“Data Subject” means any natural person (including corporate representatives, contact persons) who uses, has used or has expressed a wish to use the Services. The definition of the Data Subject also covers authors of previously published or plagiarized material.
“Data Controller” means anyone who alone or jointly with others determines the purposes and means of the Processing of Personal Data. For the processing described in this document Oxsico is the Data Controller.
“Data Processor” means anyone who Processes Personal Data on behalf of the Data Controller.
“GDPR” means Regulation (EU) 2016/679 (General Data Protection Regulation).
“Personal Data” means any information that, directly or indirectly, can identify a living natural person.
“Processing” means any operation or set of operations performed with regard to Personal Data, whether or not performed by automated means, for example collection, recording, organisation, storage, adaptation, alteration, retrieval, gathering, use, combination, erasure or destruction.
“Recipient” means a natural or legal person, public authority or another body, to whom Personal Data may be disclosed by Oxsico.
“Services” means any services (including plagiarism detection service), advice and products provided by Oxsico.
2. What type of Personal Data we have?
We currently collect and process the following information:
- Identification & contact data such as name, address, telephone number, email address, country of residence.
- Financial data such as account number.
- Professional data such as job title or professional status (e.g. student, professor).
- Data obtained and/or created while performing an obligation arising from law such as data that Oxsico may be required to report to authorities, such as courts, law enforcement agencies (e.g. details of debt).
- Communication & services data collected when the Data Subject visits at Oxsico’s website, as well related to communication through Oxsico website.
3. How we get the Personal Data?
Most of the Personal Data we process is provided to Oxsico directly by the Data Subject. Oxsico collects from and processes Personal Data about Data Subjects whom have entered into or wishes to enter into an agreement with Oxsico.
We also receive Personal Data indirectly, on the request of the Data Subject, from external sources such as public and private registers or other providers of databases, also from the Data Subject’s use of the Services.
We also receive Personal Data made publicly available by the Data Subjects (authors of various material (articles, books, thesis etc.)).
4. Legal grounds and purposes of Processing Personal Data
4.1. Performance of agreements
The main purpose of Oxsico processing the Personal Data is to document, execute and administer contracts with the Data Subjects. Examples of purposes for Processing include:
- to provide and administer access to the Oxsico’s Services;
- to manage the relationships with the Data Subject;
- to authorize and control access to the Services.
4.2. Compliance with legal obligations:
Oxsico needs to comply with legal obligations, therefore we are required to Process Personal Data in accordance with applicable laws. Examples of purposes for Processing are:
- to comply with rules and regulations relating to accounting, tax information management.
- to fulfil the obligations of applicable litigation laws.
4.3. Legitimate interest
Oxsico Processes the Data Subject’s Personal Data for Oxsico’s legitimate interest. This Processing is necessary for the purposes of the legitimate interest pursued by Oxsico, which Oxsico has considered outweighing the Data Subject’s interest of protection of the Personal Data. Examples of purposes for Processing are:
- to identify materials that may have been previously published or plagiarized, and produce a report showing instances of overlapping text;
- to develop, examine and improve Oxsico’s Services and the Data Subject’s user experience by performing analyses, statistics;
- to reply to the Data Subject’s requests;
- to establish and defend legal claims.
Oxsico processes Data Subject’s Personal Data for marketing purpose (newsletters) based on Data Subject’s consent. Consent can always be withdrawn by contacting Oxsico at firstname.lastname@example.org
5. Whom we disclose the Personal Data?
Oxsico may share the Personal Data with Recipients such as authorities and business partners. Oxsico does not disclose more Personal Data than necessary for the purpose of disclosure. Recipients may Process the Personal Data acting as Data Processors and/or as Data Controllers. When Recipient is Processing Personal Data on its own behalf as a Data Controller, the Recipient is responsible for providing information on such Processing of Personal Data.
Oxsico disclose Personal Data to Recipients, such as:
- educational institutions and other persons who ordered the Services;
- providers of databases and registers;
- authorities such as tax authorities and law enforcement agencies;
- debt collectors, bailiffs, notaries or insolvency administrators;
- financial and legal consultants, auditors or any other service providers of Oxsico
As a general rule Data Subject’s Personal Data is Processed within the EU/EEA. The transfer and Processing of Personal Data outside of the EU/EEA will only take place if there is a legal basis and appropriate safeguards.
6. How we store the Personal Data?
Personal Data is securely stored within Oxsico’s internal databases in EU/EEA.
We keep Personal Data for a limited time period and in any event no longer than necessary for the purposes for which the Personal Data was collected. The retention periods are defined by the laws or legitimate interests of Oxsico. After retention period comes to an end Oxsico will then delete Personal Data.
7. Data protection rights and how to complain?
Under GDPR, you have the following rights:
- Your right of access – you have the right to ask us for copies of your personal information.
- Your right to rectification – you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete the information you think is incomplete.
- Your right to erasure – you have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – you have the right to ask us to restrict the processing of your information in certain circumstances.
- Your right to object to processing – you have the the right to object to the processing of your personal data in certain circumstances.
- Your right to data portability – you have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
If you make a request, we have one month to respond to you.
Please contact us at email@example.com if you wish to make a request.
You can also complain to the Lithuanian State Data Protection Inspectorate (website address: www.vdai.lrv.lt) if you are unhappy with how we have used your Personal Data.
Our contact details:
LINGUA INTELLEGENS, UAB (Oxsico)
A. Vienuolio str. 4, Vilnius, Lithuania, EU