Privacy Policy

Effective from June 26, 2024

This Bankfeed Privacy Policy (the “Policy”) covers any data processing operations performed by UAB Softera Baltic (“Softera”, the “Company”, “we”, or “us”), i.e. the Policy describes and informs how we collect, use and otherwise process personal data of our customers (the “Customer”, „you“).  

This Policy is relevant to our relationship with you as a customer or a potential our customer and so relates to our interactions with you when you (i) visit our website www.bankfeed.com, (ii) communicate to us by various means of communication tools (including forms on our Website, email, etc.) (iii) use our Bankfeed App (by downloading/installing it) or (iv) make an enquiry in any manner or if we provide support for you. 

The Policy aims to inform you how Softera collects and processes the personal data collected through interactions with you as a Customer.  

The Policy should be read alongside and in addition to our Terms of Service,, including Data Processing Addendum, which can be found at https://bankfeed.com/terms-of-service/. 

Softera, is a limited liability company registered in Lithuania, with its office at K. Donelaičio st. 62/ V. Putvinskio st. 53, LT-44248 Kaunas. It is a trusted and experienced Microsoft partner for implementing ERP, CRM and Business Intelligence (Power BI) solutions, as well as developing add-ons such as Bankfeed. Bankfeed is a Microsoft Dynamics 365 Business Central add-on application that saves Customer time by automating the process of financial statement import and incoming payment recognition and reconciliation. 

We respect the privacy of our customers, potential customers, and random visitors to our Website, and we are committed to protecting your personal data. Please take some time to read through this Policy and get acquainted with it, the terms and conditions of processing your personal data, and information about your privacy rights. If you provide personal data on behalf of someone else, you are required to inform them about the processing of their data and to refer them to this Policy. 

This Policy is effective from the Effective Date. It will replace any previously published and/or agreed, if any, terms, policies, and privacy notices regarding the processing and security of personal data. 

Data controller

UAB Softera Baltic, a company incorporated and registered under the laws of Lithuania, with legal entity code 304891889, K. Donelaičio st. 62/ V. Putvinskio st. 53, LT-44248 Kaunas, Lithuania, phone number +370 377 52772, email info@softera.lt.  

Data protection officer 

In case of any questions regarding the processing of your personal data, please contact the Data Protection Officer at birute.navarauskiene@softera.lt. 

Bankfeed / Software – Bankfeed app, a Microsoft Dynamics 365 Business Central add-on application. 

Customer – A legal entity or a person who accepted Bankfeed Terms of Service and is using Bankfeed for commercial purposes. 

Data Controller – the person who, alone or jointly with others, determines the purposes and means of the processing of Personal Data. 

Data Processor – the person who, alone or jointly with others, processes personal data on behalf of the Controller in accordance with its instructions. 

EEA – European Economic Area. 

EU – the European Union.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation). 

Terms of Service (Terms or ToS) – The Terms for provision of Bankfeed services between Softera and the Customer. 

Personal Data – any information relating to a Person who is identified or can be identified directly or indirectly by one or more identifiers based on one or more characteristics of that Person’s physical, physiological, genetic, mental, economic, cultural, or social identity. 

Personal Data Breach – an incident that has resulted in a compromise of the security, confidentiality, availability or integrity of Customer Personal Data resulting in the unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data. 

Processing – any operation involving Personal Data or sets of Personal Data, whether by automated means or non-automated, such as collection, recording, organization, structuring, storage, adaptation or modification, search, consultation, use, disclosure by transmission, dissemination and access, combination, restriction, erasure or destruction. 

Sub-processor – third parties engaged by data controller and authorized under this Addendum to have access to and process Customers Personal Data (to carry on certain data processing operations to provide parts of the Services and any related technical support). 

Supervisory Authority – State Data Protection Inspectorate of the Republic of Lithuania. 

Website – https://bankfeed.com/. 

We may collect, use, store and transfer different kinds of data about you, which are detailed in this Policy. However, we will only collect your personal data when we have legitimate grounds and we will process for a lawful specific purpose. Most commonly, we will collect and process your personal data in the following circumstances: 

• When we need to fulfil the contract we have entered with you, or are about to enter into, and we need to take certain steps at your request. 

• When we need to comply with a legal or regulatory obligation. 

• When it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests. 

• When you consented to data collection and processing for a particular purpose. 

We use different methods to collect data from and about you, including directly collected from you (when you give us data by filling in forms, placing orders with us, or by corresponding with us) or automated technologies or interactions (when you interact with our Website and/or App, we may automatically collect data about your equipment, browsing actions and patterns. We collect this personal data using cookies and similar technologies, so please read our Cookie Policy. 

The personal data we process (collect, use, store, share, etc.) about you depends on the purpose, i.e. we only process personal data necessary for a legitimate and specific purpose. When we refer in this Privacy Policy to “personal data”, we are referring to data about you (or another natural person) from which you could be identified directly, or that makes you identifiable indirectly by one or more factors related and specific to you such as your name, your contact details, online identifier and even your IP address. 

If you communicate with us 

When you contact us concerning Bankfeed or potential partnership with Bankfeed by filling out a request form on our Website, or sending email message to our dedicated email address, or through live chat to contact you and answer your requests and/or provide information, we may process the following: 

• Your name  

• Company name 

• E-mail address 

• Other personal information you provide in your communication with us or that is necessary to respond to your request 

• Technical data (IP address, location, device, browser, etc.)  

The purpose of processing – to answer customers’ and/or potential customers’ questions and requests and to improve the quality of our services 

Legal basis for processing – your consent, which you give by filling in forms and/or sending your requests to us 

The period of data storage – 5 years after you give your consent 

If you become our Customer and use Bankfeed 

When we provide consulting and support services to our Bankfeed Customers, we may process: 

• Your name  

• Company name 

• Position held 

• E-mail address 

• Phone number 

• Other personal information you provide in your communication with us or that is necessary to provide support services 

• Technical data (IP address, location, device, browser, etc.)  

The purpose of processing – to provide support services to our Customers 

Legal basis for processing – the performance of the contract between us and our Customer (Bankfeed user) or the necessity to take steps at the Customer’s request before entering into a contract  

The period of data storage – 10 years after the end of the contractual relationship 

We may engage in various marketing activities and try to improve our services and user experience. We need to know what services are or could be most interesting and useful for our customers, from which countries they come to our Website, how often they return, which browsers they use, on which devices the Website is browsed, and what is their IP address. We may collect that data by using third-party tools such as cookies and other technologies, which allow us to record and analyse statistical data about the use of the Website and/or our Services. More about the cookies we use can be found in our Cookie Policy.  

When you ask us to provide you with information about product updates and news/new products that might be interesting to you, we may process: 

• Your name  

• Company name 

• E-mail address 

The purpose of processing is to send you e-mails (e.g. newsletters and direct marketing advertisements) containing information about new products and Bankfeed updates, as well as other information concerning or related to the activities, products, and services of Softera. 

Legal basis for processing – your consent 

The period of data storage – 5 years after you give your consent 

If you are our Customer, we may use your Personal Data (electronic contact details, email address and/or phone number) obtained from you for direct marketing of our similar products or services that we believe may be of interest to you and ask for your opinion on the quality of the products and services we provide even without your consent. You may object to or opt-out of such communications at any time, free of charge, and in an easy manner by clicking on the link at the end of each such communication. 

If you are a visitor to our Website 

As you visit or interact with our Website, we may automatically collect Technical Data about your device, browsing actions, and patterns. We collect this personal data by using cookies, session logs, and other similar technologies. We use cookies to improve our Website, your browsing experience, and our business decisions. Please see our Cookie Policy for further details. 

• IP address 

• Your location (the country you came from to our Website) 

• Your device you are browsing from and the browser you use 

• What content you are interested in our Website (the sites you visit and the content you read) 

• Referrer website (the website that linked you to our website, if any) 

The purpose of processing – to improve our Website and users’ experience 

Legal basis for processing – our legitimate interest (IT security, marketing) and your consent for processing data for a particular purpose (e.g. the use of cookies) 

The period of data storage – depends on technologies used for data collection 

Links to other sites 

Our Website may contain links to other sites, e.g., social media websites or various Microsoft websites. This Privacy Policy applies only to our Website but not any other third-party websites; therefore, we strongly recommend reviewing the privacy policies of any websites you may reach by following links on our Website. We have no control or responsibilities regarding any content or data processing by controllers of such third-party websites. 

We make every effort to keep your data safe and always require a high level of security and confidentiality from our employees and partners. 

We may share your personal data with our trusted service providers. We use third-party service providers to undertake processing operations on our behalf, and this may require us to share your personal data with them when they provide services to us. If our service providers need access to your personal data to provide services to us, this will be done only according to the Data processing agreements we shall sign with all our data processors. Nevertheless, we will control and shall always remain responsible for using your personal data. The categories of entities that may have access to your personal data: 

• Providers of information technology services such as hosting services, IT support services and other key operational systems  

• Other professional service providers such as accountants, legal consultants, audit firms, etc. 

In some cases, when we provide your personal data to third parties, those third parties may process your personal data as independent data controllers. In such cases, we are not responsible for the processing of your personal data performed by such third parties. 

We may also disclose your data if required by law or where it is necessary for the establishment, exercise, or defence of legal claims, whether in court proceedings or an administrative or out-of-court procedure. 

Bankfeed is also available in countries outside the European Union (EU) or the European Economic Area (EEA) (The United States, Canada, and the UK); thus, in certain situations, we may need to transfer your personal data outside the EU/EEA. Whenever we transfer your data to third countries outside the EEA, we ensure that an adequate degree of protection is afforded to your data by ensuring at least one of the following safeguards is implemented: 

• We will only transfer your data to countries that have privacy laws recognized by the country from which the data are transferred and deemed to provide an adequate level of protection for personal data by the European Commission. 

• We will enter into agreements, such as standard contractual clauses (SCC) and other data transfer agreements, with recipients that require them to provide the same level of protection for the data. 

• We may seek your consent to transfer your personal data for specific purposes. 

• We may rely on other transfer mechanisms approved by authorities in the country from which the data is transferred. 

As a data subject, you have certain rights regarding your personal data.  

• Right of access – you may, at any time, request access to the personal data that we hold and receive a copy of your personal data. This includes the right to be informed whether we process your personal data, what personal data categories are being processed by us, the purpose of our data processing and other information set out in the GDPR. 

• Right to rectification – you may, at any time, request us to correct personal data that we hold about you that you believe is inaccurate or incomplete.  

• Right to erasure (“right to be forgotten”) – you may request to erase your personal data if you believe such data is no longer necessary for the purposes for which it was collected, or if you consider that the processing is unlawful, or if you consider that the personal data must be erased for compliances with a legal obligation. We are not always obliged to erase personal data when asked to do so; if, for any reason, we believe that we have a legitimate purpose and ground to continue the processing of your personal data (e.g. your personal data is still processed for other legitimate purposes, or we have to comply with a legal obligation or for the establishment, exercise or defence of legal claims), your personal data shall not be deleted. 

• Right to restrict processing – you may request to restrict the processing of your personal data in these situations: 
  • if you dispute the accuracy of personal data, we are processing and want us to verify that data’s accuracy 
  • where it has been established that processing of personal data is unlawful, but you do not want us to erase it 
  • where we no longer need to process your personal data (and would otherwise dispose of it), and you request to avoid deletion of personal data for establishing, exercising or defending against legal claims 
  • demand restriction of the processing until assessing the plausibility of our legitimate interest in the specific processing activity 

• Right to data portability – you may request to provide your personal data or transmit that data to another data controller in a structured, commonly used, and machine-readable format if your personal data is being processed by automated means based on your consent or a mutual contractual relationship, but only when it is technically feasible. 

• Right to object – you have a right to object to processing your personal data, including making automated decisions based on your personal data or when processing your personal data is based on our legitimate interest. 

• Right to withdraw consent regarding the processing of personal data – you may withdraw your given consent for the processing of personal data for particular purposes at any time without any adverse effect by informing us by email at hello@bankfeed.com. 

• The right to submit a complaint with a supervisory authority – if you believe we are processing your personal data not in accordance with the legal requirements or you think that your rights have been violated, you can submit a claim with the supervisory authority – State Data Protection Inspectorate (https://vdai.lrv.lt/lt/) 

How can you exercise your rights? 

You can submit a request by mail or e-mail or by submitting it directly to our office. The request must provide sufficient details that allow us to understand, evaluate, and respond to your request properly (should be clear, include your name, information about what rights and to what extent you wish to exercise, how you would like to receive a response, and the request must be signed). If you submit your application electronically, the information will also be provided electronically unless you request in advance to provide it in a different way. 

Your request must also provide sufficient information to allow us to verify your authenticity reasonably. We cannot provide you with the information or exercise your other rights if we cannot verify your identity. If we cannot identify you from the information provided or if we have reasonable doubts about your identity, we may request that you provide additional information about yourself. 

We will endeavour to process your requests and provide you with the information as soon as possible, but no later than 30 calendar days from receipt of your request. If, due to certain circumstances, such as the complexity of the submitted request or the large number of other requests processed by us, the period may be extended up to two months. You will be informed about any extension within one month of receipt of your request and the reasons for the delay. 

Requests are processed, and information and data are provided free of charge. Still, in certain cases, we reserve the right to waive your rights (where the request is unreasonable or, disproportionate or repetitive), or the provision of information may be subject to charges – a reasonable fee considering the administrative costs of responding to your request. 

We may change this Privacy Policy from time to time based on changes to applicable laws and regulations or other requirements applicable to us, changes in technology, or changes to our business. Any changes we make to the Privacy Policy in the future will be posted on our Website at https://bankfeed.com/privacy-policy/. We may also notify you directly via email and/or within the Bankfeed App (under the section “What’s new”) about the changes and the effective date of the updated Policy. We encourage you to review the information and any changes to our Policy regularly. If you continue to use our services after the effective date, you have accepted the changes. 

This Privacy Policy was last updated in June 2024.