Privacy Policy

• 1. Why should I read this policy?

  

  This policy will answer the most important questions you may have on how we collect, use and store information about you. This is important to you – please read this policy carefully. This policy may be amended from time to time. Please visit the Company’s website www.monimoto.com, where you will find the latest version of this policy.

• 2. Who is responsible for protecting my information?

  

  Monimoto, UAB
  Registration number: 304932414
  Address is: Sauletekio al. 15-1, LT-10224, Vilnius, Lithuania
  E-mail address: [email protected]

• 3. How do we collect your data?

  

  Depending on the nature of our cooperation, we process the following personal data:

  • Received directly from the data subject (you), for example when you make a purchase, send us inquiries, share your experience, or send us your CV to apply for a vacancy.
  • Generated when you use our services, for example when you visit our website.

• 4. For what purpose and what personal data do we process?

  

  4.1. To process your orders, receive payments and deliver purchased goods

  • When is this relevant for me?

  When you purchase our products or order a SIM card subscription

  • What information do you collect about me?

  Full name, address, phone number, country, postcode, company name (when applicable), VAT number, expiration date, security code, credit card type

  • Legal basis for processing

  Contract
  (Art. 6 (1) (b) of GDPR).

  • Data retention period

  10 years

  4.2. To provide you with GPS tracking service

  • When is this relevant for me?

  When you use our GPS tracking device via mobile app or web console

  • What information do you collect about me?

  Login name, password or login details using Facebook, Google, Microsoft accounts, as well as phone number (when logging in with a password received via SMS), motorcycle photo and number plate (when applicable), tracking device’s coordinates received from Global Navigation Satellite System (GNSS) or wi-fi positioning system (WPS) providers or from mobile network Cells (Cell ID), date and time, movement speed, temperature, device SIM card, device SIM card number, subscription start/end date

  • Legal basis for processing

  Contract (Art. 6 (1) (b) of GDPR).

  • Data retention period

  Until the user deletes his /her account or 6 months whichever is shorter.

  4.3. To ensure our website/app security and proper functioning

  • When is this relevant for me?

  When you use our website/app (including use of necessary cookies, learn more about this in our Cookie Policy)

  • What information do you collect about me?

  Login name, password or login details using Facebook, Google, Microsoft accounts, as well as phone number (when logging in with a password received via SMS), login date, time, login success, login session time, actions performed, device ID, IP address, user display information (color depth, aspect ratio, resolution, primary and secondary screens), browser information (browser time zone, browser storage capabilities (local storage support, etc.), browser canvas capabilities, browser fonts, used browser, browser language), user device information (CPU class, OS or platform, touch support), type of information banners shown to user, country, preferred language, outlinks, referrers, page and website speed, accessed content on website and URL’s, time and date the content on website was accessed, manufacturer and device type (only by app), cookie ID)

  • Legal basis for processing

  Legitimate interest (Website/app security and proper functioning)

  (Art. 6 (1) (f) of GDPR)

  • Data retention period

  24 months

  4.4. To provide you with customer support

  • When is this relevant for me?

  When you submit an inquiry to our customer support

  • What information do you collect about me?

  Date and time of the inquiry / message, messages, submitted files, name (if provided), e-mail address, phone number, model of device from which the request is sent, approximate location of the device, user agent (browser), IP address, feedback text

  • Legal basis for processing

  Consent (Art. 6 (1) (a) of GDPR)

  • Data retention period

  36 months

  4.5. To send you marketing e-mails

  • When is this relevant for me?

  When you give your consent to receive e-mails (including subscribe to newsletters)

  • What information do you collect about me?

  Full name, e-mail, consent date (including withdrawal date), provided marketing e-mails history, information regarding performance of our newsletter campaigns (e.g., we will capture data about your interactions with our emails, such as which links you click within an email, data from single-pixel gifs (web beacons) in our e-mails)

  • Legal basis for processing

  Consent (Art. 6 (1) (a) of GDPR)

  • Data retention period

  10 years after you give your consent, unless you withdraw your consent earlier (unsubscribe to marketing e-mails)

  In case of withdrawal of your consent the fact of such withdrawal and the date of it are stored for 2 years.

  4.6. To manage our social media profiles

  • When is this relevant for me?

  If you interact with our social media profiles (e.g. send a message, follow our profiles, share a post, react to a post)

  • What information do you collect about me?

  Name and surname, message, time, and date the message was received, content of the message, message attachments, response to the message, time of response to the message, information about our rating, comments on a post, post shares, information about post reactions

  • Where do you collect the information from?

  From yourself , LinkedIn Ireland, Facebook Inc, Google Ireland Ltd

  • Legal basis for processing

  Consent (Art. 6 (1) (a) of GDPR)

  • Data retention period

  10 years

  4.7. To carry out the selection of potential employees

  • When is this relevant for me?

  When you apply for a job at Monimoto

  • What information do you collect about me?

  Full name and surname, e-mail, phone number, CV, education and qualification, work experience, other information you provide us with, and communication relating to selection process

  • Legal basis for processing

  Contract and steps prior to entering into a Contract (Art. 6 (1) (b) of GDPR)

  Consent (Art. 6 (1) (a) of GDPR) regarding information that is not necessary for entering into a Contract, but you voluntarily provide us with (e.g., in CV)

  • Data retention period

  2 years or, in the case of Consent, unless you withdraw your consent earlier

  4.8. To fulfill statutory accounting requirements

  • When is this relevant for me?

  When you purchase our products or order our services

  • What information do you collect about me?

  Full name, address, VAT identification number (where applicable), value and description of supplied goods and/or services

  • Legal basis for processing

  Legal obligation (Art. 6 (1) (c) of GDPR)

  • Data retention period

  10 years

  4.9. To manage our website (cookie management)

  • When is this relevant for me?

  When you use our website

  • What information do you collect about me?

  Our Cookie Policy contains all of the information about the techniques we use to ensure the functioning of our Website (cookie management) as well as the data privacy issues that are related to their use.

  4.10. To fulfill other statutory requirements and defend the rights and interests of Monimoto

  • When is this relevant for me?

  In case there is present or potential dispute with Monimoto or we otherwise need to defend, enforce, exercise and uphold our rights or we are statutorily required to provide data

  • What information do you collect about me?

  All the afore-mentioned information, accounting and legal case files, legal documents, other information you provide us with

  • Where do you collect the information from?

  From afore-mentioned sources

  • Legal basis for processing

  Legitimate interest (protection of the rights and legitimate interests of Monimoto) (Art. 6 (1) (f) of GDPR).

  • Data retention period

  During the period of relevant legal proceedings until the date of entry into force of final decisions (for example, until the examination of the claim, and if a final decision of a court or other dispute resolution institution is to be made regarding relevant legal proceedings – until the court or arbitration decision enters into force) and for another 1 (one) year from the date of entry into force of these decisions.

• 5. Which information I must provide you with and why?

  

  You are required to provide the information detailed under Sections 4.1 and 4.2 above as it is necessary to enter into a contract with you. Also, we are statutorily required to process the information detailed under Section 4.8 above. If you do not provide this information, you will not be able to purchase and receive our products, additionally, we may not be able to provide you with our services, handle your queries, requests, or complaints.

• 6. Who do you share my data with?

  

  Monimoto only shares data when necessary and only to those subjects who ensure an adequate level of data protection. Please note that in limited cases of data transfers to countries outside the EEA, we use EU Standard Contractual Clauses for the transfer of personal data as approved by the European Commission (link).

  6.1. Analytics and Ads

  Monimoto uses third-party web analytics and ads services on our website, such as Google. These services may collect information about your activities on our sites to analyse how visitors use our website, improve usability and customer experience and provide third-parties with the information for advertising. You can learn more about this in our Cookie Policy.

  6.2. Email communication

  We use Omnisend and Mailchimp mailing systems for our email marketing. Whenever you subscribe to our newsletter, the information is stored in Omnisend or Mailchimp servers in the United States, so your information may be transferred to, stored, or processed in the United States (see also section 4.5 of this Privacy Policy).

  With the assistance of the Omnisend and Mailchimp cookies, we can analyse the performance of our newsletter campaigns. Omnisend and Mailchimp will capture data about your interactions with our emails, such as which links you click within an email. It does by automatically placing single-pixel gifs, also known as web beacons, in every email. For more detailed information please read Omnisend (link) and Mailchimp (link) cookie statements.

  6.3. Subcontractors

  Monimoto shares your personal data with other partners when services are provided by partners authorized by Monimoto. For example, before sending your order from Monimoto, we must share your information with our logistics provider to arrange shipment.

  Your personal data may also in some cases be shared with various types of professionals providing services to us, such as electronic communication service providers, email and cloud hosting service providers, customer support service providers, auditors, lawyers, financial consultants, social media service providers, GPS tracking service providers and other.

  6.4. Corporate transactions

  If we are participating in a corporate transaction such an acquisition or a sale or are otherwise involved in any capacity in any such transaction, your personal data may be shared with entities involved in the transaction, including sellers, buyers, or other investors, as well as consultants related to the relevant transactions.

  6.5. For legal reasons

  To defend our rights and interests and/or meet the requirements of the law we may (in cases necessary) share your data with attorney’s, notaries, bailiffs, public authorities, courts, legal officers, government entities, law enforcement agencies etc.

• 7. What statutory rights do I have regarding my data?

  

  In accordance with the provisions of the GDPR, you, as a data subject, can exercise the following rights:

  • The right of access to personal data: request information on whether your personal data is being processed, and if personal data is being processed, you have the right to access your personal data.
  • The right to rectify personal data: submit a request to correct your personal data if you find that the personal data we process is incorrect, incomplete or inaccurate.
  • The right to data erasure (the right to be “forgotten”) – request the deletion of your personal data if you believe that your data has been processed illegally or fraudulently.
  • The right to restrict data processing: request to restrict (suspend) the processing of your personal data, except for the storage – in case, for example, you request the rectification of your personal data (while the accuracy of personal data is checked and/or corrected), when the personal data is processed unlawfully and you do not consent to the erasure of the data, you have expressed your consent to the processing of your personal data, etc.
  • The right to data portability: submit a request to transfer your personal data, which is processed by automated means, to you and/or another data controller in a systematic, commonly used, and computer-readable format.
  • The right to object data processing: to object to the processing of personal data where the processing is carried out on a legal basis or on a legal basis in the public interest.
  • The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her
  • The right to withdraw the consent given to us at any time, with regard to the processing of personal data, for example, for direct marketing.

  Regardless of any other legal remedy, you also have the right at any time to submit a complaint to the supervisory authorities.

• 8. Do you engage in automated individual decision-making, including profiling?

  

  No, we do not make decisions based solely on automated processing, including profiling, which would produce legal effects concerning you.

• 9. How can I contact your DPO?

  

  If you have any questions, comments, or complaints regarding how we collect, use and store information about you, Monimoto has a Data Protection Officer to help you. Any inquiries regarding personal data processing may be send to an e-mail [email protected] or [email protected].

• 10. To whom you may complain about us regarding personal data processing?

  

  If you consider that our processing of your personal data infringes GDPR requirements, you have the right to lodge a complaint with the supervisory authority of the EU Member State where you have a permanent establishment, place of work, or the alleged infringement occurred.

   

  The supervisory authority in Lithuania is the State Data Protection Inspectorate, address L. Sapiegos str. 17, 10312 Vilnius, Lithuania, e-mail [email protected], website https://vdai.lrv.lt/.