In this privacy notice, we, FinBee, provide information on how we process your personal data when you visit our website and use our services.
Our website incorporates privacy settings allowing you to decide how we can process your personal data. In the privacy settings, you can choose if you wish to receive direct marketing messages.
The answers to the following questions are provided in this notice:
(a) How do we use your data?
(b) To whom and when do we provide your data?
(c) How long do we store your data?
(d) What is the direct marketing policy?
(e) What are your rights related to your personal data?
(g) What should also be noted?
If you have any questions or wish to exercise any of your rights provided in this notice, you can apply by means provided on www.finbee.lt.
You may contact our data protection officer by e-mail: [email protected].
1.1. This section provides the following information:
(a) categories of data processed by us;
(b) in case the data is received from sources other than you, information on the sources of such data;
(c) purposes we seek when processing your data; and
(d) the legal basis for the processing of data.
1.3. We process your access data (‘Access Data’). Access Data may include your first name, last name, e-mail, telephone number, date of birth and other data provided by you at the time of registration. We obtained such data directly from you. Access Data is processed for the purposes of website administration, provision of services, ensuring of security of website and provided services as well as communication with you. Such data is processed for the purpose of performance of contract concluded between you and us (or, at your request, by taking steps for the conclusion of such contract) as well as on the basis of legitimate interest – namely, in order to ensure proper administration of our website and related activities.
1.4. We process information related to services when you apply for borrowing (‘Borrower’s Data’). Borrower’s Data may include your first name, last name, personal ID number, date of birth, sex, contact details, address, family status, information on the spouse, education, details of the place of employment, details of the property (real property, vehicles), details of personal ID document, bank account details, crediting information/information on your financial obligations (type of active and repaid loans, date of signing/expiry of contract, sum, amount of monthly contribution, payment schedule, number of delayed contributions, amount of monthly contributions of all current loans, amount of accumulated liabilities to other companies, date of the last payment of debt), information on the active loan applications (type of loan, date of application, amount of required loan), extracts from the bank account for the last 4 (four) months, information if the person is included in the Credit Blacklist, information on the family’s financial situation. Most of this data is received directly from you, however, we may obtain it from UAB Creditinfo Lietuva, State Enterprise Centre of Registers (Department of Residents’ Register), State Social Insurance Fund Board, the Bank of Lithuania (loan risk database, information system of the Credit Blacklist). The Borrower’s data is processed in order to provide you with services for due performance of accounting of provision of services and due performance of obligations arising out of the legal acts regulating our activities including the obligation to evaluate the solvency as well as the obligations related to prevention of money laundering and terrorist financing and preservation of “Know your Client” principle. Such data is processed for the purpose of performance of contract concluded between us and you (or, at your request, when taking steps for the conclusion of such contract) and also to perform the obligations arising out of the laws regulating our activities.
1.5. We process information related to the capability of clients applying for the loan (‘Capability Data’). Capability Data include information received from the Register of Legally Incapable Persons and Persons with Limited Capability administered by the State Enterprise Centre of Registers on the incapacity of the person applying for the loan and the date of registration of incapacity. The Capability Data is processed in order to avoid conclusion of illegal transactions and protect your personal interests. Such data is processed due to the reasons of overriding public interest.
1.6. We process information related to services when you apply for lending (‘Investor’s Data’). Investor’s Data may include your contact details, your bank account details, personal ID number and investment data. Investor’s Data is processed in order to provide you with services and for due performance of accounting of provision of services. Such data is processed for the purpose of performance of contract concluded between you and us (or, at your request, by taking steps for the conclusion of such contract) as well as on the basis of legitimate interest – namely, in order to ensure proper administration of our website and related activities.
1.7. We process information that you provide to us for the purpose of subscribing to our e-mail and phone messaging and newsletters (‘Messaging Data’). We process such data for sending of relevant messages and newsletters. Such data is processed with your consent. Also, if we have already provided services for you on our website and you do not object, we may also process Messaging Data on the basis of our legitimate interest, namely, seeking to maintain and improve customer relations.
1.8. We process information related to any communication that you send to us (‘Communication Data’). Communication Data may include both the content of the correspondence, call and metadata associated with such communication. In case of correspondence, the website will automatically create metadata related to your communication made using the website contact forms. Communication Data is processed to get in touch with you as well as for record-keeping. We process such data on the basis of legitimate interest and namely in order to ensure due administration of website and related activities, to ensure uniform and good quality of consultation practice, examination of conflict situations between you and our employees.
1.9. We may process any of your personal data identified in this notice where it is necessary for the establishment, enforcement or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. For this purpose, we process your personal data on the basis of legitimate interest and, namely, in order to protect and ensure our and your rights and the rights of other persons.
1.10. We may process any of your personal data identified in this notice where it is necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. For this purpose, we process your personal data on the basis of legitimate interest and, namely, in order to ensure due protection of our activities against any risks.
1.11. In addition to the specific purposes set out in this Section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subjected, or in order to protect your vital interests or the vital interests of another natural persons.
2.1. We can disclose your personal data to UAB Creditinfo Lietuva that helps us to evaluate your solvency, risk of obligations, conclusion of contract and performance thereof as well as in order to control liabilities. In case of breach of contract concluded with you, your personal data will also be handed over to UAB Creditinfo Lietuva in order to protect and defend our breached rights and legitimate interests. In such case, the information related to the breach of specific contract will be provided.
2.2. We may disclose your personal data to any member of our group of companies (including our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as it is reasonably necessary for the purposes set out in this notice.
2.3. We may disclose your personal data to our insurers and/or professional advisers insofar as it is reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, enforcement or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
2.4. Financial transactions related to the provision of services on the website may be processed by our payment services providers. We will share service provision data with our payment services providers only to the extent necessary for the purposes of processing your payments, transferring funds and dealing with complaints and enquiries relating to such payments and money transfers.
2.5. We may disclose your personal data to other service providers for the purposes of provision of certain services insofar as it is reasonably necessary to provide specific services (including, website hosting service providers, providers of platform and servers and maintenance thereof, call centres, e-mail service providers as well as debt recovery companies). By employing subcontractors, we take all the necessary measures to ensure that our data processors implemented proper organisational and technical measures that ensure security and maintain the personal data confidentiality.
2.6. At your agreement, your personal data may also be handed over to our partners who will contact you and present an alternative loan or consumer credit proposal.
2.7. In addition to the specific disclosures of personal data set out in this Section, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, as well as to protect your vital interests or the vital interests of another natural persons.
2.8. Persons indicated in this Section may be established outside the Republic of Lithuania, the European Union and the European Economic Area. In case we transfer your personal data to such persons, we will take all the necessary measures provided for by the laws to ensure that your privacy remains properly secured.
3.1. Your personal data that we process for any purpose or purposes shall not be kept for longer than it is necessary for that purpose or those purposes. In any case, it shall be kept for no longer than as follows:
(a) Account Data shall be stored for a period of no more than 5 (five) years from your last active actions on the account (in case there are no funds on the consumer account);
(b) Borrower’s and Capacity Data shall be stored for a period of no more than 10 (ten) years from the day of due performance of contract concluded between us, the borrower and the lender; or for a period of no longer than 1 (one) year from the refusal to grant a loan (however, the data must be protected for a period of 8 (eight) years, if the reason for refusal is related to the performance of provisions of the Law on the Prevention from Money Laundering and Terrorist Financing of the Republic of Lithuania);
(c) Investor’s Data shall be stored for a period of no more than 10 (ten) years from the day of performance of contract concluded between us, the borrower and the lender;
(d) Messaging Data shall be stored for a period of no more than 2 (two) years following the provision of consent or, in case the messages are sent to present clients in order to maintain and improve customer relations, for no longer than 2 (two) years following the end of provision of the respective services;
(e) Communication Data shall be stored for a period of no more than 2 (two) months from the end of such communication.
3.2. In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. For example, the Usage Data will be retained for as much as it is necessary for the relevant processing purposes.
3.3. Notwithstanding the aforementioned time-limits of this Section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural persons.
4.1. In case you consent, we will send you marketing messages via e-mail and/or SMS to inform you about the news we have for you.
4.2. Also, if we already have provided services to you and you do not object, we will inform you about our other products that might interest you including other information related to such.
4.3. You may opt-out of receiving marketing messages at any time.
4.4. You may do so by:
(a) pressing a respective link in any of the received marketing messages;
(b) contacting us via the means indicated on our website www.finbee.lt.
4.5. After you perform any of the aforementioned actions, we will update your profile to ensure that you will not receive our marketing messages in the future.
4.6. Please note that as our business activities consists of a network of closely related services, it may take a few days until all the systems are updated, thus, you may continue to receive marketing messages while we are still processing your request.
4.7. The opt-out of the marketing messages will not stop you from receiving messages directly related to the provision of services.
5.1. In this Section, we have summarised the rights that you have under the data protection laws. Some of the rights are complex, thus, we only provide the main aspects of such rights in this notice. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
5.2. Your principal rights under the data protection law are as follows:
(a) the right to access;
(b) the right to rectification (you may exercise most of this right by logging to your account);
(c) the right to erasure of data;
(d) the right to restriction of processing of data;
(e) the right to object to processing of data;
(f) the right to data portability;
(g) the right to lodge a complaint with a supervisory authority;
(h) the right to withdraw your consent.
5.3. Right to access. You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data together with certain additional information. This additional information includes details of the purposes of the processing, the categories of personal data and the recipients of the personal data. Except for the cases of violation of the rights and freedoms of others, we will provide you with a copy of your personal data at your request. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee in order to cover the administrative expenses.
5.4. Right to rectification. You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you supplemented.
5.5. In some cases, you have the right to the erasure of your personal data. Such cases include the following: (i) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; (ii) you withdraw your consent to processing and there are no other legal basis to process data; (iii) you object to the processing under certain rules of applicable data protection laws; (iv) the processing is for direct marketing purposes; (v) the personal data have been unlawfully processed. However, please note that there are exclusions of the right to erasure in some cases. Such exclusions include the cases when processing is necessary: (i) for exercising the right of freedom of expression and information; (ii) for compliance with our legal obligation; (iii) for the establishment, exercise or defence of legal claims.
5.6. In some cases, you have the right to restrict the processing of your personal data. Such cases include the following: (i) you contest the accuracy of the personal data; (ii) processing is unlawful but you oppose erasure; (iii) we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, enforcement or defence of legal claims; (iv) you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data, however we will only further process such data in any other way: (i) with your consent; (ii) for the establishment, enforcement or defence of legal claims; (iii) for the protection of the rights of another person; (iv) for reasons of important public interest.
5.7. You have the right to object to our processing of your personal data on grounds relating to your particular situation, in cases when the processing is necessary for the performance of a task carried out in the public interest or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. Furthermore, we will be able to process such data if processing is for the establishment, enforcement or defence of legal claims.
5.8. You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
5.9. You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes. If you make such an objection, we will cease to process your personal data for this purpose, unless we can prove that processing is necessary for the performance of a task carried out for reasons of public interest.
5.10. Right to data portability. To the extent that the legal basis for our processing of your personal data is:
(a) consent; or
(b) performance of a contract or steps to be taken at your request prior to entering into a contract;
you have a right to receive your personal data in a systematised, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
5.11. If you consider that our processing of your personal data infringes data protection laws you have a right to lodge a claim with the State Data Protection Inspectorate, A. Juozapavičiaus g. 6, LT-09310 Vilnius, www.ada.lt.
5.12. In case the legal basis for our processing of your personal information is a consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
5.13. In addition to specific measures provided in this Section or the website you may also exercise any of the rights indicated herein by contacting us according the contact details provided on our website www.finbee.lt.
6.1. Cookies are small text files containing identifier that is sent by a web server to your web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
6.2. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
(a) required cookies – used to ensure proper performance of the website, security of customers and their data, provision of high quality services and effortless set-up of an account;
(b) functional cookies – used to allow browsing our website and use its functions;
(c) analytic cookies – used to enable us to recognise and calculate website visitors and monitor how the visitors move around the website. It helps us to improve the browsing experience of website users, to analyse the use of system and, accordingly, to improve the provided services;
(d) advertising cookies – used to monitor the behaviour of users and to optimise the advertising campaigns accordingly.
8.2. We use the following cookies:
(c) Facebook cookies – to manage the display of ads to our users. Cookies used for this purpose help us distinguish users that already use our services and reduce or stop displaying our ads to such users. You can view the privacy polity of Facebook here;
(f) FinBee.lt cookies – to ensure smooth and safe website operation and to provide you with an opportunity to login to your account, to select the desired website language, etc. This cookie does not receive personal data from applications or by any other way.
9.1. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can obtain up-to-date information about blocking and deleting cookies via information provided in the relevant browser website, for example, Chrome; Firefox; Internet Explorer; Safari.
9.2. Blocking all cookies will have a negative impact on the usability of many websites.
9.3. If you block cookies, you will not be able to use all the features on our website.
On the website, you may find links to and from partner sites, information sources and related party websites. Please note that such third party website that you visit by clicking on links have their own privacy policies and we take no responsibility regarding such privacy policies. We recommend to familiarise with privacy policies of such websites before providing any personal data.
11.1. The services of our website are targeted to persons over the age of 18.
11.2. We process personal data of younger persons than provided above only if the holder of parent rights provides a consent to do so.
11.3. If we have reason to believe that we process personal data of a person under the aforementioned age without having a consent from the holder of parent rights, we will delete such personal data.
Please let us know if the personal information that we hold about you needs to be corrected or updated.
Any changes to this notice will be published on the website and, in case of any material changes, we will inform you about such changes by e-mail.