We use cookies to ensure the best browsing experience on our website. More information about cookies. Accept

(Eesti) Privaatsuspoliitika


  1. General Provisions
    1. This privacy policy (hereinafter – the Policy) regulates main principles and rules regarding the collection, processing and storage of personal data carried out by OÜ "Pharmanet", company code 10837414, address of registration Sõpruse pst 145, Tallinn 13417 (hereinafter – the Data Controller) and terms of operation of the website https://www.ancor.ee (hereinafter – the Website) maintained by the Controller.
    2. The Data Subject in this Policy is a Candidate or any other Natural person whose personal data is processed by the Data Controller.
    3. The Candidate in this Policy is any person participating or intending to participate in the recruitment process carried out by the Data Controller.
    4. The Data Controller adheres to these principles of data processing:
      1. Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
      2. Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes (‘purpose limitation’);
      3. Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimization’);
      4. Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
      5. Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required to safeguard the rights and freedoms of the data subject (‘storage limitation’);
      6. Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’);
      7. The Data Controller shall be responsible for, and be able to demonstrate compliance with, abovementioned principles (‘accountability’).
    5. Usage of third-party services, for example, by visiting a Facebook social network account of the Data Controller, may be subject to third-party terms and conditions. For example, Facebook applies its Data Policy to all its users and visitors. Therefore, while using these third-party services, it is recommended to familiarize oneself with the applicable terms and conditions.
    6. This Policy has been prepared in accordance to the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter – the GDPR), the Act on Legal Protection of Personal Data of the Republic of Lithuania, other laws of the European Union and the Republic of Lithuania.
  2. Personal Data Collection, Processing and Storage
    1. By providing their personal data, the Data Subject agrees and does not oppose the Data Controller to manage and process their Data for the purposes, means and according to the procedures specified in this Policy and laws.
    2. By providing personal data, the Data Subject grants the Data Controller the right to collect, compile, organize, use and manage for any purpose specified in this Policy any personal data that is provided, directly or indirectly, by visiting the Website and / or using the Services provided by the Data Controller.
    3. The Data Subject is responsible for ensuring that the data provided is accurate, correct and complete. Input of knowingly incorrect data is considered a Policy violation. If the submitted data changes, the Data Subject must immediately correct them, and in the absence of the opportunity to do so, inform the Data Controller accordingly. Under no circumstances will the controller be liable for damages caused to the Data Subject and / or third parties due to the fact that the Data Subject has provided incorrect and / or incomplete personal data or did not request the addition and / or modification of the data upon their change.
  3. Processing of the Candidates’ Personal Data
    1. The Data Controller, as an international recruitment, employee selection and temporary employment company, process personal data mentioned below submitted by the Candidate for the purpose of employee selection for its clients:
      1. Name, surname;
      2. Birthday date;
      3. Telephone number;
      4. E-mail address;
      5. Home address;
      6. Education;
      7. Workplace;
      8. Marital status;
      9. Courses attended;
      10. Languages spoken;
      11. Computer skills;
      12. The fact of possession of a driving license;
      13. Preferred salary;
      14. Personal qualities;
      15. Recommendations;
      16. Other data voluntarily provided by the Candidate in their CVs and/or other submitted documents.
    2. The legal basis for the processing of personal data is Article 6 paragraph 1 (a) (processing with the consent of the Candidate, given by providing their data), (b) (processing for the performance of a contract or in order to take action on the Candidate's initiative before the conclusion of the contract) of the GDPR.
    3. Personal data of candidates can be transferred to potential employers (clients of the Data Controller or other companies of the Pharmanet group (SIA “Pharmanet” or UAB “Pharmanet”) during the selection of recruitment activities. Candidates' personal data may be transferred to potential employers in the countries of the European Union and the European Economic Area; to other countries Data are provided only with the consent of the Candidate.
    4. Access to personal data of the Candidate processed by the Data Controller is given to other companies of the Pharmanet group: SIA “Pharmanet” and UAB “Pharmanet”.
  4. Procedures and Timeframes of Personal Data Storage
    1. By processing and storing personal data of the Data Subjects, the Data Controller implements organizational and technical measures that would ensure protection of personal data from accidental or unlawful destruction, modification, disclosure and any other means of unlawful processing.
    2. Candidates' data is stored for 5 years from the date of receipt of the curriculum vitae.
  5. Rights of the Data Subjects
    1. Data Subjects at any time upon providing a request have the right to access their personal data processed by the Data Controller and receive information on how it is processed, exercise their right to rectify their incorrect, incomplete, inaccurate personal data, ask to suspend personal data processing activities, with the exception of storage, when the data processing does not comply with laws and requirements of this Policy.
    2. To the extent that the processing of personal data is based on consent, the Data Subject has the right to withdraw the consent at any time with no effect to the lawfulness of processing based on consent before its withdrawal.
    3. Data Subjects can exercise their existing rights by submitting a written application by e-mail privacy@ancor.ee or mail to Viru Väljak 2, Tallinn 12011, or by directly visiting the office of the Data Controller.
    4. If the Data Subject is not satisfied by an answer of the Data Controller or thinks that it processed their personal data in a way that does not comply with the legal requirements, the Data Subject can make a complaint to the State Data Protection Inspectorate of the Republic of Lithuania.
  6. Information about the use of cookies
    1. The Data Controller Website uses cookies. Cookies are small-volume text files stored on the Website visitor's browser or device (personal computer, mobile phone or tablet).
    2. Thanks to cookies, we aim to ensure a more enjoyable experience for people browsing the Website and improving the Website itself.
    3. Cookies used on the Website can be grouped into the following types:
      1. Functional cookies (qtrans_front_language/Wordpress) are designed to enable the Website to perform its core functions. These cookies allow you to browse the Website and use the features you want, for example, to remember your chosen language.
      2. Activity (analytical) cookies (_ga, _gat_gtag_UA_112381154_1, _gid/Google Analytics) collect anonymous information about how visitors use the Website. By providing information about visited areas, time spent on the Website and any problems that occur, such as error messages, these cookies help the Data Controller understand how visitors behave on the Website. This information helps improve the functioning of the Website.
    4. The Data Subject can delete or block cookies by selecting the appropriate settings in Data Subject’s browser, which allows to block all or some of the cookies. It is known that using browser settings that block all cookies (including required ones) may cause problems using all or part of the Website's features.
  7. Final provisions
    1. The legal relations related to this Policy are governed by the law of the Republic of Lithuania.
    2. The Data Controller is not accountable for the damages, including damages resulting from interference of the Website usage, damage or loss of data arising from an act or omission by the Data Subject or third parties acting on behalf of the Data Subject, including incorrect input of data, other mistakes, conscious malicious behaviour and other wrongful use of the Website. The Data Controller shall also not be held responsible for any interference of the Website log in/usage and (or) damage resulting from them that arises from acts or omission of third parties not associated with the Data Subject, including issues with electricity, web access, etc.
    3. The Data Controller has the right to change this Policy in part or in full.
    4. Changes of or additions to the Policy shall take effect from the date of their publication in the Website.
    5. If the Data Subject continues to use the Website and its services after the Policy has been updated or changed, it is presumed that the Data Subject agrees to such additions and/or changes.


Last updated: 18 May 2018