- The data controller is Enefit UAB, registry code 300649187, address V.Gerulaitis street 10, Vilnius, LT-08200, Lithuania.
- The processing of Enefit UAB's customer data is based on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 96/95/46/EC (General Data Protection Regulation), which is often abbreviated in English as GDPR and other relevant legislation, including the Electricity Market Act, the Personal Data Protection Act and good business practices.
- Enefit UAB also follows the guidelines and instructions of the state regulator and the European Union data protection expert working group WP29.
- These principles are general, additional and/or clarifying conditions, and privacy notices may also be included in agreements, documents, forms and on Enefit UAB's website www.enefit.lt (hereinafter - Principles). The Principles are an integral part of these general conditions for the provision of services. Enefit UAB refers to the Principles when concluding a contract with the Client, offering a service, goods and/or e-environment to the Clientand enables the Client to get acquainted with the Principles. The Principles are part of the Agreement and Enefit UAB has the right to assume that the Customer is aware of the Principles and has read them.
- If the Customer finds that his/her Data is not processed in accordance with the applicable rules, he/she has the opportunity to contact Enefit UAB's data protection specialist at [email protected]. This option does not affect the customer's right to apply to the Data Protection Inspectorate of the data protection supervisory authority or to a court if necessary.
- The principles of Enefit UAB's customer data processing (the Principles) apply to Enefit UAB and its Customers.
- The Principles determine how Enefit UAB may use the Customer's Data in communication with the Customer and provide information on important issues related to the use of the Data.
- The Principles do not apply to the services or goods of other companies, even if they are available to the Customer via the Enefit UAB e-environment or the Service.
- Enefit UAB uses the terms in the sense defined in the General Data Protection Regulation here.
- A customer is any natural person who has entered into an agreement with Enefit UAB or has provided his or her information and expressed a wish to register as a customer or to receive an offer from Enefit UAB to enter into an agreement, but has not entered into an agreement. Enefit UAB also treats as a customer the landowners with a technical network and facility tolerance obligation and natural persons who use Enefit Services or the e-environment.
- Data is all data of an Enefit UAB customer that enables it to be directly, or indirectly identified, distinguished, associated or derived. Processing of customer data is any operation performed on customer data.
- Anonymous data is information that cannot be associated with a specific Customer, as the Customer's identifying information has been removed from the data;
- By ensuring the secure processing of data, we mean the use of up-to-date physical, organizational and IT security measures. These measures include the protection of employees, IT infrastructure as well as office buildings and technical equipment. The purpose of the measures is, in particular, to control the risks and to mitigate the risks posed by both persons and technology. In order to ensure compliance with the measures, the company's and the group's internal procedures have been established for mandatory compliance. Enefit UAB´s employees are subject to Data confidentiality and protection requirements and are responsible for fulfilling these obligations. The Data Processors authorized by Enefit UAB are obliged to ensure compliance with the same rules in respect of their employees and they are responsible for compliance with the requirements for the use of Data.
Enefit UAB´s Principles of Data Protection
- Enefit UAB uses the Data in the manner specified in the Principles and only for the purpose for which Enefit UAB collected the Data and to the extent necessary to fulfil this purpose. Enefit UAB may combine Data collected in connection with different Services if such Data has been collected for the same purpose
- Enefit UAB considers the Customer's privacy and Data protection very important, using secure solutions for data processing.
The role of the customer in ensuring data security
- The Customer must use the Services and e-environments safely and diligently and ensure that the devices (e.g. computer, smart phone, application, etc.) used by the Customer to use the Enefit UAB´s Services or e-environment are secure. The Customer is obliged to keep their Password, user IDs and passwords related to the Customer, their device, the Service or the e-environment or other information or information carriers (e.g. ID card or Mobile ID) related to himself/herself secret from other persons.
- The Customer must be aware of and take into account the fact that Enefit UAB cannot guarantee the security of the Data and is not liable if the Data is not protected due to the Customer's breach of the obligation specified in clause 5.1 (incl. because the Customer has not changed the original PIN or other initial settings or the Customer's ID card, Mobile ID or their PIN codes have been used by unauthorized persons). In such case, the customer is responsible for all consequences that may occur to them.
- If the Customer allows the User (e.g. the Customer's family members, employees, etc.) to consume the Services or the e-Environment on the basis of the Agreement concluded between the Customer and Enefit UAB, the Customer is responsible for the User reading and agreeing with the Principles.
- Enefit UAB offers Customers various Services and e-environments for use. The composition of the Data collected by Enefit UAB per Customer depends on which specific Services or eenvironments the Customer uses, which Data is necessary to provide them; the extent to which the Customer transmits Data to Enefit UAB for this purpose (e.g. when ordering the Service, registering as a User, etc.) and consents The Client provides Enefit UAB for data processing.
According to the nature and purposes of the data processing, the data
collected is divided
into three main categories:
- Basic information, such as: first and last name, user name, personal identity number, date of birth, identity document number (e.g. passport, ID card, residence permit) and other related information, age, address, e-mail address, services ordered or information about purchased products (e.g. service composition, additional services, parameters, service address, devices used, etc.) and related static IP address, domain name or device serial number, billing information (e.g. billing address, reference number, account number, etc.). Also data collected by Customers in the course of using the services in e-environments.
- Specific types of personal data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, biometric data used for the unique identification of a natural person, health data or data on a person's sexual life and sexual orientation. The purpose of Enefit UAB is not to collect your specific personal data, but it may become known to us by chance, for example, through a letter or telephone call received by us as part of a customer relationship, when you disclose it to us. In accordance with the principles of secure data processing, the processing of such data shall be restricted or deleted.
- Non-personalized data is data that is not attributable to any particular Customer, but which Enefit UAB must also process in order to provide services. Non-personalized data is, for example, data collected when using websites, which is collected by nonpersonalized customers for Enefit UAB in the course of using the services.
Enefit UAB collects Data in the following ways:
- Enefit UAB receives Data from the Customer, for example, when ordering theService, registering as a Customer, making an information request to Enefit UAB;
- The Data is generated by the Customer when using the Services (e.g. when using the e-environment) and it is necessary for the performance of the Agreement or ensuring the performance of the Agreement, such processing of the Data is prescribed by Legislation or is based on the Customer's consent;
- Enefit UAB receives Data related to the Customer from other sources (e.g. other service providers or public registers, etc.) if it is necessary for the performance of the Agreement or to ensure the performance of the Agreement, such processing of the Data is prescribed by Legislation or is based on the Customer's consent.
Use of data for the performance of the Agreement and to ensure the
performance of the
- Enefit UAB may use the Data on the basis of the
Legislation without the separate consent
of the Customer for the performance of the Agreement or to ensure the
performance of the
Agreement in the following cases:
- To identify the customer and their representative;
- To perform activities necessary for the provision of Services or sale of goods to the Customer (incl. for sale and delivery of Services and/or goods and for forwarding information on Services and goods to the Customer);
- Customer service and troubleshooting;
- To provide and develop the e-environment, its services and functionalities and a good level and personal user experience (e.g. recording of language preference, etc.) and to provide the Customer with information related to the possibilities and security of using the e-environment;
- To calculate the service fees related to the Agreement, to prepare and send notices and invoices to the Client;
- To send notices related to the Agreement and/or the Service to the Customer by post;
- for documenting business and service activities and exchanging business information (incl. for submission to auditors when auditing Enefit UAB);
- To better serve customers, including measuring the quality, usage activity or customer satisfaction of the e-Environment and Services, and to develop the Services and business;
- For the maintenance or repair of other Customer's equipment procured by Enefit UAB or on the Customer's order and for other after-sales activities related to the equipment;
- To record and preserve telephone calls between Enefit UAB and the Customer, with the purpose of using these call recordings to prove the declarations of intent or transactions made by the Parties and to better serve the Customer;
- To assess and prevent potential business risks or losses related to the provision of the Service;
- To ensure the performance of the contract (e.g. to establish guarantees, enter into surety agreements);
- Enefit UAB for the protection of violated or disputed rights and debt collection (incl. for the transmission of Data related to breach of the Agreement and/or indebtedness to persons providing collection services, lawyers, etc. authorized by Enefit UAB for processing the respective Data on the basis of the Agreement);
- To assess the customer's creditworthiness and reliability (payment behaviour) (incl. to decide on the provision of credit for services);
- In case of breach of contract, for transmitting the Client's payment default (data related to overdue debt, including debtor's name, personal identification code, information on the amount of debt, time of occurrence of debt and type of debt-related transaction) to credit information companies authorized by Enefit UAB.
- The overview of the use of the Data for the purpose of performing the Agreement and ensuring the performance of the Agreement provided in Clause 7.1 is not exhaustive.This means that Enefit UAB may, if necessary, use the Data for the performance of the Agreement or to ensure the performance of the Agreement for some purpose not highlighted in clause 7.1.
- When using the Service or the e-environment, the Customer cannot refuse to use the Data for the purposes specified in clause 7.1, as this would make it impossible to offer the Service or the e-Environment for the Customer.
Enefit UAB may use the following Data for the purposes specified in
- Basic customer data;
- Customer relationship information: Information concerning the use of Enefit UAB´s Services, details of the Agreements entered into by the Customer, submitted orders and customer contacts, invoices and related information (e.g. payment data, etc.), information entered by the Customer into the e-environment (incl. data enteredduring account registration), e-environment, its services and data on the use of functionalities and data collected with the help of cookies (see clause 14) and data related to the Customer's payment discipline/indebtedness;
- The list of data in Section 7.4 is not exhaustive. This means that, if reasonably necessary and to a reasonable extent, Enefit UAB may also process Data not specified in clause 7.4 for the purpose of performing the Agreement and ensuring the performance of the Agreement.
- Enefit UAB may use the Data on the basis of the Legislation without the separate consent of the Customer for the performance of the Agreement or to ensure the performance of the Agreement in the following cases:
Use of data subject to consent
- In certain cases, Enefit UAB also requests separate consent from the Customer for the processing of the Data (hereinafter: Consent). When asking for consent, Enefit UABexplains the purpose of asking for consent and provides information on the planned processing.
- The conditions of use of the Data set out in the Principles apply to the consent. Enefit UAB refers to the Principles when accepting the Consent from the Customer, and the Customer has the opportunity to get acquainted with the Principles. The Customer has the right not to give the Consent or to withdraw the Consent later, notifying Enefit UAB via the eenvironment or in writing or in a form that can be reproduced in writing. The consent is valid until revoked.
- On the basis of the consent, the data will be
processed for example as follows:
- To prepare and send personal offers to the customer electronically (e.g. via e-mail, SMS or social media). The preparation of personal offers may include a marketing analysis of the Customer's Services, e-environment, etc. usage preferences, with the aim of finding out the Customer's usage needs and preparing personal offers based on it.
- For the transmission of data to companies belonging to the same group as Enefit UAB or to Enefit UAB's cooperation partners for the purpose of offering services to the Customer jointly or reciprocally;
- To find out the Customer's expectations, preferences and needs and to develop new and better services and possibilities of using the e-environment;
- In the e-environment for delivering personalized content, offers and advertisements to the Customer.
Unless otherwise described in the specific consent, Enefit UAB may use
the following Data
on the basis of the Consent:
- Name, date of birth, personal identification code, language of communication, preferred contact information (eg, telephone number, e-mail, regular mail) of the Customer and the person or contact person authorized by the Customer, information on the Customer's segmentation;
- Information concerning the use of services and the purchase of goods (e.g. field of goods, price class, delivery information, etc.);
- Data related to the customer's creditworthiness, payment discipline/indebtedness;
- Information on the details concerning the consumption of Enefit UAB´s services by the Customer (incl. volume, quantity, method, time, etc. of use of the Services by type of services (e.g. used electricity or gas)) and information on additional services ordered by the Customer, as well as meter) data;
- Data transmitted by the Customer to Enefit UAB via the e-environment (incl. data entered upon account registration);
- Data on the use of the e-environment or its services and functionalities by the Customer and information collected by means of cookies;
- Data published about the Customer in public databases or on the Internet (e.g. information about the Customer's interests, work or studies, etc.);
- Data received from other persons on a lawful basis (e.g. data transmitted by DSO or collected by UAB Credit info Lietuva).
- The Customer has the right at any time, regardless of whether the Customer agrees to the processing of his/her Data on the basis of consent, to prohibit sending offers or otherwise processing data on the basis of the consent in the e-environment or following the instructions in the e-mail or message or in any other electronic way provided by Enefit UAB. Depending on the application channel, the Customer will also be notified of the deadline for enforcing his or her request, which is usually not more than 5 working days.
- Pursuant to the Consent and the Legislation, Enefit UAB may also forward offers addressed to the Customer to a user whom Enefit UAB has become aware of, who was enabled by the Customer to use Enefit UAB's services under the Agreement between the Customer and Enefit UAB and the representative or contact person of Enefit UAB´s business customer. These persons may prohibit from sending offers by electronic means (e.g. by e-mail, SMS or MMS) to them in the e-environment or by following the instructions provided in the email or message or in any other electronic way offered by Enefit UAB. Only the Customer has the right to withdraw the consent.
Processing of data on the basis of a legitimate interest
- In certain cases, Enefit UAB also processes the Data
in its legitimate interests. For Enefit
UAB, a legitimate interest is a commercial interest in which the
processing of the Data is
justified and necessary and which outweighs the possible infringement of
protection rights of the customer accompanying such data processing.
framework of a legitimate interest, Enefit UAB processes customer data
for the following
purposes, for example:
- Transmission of periodic news and information letters, incl. to introduce additional services and offers to customers. The customer can refuse getting news and information letters at any time without giving a reason.
- Improving the user experience by asking customers for feedback on services and processes and using it to compile statistics and surveys. Giving feedback is voluntary for the customer.
- Improvement and further development of Enefit UAB's technical systems, self-service environment and IT systems, incl. security incident prevention and resolution.
- Analysis of breakdowns, sales, consumption and other statistics required to provide proactive customer service;
- General customer group profiling
- Settlement of claims and prevention of fraud.
- In certain cases, Enefit UAB also processes the Data in its legitimate interests. For Enefit UAB, a legitimate interest is a commercial interest in which the processing of the Data is justified and necessary and which outweighs the possible infringement of the data protection rights of the customer accompanying such data processing. Within the framework of a legitimate interest, Enefit UAB processes customer data for the following purposes, for example:
Specific cases of data processing arising from the legislation
- Pursuant to legislation, Enefit UAB processes
customer data for the following
purposes, for example:
- Transmission of electricity seller data to DSO and receipt of relevant data in connection with concluding or terminating a customer contract.
- to meet obligations under accounting or tax laws.
- Pursuant to legislation, Enefit UAB processes customer data for the following purposes, for example:
Data retention period
- Enefit UAB will retain the Data for as long as is necessary to achieve the purpose of using the Data specified in the Principles or until the term prescribed in the Legislation.
- When storing data, Enefit UAB follows the following
- After 3 years, we will delete the Data of persons who have requested, for example, price offers or information on the existence of a technical possibility, but have not become a customer of Enefit UAB, as well as call recordings of customer service telephones and recordings of customer service security devices.
- 7 years after the termination of the contract, we will delete the basic data of the contract and the data generated during the performance of the contract (customer appeals, settlement of claims, notices, etc.), if there is no ongoing collection procedure related to the performance of the contract.
- In justified cases, Enefit UAB may also change the terms described in clause 11.2, if such a need is due to, for example, specific management, legislation or Enefit UAB's legitimate interest.
Automatic decision making and profiling
- Enefit UAB may also make automatic decisions when
processing personal data, for
- For background checks on the sale of goods and services on credit terms, in the framework of which we process relevant information about your payment behaviour and background from Enefit UAB´s information systems as well as public databases (official notices, information disclosed by bailiffs and other official registers and publications, e.g. commercial register, population register);
- To provide automatic notifications in the framework of debt proceedings and to limit the services provided in accordance with the provisions of the contracts and the law.
- The purpose of marketing profiling is to develop different customer segments, types or profiles that allow us to offer each customer offers and services that are just right for them. For profiling, we can analyse, for example, customer demographics (age, gender), service usage data, location, and behavioural patterns using a variety of internationally recognized methods of statistical analysis appropriate to the particular case.
- The customer has the right to ask for additional explanations and submit objections regarding automatic decisions concerning the customer at any time by notifying Enefit UAB.
- Enefit UAB may also make automatic decisions when processing personal data, for example:
Use of data by authorized processors
- Pursuant to the Legislation, Enefit UAB may also grant the right to use the Data to authorized processors. Authorized processors are Enefit UAB's partners who, for example, deal with the organization of billing, answering customer questions, marketing services, reselling services or providing other services provided through communication services, etc. The authorized processor has the right to use the Data only for the performance of specific operations requested by Enefit UAB and on the basis of an agreement entered into with Enefit UAB containing a confidentiality obligation.
- The list and contact details of Enefit UAB's authorized processors are provided on Enefit UAB's website.
Customer rights in connection with the use of data
- Right of access to your data. The customer can most conveniently get acquainted with their basic and contact data, contract data, place of consumption and consumption data in Enefit UAB's self-service environment, as well as receive information from customer service.
- Right to rectify personal data. The customer has the right to correct their data if it is incorrect or incomplete. If the customer's basic and contact information has changed or the customer discovers that their data is incorrect, he/she always has the right, and in some cases also the obligation under the contract, to correct it in self-service or to contact customer service to correct the data.
- The right to request the deletion of your data. In certain cases, the customer has the right to have their personal data deleted. This right does not apply in a situation where Enefit UAB processes the customer's personal data in order to fulfil obligations arising from the Electricity Market Act, network rules or other legislation. The customer must also take into account that if they wish to be forgotten, it is not possible to continue receiving services under the contract.
- Right to object. The customer has the right to object at any time to the processing of personal data concerning him or her, which Enefit UAB performs on the basis of a legitimate interest. When submitting an objection, Enefit UAB shall consider whether the interests of the customer outweigh the interests of Enefit UAB and, if possible, terminate the processing of the personal data in question. The right to object cannot be exercised if Enefit UAB processes the customer's data for the performance of the contract, as this would not enable Enefit UAB to fulfil the obligations arising from the contract. The right to submit objections cannot be exercised even in a situation where Enefit UAB needs to prepare, file or defend a legal claim, for example, in a situation where the customer has breached the contract from the point of view of Enefit UAB. Nor can objections be raised if Enefit UAB processes the customer's personal data in order to fulfil an obligation arising from the applicable legislation.
- Right to restrict data processing. The customer has the right to demand a restriction on the processing of their personal data if, in his or her opinion, the data is inaccurate if the customer needs the data for the preparation, submission or protection of a legal claim. The customer may also request a restriction on the processing of their personal data if Enefit UAB processes it for the purpose of a legitimate interest and the customer wishes to find out whether the interests of Enefit UAB outweigh the interests of the customer.
- Right to data transfer. Enefit UAB's customers have the right to transfer their consumption data (portability). The easiest way to do this is through AVP.
Contacting details of Enefit UAB for Data processing related matters
- The Customer can contact Enefit UAB for questions related to the Principles or the processing of the Customer´s Data at the following contacts: by phone at +370 52619141 and by e-mail at [email protected].
- As with most websites, Enefit UAB's e-environments use cookie technology. Cookies are small text files that are downloaded to the user's computer via the e-environment server. As a result, the browser can transmit cookie information back to the e-environment each time the e-environment is used, with the aim of allowing the same userto be identified without identification (anonymously) and providing the user with a personal and more convenient e-environment experience (e.g. maintaining user preferences and interests, etc.) and analysing and developing the Services offered in the e-environment and directing offers and advertisements.
This version of the Principles is valid for Enefit UAB and all Customers from 01.10.2020. Enefit UAB has the right to unilaterally amend and update the Principles as necessary. We keep the Principles up-to-date and available on Enefit UAB's website www.enefit.lt. We will notify you of significant changes to the Principles via our website, e-mail or other reasonable means.