Information we may collect about you
We collect different types of information in order to provide you with the Services in a reliable and secure manner.
- Your account information — When you use the Services, we collect and associate with your User Account the information you provide us like your first and last names, email address, mobile phone number, personal code, address, credit card and/or other billing information. We are acting as a Data Controller for this information.
- Your uploaded data (Customer Data)In order to provide the Services, we store, process and transmit your uploaded documents and information related to them. This data is processed solely in accordance with the directions provided by you (Customer or User). We are acting as a Data Processor for this information.
- Your usage information — We collect information related to how you use the Services. We may collect information like IP addresses, the type of browser, device, operating system you use, actions you take when using our Services. We use this information to improve our Services, develop new products, features, and functionality, and ensure the security of your account and your data. Should this purpose require us to process Customer Data, the data will only be used in anonymized or aggregated form. We are acting as a Data Controller for this information.
All this information is stored and processed within the European Union/European Economic Area (EU/EEA).
Disclosure of your information
We do not share any personal information with third parties unless one of the following circumstances applies:
- With your consent — We will only share your personal information when we have your consent.
- With Account Administrators — In case your User Account is managed for you by an Account Administrator, this Account Administrator will have full access to your User Account. Account Administrator is able to access all your uploaded data (Customer Data), suspend or terminate your User Account access and obtain your usage information.
Lawful requests — We may disclose the Personal Data when we have a good belief that access, use,
preservation or disclosure of such information is necessary to:
- satisfy any applicable law, regulation, legal process or enforceable governmental request;
- satisfy applicable laws specially subject to financial entities that have additional obligations for audits;
- enforce our Terms of Service, including investigations of potential violations;
- protect against imminent harm to our rights, property or safety, or that of our users or public as required or permitted by law.
- Business transfers — We may share and/or transfer your Personal Data if we become involved in any merger, acquisition, reorganization, sale of assets, bankruptcy.
All our Services have been designed from the ground up to be secure.
We have implemented an Information Security Management System (ISMS) according to ISO/IEC 27001 which covers a variety of privacy and security policies, processes and procedures, including administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of your Personal and Customer Data.
Our ISMS is being audited every year and is certified by a accredited auditors with certification scope of "online e-signing and e-identification services and custom software development, delivery and provision".
Services are provided through 256-bit encryption TLS connection. All data is stored in data centres that comply with ISO 27001, ISO 27017, ISO 27018 and PCI DSS Level 1 standards. All Customer Data is encrypted using AES-256 encryption algorithm.
Once you delete your User Account from the Services, the content (Customer Data) is deleted within 30 days of the date of closure. Your account information and billing information is retained for a period of 10 years in accordance with the Lithuanian accounting and taxation laws.
You’re acting as a Data Controller for your uploaded data (Customer Data) that contains Personal Data. We are not responsible for any Personal Data stored at the discretion of our Customers, including but not limited to Address Book entries, Invitations or Documents.
We are neither responsible for the manner in which our Customers collect, handle, disclose, distribute nor otherwise processes such data.
The terms for such data processing are defined in the Data Processing Agreement.
Cookies are a small piece of information saved in your browser storage. They are used to improve the customer
experience in pages and help third-party services to work properly.
personal data is not stored.
We use three types of cookies:
- Essential cookies — essential in provision of Services. These cookies ensure that information and services are delivered securely and optimally.
- Performance cookies — to monitor visitor behaviour and help us improve our information and services.
- Functionality cookies — to help improve your experience by providing a more personalised service. Those cookies remember choices, for example, language, preferred login option etc.
Description of cookies
|_utma, _utmb, _utmz||For the collection of information on visits to the website.||Value: “1”||2 years||Performance cookies|
|_ga, _gat||For the collection of information on visits to the website.||A random unique number or string of letters and numbers”||2 years||Performance cookies|
|www.dokobit.com||brand_change_greeting||For the collection of information on visits to the website.||Value: "1"||30 days||Functionality cookies|
|sessionid||Required to allow a user to stay logged in the Services.||A random unique number or string of letters and numbers”||The cookie is deleted when you close your web browser||Essential cookies|
|user_preferences||User preferred options like language, country and last used eID.||A random unique number or string of letters and numbers||12 months||Functionality cookies|
Under the GDPR regulation, data subjects have the following rights:
- the right to access personal data held about them;
- the right to object to processing (for example, direct marketing);
- the right to data portability;
- the right to complain about processing carried out by the data controller;
- the right to object to automated decision making;
- the right for the personal data being updated;
- the right to be forgotten.
You may exercise any of your rights in relation to your personal data by contacting our Data Protection Officer by email at email@example.com.
Changes and Updates
Last update: May 25, 2018