Publication date: December 01, 2023
1.1. General Provisions The Privacy Policy (from now on referred to as the “Policy”) governs the use of: www.odysseusapp.com (from now on referred to as the Website), Odysseus applications for the Android operating system, collectively from now on referred to as the System. During registration in the System, the User agrees to familiarize himself with the current version of the Policy.
1.2. The System Administration (from now on referred to as the Administration) means UAB “Eurospektras”, a legal entity registered at: reg. code: 126206243, VAT code: LT262062413, Laisves pr. 88, LT-06125 Vilnius, Lithuania.
1.3. User - an individual using all or separately taken services of the System (hereinafter - Services), as well as a visitor of the Website (both registered and unregistered).
1.4. Account – data about the User stored in the System, necessary for his identification (authentication) and granting access to the System (login, password, etc.).
Upon registering into the System, you trust the Administration with your data and provide us with the right to manage it in whole, methods, and purposes stipulated by this Policy and the Terms of Use (from now on referred to as the Rules) by the System. If you do not agree with the Rules, the Policy, or its specific conditions, the Administration will not be able to provide you with the opportunity to use the System Services.
This Policy contains information about what data the System Administration collects and processes, for what purposes it uses, how much time it stores, and other provisions.
These Policies and Rules are subject to change, additions, and updates. The entry into force of any changes coincides with the time of their publishing on the System.
User’s personal data is any information by which a person can be identified, as well as information about a person that is already identified.
The Administration takes all the necessary organizational and technical measures so that the personal data of Users is always safe, and the actions for their processing comply with the requirements of the legislation in the field of personal data protection and our internal Policy.
The Administration collects and processes personal data listed in these Rules on the following legal grounds:
To the extent and subject to the conditions provided for by legislative acts, one or more of the above legal bases may be applied to the processing of the same personal data.
When registering and agreeing to the Rules, the User provides us with the following registration data. Some registration data is necessary for the normal functionality of the Services. If the User does not provide specific personal data, he cannot use the Services. Upon registration, the User confirms that the data indicated by him is accurate and truthful. The Administration assumes no responsibility for the indication of inaccurate, insufficiently comprehensive, or erroneous data.
|
Registration data: |
|
|
Data category |
E-mail address |
|
Legal basis for data processing |
Consent to use the Services under the conditions provided for in the Rules |
| Data Processing Time |
User data will be processed as long as they use the Services. The Administration may store the consent and evidence of these actions for a more extended period of time - if necessary, in order to protect itself from demands, claims, or lawsuits presented against the Administration. |
Based on the registration data, the Administration creates a User profile on the System. According to this profile, the Administration can identify the User as registered on the System and the User will be able to use all the Services provided to registered Users based on the Rules and (or) Policy.
Based on the registration data of the User, the Administration can also identify the User if, for example, they update or change their data.
The Administration will use the contact information specified by the User’s profile (email address, phone number) to communicate with the User, including answering User requests and comments, providing relevant information to the User about the Services and changes in the provision of the Services and (or) of this Policy, contacting the User if he needs help using the System or if technical problems arise, etc.
Therefore, the User’s personal data must be accurate and reliable. If the User indicates incorrect (false) data, forgets about it, or forgets to update it, the Administration cannot guarantee the functionality of the Services, and the Administration may have problems with the implementation of User rights. In this case, the Administration does not take responsibility for damage that may occur due to the fact that the User provided incorrect or insufficiently comprehensive personal data.
If changes have occurred in the data provided by the User, the User is obliged to immediately inform the Administration about this and change the relevant data in the registration form on the System. For information on updating personal data, see section 8.2 of this Policy.
The Administration reserves the right to verify the User’s personal data for accuracy and consistency with authenticity.
The Administration processes the personal data/information of the User to manage the User Account(s).
|
Account Data: |
|
| Data categories |
Data provided during registration on the System, data used for connecting to an Account (email address, IMEI for devices running Android 9 operating system and below), actions in an Account (including the technical part of the search - IP address, location, technical information used for connection and search), user search history and crash log data. |
|
Legal basis for data processing |
Consent of the User to create and use the Account on the conditions provided by the Rules. |
| Data Processing Time | User data will be processed as long as they use the Account. The Administration may store the consent and evidence for the Administration of personal data for a more extended period of time – if necessary, in order to protect itself from demands, claims, or lawsuits presented against the Administration. |
Permission to use the Account on the System is deemed to be received when the User makes the actions required by the Rules necessary to create an Account and confirms the registration.
By filling in the registration form, the User agrees to have his data processed for direct marketing purposes. The Administration will process his data and provide him with information such as general mailings, information about discounts, promotions, invitations to participate in promotions, prize draws, questionnaires with opinion surveys about services, etc. The Administration will provide information and offers in the System, as well as in other selected ways (e.g. by e-mail, SMS messages, etc.).
|
Data processed for the purpose of providing information and offers: |
|
| Data categories |
Name, email address and/or phone number. |
|
Legal basis for data processing |
Consent to data processing for direct marketing purposes. |
| Data Processing Time | User data will be processed as long as they use the Account. The Administration may store the consent and evidence for the Administration of personal data for a more extended period of time – if necessary, in order to protect itself from demands, claims, or lawsuits presented against the Administration. |
|
Data processed for statistical and market research purposes: |
|
| Data categories |
Name, e-mail address and/or telephone number, date of registration of the User in the System, country and other data about the User stored in the System. |
|
Legal basis for data processing |
The legitimate interest of the Administration to analyze the data and prepare the necessary reports in order to evaluate the activity and further develop all possible benefits for both Users and the operation of the System. |
| Data Processing Time |
10 years |
When conducting data analysis and creating the necessary reports, the Administration uses an automated method of data analysis. During the analysis, the Administration uses anonymized data and does not process the name, contact, and any other information about the User allowing them to identify their personality. An analysis of the data carried out for statistical purposes and the purpose of the market research will enable the Administration to make such essential business decisions as improving the functionality of the System so that it meets the needs of Users, forming an appropriate package of services, etc.
The data analysis actions performed by the Administration do not have any legal or other significant influence on the User.
The administration will use the personal data of Users in responding to requests, complaints, statements, reviews (from now on – the Request) of Users.
| Data processed in order to work with Requests: | |
| Data categories |
The identification and contact information specified by the User: first name, last name, telephone number, email address. Content of the Request: the matter concerning which the User is contacting, his circumstances, date and time, statement, demand or recall, protest, other information contained in the Request; Documents and (or) other data attached to the Request: pictures confirming the validity of documents, etc. |
|
Legal basis for data processing |
The fulfillment of the legislative obligation of the Administration to take into consideration and give answers to Users Requests, as well as the legitimate interest of the Administration in evaluating customer feedback to improve activities and the quality of services provided. |
| Data Processing Time |
5 years |
Collecting location data is necessary to ensure that the System works properly for route creating, route following, and other navigation-related functions.
Location services set your location using satellite, mobile, Wi-Fi, Bluetooth, or other network-based location techniques. These technologies may include sharing your location and unique device and mobile identifiers, Wi-Fi, Bluetooth or other network identifiers with the System. Administration does not use this information to personally identify you without your consent.
When you use the System's location-based Services, such as location-based search and navigation, your location data is sent to the System to provide you with the content you want.
The Administration processes and stores the User's Request and related data until the Request is considered, the User receives a response to it, and the Administration fulfills the decisions taken on the Request. The Request and related data are stored for five years from the date of the conclusion regarding the Request, including:
If the content of the Request leads to a legal dispute or the likelihood of such a dispute appears, the Administration has the right to store User data for a longer time – until the statutory deadlines for filing a complaint expire, the statute of limitations expires and (or) the final court decision comes into force.
At the end of the processing and storage of User data specified in this Policy, the Administration will destroy the data or reliably and permanently depersonalize it. These actions are carried out as soon as possible, observing deadlines reasonable for such activities.
The Administration receives almost all personal data of Users exclusively from the User. The User provides the registration data directly – when filling out the registration form. The Administration gets other data during conversations with the User by phone, during correspondence on Facebook, by email, or through online support.
The Administration receives personal data of Users directly from them at a time when the User communicates with the Administration in any way acceptable to him: sends an e-mail, a written request, calls the Line for customer service, etc.
The System Administration collects data that is necessary for the correct operation of the Odysseus application and administration of the Account, namely:
Upon registration and further work, the User agrees to these Rules and Policy and provides data that are mandatory for the use of the System.
|
Data stored and processed when using the Odysseus application: |
|
| Data categories |
Email address. |
|
Legal basis for data processing |
User's consent to the storage and processing of data under the conditions stipulated in this Agreement and Policy. |
| Data Processing Time | The data of the User will be processed indefinitely while the Account is in use. The Administration may store the consent and proof for the administration and use of personal data for a longer period of time – if it is necessary in order to protect itself from the demands, suits or complaints made to the Administration. |
After authorization/registration, the application collects information about the device (model, operating system version, screen resolution, unique device identifiers – IMEI or Android ID) and phone number(s) and is encrypted and transferred to System server (api.odysseusapp.com) for processing and storage. This information is not shared with third-parties, but only serves to accurately identify the user and to prevent fraud.
Device location data is required for the route creation process and further route following using the Odysseus mobile application. More details about the collection and processing of location data are described in clause 3 of this Policy.
The Administration reserves the right to transfer the User’s personal data for processing to third parties who help to perform and administer the Services, as well as to persons who provide services for the Administration of customer requests. These include database software providers, database administration services providers, hosting and cloud service providers, direct marketing, market research, business intelligence, and more.
In each case, the data manager is provided with only that amount of data that is necessary to execute a specific order or to provide a particular service. The data managers involved with the Administration have the right to use the personal data of the User only per the instructions of the Administration, and may not use the personal data of Users for different purposes or transfer them to other persons without the consent of the Administration. In addition, they are required to ensure the security of Users’ personal data per applicable law and written agreements concluded with the Administration.
The personal data of Users can be disclosed to representatives of competent state or law enforcement agencies (for example, the police or regulatory agencies), but only upon their request, only in those cases and in such order when accordance with applicable law must exercise rights and ensure security with Users, employees, and resources, as well as when it is necessary to file and protect legal requirements.
When using the System analysis services (for example, Google Analytics), which is used to determine how the User works with the information contained on the System, the Administration reserves the right to exchange anonymized personal data Users with third parties who use such information when evaluating work on the System, when preparing reports to administrators on the operation of the System, and also when the provision of other services related to the use of the System. Read more about this in the “Cookie Policy” section of this Policy.
The Administration processes the personal data of Users in the territory of the European Union, as well as in those countries where it provides Services or where the Administration has branches or partners. The processing of personal data is carried out by those branches that have administrative rights, so the User can get the help he needs in any System support office.
Legislation in the field of protection of personal data gives the User broad rights. The User can freely use them, and the Administration undertakes to provide such an opportunity. Information about User rights and how to exercise them is provided later in this Policy.
The User has the right to receive confirmation from the Administration that the Administration is engaged in the processing of his personal data. The User also has the right to get acquainted with the data that the Administration processes, and with information about the purposes of processing the data, categories of processed data, types of data recipients, the timing of data processing, data sources, automated decision-making methods (including profiling, its meaning, and consequences). Most of this information is provided in this Policy.
If the User does not have enough information given in this Policy and in his profile on the System, or if you need to receive some other information about how the Administration processes his personal data, he can contact the Administration at any time in one of the ways indicated in Section 9 of this Policy.
If the registration data or information about the User processed by the Administration has changed, is inaccurate, or incorrect, the User has the right to request that this information be changed, clarified, or corrected.
For amendments or clarification of personal data, the User can contact the Administration in any of the ways specified in section 9 of this Policy.
In cases where the Administration processes the personal data of the User based on his consent, the User has the right to revoke his consent at any time – in this case, the processing of personal data based on his consent will be terminated. In some cases, this may mean that the Administration will not be able to provide the User with the opportunity to use the Services.
If the User cancels the permission to the processing of his personal data, then all the data that the Administration processed on his basis will be destroyed, and in some cases, as indicated in this Policy, they will be stored for a specific amount of time.
In any case, the consent of the User to the processing of his personal data and the evidence of this consent may be stored by the Administration for a longer time – if this is necessary in order to protect itself from claims, claims, or claims brought by the Administration.
If the User believes that the Administration is processing his personal data in violation of the legislation in the field of personal data protection, it is necessary first to contact the Administration directly.
If the method proposed by the Administration to solve the problem does not seem satisfactory to the User, or the User considers that the Administration has taken insufficient measures to satisfy his request, the User will have the right to file a complaint in the name of the controlling institution. In the Republic of Lithuania, such as the State Data Protection Inspectorate.
The User has the right to disagree with the processing of his personal data when the processing is carried out by our legitimate interests. Taking into account the purposes for which the Administration provides the Services and the balance of the interests of the User (as the subject whose data we process) and the interests of the Administration (as the data manager), disagreement of the User may mean that if the Administration interrupts the processing of personal data based on our legitimate interests, the Administration will not be able to provide the User with the opportunity to continue to use the Services.
If the User wants to exercise the right specified in this section, the Administration asks to send a written statement to our data protection officer.
In the event of certain circumstances established by law (for example, if personal data is processed illegally, if there is no longer any reason to process the data, etc.), the User has the right to ask the Administration to delete the User’s personal data.
If the User wants to exercise the right specified in this section, the Administration asks to send a written statement to our data protection officer.
It is important to note that when the User ceases to use the Services, his personal data will be deleted without his separate request, and other data will be deleted or reliably anonymized.
In the event of certain circumstances established by law (for example, if the User’s personal data is processed unlawfully, if the User disputes the accuracy of personal data or disagrees with the processing of data, when the processing is based on the legitimate interests of the Administration, etc.), the User has the right to restrict the processing of his personal data. However, due to this restriction (while it will be in force), the Administration will not be able to ensure the provision of the Services to the User.
If the User wants to exercise the right specified in this section, the Administration asks to send a written statement to our data protection officer.
The data that the Administration processes in automated ways by consent of the User results that they can transfer to another administrator. The Administration will provide the User's personal data that must be transferred to the User in the format in which it is usually used in the Administration’s system. At the request of the User and the availability of technical capabilities, the Administration will send the personal data of the User directly to him or another data manager specified by him.
If the User wants to exercise the right specified in this section, the Administration asks to send a written statement to our data protection officer.
To protect the personal data of all Users from illegal disclosure, upon receipt of a User’s application for data transfer or during the exercise of other rights, the Administration is obliged to establish the identity of the User. For this, the Administration reserves the right to request from the User an indication of the actual personal data (for example, name, email address or Telephone number), and compare it with the data that the Administration has. During this check, they can send the User a test message via the contact specified in the registration form (SMS message or email) with a request to log in. If the verification procedure is unsuccessful (for example, provided upon request, the User data does not match the data specified during registration, or the User cannot log in via SMS or email), the Administration will be forced to conclude that the User is not the subject of the requested data, and reserves the right to reject a specific application.
If the verification procedure is successful, the Administration agrees to provide the User with information about the actions that have been taken on the basis of your application, without excessive delay (in any case, no later than within a month from the date of receipt of the application and the end of the verification procedure). If the Administration simultaneously has to consider a large number of applications, or the content of the received applications will be complicated, the Administration reserves the right to extend the term for consideration of the User’s request for another two months. The Administration will inform the User about this (with the reasons for the extension) before the expiration of the first month
If the User’s application is received via electronic communication channels, the Administration will also send a response via electronic communication methods unless this form of communication is impossible (for example, due to a large amount of information), or when the User asks to respond to the application in another form.
The Administration reserves the right to refuse to satisfy the User’s application in the event that the circumstances established by law appear for this. A substantiated refusal to the User will be sent by the Administration in writing or electronically.
For all questions regarding data processing:
Contact details for the personal data protection officer:
Details of the data controller:
UAB "Eurospektras"
Legal entity code 126206243
Location address: Laisvės pr. 88, LT - 06125 Vilnius, Lietuvos Respublika
In order to protect personal information from unlawful access, use and disclosure, the Administration uses various protective technologies and procedures. All partners of the Administration are carefully selected and, at the request of the Administration, they work only with those means that can properly ensure the confidentiality and security of Users’ personal information. And yet, the Administration cannot ensure the safe transfer of information over the Internet or via mobile communications – any transfer of information by these methods is carried out at the User’s own risk and responsibility.
At the end of the storage period for User data specified in this Policy, the Administration destroys this data, and in the cases specified in this Policy, reliably and irrevocably depersonalizes within a reasonable and justified time frame for such an action.
The Administration reserves the right to store User personal data for a longer time than provided for in this Policy, only in cases:
The Administration uses cookies (these are small information files sent to your computer or other device - such as a cell phone) when you visit the Website. Cookies are stored in your web browser. The Administration sends these files to the User’s computer or other devices in order to save data and to recognize the User of our Services at any visit to the Website. Using cookies, the Administration can link the user's browsing history, other data collected during the use of our Services, with the User’s activity on the Internet. Information, collected using cookies, allows the Administration to provide a more convenient search, learn about the behavior of Users of the website, analyze trends and improve how the Website works and the quality of service.
Third-party cookies are also used on the Website. These files are intended to create the User's search history and to enable the Administration to provide the User with the best search experience on the Website. If the User's browser allows recording third-party cookies, the partner selected by the Administration has the ability to send its cookies to the User's browser.
This Policy is effective as of the date of publication. If changes are made to this Policy, an updated version will be published on the website.
This Policy does not apply to other services or services of the Administration group of companies (such as administering your requests, requests and (or) complaints received on the System, by calling the Customer Service Line or by other means).