Privacy Policy
GENERAL PROVISIONS

1. Privacy policy of system "Diaryium" (further - Privacy Policy) explains how user data is collected, stored or processed in "Diaryium". This privacy policy applies to all system "Mano dienynas" services.
2. Educational institutions that use services of system "Diaryium" (further - educational institutions) are data controllers.
3. Educational institutions, "Diaryium" users and company JSC "Nacionalinis švietimo centras" are data managers.
4. The goal of a data management is to ensure the functions of educational institution, customer communication, information and successful identification.
5. Consumer data is processed in accordance with Law on Legal Protection of Personal Data (Official Gazette, 1996 No. 63-1479, 2008, No. 22-804)

DATA PROCESSING

6. System "Diaryium" collects and stores only the data that is necessary for educational institutions to perform the functions or successful identification of the subject data in system "Diaryium".
7. Data managers make decisions about collecting, handling, storing and destructing of subjects data.
8. All services of system "Diaryium" are provided only to registered users.
9. System "Diaryium" processes and handles the following user data:
9.1. Preschool children data:
9.1.1. Name;
9.1.2. Surname;
9.1.3. Address of residence place;
9.1.3.1. factual;
9.1.3.2. declarated;
9.1.4. Child birth date;
9.1.5. Education languages:
9.1.5.1. Lithuanian;
9.1.5.2. Polish;
9.1.5.3. Russian;
9.1.5.4. Hebrew;
9.1.6. Special educational needs:
9.1.6.1. High;
9.1.6.2. Very high;
9.1.7. Child Welfare's decision;
9.1.8. Doctor's recommendations;
9.1.9.
 Disabilities, disorder
s;
9.2. Pre-school childrens' parents / guardians data:
9.2.1. Mother/guardian:
9.2.1.1. Personal code;
9.2.1.2. Name;
9.2.1.3. Surname;
9.2.1.4. E-mail.;
9.2.1.5. Password;
9.2.1.6. Phone number;
9.2.1.7. Address of residence place;
9.2.1.7.1. Factual;
9.2.1.7.2. Declarated;
9.2.1.8. Workplace name;
9.2.1.9. Position held;
9.2.2. Father/guardian:
9.2.2.1. Personal code;
9.2.2.2. Name;
9.2.2.3. Surname;
9.2.2.4. E-mail.;
9.2.2.5. Password;
9.2.2.6. Phone number;
9.2.2.7. Address of residence place;
9.2.2.7.1. Factual;
9.2.2.7.2. Declarated;
9.2.2.8. Workplace name;
9.2.2.9. Position held;
9.3. Student data:
9.3.1. Name;
9.3.2. Surname;
9.3.3. E-mail.;
9.3.4. Password;
9.3.5. Phone number;
9.3.6. Date of birth;
9.3.7. Class;
9.3.8. Gender;
9.3.9. Photo;
9.3.10. Address of residence place.
9.3.11. Course program repetition;
9.3.12. Foreigner:
9.3.12.1. Comes from European Union country;
9.3.12.2. Permanently resident in Lithuania;
9.3.12.3. Arrived only to learn;
9.3.13. Learn at home 1 academic year or longer:
9.3.14. Extramural method;
9.3.15. Self learning;
9.3.16. Experienced any injury during the educational process;
9.3.17. Number of incurred injuries;
9.3.18. I foreign language;
9.3.19. II foreign language;
9.3.20. III foreign language;
9.3.21. Learns Latin language;
9.3.22. Lives in dormitories of general education schools, child care homes;
9.3.23. Receives free meals;
9.3.24. Moral education (religion or ethics);
9.3.25. Number of free catering (times per day);
9.3.26. Possession of complex disorders;
9.3.27. Orphan and/or left without parental care;
9.3.28. Health data:
9.3.28.1. Physical education group;
9.3.28.2. Visual acuity;
9.3.28.3. Learning style;
9.3.28.4. Risk factors,doctor's instructions and recommendations:
9.3.28.4.1. Disease code;
9.3.28.4.2. Comments;
9.3.29. Data for students with special needs in general education schools by general classes:
9.3.29.1. Disorder type;
9.3.29.2. Assigned to special needs group;
9.3.30. Data for special schools and special classes students:
9.3.30.1. Disorder type;
9.3.30.2. Other disorders;
9.3.31. Student parents data:
9.3.31.1. Name;
9.3.31.2. Surname;
9.4. Parents data:
9.4.1. Name;
9.4.2. Surname;
9.4.3. E-mail.;
9.4.4. Password;
9.4.5. Phone number;
9.4.6. Address of residence place;
9.4.7. Workplace title;
9.4.8. Position held;
9.4.9. Date of birth.
9.5. Teachers data:
9.5.1. Name;
9.5.2. Surname;
9.5.3. E-mail;
9.5.4. Password;
9.5.5. Phone number;
9.5.6. Address of residence place;
9.5.7. Date of birth;
9.5.8. Personal code;
9.6. Educational institution data:
9.6.1. Educational institution name;
9.6.2. Educational institution e-mail.;
9.6.3. Password;
9.6.4. Phone number;
9.6.5. Educational institution adress;Собранные в системе контактные данные пользователей, могут быть использованы в маркетинговых или рекламных целях, для информирования пользователей o новых продуктах или конкурсах компании ЗАО ''Nacionalinis švietimo centras'', также для предоставления другой актуальной информации из системы ''Diaryium ''.
9.6.6. Educational institution code;
9.6.7. Educational institution fax;
9.6.8. Educational institution web site address;
9.6.9. Additional pre-school institutions data:
9.6.9.1. Pre-school institution type;
9.6.9.1.1. General;
9.6.9.1.2. General with special groups;
9.6.9.1.3. General - specialized;
9.6.9.1.4. Special;
9.6.9.2. Education languages;
9.7. System administrator data:
9.7.1. E-mail;
9.7.2. Password;
9.7.3. Phone number;
9.7.4. School, Kindergarten address.
10. Points numbers 9.2.1.2. - 9.2.1.5, 9.2.2.2. - 9.2.2.5,  9.3.1 - 9.3.4, 9.4.1. - 9.4.4, 9.5.1. - 9.5.4. and 9.7.1. - 9.7.2. of this Privacy policy indicates user data and 9.6.2. - 9.6.3. educational institution data which are required and processed to ensure a successful user identification.
11. Other data presented in Privacy Policy section 9 is not binding and is processed by the relevant controller.
12. User data inputs:
12.1. All responsibilities of data input in system "Diaryium" are dedicated to educational institution.
12.2. If the school cannot enter data into system "Diaryium", with the request, it could be done by "Diaryium" administration.
12.2.1.The educational institution provides users data in accordance with Services Agreement signed between the educational institution and JSC ''Nacionalinis švietimo centras'', by e-mail address.
12.2.2. Data are provided using *.xls or *.xml file types.
12.2.3. The data in system "Diaryium" are loaded centrally, automatically.
13. If you notice incorrect user data, they should be immediately reviewed and revised:
13.1. If members of educational institution find some inaccurate user data, they must immediately clarify it.
13.2. If user notices inaccurate data, he must immediately clarify it. If for some reasons user can not adjust the data, he must notify his educational institution which have access to the system "Diaryium".
13.3. When educational institution receives a message from user with his accurate data, it should immediately clarify them.
13.4. If school cannot specify user data, it must address to "Diaryium" administration, which should immediately revise incorrect user data.
14. Data Storage and Disposal:
14.1. Data in system "Diaryium" is not used and stored for longer than it is necessary for the purposes which they were intended.
14.2. After a period of storage, the data is transferred to an archive.
14.3. User data from system "Diaryium" is deleted or transferred to the data controller if:
14.3.1. System "Diaryium" would be liquidated;
14.3.2. Educational institution refuses all the services of system "Diaryium";
14.3.3. User terminates its relations with educational institution;
14.3.4. Agreement between educational institution and user will expire.
14.4. All Data Manager data is stored in the archive by Lithuanian law specified period, after which data is transferred to the national archives or destroyed.

CONSUMER RIGHTS AND ASSURANCE DATA SAFETY

15. System "Diaryium" processed data is not shared and not disclosed to any third person without user's consent, except the cases, when data should be disclosed in accordance with legal obligations or judicial decision.
16. Users are allowed to access, view, edit and revise their data at any time, by logging in to their user account and visiting their profile.
17. JSC “Nacionalinis švietimo centras” ensures that user data is collected and stored securely in accordance with the laws of the Lithuania Republic and other legal acts which regulate data security:
17.1. System "Diaryium" develops and constantly updates technical and organizational measures and procedures by which it's easier to ensure system "Diaryium" security and to protect users data.
17.2. Security is continuously improved, in order to prevent unauthorized or unlawful processing of user data and accidental, unauthorized or unlawful access to user data. Also it is improved to accidental, unauthorized or illegal user data using, processing, copying, alteration, transfer, loss, destruction or damage.
17.3. Security of user data is ensured by:
17.3.1. using data encryption;
17.3.2. using only authorized access to system "Diaryium";
17.3.3. restricting access to user data according to system "Diaryium" user rights;
17.3.4. automatically disconnecting users from the system when system "Diaryium" is not used for more than 45 minutes.
17.4. In all JSC "Nacionalinis švietimo centras'' staff computers, which are working with system "Diaryium", are running constantly guard against harmful programs, which is regularly updated at least once per day.
17.5. System "Diaryium" servers can be attained only by the authorized persons.
17.6. JSC "Nacionalinis švietimo centras'' staff and company providing these services under a cooperation agreement signed by the employees are responsible for server issues.
18. Access to system "Diaryium" is provided to users by educational institution administration, after service agreement with "Mano dienynas" administration is signed.
19. The educational institution must ensure that all its staff computers, who have the access to web-based system "Diaryium", have a protection against harmful software installed and regularly updated.
20. User access rights:
20.1. Users with student's access right can:
20.1.1. View their own data, based on Privacy Policy 9.3.1-9.3.2 items;
20.1.2. Organize their own data, based on Privacy Policy 9.3.3 - 9.3.5. and 9.3.10 items;
20.2. Users with parents access rights, may:
20.2.1. View their data based on Privacy Policy 9.4.1. and 9.4.2. items;
20.2.2. Organize their data based on Privacy Policy 9.3.3-9.3.5 and 9.3.10 items;
20.2.3. View their children's data, which are indicated in Privacy Policy 9.3.1, 9.3.2 and 9.3.7 items.
20.2.4. Organize their children's data, which are indicated in Privacy Policy 9.3.5, 9.3.6 and 9.3.10 items.
20.3. Users with teachers access rights, may:
20.3.1. View their data, which are indicated in Privacy Policy 9.5.1-9.5.2 items;
20.3.2. Organize their data, which are indicated in Privacy Policy 9.5.3-9.5.6 items;
20.3.3. View other teachers data, which are indicated in Privacy Policy 9.5.1-9.5.3, 9.5.5-9.5.7  items.
20.3.4. View his students data, which are indicated in Privacy Policy 9.3 item.
20.4. Users with class supervisors access rights, may:
20.4.1. View their data, which are indicated in Privacy Policy 9.5.1 and 9.5.2 items;
20.4.2. Organize their data, which are indicated in Privacy Policy 9.5.3-9.5.6 items;
20.4.3. View other teachers data, which are indicated in Privacy Policy 9.5.1 – 9.5.3, 9.5.5 – 9.5.7 items;
20.4.4. View and organize students data, which are indicated in Privacy Policy 9.3 item, except 9.3.4 item, which they can only change/update and 9.3.7 item, which they can only view;
20.4.5. View and organize parents data, which are indicated in Privacy Policy 9.4 item, except 9.4.4 item, which they can only change/update.
20.5. Users with institution or system administrator access rights may:
20.5.1. View and organize their data, which are indicated in Privacy Policy 9.6 and 9.7 items;
20.5.2. View and organize students data, which are indicated in Privacy Policy 9.3 item, except 9.3.4 item, which they can only change/update;
20.5.3. View and organize students data, which are indicated in Privacy Policy 9.4 item, except 9.4.4 item, which they can only change/update;
20.5.4. View and organize teachers data, which are indicated in Privacy Policy 9.5 item, except 9.5.4 item, which they can only change/update.
21. Users access repealed after relations end with an educational institution that provides access to system "Diaryium".
22. All response for system "Diaryium" and user data backups have JSC ''Nacionalinis švietimo centras'' or other company which provides the following services under the cooperation agreement:
22.1. Every day, are made a full-time replacement of system "Diaryium" and its databases, which are stored for at least 30 days from the date when it was committed.
23. JSC ”Nacionalinis švietimo centras" is responsible for system "Diaryium" and user data restoration from backup data or other company which provides the following services under the cooperation agreement.
24. All system "Diaryium" safety measures cannot protect users' data from school staff or other user actions, which can reveal user data, such as improperly protected workplace, personal data is printed and stored in a visible place and other.
25. Safety measures shall not relieve user from duty to take appropriate measures and ensure user data security, especially avoiding present obviously user identification names and passwords. Do not give login data to other people. Also user identification name or password should be changed constantly.
26. In the Security incident, educational institutions and JSC ”Nacionalinis švietimo centras'' must take actions to eliminate security gaps and ensure security of all personal data.

FINAL PROVISIONS

27. System "Diaryium" without violating  the Advertising LAw of Republic of Lithuania(2000 y. july 18. Nr. VIII-1871) , can collect  user contact data, which can be used for marketing or promotional purposes, to inform users about JSC "Nacionalinis švietimo centras'' products or provision of other competitions and other information which may be relevant to the users of "Diaryium".
28. System "Diaryium" administration has the right to upload sponsors' information that respects the generally accepted ethical standards and does not interfere with users work.
29. System users must apply directly to the educational institution members, who could contact and is able to access "Diaryium" system concerning users data collection, storage and processing issues.
30. JSC "Nacionalinis švietimo centras'' does not make any training for users, unless it agreed in services provision contract which is signed between the educational institution and the JSC "Nacionalinis švietimo centras''.
31. JSC "Nacionalinis švietimo centras'' could change and update this Privacy Policy. Privacy policy may be changed any time at their discretion, without notice to the users.