Last Updated: May 25, 2023
We encourage you to carefully read this Privacy Notice as it provides you with information about your personal data being processed in connection with your access to and use of the Website available at https://passme.cc.
In this Privacy Notice, personal data and personal information are used as synonyms and mean any information that directly or indirectly identifies you as an individual. In this Privacy Notice we explain which types of personal data we hold on you, how we collect and process such data, how long we keep it, and so on.
Unless otherwise provided in this Privacy Notice, capitalized terms used in this Privacy Notice have the meaning determined in the PassMe Legal Notice (the “Legal Notice”). We encourage you to read the Legal Notice carefully as they affect your obligations and legal rights.
When we say “we”, “us”, or “our”, we mean UAB “Global verification platform PassMe”. With respect to personal data collected when you access and use the Website, we act as a data controller.
We process your personal data in accordance with this Privacy Notice and we endeavour to comply with the applicable data protection legislation, which includes the General Data Protection Regulation, also known as the GDPR (the “Applicable Legislation”).
If you have any questions regarding this Privacy Notice or the processing of your personal data, do not hesitate to contact us via the following contact details:
Name: UAB “Global verification platform PassMe”
Address: Lithuania, Vilnius, Žalgirio g. 88-101
Email: info@passme.cc
Lawfulness. We endeavour to process personal data in accordance with the Applicable Legislation and only on the basis of the appropriate legal grounds.
Fairness. We do our best to handle personal data in ways that you would reasonably expect and we do not use any personal information in ways that have unjustified adverse effects on you. We do not deceive or mislead data subjects when we collect their personal data.
Transparency. We endeavour to make the processing activities transparent and understandable for you, including by providing you with all reasonably necessary information regarding the processing.
Data Minimisation. We endeavour to process only necessary personal data, taking into consideration the requirements of the Applicable Legislation.
Purpose Limitation. We process your data only for the purposes it was collected. If we establish any other purpose, we will inform you reasonably in advance.
Accuracy. We endeavour to ensure the accuracy of your personal data, including by providing you with the opportunity to rectify or complete it.
Confidentiality, Integrity, and Availability. We try to comply with the best practices applicable to the development and maintenance of the security systems.
Storage Limitation. We keep the personal data as long as prescribed in this Privacy Notice, based on the purposes the data was collected.
Accountability. We endeavour to comply with the Applicable Legislation, and, furthermore, if we disclose personal data to any person, we will do our best to ensure that such person will comply with the terms of the Applicable Legislation and this Privacy Notice.
The categories of personal data we collect depend on how you interact with us, use the Services, and the requirements of the Applicable Legislation. We collect and process the following types of personal data as outlined below. Please note that we may also collect certain other information, which may be required under the applicable laws.
| Category of Data | Examples | Description or Comments |
| Account Data | internet protocol (IP) address | This means a unique address of a device, which allows us to identify your approximate location (country, city, region, ZIP code). For better understanding, IP addresses are expressed as a set of numbers, for instance: 194.150.2.33. |
| browser details | This includes information about the browser type and its version. | |
| device details | This includes information about the type of the device (e.g., computer, tablet, or smartphone) and its model. | |
| operating system | This means the information about the type and version of the operating system on your device (e.g., Windows 10, macOS version 12.4, etc.). | |
| Contact Data | full name | - |
| contact details | This may include your email address, messenger details, or phone number. | |
| any other data requested by us or data that you choose to provide us with | Please do not provide personal data unless it is reasonably necessary or requested by us. |
| Category of Data | Description | Lawful Basis for Processing |
| Technical Data | To ensure the operation of the Website. | To perform a contract with you. |
| To provide a better user experience by improving functionality, usability, user flow and interface of the Website. | Our legitimate interest to improve the Website functionality and user experience, detect fraud and respond to requests from authorities. | |
| Contact Data | To respond to your inquiry. | Our legitimate interest to respond to your inquiry. To take steps at your request prior to entering into a contract, if you inquire regarding the use of our services. |
As a general rule, we keep personal data as long as it is necessary for the purposes it was collected. We may process certain personal data longer than outlined below, if it is necessary:
| Category of Data | Storage Period | Rationale |
| Technical Data | Except for the IP address, the data is stored during the access session. The IP address is stored for one (1) year following the date of your last visit. | We set this retention period for the IP address due to the statutes of limitations established in the Legal Notice. |
| Contact Data | For one (1) year following our last communication with you. | We set this retention period due to the statutes of limitations established in the Legal Notice. |
General. We do not sell or rent out your data. However, we may share your personal data in accordance with this Privacy Notice, Applicable Legislation, or with your consent, in each case for the purposes of and if it is reasonably necessary:
Please note that if we share any portion of your personal data with third persons, we will endeavour to secure such transfer using appropriate legal, organisational, and technical measures.
Recipients. Given the purposes outlined above, your personal information is shared with the following categories of recipients:
Sometimes we may transfer your personal data to countries that do not offer the same level of data protection as the laws of the European Union or your country. In case we transfer your personal data to a country that does not maintain the “adequate” level of data protection, as defined by the European Commission, we will put in place suitable safeguards, which give you more protection and control regarding your personal data, and take reasonable steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Notice and provided for in the Applicable Legislation. As a general rule, we will use the Standard Contractual Clauses (special documents developed by the European Commission) as an appropriate safeguard. You may reach us via the contact details indicated herein to ask whether your personal data is subject to transfer to a third country.
The Website or Communication Channels may include links and social media plugins to third-party websites and applications. Clicking on those links or enabling those connections may allow third parties to collect or share certain data about you. We do not control these third-party websites and applications, and are not responsible for their privacy statements. When you leave the Website, we encourage you to read the privacy policy/notice/statement of every website or application you visit.
General. According to the Applicable Legislation, you may have the rights outlined below. In order to exercise your rights as a data subject, we may request certain information from you to verify your identity and confirm that you have the right to exercise such rights.
Data Subject Rights. According to the Applicable Legislation, you may have the following rights:
| Rights | Description |
| Right to access your personal data (commonly known as a “data subject access request”) | This enables you to ask us whether we process your personal data. If we process your data, you may request certain information about the processing activity and/or a copy of the personal data we hold about you, and check that we are lawfully processing it. |
| Right to rectification of the personal data | This enables you to have any incomplete or inaccurate data we hold about you completed or rectified, though we may need to verify the accuracy of the new data you provide to us. |
| Right to erasure of your personal data (commonly known as a “right to be forgotten”) | This enables you to ask us to delete or remove personal data where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal or technical reasons which will be notified to you, if applicable, at the time of your request. |
| Right to object to processing of your personal data | This enables you to object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. |
| Right to restrict the processing of your personal data | This enables you to ask us to suspend the processing of your personal data in the following scenarios: (i) if you want us to establish the data’s accuracy, (ii) where our use of the data is unlawful but you do not want us to erase it, (iii) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims, (iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. |
| Request the transfer of your personal data (commonly known as a “right to the data portability”) | We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. |
| Right to withdraw consent | You may withdraw your consent at any time where we are relying on consent to process your personal data. |
| Right not to be subject to automated decision-making | You reserve the right not to be subject to a decision based solely on automated processing of data, including profiling, which produces legal effects concerning you or similarly significantly affecting you. Please note that currently you are not subject to such automated decision-making. |
| Right to file a complaint | You may file a complaint with a relevant supervisory authority in case we violate your rights or obligations imposed on us under the Applicable Legislation. The relevant supervisory authority will particularly depend on where you are located. The details of the Lithuanian data protection supervisory authority: State Data Protection Inspectorate Website: https://vdai.lrv.lt/en Address: L. Sapiegos str. 17, LT-10312, Vilnius, Lithuania Phones: +370 5 271 2804 / 279 1445 E-mail: ada@ada.lt. |
The Website is not intended for the use of children (under 18 years old or older, if the country of your residence determines a higher age restriction). We do not knowingly market to, solicit, process, collect, or use personal data of children.
If we become aware that a child has provided us with personal information, we will use commercially reasonable efforts to delete such information from our database. If you are the parent or legal guardian of a child and believe that we have collected personal information from your child, please contact us.
We keep our Privacy Notice under regular review and we may update it at any time. If we make any changes to this document, we will change the “Last Updated” date above. Please review this Privacy Notice regularly to check for the updates. If we make substantial changes to the way we treat your personal information, we will display a notice on the Website.