GDPR Privacy Policy

This GDPR privacy policy (this “Policy”) was created in accordance with the terms of the European General Data Protection Regulation (GDPR) no. 2016/679 (the “GDPR”), which governs the protection of personal data. This policy strictly applies to personal data collected through the Lavicas Engineering Co., Ltd (“Lavicas”) website and not through any other means, including any other websites that users may visit via a referral hyperlink. We strongly advise you to read this GDPR privacy policy thoroughly. Please do not give us your personal data if you do not want it to be used in the manner set out in this policy. Please keep in mind that in this circumstance, we may not be capable of providing you with our services, you may not have access to and/or utilize some features of the website, and your customer experience may be impacted.

Data Controller

The data controller of personal data defined in the GDPR for this website is Lavicas. For our contact information, navigate to our contact form on the Contact Us page.

Type of Personal Data We Collect

We may collect the following categories of personal data for the reasons described in this privacy policy:

  • Name (first name/ second name);
  • Geographic location;
  • Email address;
  • Telephone number;
  • Name of clients;
  • Online identifiers (IP address/cookie identifiers);
  • Recorded phone calls from clients;
  • Hiring information (e.g., CV, certificates, marital status, date of birth, reference letters);

We can collect such personal information directly from you if you choose to share it with us (i.e., via a contact form, a request for a quote form, or from your internet browser). We ensure that the processing of personal data is adequate, relevant, and restricted to what is required for the purposes for which it is processed.

Personal Data Usage

We will always process your personal data in accordance with one of the GDPR’s legal bases (Articles 6 and 7). Furthermore, we will always process your sensitive personal data, such as information about your trade union membership, religious beliefs, or health condition, in compliance with the GDPR’s particular rules (Articles 9 and 10). We may collect and handle your personal information for the following objectives, which are necessary for us to pursue our legitimate interests and provide you with our appropriate services:

  • To make sure that material from our site is presented in the most effective way for you;
  • To provide you with information about our policies and terms;
  • To promote safety and security, such as by monitoring fraud and looking into suspicious or potentially unlawful conduct or violations of our terms and policies;
  • To maintain, improve, and expand our services;
  • To use personal information for data analysis, research, and auditing purposes;
  • To keep the business running smoothly;
  • To provide you with information that we believe may be of interest to you;
  • As a tool for conducting market research;

Please be aware that you have the right to withdraw your consent at any time, with no effect on the lawfulness of processing carried out in accordance with your consent prior to withdrawal. We will store your personal data for as long as we need it to meet our legal requirements, offer an adequate service, and support our business activities (Articles 5 and 25(2) GDPR).

Personal Data Sharing

Unless otherwise required by law or regulation, Lavicas will not transfer personal data to a third party without the consent of the data subject. Any transfer of personal data from the European Union to a third country will be managed in accordance with the GDPR’s regulations.

Records of Data Process

We keep records of all personal data processing in compliance with the GDPR’s (Article 30) obligations in both cases where we may function as a controller. We store all of the information we need to comply with the GDPR and cooperate with the supervisory authorities as needed in these records (Articles 31 GDPR).

Security Precautions

We process your personal data in a way that protects it from unauthorized or unlawful processing, as well as accidental loss, deletion, or damage. To ensure this degree of security, we apply appropriate technical or organizational means (Articles 25(1) and 32 GDPR).​Unless a longer retention time is required or permitted by law, we will keep your personal information for as long as it is needed to achieve the objectives mentioned in this privacy policy

In the event of a data breach, we do have the systems and policies in place to detect and assess any security breach that results in the unintentional or unlawful destruction, loss, modification, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed. We shall make the necessary notifications to the supervisory authorities and communications to the impacted data subjects, which may include you, based on the results of our assessment (Articles 33 and 34 GDPR).

Rights of Data Subjects

You have the following rights with regard to personal data collected and processed by us:

  • Right of request: To acquire from us all necessary information about our data processing operations that affect you (Articles 13 and 14 GDPR);
  • Right of access: To receive confirmation from us as to whether or not personal data about you is being processed, as well as access to the personal data and certain relevant information if that is the case (Article 15 GDPR);
  • Right of rectification: To get the rectification of personal data as soon as possible (Article 16 GDPR);
  • Right of cancellation: To obtain from us the immediate deletion of your personal data (Article 17 GDPR);
  • Right of restriction: To obtain from us the restrictions of personal data processing (Article 18 GDPR);
  • Right of objection: To object to the processing of your personal data (Article 21 GDPR);
  • Right to portability: To receive your personal data in a structured, commonly used, and machine-readable format, as well as the right to transmit such data to another controller without our intervention (Article 20 GDPR);
  • Right to file a complaint with the appropriate authority: You have the right to file a complaint with a Data Protection Supervisory Authority if you are dissatisfied with how we handled a request or if you have a problem with how we process your personal data (Article 77, GDPR);

The data subject is entitled to exercise these rights by sending a request via e-mail to us at info@lavicas.com

Children

We do not intentionally collect or process information on children under the age of sixteen (16) without their parent’s permission and consent. In case, we discover that we have directly collected and processed the personal data of a child under the age of sixteen (16), we will erase the information immediately.

Links to Other Sites

For your convenience, this website may contain links to other sites that are not under the control of Lavicas. Lavicas makes no representations or warranties about the privacy practices or terms of use of such sites, nor does Lavicas control or guarantee the accuracy, integrity, or quality of the information and materials available on such sites. If you would like to link to the Lavicas website, please inform us in advance at info@lavicas.com.

Updates to Privacy Policy

This GDPR privacy policy may be revised or updated at any time. Any changes to this policy will take effect when the revised policy is published. When we make major changes, we will notify you via the website to the extent possible and may request your approval where applicable.