With this Privacy Policy, we inform you about the scope of the processing of your personal data (hereinafter "data") on our website at www.NomadRem.com. This policy does not apply to linked websites that are not owned and controlled by NomadRem. If you are accessing our Services using the NomadRem iOS or Android App, please refer to our Privacy Policy posted in the App.

In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular the law on Legal Protection of Personal Data of the Republic of Lithuania (“LPPD”), the General Data Protection Regulation ("GDPR"), and only as described in this Privacy Policy.

Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website.

Responsible for data processing

Responsible for data processing in accordance with the provisions of the LPPD and GDPR is:

NomadRem
NomadRem , UAB.
J. Basanavičiaus street g. 26,
LT-03224 Vilnius, Lithuania
Company code 305685002.

Web: www.NomadRem.com
E-Mail: info@NomadRem.com
Tel: 004741330956

The Supervisory Authority

The competent data protection authority in Lithuania is:

The State Data Protection Inspectorate (the "Inspectorate")
L. Sapiegos st. 17
LT-10312 Vilnius
Lithuania

www.vdai.lrv.lt

General information on data processing

In the course of our business and website operations, we process data. This also includes disclosure by transmission to third parties and, where applicable, to so-called third countries outside Lithuania and the EEA. A transfer will only take place in individual cases on the basis of an adequacy decision of the European Commission, standard contractual clauses, appropriate guarantees or your express consent.

For what purposes and on what legal basis is the data processed?

We process your data in accordance with the provisions of the LPPD and the GDPR:

• For the fulfilment of (pre-)contractual obligations (Art 6(1)(b) GDPR),
• For the fulfilment of legal obligations (Art 6 para. 1 lit. c GDPR),
• For the protection of legitimate interests (Art 6 para. 1 lit. f GDPR), and
• In the context of your consent (Art 6 para. 1 lit. a GDPR).

Data processing

The individual data concerned, processing purposes, legal bases, recipients and, where applicable, transfers to third countries are listed below:

a) Hosting

To provide our website, we use the services of Cloudways Ltd who process the below-mentioned data and all data to be processed in connection with the operation of this website on our behalf.  The legal basis for the data processing is our legitimate interest in providing our web site in accordance with Art. 6 para. 1 f) GDPR.

b) Log file during website visit

We log your website visit. In doing so, we process:

• Name(s) of our accessed web site(s),
• date and time of the access,
• the amount of data transferred,
• the browser type and version,
• the operating system you use,
• the referrer URL (the previously visited web site),
• your IP address,
• the requesting provider.

The legal basis for data processing is our legitimate interest in the ongoing provision and security of our web site in accordance with Art. 6 (1) f GDPR. The log file is deleted after seven days, unless it is needed to prove or clarify specific legal violations that have become known within the retention period.

c) Contacting us

If you contact us, we process the following data from you for the purpose of processing and handling your enquiry: Name, contact details -if provided by you- and your message.

The legal basis of the data processing is our obligation to fulfil the contract and/or to fulfil our pre-contractual obligations in accordance with Art. 6 (1) b) GDPR and/or our legitimate interest in processing your enquiry in accordance with Art. 6 (1) f) GDPR.

d) Contract fulfilment and data management in the context of the NomadRem services

We process various data within the framework of the provision of our services and for the initiation and processing of the existing contractual relationship between you and us. If you are accessing our Services using the NomadRem iOS or Android App, please refer to our Privacy Policy posted in the App.

Accordingly, the data is processed on the basis of Art. 6 (1) b) GDPR as well as to fulfil our legal obligations pursuant to Art. 6 (1) c) GDPR.

Special category Data
We may need to process sensitive information about you. This is information that can reveal a person's:

• racial or ethnic origin
• political opinions
• religious or philosophical beliefs
• trade union membership
• genetic or biometric data (if used for identification purposes)
• information concerning a person's health, sex life or sexual orientation

According to the LPPD and the GDPR we need a second lawful basis to use special category data. This is typically your explicit consent, or exercising legal rights establishing, defending or exercising legal claims or reasons of substantial public interest.

When you sign up for a NomadRem account
When you sign up for a NomadRem account we process and collect:

• personal details like your name, date and place of birth;
• contact details like your home address (and previous addresses), email and phone number;
• information about your identity, such as a copy of your ID document,;
• information about your tax residency; and financial details.
• details you give us when you sign up for a specific service;
• details you give us which we pass to our partners when you let us know you're interested in their services;
• information you give us through in-app chat and emails; and
• answers you give to surveys about us and our services.
• Information we get from external sources

When you sign up for a NomadRem account, we search your record at:

• credit reference agencies to verify your identity);and
• fraud prevention agencies, KYC (Know Your Customer) and AML (Anti Money Laundering) service providers to fulfil our legal duties.

Information we collect or generate when you use our services

• details about payments to and from your NomadRem account;
• details about services from us and our partners that you show interest in;
• details about how you use our app; and

e) Use of cookies

We use so-called cookies on our web site. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent in accordance with Art. 6 para. 1 a) GDPR as well as our legitimate interest in accordance with Art. 6 para. 1 f) GDPR.

Google Services

Google Fonts
We use Google Fonts by Google LLC of 1600 Amphitheatre Pkwy, Mountain View, CA 94043, USA and Google Ireland Ltd of Gordon House, Barrow Street, Dublin 4, Ireland on our website to display external fonts. To enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed. The connection to Google established when you call up our website enables Google to determine which website sent your request and to which IP address the display of the font is to be transmitted. This represents a legitimate interest.

Google Analytics

We use Google Analytics to evaluate your use of our website, to compile reports on the activities and to provide other services related to the use of our website in order to improve the user experience. When Google Analytics is used, interactions of website visitors are primarily recorded and systematically evaluated with the help of cookies. This represents a legitimate interest but also requires your consent due to the data transfer in the USA and the analytical functionality.

Google reCAPTCHA

In order to protect against misuse and spam by automated software (so-called bots), Google reCAPTCHA collects data (IP address, time of visit, browser information and information about your use of our website) and analyzes your use of our website using JavaScript and cookies. In addition, other cookies stored by Google services in your browser are evaluated. A readout or storage of personal data from the input fields of the respective form does not take place.

Duration of data storage

We only store personal data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 6 years, irrespective of the processing purposes.

Transfer of personal data

NomadRem will not disclose or otherwise distribute your personal data to third parties unless this is necessary for the performance of our services (legal basis for processing: Art. 6 para. 1 lit. b) GDPR), you have consented to the disclosure (legal basis for processing: Art. 6 para. 1 lit. a) GDPR) or the disclosure of data is permitted by relevant legal provisions.

NomadRem is entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors for NomadRem pursuant to Art. 4 No. 8 GDPR within the framework of the data protection provisions. External service providers support us, for example, in the technical operation and support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfilment of reporting obligations.

The service providers commissioned by NomadRem process your data exclusively in accordance with our instructions. NomadRem remains responsible for the protection of your data, which is ensured by strict contractual regulations, technical and organizational measures and additional controls by us.

Personal data may also be disclosed to third parties if we are legally obliged to do so e.g., by court order (legal basis for processing: Art. 6 (1) (c) GDPR) or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfil NomadRem' legitimate interests (legal basis for processing: Art. 6 (1) (f) GDPR).

Automated decision-making

Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of NomadRem.

Your data subject rights

a) Information

Upon request, we will provide you at any time and free of charge with information about all personal data that we have stored about you.

b) Correction, deletion, restriction of processing (blocking), objection

If you no longer agree with the storage of your personal data or if this data has become incorrect, we will arrange for the deletion or blocking of your data or make the necessary corrections (insofar as this is possible according to the applicable law) on the basis of a corresponding instruction. The same applies if we are only to process data in a restrictive manner in the future. You have the right to object in particular in cases where your data is required for the performance of a task that is in the public interest or in our legitimate interest, as well as profiling based on this. You also have such a right of objection in the event of data processing for the purpose of direct advertising.

c) Right to revoke consent with effect for the future

You may revoke your consent at any time with effect for the future. Your revocation will not affect the lawfulness of the processing up to the time of revocation.

d) Data portability

If data is processed on the basis of a contract, pre-contractual negotiations, consent or with the help of automated procedures, you have the right to data portability. Upon request, we will provide you with your data in a common, structured and machine-readable format so that you can transfer the data to another data controller if you wish.

e) Exercise of your data subject rights and right of appeal

To assert these rights, please contact us. The same applies if you have questions about data processing in our company. You also have the right to lodge a complaint with a data protection supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach a data protection supervisory.

Security

State-of-the-art internet technologies are used to ensure the security of your data. During the online enquiry process, your details are secured with SSL encryption. For secure storage of your data, the systems are protected by firewalls that prevent unauthorized access from outside. In addition, technical and organizational security measures are used to protect the personal data you have provided against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.

Our data processing is subject to the principle that we only process the Personal Information that is necessary for the use of our services. In doing so, we take great care to ensure that your privacy and the confidentiality of all Personal Information are always guaranteed.

All transmitted data is protected by TLS encryption. Transport Layer Security (TLS) is a protocol used to ensure secure data transmission on the Internet. The public-private key procedure is used here. This means that data encrypted with a publicly accessible key can only be decrypted again with a separate private key.

We also use technical and organizational security measures (TOMs) throughout the company to protect the data we manage from you against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us.

For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests. Please keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another person.

Also, we may not be able to accommodate certain requests to object to the processing of Personal Information, notably where such requests would not allow us to provide our service to you anymore.

Withdraw your consent

You may withdraw your consent and request us to stop using and/or disclosing your Personal Information for any or all of the Purposes by submitting your request to us. Should you withdraw your consent to the collection, use or disclosure of your Personal Information, it may impact our ability to proceed with your transactions, agreements, or interactions with us. Please note that your withdrawal of consent will not prevent us from exercising our legal rights (including any remedies) or undertaking any steps as we may be entitled to at law.

Duration of data storage

We store Personal Information on our secure server and only for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, irrespective of the processing purposes.

Links to other providers

Our website also contains - clearly recognizable - links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.

The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.

Personal information and children

Our services are aimed at people aged 18 and over. We will not knowingly collect, use or disclose personal information from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.

Changes and updates to the Privacy Policy

We kindly ask you to regularly inform yourself about the content of our Privacy Policy. We will amend the Privacy Policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.

Concerns and Contact

If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us.