Privacy Policy

Data controller

1. The controller of your personal data is the Paysera Network in accordance with the Joint Controller Agreement No. 2018019 of 19 September 2018. Paysera's contact details are published on the Paysera website. The contact details of Paysera's designated data protection officer are: [email protected].
2. Paysera provides the "LightSMS" short messaging service, available at www.lightsms.com (hereinafter – "LightSMS" system).

General provisions

3. This Privacy Policy (hereinafter – Privacy Policy) is a document that sets out the basic rules for the collecting, storing, processing, and keeping of personal data and other information relating to you, the scope, purposes, sources, recipients, and other relevant aspects of the processing of personal data by individuals using the “LightSMS” system.
4. The Privacy Policy applies to all persons (both natural and legal) who use the “LightSMS” system. If the user of the services is a legal entity, this Privacy Policy applies to natural persons whose data is transmitted to us by a legal entity. The user is obliged to inform the data subjects (managers, beneficiaries, representatives, etc.) of the transfer of their data to Paysera in a proper manner in accordance with Article 14 of GDPR.
5. Paysera's objective is to ensure the highest possible security of all personal data and other information processed in the “LightSMS” system. In order to protect this information from unauthorised access, use, copying, accidental or unlawful destruction, alteration, or disclosure, as well as from any other unauthorised processing, Paysera uses appropriate legal, administrative, technical, and physical security measures.
6. Personal data collected by Paysera is processed in accordance with the General Data Protection Regulation (GDPR), the Personal Data Protection Law of the Republic of Lithuania, and other legal acts.
7. Paysera receives personal data after the Client has linked their “LightSMS” account to their electronic money account in the Paysera payment system (www.paysera.com).
8. Paysera has the right to use third person processors (including third party processors) for the processing of personal data in the “LightSMS” system in order to ensure the proper functioning and development of the SMS service, i.e. system administrators, support persons, developers, system participants, mobile operators, or their intermediaries through which the SMS are sent. The use of such personal data processors is necessary for the performance of the contract with the individual and the provision of the service to the individual. Paysera confirms that the personal data processors it uses have implemented appropriate technical and organisational security measures.
9. All information processed by Paysera is provided by the person on a voluntary basis and in accordance with the principles of fairness and accuracy and completeness of information.
10. Paysera does not use any personal data collected in the “LightSMS” system for direct marketing purposes.
11. Paysera will inform the users of the “LightSMS” system if, in certain cases, there is a need to use personal data for purposes other than those specifically set out in this Privacy Policy. In all cases, the information shall be provided before the collection of personal data begins.

Compliance with the Privacy Policy

12. By visiting this website (www.lightsms.com) and/or using the information and/or Services available on this website, the person acknowledges and confirms that they have read, understood, and agreed to the Privacy Policy. If a person does not agree to the Privacy Policy and the terms and conditions set forth therein, they shall not be entitled to use the “LightSMS” system and the Services provided therein.
13. By agreeing to the Privacy Policy, a person grants Paysera the right to process their personal data in accordance with the procedures set out in the Privacy Policy.

Purposes of collecting personal data

14. PURPOSE: To provide a service for sending short messages via the "LightSMS" system
14.1. Personal data for this purpose is processed for the purpose of providing the client with the text messaging service in the "LightSMS" system.
14.2. For this purpose, the following personal data may be processed: the client's name, surname, telephone number, email address, Paysera account number, the client's unique Paysera number, and account balance.
14.3. Data storage period: 10 (ten) years from the date of the last text message.
14.4. Legal basis for data processing: the processing is necessary for the performance of a contract with the data subject or to take action at the request of the data subject prior to the conclusion of a contract.
14.5. Data providers: directly by the data subject.
15. PURPOSE: Use of personal data for internal administrative purposes
15.1. Paysera has the right to use the collected personal data for internal administration purposes: to improve the operation and functionality of the "LightSMS" system, to better understand the needs of users, to improve services, etc.
15.2. For this purpose, the following personal data may be collected: the client's name, surname, telephone number, email address, Paysera account number, the client's unique Paysera number, and the account balance.
15.3. Data storage period: until the end of the business relationship.
15.4. Legal basis for data processing: legitimate interest of Paysera.
15.5. Data providers: directly by the data subject.
16. PURPOSE: Use of personal data for the purpose of communication with clients
16.1. If a person has voluntarily provided Paysera with their personal data for a specific reason, Paysera may use the personal data for the purpose for which it was provided, e.g., if a person contacts Paysera by email with a request for services in the “LightSMS” system, Paysera will use and save the personal data provided by the person for the purpose of responding to the person's query, resolving the problem, and responding to the email address or other contact details provided.
16.2. For this purpose, the following personal data may be processed: the client's name, surname, telephone number, email address, Paysera account number, the client's unique Paysera number, and account balance.
16.3. Data storage period: 10 (ten) years from the end of the business relationship with the client.
16.4. Legal basis for data processing: the processing is necessary for the performance of a contract with the data subject or to take action at the request of the data subject prior to the conclusion of a contract.
16.5. Data providers: directly by the data subject.

Access to personal data stored by Paysera, rectification of inaccuracies and objection to data processing, and other rights

17. The person has:
17.1. THE RIGHT TO KNOW YOUR DATA: to be informed whether Paysera processes your personal data and, if so, to have access to your personal data processed by Paysera, and to be informed from what sources and what personal data have been collected, for what purpose they are processed, and to whom they are or may be provided; to receive from Paysera a copy of their personal data, in accordance with the procedure established by the law. Paysera will, upon receipt of your written request, provide the data requested in writing within the time limit established by law, or provide reasons for refusing to comply with such request. Data may be provided free of charge once per calendar year, but in other cases, the provision of data may be subject to a fee not exceeding the cost of providing the data.
17.2. THE RIGHT TO REQUEST CORRECTION: If the data processed by Paysera is incorrect, incomplete, or inaccurate, you may contact Paysera in writing and request that the incorrect, inaccurate, or incomplete personal data be corrected or supplemented by submitting a request;
17.3. THE RIGHT TO BE FORGOTTEN: to request the termination of processing (erasure) where personal data is processed with the consent of the person, after the person has withdrawn that consent, or where the personal data is no longer necessary for the purpose for which it was obtained, or where the personal data has been unlawfully processed, or where the personal data is subject to a legal obligation to erase. Written notice of objection to the processing of personal data must be given to Paysera in person, by post, or by electronic means. If your objection is legally justified, Paysera will, after examining the request, terminate the processing of the personal data, except in cases provided for by law.
17.4. THE RIGHT TO LIMIT DATA PROCESSING: to request the restriction of processing where the data subject contests the accuracy of the data for a period of time within which the controller is able to verify the accuracy of the personal data; the processing of the personal data is unlawful, and the data subject does not consent to the erasure of the personal data and instead requests the restriction of its use; the controller no longer needs the personal data for the purpose of the processing, but needs it for the purpose of the data subject's right to lodge or exercise legal claims. The controller shall inform the data subject whose processing has been restricted before the restriction on processing is lifted.
17.5. RIGHT TO OBJECT: the right to object to the processing of personal data for direct marketing purposes (where applicable).
17.6. THE RIGHT TO COMPLAIN against the processing of their personal data to a supervisory authority if the client considers that their personal data is being processed in breach of their rights and legitimate interests under applicable law.
17.7. THE RIGHT TO CONTACT the controller and/or the data protection officer to exercise their rights.
17.8. Other rights provided for by law.
18. A person may send a request for access to personal data stored by Paysera, corrections, and objections to such data to the following email address: [email protected]. In the request, the person must clearly indicate their name and email address. The request must be signed with an e-signature.
18.1. If the application is submitted through a representative by email, the document confirming the representation must also be signed by both parties by an electronic signature.

Disclosure of data

19. All of the above-mentioned information, which constitutes personal data, will not be disclosed to any third parties without the consent of the person, except for the personal data processors appointed by Paysera and in the cases provided for in this Privacy Policy, where required by applicable law, or for the purposes of providing the services.
20. Paysera may disclose personal data or information provided by a person where such disclosure is required by applicable law or by competent authorities. Paysera may also disclose personal data or information only when not prohibited by law and only when objectively justified in a particular case. Paysera undertakes not to disclose personal data to third parties except in the following cases:
20.1. If the person consents to the disclosure of personal data;
20.2. To law enforcement authorities in accordance with the procedure provided for in the legislation of the Republic of Lithuania;
20.3. If it is necessary to prevent or investigate criminal offences;
20.4. In other cases provided for by law.
21. Paysera has the right, at its sole discretion, to employ other persons to perform certain personal data processing functions on its behalf. In order for such persons to carry out the functions entrusted to them, they may have access to certain personal information. However, in such cases, Paysera will ensure that such persons will not be able to use such information for any purposes other than to the extent necessary to perform the functions assigned to them.

Cookies and activity

22. Paysera may use cookies in the “LightSMS” system. Cookies are small files that are sent to a person's web browser and stored on the hard drive of the person's computer. Cookies are transferred to a person's computer the first time they visit this website. Cookies are subsequently used to identify the person's computer and facilitate the person's access to this website or the information it contains. Paysera generally only uses essential cookies, which are used on a person's device to identify the person, to improve the functionality and use of the website, and to facilitate the person's access to this website or the information contained therein. Paysera may also use other cookies with the user's consent. Most web browsers accept cookies, but a person can change the setting on their browser so that cookies are not accepted. However, in this case, some functions may not work.
23. Full information about the cookies used on the website, their purpose, validity, and the data used is provided in the table below:

Name of the cookie	Purpose of data processing	Validity period	The data used
LOCAL_LANG:	Language parameter	Until the client changes the language	Stores the language the user has selected
REFERAL_LINK	Link parameter	15 min.	Checks which page the person came from
LEFT_MENU_TYPE:	Menu type	Undefined	Stores the selected menu interface
PHPSESSID	Session ID	Until the end of the session	Stores session ID number

24. Like many website administrators, Paysera monitors the traffic of the “LightSMS” system and the website and collects information about how many visitors have visited the website, what is the name of the visitors' internet service provider's server area (domain), etc. Such information is collected automatically at the time of the visit to the website. It helps the website administrator to understand how visitors use the website and to improve the Services provided by Paysera.

Final provisions

25. The Privacy Policy applies only to information that may be collected from individuals through their use of the “LightSMS” system that is considered personal data, i.e. information that can be directly linked to or identify an individual. The provisions of this Privacy Policy do not apply to information that does not qualify as personal data.
26. Paysera reserves the right to change the provisions of the Privacy Policy at any time, and such changes shall become effective upon their posting on the website, www.lightsms.com. Therefore, it is recommended that persons visiting this website and using the “LightSMS” system always refer to the latest version of the Privacy Policy that applies to the person's visit to the website and use of the “LightSMS” system.
27. This Privacy Policy is subject to the law of the Republic of Lithuania. Any disputes arising out of this Privacy Policy shall be settled by negotiation or, if such negotiation fails, in the courts of the Republic of Lithuania.