This Policy defines the rules applicable to the collection, use, and processing of Personal Data, which the Company follows in the course of its activities and is intended for individuals who use our services.
Privacy policy
GENERAL INFORMATION
INTRODUCTION
In this Privacy Policy (hereinafter - the Policy), information is provided on how UAB “Germalita accounting & consulting” (hereinafter - UAB “Germalita accounting & consulting”, the Company, We), acting as a data controller, processes Personal Data.
TERMS
Personal Data - any information that allows us to identify you directly or indirectly.
Personal Data - any information that allows us to identify you directly or indirectly, including but not limited to your first name, last name, contact details, address, or any other information related to the provision of services or the purchase of goods.
Processing of Personal Data – means any operation performed on Personal Data, including its collection, recording, organization, storage, modification, disclosure, review, use, transfer, combination, blocking, deletion or destruction, regardless of the nature of the operations or the means used.
Data Subject – you – a natural person who uses the services of UAB “Germalita accounting & consulting”, purchases goods from the Company, or is otherwise connected to the Company’s activities. This may include clients of the Company, as well as suppliers, partners, or their representatives.
Data Controller - UAB “Germalita accounting & consulting”, which determines the purposes and means of processing Personal Data when collecting and processing the data of clients, suppliers, partners, or other individuals in the course of its activities – e.g., import, export, logistics, trade, or similar operations.
Data Processor – a natural or legal person that processes Personal Data on behalf of UAB “Germalita accounting & consulting”. The Company may engage data processors (e.g., IT system providers, payment operators, etc.) that process Personal Data on the basis of documented instructions of UAB “Germalita accounting & consulting”, while complying with security requirements and the principles established by the GDPR.
Other terms used in this Privacy Policy shall be understood as they are defined in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (hereinafter – the GDPR), unless otherwise provided in this Privacy Policy.
COLLECTION OF PERSONAL DATA
UAB “Germalita accounting & consulting” collects Personal Data directly from you when:
- you contact us regarding services;
- you conclude agreements with UAB “Germalita accounting & consulting” for the provision of services;
- you use our website;
- you communicate with UAB “Germalita accounting & consulting” by phone, e-mail or other communication channels.
In certain cases, UAB “Germalita accounting & consulting” may obtain your Personal Data from third-party sources if this is necessary for the performance of contractual obligations or where you represent another company or person. In such cases, your Personal Data may be obtained from:
- public registers (e.g., the Register of Legal Entities, the Residents’ Register, the Real Estate Register, the VAT payers’ database, etc.);
- partners or suppliers with whom UAB “Germalita accounting & consulting” cooperates in carrying out its activities;
- financial institutions responsible for payment administration;
- state authorities (e.g., the Customs Department, the State Tax Inspectorate, the State Data Protection Inspectorate), where required by law;
- other lawfully operating database controllers.
UAB “Germalita accounting & consulting” may also collect and store Personal Data by carrying out video surveillance on the Company’s premises or territory in order to ensure the security of property and individuals. Your communication with the Company (e.g., e-mails, telephone calls or other correspondence) may also be stored where necessary for the performance of contracts or to ensure the quality of customer service.
In cases where you provide UAB “Germalita accounting & consulting” with Personal Data of third parties (e.g., when representing another company, indicating contact persons or ordering services for a third party), you undertake to inform these persons about the transfer of their Personal Data to UAB “Germalita accounting & consulting” and about the processing of their data in accordance with this Privacy Policy.
CATEGORIES OF PERSONAL DATA
The categories of Personal Data processed depend on your specific relationship with UAB “Germalita accounting & consulting”. The categories of Personal Data processed by the Company are listed below (non-exhaustive list):
UAB “Germalita accounting & consulting” | |
Identity data: | first name, last name, personal identification number, date of birth, signature and other similar data |
Contact details: | telephone number, e-mail address, address |
Financial data: | bank account number, payment information (where applicable) and other related information |
Contractual data: | information on contracts concluded with us and their performance |
Technical data: | IP address, device information, cookies and browsing history on our website |
Special categories of data (only where there is a legal basis) | information about health where it is related to the provision of services, the administration of employment relationships or other cases permitted by the GDPR |
Data related to participation in legal entities | data showing that you are a member of a company’s management body, you hold shares in a relevant company, and similar information |
Communication and customer service information | correspondence information; recordings of telephone conversations and information related to the call – caller’s number, call metadata (date and time of connection, duration). A telephone call recording also includes the data you provide during the telephone conversation. |
LEGAL GROUNDS FOR PROCESSING PERSONAL DATA
We ensure that Personal Data is processed lawfully, fairly and in a transparent manner and is collected for specified, explicit and legitimate purposes. Personal Data is generally processed on the following legal grounds:
- Performance of a contract (Article 6(1)(b) GDPR) is one of the main legal bases on which we process Personal Data in order to provide you with services. This includes processing necessary to take steps at the request of the Data Subject prior to entering into a contract, as well as for the conclusion, modification, performance, administration or termination of a contract.
- Compliance with a legal obligation (Article 6(1)(c) GDPR) is the processing of Personal Data where the Data Controller is subject to a legal obligation under applicable laws (e.g., requirements of accounting, tax or law-enforcement authorities).
- Legitimate interests (Article 6(1)(f) GDPR) – the processing of Personal Data is based on the Data Controller’s legitimate interests which are not overridden by the interests or fundamental rights and freedoms of the Data Subject.
- Your consent. In cases where we ask you to provide consent to the processing of Personal Data, you will be separately informed about the purpose of such processing. You may withdraw your consent at any time.
DATA RECIPIENTS
We process your Personal Data securely and do not transfer it to any unauthorised persons. Some of the Personal Data we process may be transferred to other persons in the cases set out below. We provide a description of typical situations in which Personal Data may be transferred.
UAB “Germalita accounting & consulting” processes your Personal Data securely and ensures that it is not transferred to any unauthorised persons. However, in certain cases, in order to comply with legal requirements, provide services or ensure the efficiency of our operations, we may transfer your Personal Data to the recipients listed below:
A. State authorities where required by law
Your Personal Data may be transferred to competent governmental or supervisory authorities where this is required under applicable law. Such cases may include:
- the State Tax Inspectorate (VMI) – where it is necessary to provide data on financial transactions carried out by the Company, taxes paid or received, or other data related to tax administration;
- law enforcement authorities (e.g., the police, the prosecutor’s office, courts) – where it is necessary to ensure compliance with legal acts, investigate or prevent legal violations, enforce court decisions or carry out other actions provided for by law;
- supervisory authorities (e.g., the State Data Protection Inspectorate, the Competition Council) – where issues related to data protection, competition or other regulated areas are being examined.
B. Our service providers that process data on our behalf
In order to ensure smooth operation, we cooperate with various service providers who may process your Personal Data on our behalf in compliance with data protection requirements. These may include:
- IT service providers – companies responsible for the maintenance of our information systems, data storage, server hosting and protection from cyber threats;
- payment administration service providers – where data processing is required for the execution of payments for our services;
- legal, audit and consulting service providers – our legal advisors, auditors or consultants may receive certain data where this is necessary to ensure compliance with legal requirements or to protect our legitimate interests.
C. Law enforcement authorities where necessary to comply with legal requirements or protect our rights
In certain cases, we may transfer your data to law enforcement or other competent authorities if:
- we have a legal obligation to provide information on certain transactions, activities or obligations;
- the Company is involved in legal disputes, litigation or other proceedings where the data is necessary to protect our rights or interests;
- there is suspicion of possible fraud, abuse or other legal violations, and information from our databases is needed for investigation.
We do not transfer Personal Data to third countries (non-EU/EEA countries), except in cases where appropriate data protection safeguards are ensured in accordance with the requirements of the GDPR.
Below is an exemplary (non-exhaustive) list of entities to which Personal Data may be transferred (Data Recipients – Data Controllers, Data Recipients – Data Processors):
Data Recipients – Data Controllers | Data Recipients – Data Processors |
Entities managing registers (e.g., State Enterprise Centre of Registers – Residents’ Register, Register of Legal Entities, Register of Beneficial Owners of Legal Entities, Real Estate Register, “Sodra”, VMI) – where it is necessary to obtain or provide data related to accounting and tax administration services. State bodies and institutions (e.g., tax administration authorities, supervisory authorities, law enforcement authorities, bailiffs, notaries, courts, out-of-court dispute resolution bodies) – where required by law or in the course of legal proceedings. Entities providing financial and legal advice, audit and other services – where the Company cooperates with external specialists in accounting, taxation, law, audit and finance. Banks, payment service providers – to ensure the proper execution of financial operations. Other entities related to communication, telecommunications and IT services – where the Company uses their services. | IT service providers – companies that administer the Company’s information systems, maintain accounting software, servers, ensure data protection and the provision of electronic services. Tax and accounting software providers – to ensure smooth processing of accounting data. Electronic document and data storage service providers – where Personal Data is stored on cloud platforms or in other digital systems. Legal service providers and debt collection companies – where it is necessary to carry out legal procedures related to the administration of debtors or dispute resolution. Document archiving and storage service providers – where documents are processed in accordance with legal requirements. |
DATA PROCESSING TERRITORY
As a rule, your Personal Data is processed and stored within the territory of the European Union (hereinafter – the EU) and the European Economic Area (EEA), but in some cases we may need to transfer your Personal Data to other countries outside the EU and EEA where a lower level of data protection may apply. In such cases, we make every effort to ensure that the level of protection of the Personal Data transferred is equivalent to that guaranteed in Lithuania.
Personal Data may be transferred and processed outside the EU/EEA where there is a legal basis for the transfer and the situation meets at least one of the following criteria:
- the non-EU/EEA country where the Data Recipient is located ensures an adequate level of Personal Data protection as determined by a decision of the European Commission;
- the Data Controller or Data Processor implements appropriate data security measures, for example, Personal Data is transferred on the basis of an agreement that includes standard data protection clauses approved by the European Commission or other standard clauses approved in accordance with the established procedure, a code of conduct or where the Data Recipient has been granted a certificate;
- derogations apply, for example, where the client has explicitly consented to the transfer of Personal Data, the transfer of Personal Data is necessary for the performance of a contract with the client or to take steps at the request of the client prior to entering into a contract, the Personal Data must be transferred for the establishment, exercise or defence of legal claims or for important reasons of public interest.
RETENTION PERIOD
We store your Personal Data for as long as necessary to achieve the specified purpose. Once the purpose has been achieved, your Personal Data is deleted or anonymised, except where applicable legal acts require us to store Personal Data for a period specified in those acts. After the expiry of this period, the Personal Data is deleted/destroyed so that it can no longer be reproduced or is modified so that it can no longer be linked to a specific individual. The specific retention periods of your Personal Data depend on the legal basis for processing your Personal Data.
Below are examples of Personal Data retention periods:
Category of Personal Data | Retention period |
Personal Data related to the provision of services (accounting, tax administration, consultancy) | 10 years after the end of the contract with the client, based on the requirements of the Law on Accounting of the Republic of Lithuania |
Data related to the fulfilment of legal obligations (tax returns, invoices, financial documents) | 10 years from the date of submission or creation of the documents, pursuant to the Law on Tax Administration of the Republic of Lithuania |
Personal Data related to the conclusion and performance of contracts with clients and partners | 10 years from the end of the contract, unless a longer retention period is provided for by legal acts |
Personal Data related to telephone call recordings | 3 months from the date of recording, unless there is a reason to retain it longer (e.g., in case of a dispute) |
Although you may terminate the service contract and stop using our services, some of your Personal Data will be stored until the expiry of the retention periods set out in legal acts. This may be necessary to comply with requirements relating to accounting, tax administration, legal obligations or dispute resolution.
PURPOSES AND GROUNDS OF DATA PROCESSING
IDENTITY VERIFICATION
In order to properly provide accounting and consultancy services, in some cases we need to verify your identity or the identity of your representative. This may be required when concluding a service agreement, fulfilling legal obligations (e.g., in relation to tax and accounting regulation) or to ensure transparent and secure cooperation.
For the purpose of identity verification, we may ask you to provide a valid identity document or other necessary documents. We may also verify your identity in official state registers. Throughout the period of cooperation, we must ensure that the data we hold about you is accurate and up to date, and therefore it may be necessary to periodically update the information provided.
Identity verification purpose, legal basis and data recipients:
Purpose | Legal basis | Data recipients or categories of data recipients |
To verify your identity in order to ensure the proper provision of services | Performance of a contract Article 6(1)(b) GDPR Legal obligation Article 6(1)(c) GDPR | State authorities (e.g., VMI, State Enterprise Centre of Registers), audit service providers |
ACCOUNTING AND BOOKKEEPING SERVICES
UAB “Germalita accounting & consulting” provides accounting, financial reporting, payroll calculation, tax accounting and declaration services to various companies and natural persons. In the course of providing these services, UAB “Germalita accounting & consulting” may process Personal Data of its clients, their employees and representatives in order to ensure compliance with legal requirements, proper tax calculation, payroll administration and the preparation of financial statements.
The list of Personal Data processed may include:
- First name, last name, personal identification number – where this is necessary for payroll, tax calculation, invoicing or the preparation of other financial documents;
- Contact details (telephone number, e-mail address, residential address) – where necessary for communication regarding accounting or tax-related matters;
- Bank account number – where this is required for payroll or the administration of other financial transfers;
- Data relating to the employment contract – position, type of employment contract, salary, social insurance contributions, leave data, etc., necessary for correct payroll calculation and declaration of employment-related taxes;
- Tax information – data declared regarding income, payable or paid taxes;
- Invoices, accounting documents and other financial information – required for financial accounting and reporting, as well as for income and expenditure accounting.
In providing accounting and bookkeeping services, UAB “Germalita accounting & consulting” processes the Personal Data of its clients and their representatives in accordance with applicable legal acts, including the Law on Accounting of the Republic of Lithuania, the Value Added Tax Law, the Law on Corporate Income Tax and other related legal acts.
Personal Data is collected and processed for the proper performance of the service contract and for the fulfilment of legal obligations related to accounting, financial reporting, tax calculation and declaration requirements. UAB “Germalita accounting & consulting” may also provide such data to competent state authorities (e.g., the State Tax Inspectorate, “Sodra”, the Bank of Lithuania) where required by law.
Purpose | Legal basis | Data recipients or categories of data recipients |
Bookkeeping of clients and preparation of financial statements | Performance of a contract (Article 6(1)(b) GDPR) Legal obligation (Article 6(1)(c) GDPR) | State Tax Inspectorate (VMI), “Sodra”, Bank of Lithuania, audit companies, legal and financial consultants |
Payroll calculation and administration | Legal obligation (Article 6(1)(c) GDPR) Legitimate interest (Article 6(1)(f) GDPR) | Banks (for payroll transfers), VMI, “Sodra”, State Labour Inspectorate, courts (in case of legal disputes on remuneration), auditors, payroll system providers |
Preparation and submission of tax returns and other financial documents to state authorities | Legal obligation (Article 6(1)(c) GDPR) | VMI, “Sodra”, Bank of Lithuania, Financial Crime Investigation Service (FNTT), auditors, legal consultants |
COMPANY INCORPORATION SERVICES
UAB “Germalita accounting & consulting” provides company incorporation services, which include the registration of a legal entity, preparation of incorporation documents, consultations on the selection of the most appropriate business form and handling of other formalities related to company incorporation. In order to properly provide these services and comply with legal requirements, UAB “Germalita accounting & consulting” processes the Personal Data of future company founders, directors and other related persons.
Personal Data processed may include:
First name, last name, personal identification number – required for the preparation of company incorporation documents, registration with the relevant authorities and official communication with state institutions;
Contact details (telephone number, e-mail address, residential address) – necessary for communication with the client regarding the company incorporation process, registration, provision of legal and administrative information;
Copy of an identity document – required for identity verification where this is requested by legal acts or registration authorities;
Company incorporation documents – including incorporation agreements, articles of association, lists of shareholders and other data related to the company;
Bank account data – where necessary for the payment of share capital contributions or other financial procedures during registration;
Information on the company’s activities and structure – including legal status, composition of management bodies, nature of activities.
UAB “Germalita accounting & consulting” processes Personal Data in accordance with the Civil Code, the Law on Companies, the Law on Small Partnerships, the Law on Accounting, the Law on Tax Administration and other related legal acts.
Purpose | Legal basis | Data recipients or categories of data recipients |
Preparation of company incorporation documents and their submission to register authorities | Performance of a contract (Article 6(1)(b) GDPR) Legal obligation (Article 6(1)(c) GDPR) | Centre of Registers, State Tax Inspectorate, “Sodra” |
Identity verification during the company incorporation process | Legal obligation (Article 6(1)(c) GDPR) | Notaries, lawyers, state authorities |
Archiving of incorporation documents in accordance with legal acts | Legal obligation (Article 6(1)(c) GDPR) | Document storage service providers of UAB “Germalita accounting & consulting” |
CONSULTANCY SERVICES
UAB “Germalita accounting & consulting” provides business consulting services that help companies and individuals address accounting, tax and company incorporation issues. In the course of providing consultancy services, UAB “Germalita accounting & consulting” may process Personal Data of clients and their representatives in order to ensure compliance with legal requirements and provide qualified and accurate advice.
The Personal Data processed may include:
First name, last name, personal identification number – where necessary to identify the client and conclude a consultancy services agreement;
Contact details (telephone number, e-mail address, residential address) – necessary for communication with the client regarding the provision of consultations;
Financial and tax information – where necessary to assess the client’s financial situation, tax history or to provide optimisation solutions;
Company incorporation, reorganisation or liquidation documents – where the client seeks advice on the incorporation or restructuring of a legal entity;
Information about the client’s relationship with the State Tax Inspectorate (VMI) or other institutions – where the consultation relates to the completion of tax returns, resolution of tax disputes or other regulatory matters.
UAB “Germalita accounting & consulting” processes Personal Data in accordance with the Law on Tax Administration of the Republic of Lithuania, the Law on Accounting, the Law on Companies, the Law on Small Partnerships, the Law on Financial Statements and other related legal acts.
Purpose | Legal basis | Data recipients or categories of data recipients |
Consulting clients on accounting, tax, company incorporation and related matters (including identification of clients, communication, document preparation and provision of recommendations) | Performance of a contract Article 6(1)(b) GDPR
| State Tax Inspectorate, Centre of Registers, “Sodra”, notaries, audit institutions, IT and accounting system service providers (data processors) |
IMPLEMENTATION OF INTERNATIONAL SANCTIONS
UAB “Germalita accounting & consulting” also processes Personal Data to ensure compliance with legal acts regulating the implementation of international sanctions. For this purpose, automated decision-making, including profiling, may be applied, i.e., an assessment is made as to whether an individual is subject to international sanctions. Automated decision-making is carried out in order to determine whether the Data Subject falls within the scope of persons (or is a specific person) to whom international sanctions apply.
For the above purpose, your identity data (e.g., first name, last name, date of birth, personal identification number, residential address information, nationality, country of residence, etc.) is processed throughout the duration of your relationship with UAB “Germalita accounting & consulting”.
In order to ensure compliance with international sanctions, Personal Data of natural persons related to legal entity clients is also processed and the ultimate beneficial owner(s) (natural person(s)) is (are) identified and checked against international sanctions lists.
Services cannot be provided to sanctioned persons. If it is established that a person is subject to international sanctions, the competent authorities (the Financial Crime Investigation Service under the Ministry of the Interior of the Republic of Lithuania) are notified where required. If a positive match is found for international sanctions, we also have the right to terminate contractual relations with such persons.
Purpose | Legal basis | Data recipients or categories of data recipients |
Implementation of international sanctions | Legal obligation Article 6(1)(c) GDPR Other legal acts | Service providers managing databases of sanctioned persons State authorities and institutions |
ANTI-MONEY LAUNDERING AND COUNTER-TERRORIST FINANCING
When providing certain services, UAB “Germalita accounting & consulting” may be classified as an entity subject to the requirements of the Law on the Prevention of Money Laundering and Terrorist Financing. In accordance with applicable legal acts, UAB “Germalita accounting & consulting” is obliged to implement risk-based measures to prevent money laundering and terrorist financing by ensuring client identification, monitoring and compliance with legal requirements.
The Personal Data processed may include:
First name, last name, personal identification number – in order to identify the client;
Identity document data – first name, last name, date of birth, nationality, document number, date of issue and expiry date;
Information on beneficial owners – first name, last name, nationality, information on the number of shares or portion of voting rights, etc.;
Residential address, contact details (telephone number, e-mail address);
Bank account data – where necessary for checking transactions and executing payments;
- Information on business relationships, their purpose and nature;
- Information on financial transactions and their origin – where required by legal acts, etc.
Personal Data is processed to ensure that UAB “Germalita accounting & consulting” complies with applicable anti-money laundering and counter-terrorist financing requirements, including client identification, determination of the purpose and nature of business relationships, monitoring of suspicious financial transactions and reporting to the competent authorities, as well as data and document retention in accordance with legal acts.
Purpose | Legal basis | Data recipients or categories of data recipients |
Ensuring the prevention of money laundering and terrorist financing | Legal obligation Article 6(1)(c) GDPR Law of the Republic of Lithuania on the Prevention of Money Laundering and Terrorist Financing | State Tax Inspectorate, Financial Crime Investigation Service (FNTT), State Enterprise Centre of Registers |
CUSTOMER SERVICE AND RECORDING OF TELEPHONE CALLS
In order to ensure high-quality customer service, smooth cooperation and proper provision of services, the Company processes Personal Data related to customer inquiries, consultations and telephone communication. When you contact us by phone, or in certain cases when our employees call you, the telephone conversation is recorded. We record telephone conversations and process Personal Data for quality and contract performance purposes so that, in the event of a dispute, we have evidence of communication. Telephone conversations are recorded only after informing you in advance.
For this purpose, the Company may process the following Personal Data: caller’s first name, last name, telephone number, e-mail address, call metadata (e.g., time of connection, duration), content of the conversation and the essence of the request. Depending on the specific case, information on services previously provided may also be processed in order to respond to customer inquiries promptly and accurately.
When making inquiries by e-mail, the following Personal Data is processed: first name, last name, e-mail address, the inquiry and the information provided in it, as well as other information related to the inquiry (e.g., date of sending the e-mail, date and content of the reply, etc.).
Purpose | Legal basis | Data recipients or categories of data recipients |
To provide the Client with information on a topic of their choice or information related to the contract | Performance of a contract Article 6(1)(b) GDPR | Our data processors – telecommunications service providers |
For purposes of quality of consultations, accuracy of information, complaint handling and preservation of evidence | Legitimate interest in preserving communication Article 6(1)(f) GDPR | Our data processors – telecommunications service providers |
MANAGEMENT OF ORGANISATIONAL PROCESSES
Your Personal Data is processed in order to properly manage and organise the Company’s internal processes, as well as to protect our legitimate interests.
UAB “Germalita accounting & consulting” processes Personal Data to ensure the smooth management of internal processes, including the administration of services provided, invoicing and payment control, administration of employment relationships and fulfilment of legal requirements. These processes are necessary to properly organise the Company’s activities, comply with legal requirements and protect legitimate interests.
Purpose | Legal basis | Data recipients or categories of data recipients |
Invoicing and accounting (for services to clients, debt management) | Performance of a contract – Article 6(1)(b) GDPR Legal obligation – Article 6(1)(c) GDPR | State Tax Inspectorate (VMI), accounting and IT system and cloud service providers, artificial intelligence service providers where their services or tools are used |
Administration of employment relationships (employment of staff, calculation of remuneration, provision of mandatory data to state authorities) | Performance of a contract – Article 6(1)(b) GDPR Legal obligation – Article 6(1)(c) GDPR | “Sodra”, VMI, accounting service providers, IT system and cloud service providers |
Fulfilment of legal requirements (submission of documents to courts, dispute resolution, administration of legal claims) | Legal obligation – Article 6(1)(c) GDPR Legitimate interest – Article 6(1)(f) GDPR | Courts, bailiffs, law firms, state authorities |
Internal administration of the Company (work organisation, staff performance evaluation, internal reporting) | Legitimate interest – Article 6(1)(f) and (b) GDPR | Internal administration systems, IT service providers, cloud service providers |
YOUR RIGHTS AND CONTACT INFORMATION
YOUR RIGHTS AND THEIR EXERCISE
You have the rights set out in the GDPR and described below, and as a Data Subject you have the right to contact us on any issues related to the processing of your Personal Data. Please note that some of your rights are not absolute and we may not necessarily implement them unconditionally.
Your rights:
Right of access | You may request confirmation from us as to whether your Personal Data is being processed and, if so, you may access your Personal Data being processed and information about such processing. |
Right to rectification | You may request that inaccurate Personal Data about you be rectified, as well as request that incomplete Personal Data be completed. |
Right to erasure (“right to be forgotten”) | You may request that your Personal Data be erased without undue delay; however, your request does not guarantee that your Personal Data will be erased where we process such data on another legal basis. |
Right to restriction of processing | You may request restriction of the processing of your Personal Data where at least one of the following conditions applies:
|
Right to data portability | You may request to receive your Personal Data in a structured, commonly used and machine-readable format and have the right to transmit those data (or have us transmit them) to another controller. |
Right to object | You have the right to object to the processing of your Personal Data where it is based on our legitimate interests. |
Right not to be subject to automated decision-making, including profiling | You may request that a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, not be applied to you. |
Right to lodge a complaint with a supervisory authority | If you believe that your Personal Data is being processed in breach of your rights and legitimate interests in the field of data protection, you may lodge a complaint with the State Data Protection Inspectorate, whose website is www.vdai.lrv.lt. |
PROCEDURE FOR EXERCISING RIGHTS
We enable you to exercise the above rights after we have identified and verified your identity. You may exercise your rights by submitting a request to UAB “Germalita accounting & consulting” in writing to the address Ulonų g. 3-114, Vilnius, or by e-mail to info@germalita.com. When submitting a request, you must indicate data identifying you, including your personal identification number.
If the Data Subject fails to confirm their identity, the Data Subject’s rights are not implemented. This provision does not apply where the Data Subject requests information about the processing of Personal Data under Articles 13 and 14 of the GDPR.
Information on the processing of your Personal Data is provided free of charge. If your request is manifestly unfounded, repetitive or disproportionate, we may charge a fee corresponding to our administrative costs. We may also ask you to specify your request so that we can respond more quickly. We will respond to your request within 30 days of its receipt. This period may be extended by up to 2 months if your request is complex or if you have submitted a number of requests (in which case we will inform you of the delay).
We may refuse to ensure the exercise of your rights in the cases provided for by applicable legal acts where it is necessary to ensure the prevention, investigation and detection of criminal offences, breaches of official or professional ethics, as well as to protect the rights and freedoms of other persons.
If you believe that your rights have been violated or that your Personal Data has not been processed in the manner described in this Policy, you may lodge a complaint with the State Data Protection Inspectorate, but we recommend that you first contact us using the contact details below.
CONTACT INFORMATION
You have the right to contact UAB “Germalita accounting & consulting” to submit inquiries, requests regarding the exercise of Data Subject rights and complaints regarding the processing of Personal Data.
Contact details of UAB “Germalita accounting & consulting” are published on the website www.germalita.com
VALIDITY AND AMENDMENT OF THE PRIVACY POLICY
As we continuously improve our services, we reserve the right to amend this Privacy Policy at any time. Any changes will be published immediately on this website. Notwithstanding the foregoing, you should regularly check this page for any updates.
Updated as of November 3, 2025.