en
en

Privacy Policy

This privacy policy (hereinafter referred to as the Privacy Policy) explains how and what personal data is collected and processed by the EdTech platform (hereinafter referred to as the Platform), and what rights and choices you have when using the Platform services. Respecting your privacy, we are committed to protecting and processing personal data lawfully, fairly and transparently, in accordance with the provisions of the European Union General Data Protection Regulation (EU) 2016/679 (GDPR) and the Law on the Legal Protection of Personal Data of the Republic of Lithuania. By using the Platform, you confirm that you have read this Privacy Policy. If you do not agree to the terms described below, please do not use the Platform.

Data Controller and Contacts

Data Controller: Mokslink online platform (hereinafter referred to as the Platform) is intended for conducting research in the field of education. The Platform is administered by UAB “Mokslink”, legal entity code 307022059, registered office address V. Nagevičiaus g. 3, LT-08237 Vilnius, Lithuania (hereinafter referred to as the Company). If you have any questions related to the processing of your personal data, or if you wish to exercise your rights (described below), please contact us by e-mail info@mokslik.com

What data do we collect?

  • Registration data: information that you provide when registering on the Platform and creating an account. This may include your name, surname, e-mail address, age (date of birth) and account type (Participant, Researcher or Client). This data is necessary to create and administer your account, and to provide you with access to the relevant functions of the Platform.

  • Profile and activity data: information about your activities and use of the Platform. For example, if you are a Participant, we record which studies you participated in, what answers you provided, what tasks you performed. If you are a Researcher, we store data about the research projects you created, published research descriptions, collected research data and results obtained. If you are a Client, we process information about your submitted research requests, commissioned research and related communications. This data is generated when you use the Platform services and is necessary for us to perform the functions of the Platform (e.g., allowing Researchers to see the answers provided by Participants, Clients – research results, etc.).

  • Payment data: data related to financial transactions on the Platform. In the case of a Participant, this may be information necessary for the payment of remuneration (e.g., bank account number, history of payment transactions through the Platform). In the case of a Client – ​​data about payments made to the Company, invoice data, company details, contact person for financial matters. We also keep records of all payments and withdrawals made on the Platform (amounts, dates, associated accounts). (Note: we do not directly collect or store payment card data - if payments are made through payment intermediaries, such as banks or payment platforms, your card data is processed by those service providers and is not visible to us.)

  • Technical and browsing data: when you use the Platform, certain technical data is automatically collected: your IP address, browser type and version, device operating system, visit statistics (when you logged in, how long you spent logged in, which pages of the Platform you visited, what actions you performed). We also use cookies and other tracking technologies (see the section “Use of Cookies”) that help us recognize you as a user of the Platform, track your actions on the Platform and collect usage-related statistics.

  • Communication data: if you communicate with us by email. by email, through Platform messages or in other ways (e.g., you contact customer service, provide feedback or requests), we may store the content of such communication and contact details (e.g., email address, name). This data is processed in order to be able to contact you, answer questions, resolve problems and improve the quality of services (e.g., taking into account feedback).

  • We do not collect special categories of personal data (e.g., information about racial/ethnic origin, political opinions, religious beliefs, health, sex life) about Platform users, unless you voluntarily provide such information (e.g., when answering questions in a survey - however, Researchers should not request excessive or sensitive information without a good reason). We also do not knowingly process data about persons under the age of 14 without the consent of their parents or guardians - if you are under 14, your parents or guardians should manage your account and give consent to the processing of your data.

Use of Cookies

We use cookies and similar tracking technologies on the Platform to ensure the smooth functioning of the website and to improve your experience. Cookies are small text files that our server saves on your device when you visit the Platform. Cookies help us recognize your device, remember your settings and understand how you use our services.

We use the following types of cookies:

  • Essential (technical) cookies: these cookies are essential for the functioning of the Platform. They ensure that you can log in to your account, use basic functions (e.g., browse surveys, submit responses, navigate the website). Without these cookies, the Platform would not be able to function properly. The legal basis for their use is our legitimate interest in ensuring the technical functioning of the website and the provision of services (GDPR Art. 6 (1) (f)). These cookies are saved when you visit the Platform without your separate consent.

  • Analytical (statistical) cookies: These cookies collect information about how Users use the Platform – for example, which pages are visited most often, how much time is spent on certain parts of the Platform, what errors are encountered. We use this data anonymously, for statistical purposes, so that we can better understand the needs of users and improve the functionality and content of the Platform. For analytical cookies (if we use them), we usually use our own internal tools or trusted third-party service providers who process the data on our behalf (e.g. anonymous analytics platforms). The legal basis for using these cookies is your consent (GDPR Art. 6 (1) (a)). This means that we will only set analytical cookies with your explicit consent (e.g. by clicking "Agree" in the cookie notice). You have the right to withdraw your consent to analytical cookies at any time – by deleting them from your browser or by changing your cookie settings (see the section "Managing Consent" below).

  • Functional (preference) cookies: these cookies allow the Platform to remember your choices and settings to make your browsing experience more convenient. For example, they can store information about your chosen language, login region or other individual preferences so that you do not have to set them again the next time you visit. The legal basis for functional cookies is usually the legitimate interest in ensuring a quality and tailored service (GDPR Art. 6 (1) (f)), but if required by law, we may also ask for your consent.

  • Advertising cookies: we do not currently use any third-party advertising or targeted marketing cookies on the Platform, as we do not collect data for such purposes and do not transfer it to external advertising partners. If we decide to use this type of cookies in the future (to provide you with personalized offers or advertising), we will do so only after obtaining your prior consent and clearly informing you about such use of data.

  • Your cookie choices: You have the right to control the use of cookies. Most browsers automatically accept cookies, but you can change your browser settings to refuse cookies or to ask for your permission each time before a cookie is saved. You can also delete cookies that have already been saved at any time. Please note that if you disable essential and functional cookies, some features of the Platform may not work or may not work properly. For information on how to manage cookies, please refer to your browser's help documentation.

  • You can find more details about the specific cookies used on the Platform (names, expiration dates, etc.) in a separate Cookie Policy (if one is provided) or by contacting us.

Why and how do we use your data?

We use your personal data only for clearly defined purposes and always on a lawful basis. The main purposes of data processing (and the corresponding legal bases) are as follows:

  • Account creation and administration: we process registration data in order to create your account on the Platform, identify you as a User and provide you with the opportunity to use the relevant services according to your account type. Legal basis: performance of the contract with you (i.e. the Platform Terms of Use) (GDPR Art. 6 (1) (b)).

  • Provision of services – organization and participation in research: we process the data necessary for the implementation of research on the Platform. This includes: collection and transmission of research responses submitted by the Participant to the Researcher/Client; storage and provision of research materials prepared by the Researcher to the Participants; processing research tasks created by the Client. In this way, we ensure that all participants of the Platform (Participants, Researchers, Clients) can cooperate with each other. Legal basis: performance of the contract (ensuring your participation or conducting the research in accordance with the essence of the Platform services). In some cases, an additional basis may be your consent - for example, the Participant's decision to participate in a specific research may be considered as consent to participate in that research; if certain of your data is collected during the research for more sensitive purposes, the Researcher may request your separate consent.

  • Payment of remuneration and payment administration: we process payment data in order to be able to pay the Participants the remuneration for the research, issue and administer invoices to Customers, and register the payments made. This includes using the payment details you provide when disbursing funds or receiving payments, as well as processing accounting documents (e.g. issuing and storing invoices in accordance with accounting requirements). Legal basis: performance of the contract (the Company must settle accounts with you or provide an opportunity to settle accounts with others in accordance with the terms of service of the Platform) and legal obligation (Article 6 (1) (c) GDPR, e.g. fulfillment of tax and accounting obligations).

  • Maintenance and improvement of the operation of the Platform: we analyze technical and navigation data in order to maintain the security and stability of the Platform, detect and eliminate disruptions, and improve the user experience. For example, we can monitor how many Users are using the Platform at the same time, which functions are most convenient for them, and which ones may cause difficulties - based on this information, we implement innovations and corrections. To the extent possible, we use aggregated or pseudonymized data (which does not identify a specific person) for these purposes. Legal basis: our legitimate interest in improving and developing the services and ensuring their security (Article 6 (1) (f) GDPR).

  • Communication with Users: We use your contact details (e.g. email) and communication history to contact you and provide you with information related to the Platform services. This includes: account registration confirmations, notifications about reward transfers, information about updates to the Privacy Policy or Terms of Use, responses to your inquiries, research progress notifications (e.g. reminders for Participants to complete the questionnaire), etc. These notifications are not of an advertising nature - they are intended to ensure the smooth provision of services, and are therefore sent in accordance with the performance of the contract or legitimate interest in maintaining contact with the client. (If we ever intend to use your contacts for marketing purposes, we would do so only after obtaining your express consent and providing you with the opportunity to withdraw such consent at any time.)

  • Compliance with legal obligations: in certain cases, we are required to process your data in order to comply with the requirements of the laws applicable to us. For example, legal acts may oblige us to store certain documents confirming transactions or payments concluded with you for a specified period, to cooperate with law enforcement authorities by providing them with information, etc. Legal basis: legal obligation (GDPR Art. 6 (1) (c)).


We do not use your personal data for any other purposes not mentioned above, unless we obtain your consent or have a clear legal basis for this. If we plan to process personal data for a new purpose in the future, we will inform you in advance and, if necessary, obtain your consent.

Data retention periods

We store personal data for no longer than is necessary to achieve the stated purposes, or for as long as we are required to store it by law. The retention periods are determined taking into account the type of data and the purpose of processing:

  • Account (registration) data: stored as long as you use the Platform and have an active account. If you decide to stop using the Platform and delete your account (or ask us to do so), or if your account is terminated due to a violation of the Rules, we will generally delete or anonymize your personal data related to the account within 30 days of account deactivation. However, we may store certain basic information (e.g. name, email) for a longer period if necessary to protect the legitimate interests of the Company or to comply with legal obligations (e.g. to resolve disputes, prevent fraud).

  • Research data: Responses provided by participants and other data collected during research are stored as long as they are needed for the purposes of the research. Upon completion of a specific study, the Investigator and/or the Client are usually provided with aggregated or anonymized results, and personal data (e.g., information that allows the identification of individual Participants) are removed or irretrievably anonymized. In some cases, study data may be stored for longer periods for scientific or statistical purposes, but then they will be processed only anonymously, making it impossible to identify specific participants.

  • Payment data: financial data on payments made (e.g., copies of invoices, accounting registers, information on remuneration paid to Participants) are stored for as long as required by financial accounting laws. In Lithuania, accounting documents must generally be stored for 10 years after the end of the financial year for which the documents are available. After the mandatory retention period, these data are securely destroyed.

  • Technical and browsing data: login logs, system records are stored for a shorter period – usually up to 1 year. Cookie data is stored according to its type: session cookies – until you close your browser; persistent cookies – several months or years (specific terms are specified in the cookie policy or settings). Anonymous analytical data may be stored for a longer period (in order to analyze longer-term trends), but they are no longer associated with a specific user.

  • Communication data: the history of correspondence (e.g. your email or text messages) is generally stored until the issue or complaint you communicated with is resolved, and for 12 months thereafter (for the purpose of handling possible additional issues or disputes). After this period, unless legal acts require longer storage (e.g. due to legal disputes), the communication data is deleted.


After the specified terms have expired or when the data is no longer needed for the intended purposes, we securely destroy it or anonymize it (irreversibly separate it from your identity) so that it cannot be associated with you.

Your rights

As a data subject, you have the following rights in relation to your personal data:

  • Right to access data: You have the right to obtain confirmation as to whether we are processing your personal data and, if so, the right to access the data processed and information about the data processing (purposes, what data we process, to whom we provide it, how long we store it, etc.).

  • Right to rectification: You have the right to request that we correct incorrect or inaccurate personal data about you and, taking into account the purposes of the processing, complete incomplete data.

  • Right to erasure (“right to be forgotten”): You have the right to request that we destroy your personal data if it is no longer necessary for the purposes for which it was collected, or if you believe that we are processing the data unlawfully, or on other grounds provided for in the GDPR. Please note that the right to erasure is not absolute – for example, we will not be able to delete data that we are required to retain by law or that is necessary to assert, exercise or defend legal claims.

  • Right to restriction of processing: In certain circumstances, you have the right to request that we temporarily restrict the processing of your personal data (except for storage). This can be done, for example, when you contest the accuracy of the data (our processing will be restricted until we verify the accuracy of the data) or when you object to the processing on the basis of a legitimate interest (processing is restricted until we assess whether our interests are overridden).

  • Right to data portability: You have the right to receive the personal data you have provided to the Company in a structured, commonly used and machine-readable format and (where technically feasible) the right to request that those data be transmitted directly to another service provider. This right only applies to data that we process by automated means based on your consent or the performance of a contract (Terms of Use).

  • Right to object to processing: You have the right to object at any time to the processing of your personal data when we do so based on a legitimate interest. Upon receipt of your objection, we will no longer process the data for those purposes unless we can demonstrate compelling legitimate grounds for the continued processing (overriding your interests and rights) or the processing is necessary for the establishment, exercise or defence of legal claims.

  • Right to withdraw consent: If we process your data based on your consent (e.g. for the use of optional cookies or for your participation in a particular survey), you have the right to withdraw such consent at any time. Withdrawing consent will not affect the lawfulness of the processing prior to withdrawal (i.e. it does not mean that we processed your data unlawfully prior to withdrawal). If you withdraw consent, we may no longer be able to provide you with certain services you have requested (e.g. if you withdraw your consent to participate in a survey, you will no longer be able to participate in it).

  • Right to lodge a complaint with a supervisory authority: If you believe that we are processing your personal data in breach of the GDPR or other data protection requirements, you have the right to lodge a complaint with a supervisory authority. In Lithuania, this function is performed by the State Data Protection Inspectorate (address: L. Sapiegos g. 17, 10312 Vilnius, e-mail ada@ada.lt, tel. +370 5 271 2804). We recommend that you contact us first – we will try to promptly resolve all your questions or complaints.

  • To exercise your rights or receive additional information about the processing of personal data, you can contact us in writing (by e-mail info@mokslink.com). In your request, clearly indicate your name, surname and what right and to what extent you wish to exercise it. Upon receipt of your request, we will provide a response within 1 month (in complex circumstances or a large number of requests, the deadline may be extended by up to 2 months, we will inform you about this). The exercise of data subjects’ rights is free of charge; however, if your requests are manifestly unfounded or disproportionate, we reserve the right to charge a reasonable fee or refuse to take action (the GDPR provides for this as an exception).

Consent Management

As mentioned above, in some cases we process your personal data based on your consent (e.g. when optional cookies are used or when you agree to participate in a specific study). You have the right to change your consent decision at any time:

  • Changing cookie consent: You can change the cookie settings in your browser at any time - delete already saved cookies or block new ones. Also, if we display a cookie consent banner with choices on the Platform, you can adjust your choices there (e.g. refuse analytical cookies). It is important to know that disabling essential cookies may be difficult or impossible without significantly affecting the functioning of the Platform. For more information about cookie management, please read the help section of your browser.

  • Consent to participate in studies: Participation in each study on the Platform is voluntary. Before participating, you will have the opportunity to familiarize yourself with the study description and terms. If you do not agree to the terms of the study or no longer wish to continue participating in a study that has already begun, you have the right to refuse to participate or withdraw at any time. Please note that if you withdraw from the study after providing some of your data, the Researcher may use the data already collected in an aggregated (anonymous) manner for the results of the study, but will not collect any new data from you.

  • Communication consents: If we have received your consent to receive our newsletters or promotional offers (we do not currently send such messages without consent), you can withdraw such consent at any time. You can do this by clicking on the "Unsubscribe" link in the email you receive or by contacting us directly (by email or phone) and expressing your wish to no longer receive marketing communications.

If you withdraw your consent, we will no longer use your data for the purposes for which you gave your consent. Withdrawal of consent does not affect any data processing that was carried out before the withdrawal of consent. We also note that in certain cases, due to the withdrawal of consent, we may not be able to provide certain services (e.g., if you withdraw your cookie consent, some functions may not work).

Data provision to third parties

We do not sell or disclose your personal data to third parties for their direct marketing or other independent purposes. In certain cases, your data may be transferred to trusted recipients, but only in the following situations:

  • Service providers (data processors): we cooperate with certain external service providers who help us ensure the smooth operation of the Platform and the provision of services. For example, these may be server hosting service companies, data center operators, payment processing service providers, IT system maintenance companies. We may provide such service providers with access to your personal data to the extent necessary to perform their functions. They act on behalf of the Company (as data processors) and may not use your data for their own purposes. Data processing agreements have been concluded with each of them, which oblige them to ensure the protection of personal data in accordance with the requirements of the GDPR.

  • Law enforcement and other government authorities: The Company may disclose your personal data to state institutions, law enforcement bodies or courts if required by law. For example, if we receive an order from a court or authorized authority to provide data related to a Platform user, we will be obliged to provide it. We may also transfer information in order to protect our rights or assets (e.g., to provide data in the event of legal disputes).

  • Business transactions: if the Company reorganizes its activities in the future, is sold or transferred to another entity (e.g., by merger, acquisition or asset sale), your personal data may be transferred to the new owner of the company or another data controller as part of the business assets. In such a case, we will ensure that the confidentiality of your data remains protected, and you will be informed of such a transfer.

It is important to note that in all of the above cases, we transfer (or provide access to) data only in accordance with the requirements of legal acts and after concluding appropriate confidentiality and data protection agreements. Your personal data is not transferred to any other third parties.

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, disclosure, loss or other unlawful processing. These measures include limiting the authority and training of employees who have access to personal data, proper maintenance of the IT infrastructure (use of firewalls, antivirus software, application of secure communication protocols), data encryption (where appropriate) and regular security audits of our systems.

Although we strive to protect your information, no method of transmission over the Internet or storage in the cloud is 100% secure. Therefore, we cannot absolutely guarantee the security of your personal data. In the event of a security incident (e.g. a data breach) that could result in a high risk to your rights or freedoms, we are committed to informing you immediately and taking all necessary measures to contain the consequences, as required by the GDPR.

International Data Transfer

We process and store all of your personal data within the European Union/European Economic Area (EU/EEA). We do not transfer your personal data to third countries (outside the EU/EEA) or international organisations. If we use data processors from other countries for certain data processing activities, we choose them within the EU/EEA (e.g. server providers located in the EU) so that the data remains within European jurisdiction.

If in the future we need to transfer your personal data outside the EU/EEA (for example, we would like to use a service provider based in the USA), we will do so only in accordance with the requirements of Chapter V of the GDPR. In such cases, we will ensure that the recipient in a country outside the EU ensures an adequate level of data protection (e.g. the country has an adequacy decision from the European Commission or we will conclude standard contractual clauses on data protection with the recipient). We will inform you in advance of any such international transfer.

Privacy Policy Changes

We may review and update this Privacy Policy from time to time to reflect the latest information about our data processing practices or changed legal requirements. The most recent version of the Privacy Policy is always posted on the Platform, and its effective date is indicated at the top or bottom of the policy.

If we make material changes (for example, we will start processing your data for new purposes that did not exist before, or we intend to transfer your data to new recipients), we will try to clearly inform you about this in advance. We may do this, for example, by sending a notification to your email or by providing a pop-up message when you log in to the Platform. We recommend that you periodically review this Privacy Policy to always be aware of the latest information about how we process your personal data.

If you continue to use the Platform after changes to the Privacy Policy, you will be deemed to have agreed to the updated terms. If you do not agree with the changed policy, you may stop using the Platform at any time and request that we delete your account and data (in which case we will comply with such request subject to legal data retention obligations).

Connect

Bridging researchers, clients, and participants efficiently.
Email. reach@mokslink.com

© 2024. All rights reserved.