Joint Data Controllers: Who is Responsible?
Definition of Joint Controllers:
Within the Benker UAB partner ecosystem, where Benker UAB acts as the coordinator, a joint data management agreement is concluded. This agreement defines the procedure for processing the personal data of clients seeking Benker services. The list of partners participating in the agreement may be updated periodically and is available on the company's official website. The agreement ensures that the coordinator and partners operate within a
unified approach to processing data provided by clients.
Purpose of the Agreement:
The primary purpose of the agreement is to ensure full compliance of Benker UAB and its partners with data protection legislation, in particular the General Data Protection Regulation (GDPR). The joint use of information systems provides the coordinator and partners with equal access to client personal data, which is necessary for the quality provision of services and the fulfillment of contractual obligations.
Legal Status:
In accordance with Article 26 of the GDPR, the coordinator and partners act as joint data controllers. This means that they jointly determine the purposes and methods of processing personal data, thereby ensuring transparency and accountability to clients.
Why do joint controllers process your personal data?
Key processing goals:
Joint controllers process your personal data to ensure the smooth and high-quality provision of services, including:
Identification and registration:
o Creating accounts in the Benker system and opening current accounts.
o Identity verification in accordance with the "Know Your Customer" principle.
Financial security and legal compliance:
o Prevention of money laundering and terrorist financing.
o Ensuring secure and reliable payment transactions.
Communication and support:
o Providing up-to-date information and customer support. o Managing the issuance and maintenance of payment cards.
o Sending SMS messages through internet channels.
Access management and security:
o Registration and identification of users in the Benker Tickets system. o Organizing the ticket purchase process. o Protecting confidential information and preventing cyber threats.
o Linking phone numbers to IBAN accounts.
Innovative services and analytics:
o Linking payment cards to the Benker mobile application. o Analyzing creditworthiness and managing credit risks. o Collecting and processing statistical data. o Direct marketing.
Restrictions on data use:
Joint controllers guarantee that your personal data is used exclusively to achieve the above goals. Any other use of data not provided for by the agreement is strictly prohibited.
Your Rights in the World of Joint Data Management
Guarantees for Benker Users:
Despite potential differences in national legislation applicable to the Coordinator and Partners, we guarantee you the following rights as a data subject:
Access to Information:
o The Coordinator is obligated to provide you with a copy of your personal data stored in the Benker system, in accordance with Article 15 of the GDPR.
Data Correction:
o You have the right to request the correction of any inaccuracies in your personal data stored by the joint controllers, in accordance with Article 16 of the GDPR. The Coordinator is responsible for making corrections.
Data Deletion ("Right to be Forgotten"):
o You can request the deletion of your personal data stored by the joint controllers, in accordance with Article 17 of the GDPR. The Coordinator is obligated to perform the deletion (except for data required to be stored by law) and notify the Partners.
• Restriction of Processing:
o The Coordinator will consider your requests to restrict data processing in accordance with Article 18 of the GDPR and, if restrictions are applied, will notify the Partners. If the request concerns processes or data exclusively under the control of the Partners, it must be sent directly to them.
• Data Portability:
o The Coordinator processes requests for data transfer in accordance with Article 20 of the GDPR. If the request concerns processes or data exclusively under the control of the Partners, it must be sent directly to them.
• Exercise of Rights:
o You can exercise your rights in relation to each data controller, as specified in paragraph 3 of Article 26 of the GDPR. The Coordinator and Partners provide the necessary information in accordance with Articles 13 and 14 of the GDPR, publishing notices on their websites.
Thus, we strive to ensure transparency and control over your personal data within our joint data management agreement.
Legal Framework and Joint Data Management Notices
Jurisdiction and Supervision:
Joint data management is carried out in accordance with the laws of the Republic of
Lithuania. Supervision of compliance with legislation is entrusted to the State Data Protection Inspectorate of the Republic of Lithuania, which acts as the lead supervisory authority.
Notification of Changes:
Please note that this Agreement may be revised and supplemented without prior notice to data subjects. We recommend that you regularly visit this page to review the current version of the document.
Information Provided When Personal Data is Collected:
• Joint Controllers: The joint controllers of your personal data are the Coordinator and Partners, a list of which is available on the company's website.
• Data Protection Officer: You can contact the Data Protection Officer appointed by the Coordinator by email: help@benker.io
• Purposes of Data Processing: Your data is processed to ensure the operation of the system and the proper provision of Benker services. Detailed information is available in the Data Protection Policy. If you enter into a contract with a Partner, the Coordinator processes your data while providing services to the Partner. Your data is accessible to the Partner providing you with services, as well as to other Partners to ensure service quality. The legal basis for data processing is the service agreement concluded with the Partner.
• Location of Data Processing: Data processing takes place in the offices of the Coordinator and the Partners with whom you enter into a contract.
• Data Transfer Within the Group of Companies: The Coordinator may transfer your personal data to other Benker group companies for the purpose of providing Benker services. Detailed information on data transfer is available on the Coordinator's website.
• Data Transfer to Third Countries: Your data may be transferred to third countries or international organizations in compliance with the security measures provided for in Articles 46, 47 or 49(1) GDPR.
• Information from Third Parties: In accordance with Article 14 GDPR, this information is provided by organizations from which the Coordinator and Partners have received personal data not provided directly by the data subject.
• Additional Information: Detailed information about the personal data collected, the purposes of collection, suppliers, recipients, storage periods and other conditions is available in the data protection policies of the Coordinator and Partners.
