Menu
EN

Privacy policy

The purpose of the Privacy Policy is to inform how Vaidenta UAB (hereinafter referred to as the Company or Data Controller), legal entity number 140736484, office address Smilties Pylimo 7, Klaipėda, collects and processes the personal data** of Data Subjects* and to explain for how long the personal data is stored and to whom it is provided, what are the rights of the Data Subjects and who should be contacted in relation to the implementation thereof or other questions related to the processing of personal data.

* Data Subject means any natural person whose data is processed by the Company. The Data Controller collects only the data relating to the Data Subject that is necessary for carrying out the activities of Vaidenta UAB and/or visiting, using or browsing the websites of Vaidenta UAB (hereinafter referred to as the Website).
** Personal Data means any information directly or indirectly relating to the Data Subject, whose identity is known or can be directly or indirectly established using appropriate data. Processing of personal data means any operation performed on personal data (including collection, recording, storage, editing, alteration, granting access, submission of requests, transmission, archiving, etc.).

Personal data is processed in accordance with the EU General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the GDPR), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other legislation regulating the protection of personal data.
Vaidenta UAB observes the following fundamental principles of data processing:
-    Personal data is processed lawfully, fairly and in a transparent manner (lawfulness, fairness and transparency principle);
-    Personal data is collected for specified, explicit and legitimate purposes (purpose limitation principle);
-    Personal data is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed (data minimisation principle);
-    Personal data is kept constantly up to date (accuracy principle);
-    Personal data is kept securely and for no longer than required for the data processing purposes or by legislation (storage limitation principle);
-    Personal data is processed only by the employees of the Company who have been granted such right in accordance with their work functions or data processors*** that provide services to the Company and process the personal data on behalf of the Company and for the benefit of the Company or the Data Subject (integrity and confidentiality principle);
-    The Company is responsible for complying with the above-mentioned principles (accountability principle).

*** Data Processor means a natural or legal person, public authority, agency or any other body that processes personal data on behalf of the Data Controller. For example, it may be a personnel accounting system provider, IT system maintenance and development service specialists, insurance contract specialists, etc.

1.  SOURCES OF PERSONAL DATA

1.1.  Personal data is provided by the Data Subject himself/herself. Data Subject approaches the Company requesting for information, registers for services, uses services provided by Vaidenta UAB, participates in surveys, leaves comments, asks questions, etc.
1.2.  Personal data is received when the Data Subject visits the website of Vaidenta UAB. Data Subject fills in the forms on the website, leaves his/her contact details for certain reasons, etc.
1.3.  Personal data is received from other sources. Data is received from other institutions or companies, publicly accessible registers, etc.

2.  PROCESSING OF PERSONAL DATA

2.1.  By submitting personal data to the Company, Data Subject agrees that the Company will use the data collected to fulfil its obligations to the Data Subject by providing the services that the Data Subject expects.
2.2.  The Company processes the personal data for the following purposes:

2.2.1.  Provision of dental services. For this purpose, we collect the following data:
-    Name(s), surname(s)
-    Date of birth
-    Personal identification number
-    Contact details (phone number, e-mail address)
-    Residential address
-    Gender
-    Information on diseases and medication used
-    Information on the diagnosis, examinations performed, treatment prescribed and other health-related data
-    X-ray images
-    Photos (with patient’s consent)
2.2.1.1. In cases where the Data Subject is represented by another person, the Data Controller shall process the following personal data relating to the representative of the Data Subject:
-    Name(s), surname(s)
-    Relationship to the represented person
2.1.1.1.  The legal basis for the processing of personal data are Articles 6(1)(a) (processing with the consent of the Data Subject), 6(1)(b) (processing is necessary for the execution of a contract) and 6(1)(c) (processing is necessary for the compliance with legal obligations to which the Data Controller is subject) of the GDPR. The health data relating to the Data Subject is processed on the basis of Articles 9(2)(a) (processing with the explicit consent of the Data Subject) and 9(2)(h) (processing is necessary for the provision of dental services under an agreement) of the GDPR.
2.1.1.2.  The personal data processed for this purpose shall be stored for fifteen (15) calendar years after the last visit at the Company.

2.1.2.  Processing of personal data with the purpose of reminding the Data Subject to continue the treatment or arranging a preventive visit.
-    Name(s), surname(s)
-    Contact details (phone number, e-mail address)
2.1.2.1.  The legal basis for the processing of personal data is Article 6(1)(f) of the GDPR (processing is necessary for the legitimate interest of providing the Data Subject with further dental services and encouraging the Data Subject to visit the Company on a regular basis and ensure dental and oral health).
2.1.2.2.  The personal data processed for this purpose shall be stored for two (2) calendar years after the last visit at the Company.

2.1.3.   Handling of Queries, Comments and Complaints For this purpose, we collect the following data:
-    Name(s)
-    Contact details (phone number, e-mail address)
-    Contents of the question, comment or complaint
2.1.3.1.   The legal basis for the processing of personal data is Article 6(1)(a) of the GDPR (processing with the consent of the Data Subject).
2.1.3.2.   The personal data processed for this purpose shall be stored for two (2) calendar years from the date of receipt of the data.

2.1.4.  Monitoring of the employees of Vaidenta UAB, other Data Subjects and assets for the purposes of ensuring their security (video surveillance). For this purpose, we collect the following data:
-    Video image. Video surveillance systems do not use facial recognition and/or analysis technologies, they do not group or profile the video data recorded according to a specific Data Subject (person). The Data Subject shall be informed about the video surveillance by means of information signs containing a video camera and the details of Vaidenta UAB presented before entering the monitored territory and/or premises. The area covered by video surveillance systems shall not include the premises where the Data Subject expects absolute protection of personal data.
2.1.4.1.  The legal basis for the processing of personal data is Article 6(1)(f) of the GDPR (processing is necessary for the legitimate interest of ensuring the security of Data Subjects and assets within the premises of the Company).
2.1.4.2.  The personal data processed for this purpose shall be stored for thirty (30) calendar days and in case of identified violations – until the end of the investigation.

2.1.5.  For other purposes, for which the Company has the right to process the personal data relating to the Data Subject, when the Data Subject expresses his/her consent, when the processing of data is required for the legitimate interest of Vaidenta UAB or when the Company is obligated to process the data in accordance with the respective legislation.

3.  PROVISION OF PERSONAL DATA

3.1.  The Company undertakes to respect its confidentiality obligation towards the Data Subjects. The personal data may be disclosed to third parties only when it is necessary for the conclusion and execution of an agreement for the benefit of the Data Subject or for other legitimate reasons.
3.2.  The Company may provide the personal data to its Data Processors who provide services to the Company and process the personal data on behalf of Vaidenta UAB. Data Processors have the right to process the personal data only in accordance with the instructions of Vaidenta UAB and only to the extent necessary for proper execution of contractual obligations. The Company uses only those Data Processors that sufficiently ensure that appropriate technical and organisational measures are implemented in such a way that the data processing complies with the requirements of the GDPR and ensure the protection of the rights of the Data Subject.
3.3.  The Company may also provide personal data when responding to requests from court or public authorities, to the extent necessary to properly implement the applicable legislation and the instructions of the public authorities.
3.4.  The Company guarantees that no personal data shall be sold or leased to any third parties.

4.  REQUIREMENTS FOR THE PROCESSING OF PERSONAL DATA RELATING TO MINORS

4.1.  Persons under 14 years of age cannot provide any personal data through the website of Vaidenta UAB. If a person is under 14 years of age, in order to use the services of Vaidenta UAB, prior to submitting the personal information it is mandatory to submit a written consent of one of the representatives (father, mother, guardian) to the processing of personal data.


5.  TIME LIMITS FOR THE STORAGE OF PERSONAL DATA

5.1.  Personal data collected by Vaidenta UAB shall be stored in printed documents and/or information systems of Vaidenta UAB. Personal data shall be processed for no longer than necessary for achieving the purposes for which the data is processed or no longer than required by the Data Subjects and/or provided for by the legislation.
5.2.  Even though the Data Subject may terminate the agreement and refuse the services of Vaidenta UAB, the Company shall still be obliged to store the data relating to the Data Subject for any claims or legal actions that may arise in the future, until the expiration of the time limits for the storage of data.

6.  RIGHTS OF THE DATA SUBJECT

6.1.  The right to be informed about the processing of data.
6.2.  The right to access the data being processed.
6.3.  The right to obtain the rectification of data.
6.4.  The right to obtain the erasure of data (“the right to be forgotten”). This right is not applicable if the personal data requested to be deleted is also processed on another legal basis, such as processing that is necessary for the execution of an agreement or as enforcement of an obligation under the applicable legislation.
6.5.  The right to restriction of the processing of data.
6.6.  The right to object to the processing of data.
6.7.  The right to data portability. The right to data portability shall not adversely affect the rights and freedoms of other persons. The Data Subject shall not have the right to data portability with regard to the personal data that is processed in file systems structured by non-automated means, such as paper files.
6.8.  The right not to be subject to a decision based solely on automated processing, including profiling.
6.9.  The right to submit a complaint to the State Data Protection Agency.
7.  The Company must create conditions for the Data Subject to exercise the above-mentioned rights of the Data Subject, except in cases established by law, when it is necessary to ensure the security or defence of the state, public order, prevention, investigation, detection or prosecution of criminal activities, important economic or financial interests of the state, prevention, investigation and detection of violations of integrity or professional ethics, protection of the rights and freedoms of the Data Subject or other persons.

8.  PROCEDURE FOR THE IMPLEMENTATION OF THE RIGHTS OF THE DATA SUBJECT

8.1.  The Data Subject may contact the Company regarding the implementation of his/her rights:
8.1.1.   By submitting a written request in person, by post, through a representative or by electronic means – by e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.; The request must be legible, signed by the Data Subject, prepared as a free form and format document or using the recommended form prepared by the Company which can be found here
8.1.2.   Verbally – by phone: +370 46 346 164, +370 676 85 185;
8.1.3.   In writing – by sending to: Smilties Pylimo 7, LT-92250 Klaipėda.
8.2.  It is also possible to contact the Data Protection Officer of Vaidenta UAB by e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
8.3.  To prevent unauthorized disclosure of the data, upon receipt of the Data Subject’s request to access the data or to implement his/her other rights, the Company must verify the identity of the Data Subject.
8.4.  The Company shall provide its answer to the Data Subject no later than within one (1) month after the receipt of the Data Subject’s request, taking into account the specific circumstances associated with the processing of personal data. If required, this period may be extended by two (2) additional months, taking into account the complexity and the number of the requests.

9.  USE OF COOKIES

9.1.  In order to improve the performance of its website so that Data Subjects could easily find what they are looking for, the Company uses cookies – small pieces of text information that are automatically generated when browsing the website and stored on a computer or other terminal equipment. The full list of cookies used by the Company can be found here.
9.2.  Information collected by the cookies allows the Company to make the website more user-friendly, offer suggestions and learn more about the behaviour of the website users, analyse trends, and improve both the website and the services provided.
9.3.  The Data Subject always remains anonymous.
9.4.  Cookies are used transparently and responsibly. You can always review which cookies are stored by checking your browser. You can withdraw your consent to the use of cookies at any time, by changing your settings and deleting the saved cookies. In some cases, deleting or objecting to the installation and use of cookies can reduce the speed of browsing on the website, limit certain functionalities or block access to the website.

10.  RESPONSIBILITY OF THE DATA SUBJECT

10.1.  The Data Subject shall:
10.1.1.  inform the Company about any changes to the information and data submitted. It is important for the Company to have correct and valid information relating to the Data Subject;
10.1.2.  Provide the necessary information, so that in case of receiving a request from the Data Subject, the Company could identify the Data Subject and make sure that it is communicating or cooperating with the particular Data Subject (provide a personal identification document either in accordance with the procedure established by the legislation or by electronic means of communication allowing the Data Subject to be identified properly). This is necessary for the protection of data relating to the Data Subject and other persons, so that the disclosed information relating to the Data Subject is provided only to the Data Subject, without prejudice to the rights of other persons.

11.  FINAL PROVISIONS

11.1.  By submitting personal data to the Company, you agree to this Privacy Policy, understand its provisions and agree to comply with it.
11.2.  When developing and improving the activities of Vaidenta UAB, the Company has the right to unilaterally amend this Privacy Policy in whole or in part at any time, by publishing a notification on its website.
11.3.  Additions or changes to this Privacy Policy shall take effect from the date of their publication, i.e. from the day they are published on the website.
11.4.  The Company’s website contains links to third-party websites, legislation, and social networks. It should be noted that third-party websites linked on this website are subject to privacy policies of these websites and the Company assumes no responsibility for the content of information, activities and privacy policies provided on these websites.