of personal data: we receive data directly from you or your employer. We may also collect data from third parties when your business partner provides information about you. Categories of processed personal data: name, surname, workplace, position, phone number, email address. Legal basis for data processing: we process this personal data based on: GDPR Article 6(1)(b) – to conclude and execute a contract with you; GDPR Article 6(1)(c) – to comply with the legal obligation to retain contracts and accounting documents; GDPR Article 6(1)(f) – our legitimate interest to assert or defend legal claims (where applicable). Personal data is stored for 10 years from the start of collection. The term is extended by another 5 years if commercial relations with clients, suppliers, business partners, or other contractors continue.

2.1.2. Responses to Your Inquiries or Requests for Information We provide contact details on our website or other public business channels where you can contact us for consultations on matters of interest to you. Sources of personal data: we receive data directly from you or your employer. Categories of processed personal data: name, surname, email, postal address, phone number, correspondence text, and/or attached documents. Legal basis for data processing: we rely on GDPR Article 6(1)(f) – our legitimate interest to communicate with you as a representative or contact person of a potential client or business partner. Communication with you will be conducted until the inquiry is fully processed and stored for 3 years from the last communication, unless there is another legitimate purpose to retain it longer (e.g., if a contract was concluded and the communication material could be considered evidence of negotiations).

2.1.3. Employee Recruitment We collect and process your personal data to evaluate your candidacy for a specific job position when you apply directly to us for a vacancy (e.g., by filling out a form on the Website, by email, etc.) or if we receive your personal data from other sources. Sources of personal data: we receive data directly from you. We may also collect personal data about you from recruitment agencies, job search portals or databases, our employee who recommended you as a candidate, and publicly available sources such as LinkedIn and other business social media platforms and/or collaboration platforms or websites. Categories of processed personal data: personal data you provide in your resume (CV), cover letter, and during the job interview (e.g., name, surname, contact details, information about education, work experience, foreign language skills, etc.) or publicly available sources. Legal basis for data processing: personal data is processed based on GDPR Article 6(1)(a) (based on the data subject’s consent) and GDPR Article 6(1)(f) (based on the legitimate interest, i.e., to ensure the employer’s legitimate interest to select a suitable candidate for the job). We will process personal data for 6 months from the moment of data receipt or from participation in the job interview, unless the selection process lasts longer.

2.1.4. Cookies To improve our Website, we may process cookies. More information about cookie processing can be found in the Cookie Policy.

2.1.5. Social Networks We communicate with you through various social network platforms to present our services and exchange ideas. When you visit our social network pages (https://www.facebook.com/LWGROUPUAB, https://lt.linkedin.com/company/lwgroup), your data is processed by the respective platform, which is responsible for the protection of your user profile data. Our data processing begins when you interact with us on these platforms. Joint Data Controllers: Depending on the platform, we may act as joint data controllers. Each platform’s privacy policy details their data processing purposes and rules (Facebook: https://www.facebook.com/policy.php, LinkedIn: https://www.linkedin.com/legal/privacy-policy). Categories of processed personal data: Facebook: Personal data processed by us: user name, comments, reactions, messages, website activity Personal data processed as joint data controllers (https://www.facebook.com/legal/terms/pagecontrolleraddendum): statistical information (visits to our website, post reach, visits and average video view duration, information about countries and cities from which our visitors are, age groups, gender). LinkedIn: Personal data processed by us: user name, comments, reactions, messages, location, website activity Personal data processed as joint data controllers (https://www.linkedin.com/legal/l/dpa): statistical information (visits to our website, post reach, visits and average video view duration, information about countries and cities from which our visitors are, age groups, gender). Legal basis for data processing: Processing is based on our legitimate interests under GDPR Article 6(1)(f) (to respond to your messages or questions and analyze our accessibility on social networks), unless it is related to contractual relationships, which are subject to GDPR Article 6(1)(b).

3. Cases and Grounds for the Transfer and Disclosure of Personal Data to Third Parties

3.1. To ensure continuous operation and proper service provision, we may disclose your personal data to our employees, managers, suppliers, subcontractors, and service providers if necessary to achieve the purposes listed in this Privacy Policy.

3.2. We may transfer your personal data to any other LW group companies if they are not data controllers (as specified in Section 1), and the transfer of personal data is necessary to achieve the purposes specified in this Privacy Policy, and to third parties who process your personal data on our behalf and according to our instructions (e.g., IT system providers, etc.).

3.3. We take appropriate measures to ensure that data processors process the personal data assigned to them only for the purposes we specify and perform only the actions we instruct, ensuring appropriate organizational and technical personal data protection measures.

3.4. We may disclose your personal data: 3.4.1. to auditors, financial and legal advisors to obtain legal advice, or when disclosure is necessary to enforce or defend our rights; 3.4.2. to processors such as archiving companies; 3.4.3. to banks or payment service providers; 3.4.4. to state authorities and law enforcement agencies (if we are obliged to); 3.4.5. to companies for debt management or debt collection purposes. Before transferring this data, the data subject is informed about the debt and the conditions and cases of data transfer to debt collection companies; 3.4.6. to credit rating companies for creditworthiness assessment purposes. Before transferring this data, the data subject is informed about such data transfer.

3.5. To ensure an adequate level of security and that the processing of personal data complies with the requirements set out in the GDPR and ensures the protection of the rights of the data subject whose data is processed, we cooperate only with those service providers who commit to implementing the necessary technical and organizational measures.

3.6. In certain cases, we may transfer your personal data to third parties in a country (including your country of residence) that differs from the country where the data was collected. When we transfer your personal data to another country, we take measures to ensure that such data transfers comply with applicable legal acts. For example, if we transfer personal data from the European Economic Area (EEA) to a country outside it, we will implement appropriate or adequate data transfer protection measures and other actions to ensure a sufficient level of protection according to EU law.

4. Your Rights as a Data Subject

4.1. You have the right to contact us by email at privacy@lwgroup.eu and exercise your rights as a data subject related to the processing of personal data. These rights include: 4.1.1. the right to request access to personal data; 4.1.2. the right to request rectification of personal data; 4.1.3. the right to request erasure of personal data; 4.1.4. the right to request restriction of personal data processing; 4.1.5. the right to object to the processing of personal data when the data is processed based on legitimate interest or when processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (GDPR Article 6(1)(e)); 4.1.6. the right to request data portability; 4.1.7. the right to withdraw consent if personal data is processed based on consent; 4.1.8. the right to lodge a complaint with the relevant supervisory authority (State Data Protection Inspectorate of the Republic of Lithuania – https://vdai.lrv.lt/).

4.2. We will respond to received requests, complaints, or demands in writing in accordance with the legal acts and deadlines. We strive to provide you with information as soon as possible, but no later than 30 days from the receipt of your request.

4.3. If, upon receiving a request, complaint, or demand, we have doubts about the identity of the person making the request, we have the right to ask for a document confirming the identity of the person making the request.

5. Responsibility

You are responsible for ensuring that the data you provide to us is accurate, correct, and complete. If your provided data changes, you must immediately inform us by email. We will not be liable for any damage caused to you due to incorrect or incomplete personal data provided by you or failure to inform us of changes.

6. Privacy Policy Changes

This Privacy Policy is effective from the date specified below. LW group has the right to unilaterally make changes to the Privacy Policy. The amended Privacy Policy is published on the Website.

Effective from: January 1, 2025.