1.1. If the Licensee chooses to store data in the SonT electronic archive, the Licensor provides hosting, storage and deletion services for data belonging to the Licensee.
2.1. Data – documents and metadata thereof, created by using means of SonT solution;
2.2. SonT electronic archive – particular place in the cloud allocated by the Licensor where data of the client is stored;
2.3. Self-service – Licensor’s website wherefrom recorded and retained documents may be accessed. In this website the Licensee may create new user and assign and administer their access rights.
2.4. Data retention – retention of data for the pre-agreed period of time in the SonT electronic archive.
2.5. Data Destruction – deletion of data from the SonT electronic archive after the expiry of the agreed period or termination of the respective agreement.
2.6. Data recording – process of recording of document: from signing to retention of it in the SonT electronic archive or in other means specified by the client.
2.7. Personal Data – any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2.8. GDPR – General Data Protection Regulation (EU) 2016/679.
2.9. Biometric data of signature – parameters of a signature (such as angle, depth, speed) which can be retained if so ordered by the client. Activation of retention of biometric data is subject to a separate agreement between the parties.
2.10. Other terms used in these Rules have the same meaning as in the General Conditions and/or legal acts of the Republic of Lithuania and/or GDPR.
2.11. The Licensor undertakes to store the data for the Data retention period specified in the Data retention order (see Clause 4.3 of the Special Conditions).
3.1. Before the end of the Data retention period agreed upon by the Parties in Clause 4.3 of the Special Conditions of the License Agreement, the Licensor informs about the future data destruction. When the retention term of the first document in the system is reached, the Licensor initiates the data destruction process, which is permanent, i.e. will last until all documents are destroyed. The Licensee is informed 3 (three) times about the end of the retention period of the first document in the system:
3.2. Considering that the destruction of documents is a continuous process, i.e. each document is subject to an appropriate destruction deadline, notifications about the impending destruction of other/subsequent documents are not sent to the Licensee after the Licensor has sent the last one, i.e. a third reminder to initiate the document destruction process.
3.3. After the end of the contract (after the termination of the contract, its execution, etc.), the Licensee gives instructions to the Licensor regarding further data processing, i.e. relocation, destruction, etc.
After the Licensee’s representative confirms the deletion of data in the self-service account, the data is irretrievably deleted. The Licensee and his representatives approve the data destruction procedure only after they are fully convinced that the data can be destroyed and fully accept all the consequences related to that destruction.
3.4. After the data is deleted from the system, its backup copies will be stored for 365 (three hundred and sixty-five) days. During the storage of backup copies, the confidentiality and integrity of the data will be ensured by applying appropriate technical and organizational security measures. After 1 (one) year after the data is deleted from the system, the backup copies will be destroyed securely, ensuring the confidentiality of the data.
3.5. After the final destruction of the data, i.e. 365 (three hundred and sixty-five) days after the destruction of the backup copies of data, the Licensor shall provide the Licensee with a confirmation of data destruction.
4.1. The Licensor undertakes to provide access to the Licensee’s self-service data to the Licensee, who provides access to his employees.
4.2. The Licensee is responsible for providing access to only those employees of the Licensee who have the right to process the Personal Data of the Licensee’s customers. The Licensor is not responsible for damages and losses caused by the actions of the Licensee’s employees, if they, after using the access granted to them to the SonT electronic archive, improperly processed the Personal Data managed by the Licensee.
4.3. The Licensee undertakes to register all authorized connections of the Licensee to self-service, data, etc.
5.1. Before commencing to use SonT, the Licensee must choose destination where the Data controlled by the Licensee must be recorded – in the SonT electronic archive or in any other means / solution specified by the Licensee.
5.2. If the Licensee chooses to record Data in any other means / solution, the Licensor is responsible merely for the recording function
5.3. If the Licensee chooses to record Data in any other means / solution, the Licensee must ensure and grant the Licensor with the access to this specific mean / solution in order to record data therein. After being granted with necessary access, the Licensor inspects if the Licensee’s Data may be successfully recorded in that mean / solution by using SonT and informs the Licensee about the result of such inspection.
5.4. The Licensor records all data of the Licensee within the EU.
5.5. The Licensor herein guarantees that SonT electronic archive is compliant with requirements of the GDPR.
5.6. In no case the Licensor will be held liable for compliance with the document retention, destruction rules as it is specified in the Law on Documents and Archives of the Republic of Lithuania, other regulations and internal rules of the Licensee.
