Privacy policy


General provisions

Terms and definitions

What personal data do we process?

Purpose and legal basis of the processing of personal data

How do we collect/obtain your personal data?

Who do we transfer your personal data to?

In which countries are your personal data processed?

Profiling and automated decision making

What personal data processing principles do we adhere to?

How do we protect your personal data?

How long do we keep your personal data?

Cookies, alerts and other similar technologies

What are your rights?

Contact us

Final provisions

General provisions

This Privacy Policy sets out and explains how Medicinos Bankas UAB (“Bank”) collects and processes your personal data.

The purpose of this Privacy Policy is to inform you about the ways your personal data are collected and processed and to ensure a fair and transparent process of personal data processing in the Bank.

It is very important that you carefully read this Privacy Policy, because its terms and conditions will apply every time you use/express an intention to use the Bank’s services at the Bank’s customer service units or in the internet banking system, browse the Bank’s website www.medbank.lt, visit the Bank’s premises, call the Bank’s contact centre and in other cases, where your data are processed.

We confirm that when processing your personal data, the Bank observes:

The Bank may amend this Privacy Policy in the future. Therefore, we recommend that you review it from time to time.

Terms and definitions

The terms used in this Privacy Policy shall be understood as follows:

Other terms used in this Privacy Policy shall be understood as they are defined in the General Data Protection Regulation (EU) 2016/679 and other legislation governing the protection of personal data.

What personal data do we process?

The Bank processes personal data of the following categories:

Purpose and legal basis of the processing of personal data

The Bank processes your personal data for the following purposes:

The Bank processes your personal data on the following legal grounds defined in the General Data Protection Regulation (EU) 2016/679:

How do we collect/obtain your personal data?

The Bank processes your personal data, which are:

Please note that if you provide personal data of other persons related to you (e.g. family members, company employees, shareholders, guarantor, etc.), you are required to inform those persons of the processing of their personal data by the Bank and to make them aware of this Privacy Policy.

The Bank obtains your personal data from other sources, such as:

Who do we transfer your personal data to?

The Bank may transfer your personal data to the following entities:

The Bank ensures that your personal data are transmitted strictly in accordance with applicable legislation. Service providers (processors) used by the Bank process your data only for strictly defined purposes, which are set out in personal data processing contract.

In which countries are your personal data processed?

Generally, your personal data are processed and stored in the territory of the European Union (EU) and the European Economic Area (EEA). However, in some cases, we may need to transfer your personal data to other countries outside the EU and EEA, which may apply a lower-level data protection policy. In such cases, the Bank will take all steps to ensure the security of transferred personal data.

In case of transfer of personal data to countries outside the EU and EEA, one of the following security measures will be applied:

Profiling and automated decision making

In certain cases, the Bank carries out profiling and makes decisions by automated means.

What personal data processing principles do we adhere to?

When processing personal data, the Bank adheres to the following principles:

How do we protect your personal data?

When processing your personal data, we implement reasonable organisational and technical measures to protect your personal data against accidental or unlawful destruction, alteration, disclosure as well as from any other unauthorised form of processing. The Bank requires that the processors used by the Bank for the processing of your personal data or which have access to your personal data when providing services to the Bank take appropriate technical and organisational measures, which would ensure the security and integrity of your personal data.

However, please note that even though we take appropriate steps to protect your personal data, no website or e-mail can guarantee complete security due to reasons beyond the control of the Bank. Therefore, you should be careful and assume the risk associated with providing personal data to the Bank on the website or by e-mail.

How long do we keep your personal data?

We store your personal data for the time period required to achieve the set objective. Once the set objective is achieved, your personal data are deleted, unless the applicable legislation requires that the Bank store the data for the time period prescribed by such legislation. Once this period expires, the data are deleted/destroyed so that they cannot be reproduced. Specific personal data retention periods depend on the legal grounds for processing of your personal data. Video recording data are stored up to 90 days.

Cookies, alerts and other similar technologies

During your visit to the Bank’s website www.medbank.lt, we want to provide you with information and functions that are tailored specifically to your needs. This requires the use of cookies. Cookies are small information elements stored on your web browser. They help the Bank to recognize you as a previous visitor to the Bank’s website, save your visit history and adapt the content accordingly. Cookies also help the Bank to ensure smooth functioning of the Bank’s website, allow monitoring the duration and frequency of the visits to the website and collecting statistical information on the number of visitors to the website. Analysis of such data helps us improve the Bank’s website and make it more comfortable for your use.

Cookies used on the Bank’s website www.medbank.lt:

Cookie name

Purpose of the cookie

Moment of creation and validity period

Data used

major_type

A cookie intended to ensure the functionality of the website: saves the selected type of client.

Upon entering the website.

Valid until leaving the website.

“Private” or “business” client type selected on the client’s website.

dc_gtm_UA-#

A cookie intended to ensure the functionality of the website. This cookie allows to upload part of the software code.

Upon entering the website.

Valid until leaving the website.

Does not store any user information.

_mb_cookie

A cookie intended to remember the user’s choice of cookie policy.

Upon acceptance of the cookie policy.

Valid for one year.

1/0

medbank_prod_ls

XSRF-TOKEN

Cookies for identification of sessions.

Upon entering the website.

Valid for 4 hours.

Unique identifier of random characters.

_ga

Cookies for identification of the user.

Upon entering the website.

Valid for 2 years.

Unique identifier of random characters.

_gid

Cookies for identification of the user.

Upon entering the website.

Valid for 24 hours.

Unique identifier of random characters.

fr

A cookie used to create a user and display targeted advertisements on third-party websites, such as facebook.com, etc.

Upon entering the website.

Valid for 3 months.

An encrypted Facebook identifier and browser identifier.

_fbp

A cookie used to create a user and display targeted advertisements on third-party websites, such as facebook.com, etc.

Upon entering the website.

Valid until the end of session.

An encrypted Facebook identifier and browser identifier.

partner-*

Cookies used to collect anonymous information for statistic and advertising purposes.

Valid from 1 day to several years.

Internet provider information, browser type, etc.

_gat_UA

A cookie for collecting information about traffic.

Upon entering the website.

Valid for 8 hours.

Unique identifier of random characters.

Cookie name

major_type

Purpose of the cookie

A cookie intended to ensure the functionality of the website: saves the selected type of client.

Moment of creation and validity period

Upon entering the website.

Valid until leaving the website.

Data used

“Private” or “business” client type selected on the client’s website.

Cookie name

dc_gtm_UA-#

Purpose of the cookie

A cookie intended to ensure the functionality of the website. This cookie allows to upload part of the software code.

Moment of creation and validity period

Upon entering the website.

Valid until leaving the website.

Data used

Does not store any user information.

Cookie name

_mb_cookie

Purpose of the cookie

A cookie intended to remember the user’s choice of cookie policy.

Moment of creation and validity period

Upon acceptance of the cookie policy.

Valid for one year.

Data used

1/0

Cookie name

medbank_prod_ls

XSRF-TOKEN

Purpose of the cookie

Cookies for identification of sessions.

Moment of creation and validity period

Upon entering the website.

Valid for 4 hours.

Data used

Unique identifier of random characters.

Cookie name

_ga

Purpose of the cookie

Cookies for identification of the user.

Moment of creation and validity period

Upon entering the website.

Valid for 2 years.

Data used

Unique identifier of random characters.

Cookie name

_gid

Purpose of the cookie

Cookies for identification of the user.

Moment of creation and validity period

Upon entering the website.

Valid for 24 hours.

Data used

Unique identifier of random characters.

Cookie name

fr

Purpose of the cookie

A cookie used to create a user and display targeted advertisements on third-party websites, such as facebook.com, etc.

Moment of creation and validity period

Upon entering the website.

Valid for 3 months.

Data used

An encrypted Facebook identifier and browser identifier.

Cookie name

_fbp

Purpose of the cookie

A cookie used to create a user and display targeted advertisements on third-party websites, such as facebook.com, etc.

Moment of creation and validity period

Upon entering the website.

Valid until the end of session.

Data used

An encrypted Facebook identifier and browser identifier.

Cookie name

partner-*

Purpose of the cookie

Cookies used to collect anonymous information for statistic and advertising purposes.

Moment of creation and validity period

Valid from 1 day to several years.

Data used

Internet provider information, browser type, etc.

Cookie name

_gat_UA

Purpose of the cookie

A cookie for collecting information about traffic.

Moment of creation and validity period

Upon entering the website.

Valid for 8 hours.

Data used

Unique identifier of random characters.

When using a browser to access the content provided by the Bank, you can configure it to accept all cookies, reject all cookies or alert you when a cookie is sent. All browsers are different. If you do not know how to change cookie settings, see the browser’s help menu. The operating system of your device may have additional cookie controls. If you do not want to have your information collected using cookies, use the simple procedure offered by most browsers to opt out of using cookies. For more information about managing cookies, please visit http://www.allaboutcookies.org/manage-cookies/. However, please note that some services may be designed to operate only with cookies and once cookies are disabled, you will not be able to use them or certain parts of them.

Beside the cookies used by the Bank, the Bank’s website www.medbank.lt allows certain third parties to place and access cookies on your computer. In such case, the use of cookies is subject to third-party privacy policies.

Please note that the Bank's social network accounts are subject to the cookie policy of the respective social network.

By browsing the Bank’s website www.medbank.lt, you agree that cookies be placed on your computer or other device. You may withdraw your consent at any time by changing your browser settings and deleting saved cookies. Information on how to do this is available on help pages of the browsers:

The Bank’s website www.medbank.lt may contain links to third-party websites. Please note that the Bank is not responsible for the content or privacy protection principles of such websites. Therefore, if a link given on the Bank’s website takes you to another website, you should read its privacy policy.

The Bank website www.medbank.lt contains Facebook and LinkedIn plug-ins and using them requires transfer of your data, such as IP address, to the social network administrator. Further information about how the social network administrators are processing your personal data is available on their websites.

What are your rights?

You, as the data subject whose personal data is processed by the Bank, have the following rights:

The Bank provides the opportunity to exercise the above rights upon identification and verification of your identity. You may exercise your rights by submitting a written request to the Bank at any customer service unit or via the online banking system of the Bank or, in some cases, using specific links given at the bottom of advertising materials provided by the Bank.

The Bank will provide you with information about the steps taken on receipt of your request to exercise the data subject’s rights within one (1) month from receipt of your request. The time limit for the Bank’s response may be extended for two (2) months, taking into account the complexity of the request and the number of requests received by the Bank. In any case, the Bank will inform you about the extension of the time period and the reasons for such extension.

If your requests are clearly unreasonable or disproportionate (e.g. because of their repetitiveness), the Bank has the right to charge a reasonable fee, taking into account the costs of providing information.

The Bank may refuse to allow you to exercise the above rights, where prevention, investigation and detection of crimes or violations of official or professional ethics and the protection of rights and freedoms of other persons must be ensured in the cases provided by law.jj

Contact us

Medicinos Bankas UAB
Pamėnkalnio 40, LT-01114 Vilnius;
Tel. 19 300 (for calls from Lithuania), +370 5 264 48 00 (for calls from abroad)
E-mail: info@medbank.lt

Contact details of the Bank are available on the Bank’s website at https://www.medbank.lt/lt/kontaktai.

If you have any questions regarding the information presented in this Privacy Policy or any other questions related to the processing of your personal data, please contact the designated Data Protection Officer of the Bank by any of the following means:

Final provisions

Websites of other companies in the Bank’s Group which carry out specific functions may contain additional information about privacy.

This Privacy Policy will enter into force on 1 October 2019.

The Bank has the right to unilaterally amend this Privacy Policy by informing you by a notice published on the Bank’s website www.medbank.lt, by e-mail or a message sent via the online banking system.

This Privacy Policy is publicly available on the Bank’s website www.medbank.lt and can be accessed at any customer service unit of the Bank.

This Privacy Policy will be revised and updated taking into account the changes in legislation and/or Bank’s activities, but at least once every two (2) years. Once the Privacy Policy is updated, we will inform you by posting a notice on the Bank’s website www.medbank.lt and by other means.

Your browser is out of date. For better experience please update it here: Chrome, Firefox, Opera, Safari.

The website uses cookies to ensure high-quality website performance. By clicking the button “I accept” or continuing to browse the site, you confirm your consent. To find out more about cookies please click here.

I accept