Privacy Policy for ArchstoneCounsel.com

Effective Date : June 27, 2025

1. Company Information

Company Name: Rapid response services MB

Registration Number: 306360136

Company Address: V. Nageviciaus g. 3, 08237, Vilnius (Lithuania)

Owner Contact Email: [email protected]

2. General Data Protection Principles

We adhere to the following principles when processing Personal Data, ensuring a robust framework for data protection:

Lawfulness, Fairness, and Transparency : Personal Data is processed lawfully, fairly, and in a transparent manner. This means we are clear about our data practices and obtain consent where necessary.
Purpose Limitation : Personal Data is collected for specified, explicit, and legitimate purposes (as detailed below) and not further processed in a manner that is incompatible with those purposes.
Data Minimization : Personal Data collected is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. We avoid collecting superfluous data.
Accuracy : Personal Data is accurate and, where necessary, kept up to date. We take reasonable steps to ensure inaccurate data is rectified or erased without delay.
Storage Limitation : Personal Data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the Personal Data are processed. This includes adherence to legal and regulatory retention periods.
Integrity and Confidentiality : Personal Data is processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

3. Types of Personal Data Collected

We collect various types of Personal Data, either directly from you or automatically as you interact with our Website and services. Unless otherwise specified, all Data requested by this Website is mandatory, and failure to provide this Data may make it impossible for this Website to provide its services.

The types of Personal Data collected include, but are not limited to:

Contact Information : Email address, first name, last name, phone number, postal address.
Account Information : Login credentials, payment and banking information.
Usage Data : Information about your interaction with our Website, such as IP address, browser type, device information, pages visited, clicks, scrolling, and searches.
Commercial Information : Records of products or services purchased, obtained, or considered; purchasing or consuming histories or tendencies.
Identity Information : Data submitted for identity verification (e.g., government identification documents, photos, date of birth) when required for certain services or regulatory compliance.
Communications Data : Information exchanged during support interactions (e.g., feedback, complaints, call recordings, chat transcripts).
Location Data : Precise or approximate geographic location data derived from your IP address or device settings, used for purposes such as fraud prevention or service localization.
Inferences : Information drawn from other Personal Data to create a profile reflecting consumer preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. This is used for personalization and service improvement.

4. How We Use Your Personal Data

We use your Personal Data for various specific and legitimate purposes, including:

Service Provision : To operate our Website, deliver requested services, process transactions, manage user accounts, and fulfill contractual obligations.
Communication : To respond to your inquiries, provide customer support, send service-related announcements, updates, security alerts, and, where you have consented or where legally permissible, send marketing communications (e.g., newsletters, promotional offers).
Personalization : To customize your experience on our Website, remember your preferences, and provide tailored content, recommendations, and relevant advertisements.
Improvement and Development : To understand how our services are used, diagnose technical issues, analyze usage patterns and performance, conduct research, and develop new features, products, or services.
Security and Fraud Prevention : To protect against unauthorized access, detect and prevent fraudulent activities, investigate potential security breaches, and ensure the security and integrity of our services and user data.
Legal Compliance : To comply with applicable laws, regulations, legal processes, and governmental requests, and to enforce our terms of service and other agreements.
Internal Operations : For purposes such as internal testing, troubleshooting, data analysis, auditing, and machine learning to improve overall user experience and service efficiency.
Business Transfers : To facilitate mergers, acquisitions, or asset sales as part of business continuity planning.

4A. Our Approach to Cookies and Tracking Technologies

We do not use any cookies or similar tracking technologies (such as web beacons or pixels) on our Website to collect Personal Data or track your online activities. Our Website is designed to function without deploying these technologies directly for analytical, advertising, or personalization purposes.

While we utilize third-party services for essential website functionalities (e.g., hosting, security, form submissions, scheduling), these service providers may, in the course of providing their services to us, process certain technical data for their internal operational purposes (e.g., security, load balancing). However, these are not cookies deployed or managed by Rapid response services MB for direct user tracking or profiling on our Website.

5. Detailed Information on the Processing of Personal Data

This section outlines in detail how we collect, use, store, and disclose Personal Data through our website, including data collected directly by us and through third-party services. We are committed to transparency regarding our data processing activities and providing clarity on your rights concerning your Personal Data.

Services Involving Third-Party Data Collection

1. Calendly (Scheduling and Appointment Management)

Calendly provides online scheduling services, allowing users to book appointments with us easily.

Service Provider : Calendly LLC

Personal Data Processed :

Contact Information : Name, email address, phone number (if provided).
Appointment Details : Date, time, type of meeting, and any notes or questions you provide when booking.
Usage Data : IP address, device information, browser type, and interaction data with the scheduling page.
Data related to your availability and preferences, if you are a host.

Purpose of Processing : To facilitate appointment scheduling, manage our calendar, send automated reminders and confirmations, and streamline communication for meetings.

Place of Processing : Calendly processes data on servers located in the United States. Calendly maintains compliance with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF for international data transfers.

Link to Privacy Policy : Calendly Privacy Policy

Category of Personal Information Collected (according to CCPA/CPRA) : Identifiers, Calendar Information, and other information provided by the user.

2. Formspree (Form Submission Handling)

Formspree provides backend services for processing web form submissions without requiring server-side code.

Service Provider : Formspree, Inc.

Personal Data Processed :

Contact Information : Name, email address, and any other data you input into a form.
Technical Data : IP address, user agent (browser and device information), and referrer.

Purpose of Processing : To securely collect and deliver form submissions (e.g., contact forms, feedback forms) from our website to us.

Place of Processing : Formspree processes data on servers primarily located in the United States.

Link to Privacy Policy : Formspree Privacy Policy

Category of Personal Information Collected (according to CCPA/CPRA) : Identifiers, and any other Personal Information categories provided by the user in the form.

3. Zoho (CRM, Email, and Business Applications)

We may utilize various Zoho services, suchando as Zoho CRM for customer relationship management or Zoho Mail for email communication.

Service Provider : Zoho Corporation Pvt. Ltd. (and its global affiliates)

Personal Data Processed :

Contact Information : Names, email addresses, phone numbers, postal addresses.
Account Data : User credentials, payment information, and other data related to your account.
Communication Data : Content of emails, chat messages, or other communications.
Usage Data : IP address, browser type, device information, and interaction data with Zoho services.
Customer Data : Any data you input into Zoho CRM or other Zoho applications (e.g., customer details, sales records, project information).

Purpose of Processing : To manage customer relationships, handle email communications, streamline business operations, provide customer support, and facilitate collaboration.

Place of Processing : Zoho operates data centers in various regions globally, including the United States, Europe (Ireland and Netherlands), India, Australia, China, and Japan. Data may be transferred between these regions. Zoho adheres to various international data transfer mechanisms, including the EU-U.S. Data Privacy Framework.

Link to Privacy Policy : Zoho Privacy Policy

Category of Personal Information Collected (according to CCPA/CPRA) : Identifiers, Commercial Information, Internet or other Electronic Network Activity Information, Geolocation Data, and other information provided by the user or customers.

Infrastructure and Hosting

1. Amazon Web Services (AWS) S3 (Cloud Storage and Static Website Hosting)

Amazon Web Services (AWS) S3 provides scalable cloud storage and is used for hosting our static website files (HTML, CSS, JS, images).

Service Provider : Amazon Web Services, Inc.

Personal Data Processed :

Technical Data : IP addresses, user agent information (browser/device), request timestamps, and referrer URLs related to requests for website content. This data is primarily collected in server access logs for operational, security, and billing purposes.
Content Data : Any Personal Data contained within the static website files themselves (e.g., if you embed Personal Data directly into HTML, which is not recommended).

Purpose of Processing : To store and deliver our website content, ensure website availability and performance, provide data durability, and for billing and operational monitoring of the S3 service.

Place of Processing : AWS operates data centers globally. For your website, data is primarily processed and stored in the **EU (Stockholm) eu-north-1** region. AWS adheres to various international data transfer mechanisms, including the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

Link to Privacy Policy : AWS Privacy Policy

Category of Personal Information Collected (according to CCPA/CPRA) : Internet or other Electronic Network Activity Information.

2. Cloudflare (Content Delivery Network and Security)

Cloudflare provides content delivery network (CDN) services, security features (like DDoS protection), and DNS services, optimizing website performance and security.

Service Provider : Cloudflare, Inc.

Personal Data Processed :

Technical Data : IP addresses, system configuration information, and other data about traffic to and from our website. Cloudflare processes this data for its security and performance services.

Purpose of Processing : To enhance website performance (speed and availability), provide security against malicious attacks (e.g., DDoS), manage DNS, and ensure the reliability of our online services.

Place of Processing : Cloudflare operates a global network of data centers. Data is processed in the data center closest to the user for optimal performance. Cloudflare is certified under the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF for international data transfers.

Link to Privacy Policy : Cloudflare Privacy Policy

Category of Personal Information Collected (according to CCPA/CPRA) : Internet or other Electronic Network Activity Information, Geolocation Data (derived from IP address).

Data Sale and Sharing Disclosure (U.S. State Privacy Laws)

This section addresses specific requirements under U.S. state privacy laws concerning the "sale" or "sharing" of Personal Information.

Please note : While standard data practices for these services are generally for direct communication and service provision, certain interpretations or subsequent uses of the collected data (e.g., for targeted advertising or profiling by the platform provider that extends beyond our direct service provision) could trigger the definitions of "sale" or "sharing" under various U.S. state privacy laws. This statement is included based on the explicit instruction provided, and users should review their specific data practices to ensure full compliance.

"Sale" of Personal Information: We do not intentionally "sell" Personal Information as defined under the CCPA/CPRA, VCDPA, CPA, CTDPA, and UCPA for monetary or other valuable consideration.

"Sharing" of Personal Information (for Cross-Context Behavioral Advertising): We do not intentionally "share" Personal Information for cross-context behavioral advertising as defined under the CCPA/CPRA, VCDPA, CPA, CTDPA, and UCPA.

Your Right to Opt-Out : To the extent that any of our data practices are interpreted as a "sale" or "sharing" under applicable U.S. state privacy laws, you have the right to opt-out. Please refer to Section 10 ("Your Data Protection Rights") for details on how to exercise this right, including the use of Global Privacy Control (GPC) where applicable.

6. Legal Basis for Processing Personal Data (GDPR and LGPD)

For users located in the European Economic Area (EEA), UK, Switzerland, and Brazil, we rely on the following legal bases for processing your Personal Data:

Consent : Where you have given explicit consent for the processing of your Personal Data for one or more specific purposes. You have the right to withdraw your consent at any time by contacting us as provided in Section 13.
Contractual Necessity : Where the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (e.g., processing payments, providing requested services, managing your account).
Legal Obligation : Where the processing is necessary for compliance with a legal obligation to which we are subject (e.g., tax laws, anti-money laundering regulations, responding to lawful governmental requests).
Legitimate Interests : Where the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. Our legitimate interests include, but are not limited to, fraud prevention, improving our services, maintaining security, and direct marketing where permitted by law.
Vital Interests : Where the processing is necessary to protect your vital interests or those of another natural person (e.g., in medical emergencies).
Public Interest : Where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

7. How We Share Your Personal Data

We may share your Personal Data with the following categories of recipients, always ensuring appropriate safeguards are in place:

Service Providers : Third-party companies and individuals who perform services on our behalf, such as scheduling, form submission handling, CRM, email, business applications, hosting, and content delivery network services (e.g., Calendly, Formspree, Zoho, AWS S3, Cloudflare). These service providers are contractually obligated to protect your data and process it only according to our instructions and applicable data protection laws. We enter into Data Processing Agreements (DPAs) with them where required.
Affiliates : Our subsidiaries and affiliated entities, for operational and service delivery purposes, ensuring consistent service and internal administration.
Business Partners : In limited circumstances, with business partners for purposes such as joint marketing, co-sponsored events, or collaborative efforts, but only with your explicit consent where required by law.
Financial Institutions : Banks, payment networks, and other financial partners involved in payment processing and fraud prevention.
Legal and Regulatory Authorities : When required by law or in response to valid requests by public authorities, including to comply with court orders, subpoenas, or to protect our rights, property, or safety, or the rights, property, or safety of our users or the public. This includes responding to law enforcement requests and meeting national security requirements.
During Business Transfers : In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company. We will provide notice before Personal Data is transferred and becomes subject to a different privacy policy.
With Your Consent : To any other third parties with your explicit consent.

We do not sell or rent your Personal Data to third parties for their independent marketing purposes without your explicit consent, except as specifically disclosed in the "Data Sale and Sharing Disclosure" section concerning potential interpretations under U.S. state privacy laws.

8. Data Security

We implement appropriate administrative, technical, and physical safeguards designed to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing. These measures include:

Encryption : Using SSL certificates for data in transit (e.g., HTTPS for website communication) and encryption for data at rest where appropriate (e.g., database encryption).
Access Controls : Restricting access to Personal Data to authorized employees, contractors, and agents who have a legitimate business need to know that information to operate, develop, or improve our services. Access is granted on a "least privilege" basis.
Regular Audits and Assessments : Conducting regular security audits, vulnerability assessments, and penetration tests to identify and address potential security weaknesses.
Vendor Due Diligence : Requiring third-party service providers to adhere to strict data protection standards and sign relevant data processing agreements (DPAs) that ensure they provide adequate security measures.
Physical Security : Maintaining secure data centers and physical access controls to prevent unauthorized access to our infrastructure.
Employee Training : Providing regular data privacy and security training to our employees to ensure they understand their responsibilities in protecting Personal Data.
Incident Response Plan : Maintaining a comprehensive incident response plan to address and mitigate the effects of any potential data breaches promptly.

While we strive to protect your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. You are also responsible for maintaining the confidentiality of your account credentials.

9. Data Retention

We retain your Personal Data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

The retention periods for different types of Personal Data vary based on:

Purpose of Collection : Data collected for contractual performance is retained until the contract is fully performed and for a reasonable period thereafter to address any post-contractual obligations or disputes.
Legal Obligations : Data may be retained for longer periods if required by law or regulation (e.g., tax laws, anti-money laundering regulations, consumer protection laws).
Legitimate Interests : Data collected for our legitimate interests (e.g., fraud prevention, security, analytics) is retained as long as needed to fulfill those purposes, unless a longer retention period is required or permitted by law.
User Deletion : If you exercise your right to deletion, we will delete your data unless an exception applies (e.g., necessary for legal compliance or fraud prevention).
Dispute Resolution : Data may be retained for the duration of any period necessary to allow for the exercise of legal claims, defend against legal claims, or enforce our agreements.

When your Personal Data is no longer required, we will securely dispose of it in accordance with applicable laws and our data retention policies, which may include anonymization or permanent deletion.

10. Your Data Protection Rights

Depending on your location and applicable data protection laws, you may have the following rights regarding your Personal Data. To exercise any of these rights, please contact us using the contact information provided in Section 13. We will respond to your request within the timeframes required by applicable law (e.g., one month for GDPR, 45 days for CCPA/CPRA, VCDPA, CPA, CTDPA, and UCPA). We may need to verify your identity to process your request securely.

For Users in the European Economic Area (EEA), UK, and Switzerland (GDPR, UK GDPR, and FADP):

Right to Access : The right to request copies of your Personal Data that we hold and information about how we process it.
Right to Rectification : The right to request that we correct any inaccurate or incomplete Personal Data without undue delay.
Right to Erasure ("Right to Be Forgotten") : The right to request that we erase your Personal Data under certain conditions (e.g., no longer necessary for the purposes for which it was collected, withdrawal of consent, unlawful processing, or successful objection).
Right to Restriction of Processing : The right to request that we restrict the processing of your Personal Data under certain conditions (e.g., accuracy is contested, processing is unlawful, or you need the data for legal claims but we no longer need it).
Right to Data Portability : The right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible and where processing is based on consent or contract.
Right to Object : The right to object to the processing of your Personal Data, particularly where processing is based on legitimate interests or for direct marketing purposes, including profiling related to direct marketing.
Right to Withdraw Consent : Where processing is based on your consent, the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Right to Lodge a Complaint : The right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you believe your data protection rights have been violated.

Specific Rights under the Swiss Federal Data Protection Act (FADP): In addition to the general rights above, Swiss residents benefit from specific rights under the FADP, which came into force on September 1, 2023. These include:

Right of Access : You have the right to request information about whether personal data concerning you is being processed.
Right to Data Disclosure : You can request to receive your personal data in a common electronic format.
Right to Rectification : You have the right to request the correction of inaccurate or incomplete personal data.
Right to Deletion : You can request the deletion of your personal data under certain conditions (e.g., if the data is no longer necessary for the purpose for which it was collected).
Right to Restriction of Processing : You may request the restriction of processing of your personal data under certain circumstances.
Right to Object : You can object to the processing of your personal data, particularly in cases of direct marketing or where the processing is not based on your consent or a legal obligation.
Right to Portability : You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
Right to Not Be Subject to Automated Individual Decisions : You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless legally permissible.

For California Consumers (CCPA/CPRA):

Right to Know : The right to request that we disclose the categories and/or specific pieces of Personal Information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting, selling, or sharing it, and the categories of third parties to whom we disclose it.
Right to Delete : The right to request the deletion of Personal Information we have collected about you, subject to certain exceptions (e.g., necessary to complete a transaction, comply with legal obligations, or detect security incidents).
Right to Correct Inaccurate Personal Information : The right to request the correction of inaccurate Personal Information that we maintain about you.
Right to Opt-Out of Sale or Sharing : The right to opt-out of the "sale" or "sharing" of your Personal Information (as defined under CCPA/CPRA), including for cross-context behavioral advertising. We provide a clear and conspicuous link on our homepage titled "Do Not Sell or Share My Personal Information."
Right to Limit Use and Disclosure of Sensitive Personal Information : The right to direct us to limit the use and disclosure of your Sensitive Personal Information (e.g., financial account information, precise geolocation) to what is necessary to perform the services you requested.
Right to Non-Discrimination : We will not discriminate against you for exercising any of your CCPA/CPRA rights, including by denying you goods or services, charging different prices, or providing a different level or quality of goods or services.

For Virginia Consumers (VCDPA):

Right to Access : The right to confirm whether we are processing your Personal Data and to access such data.
Right to Correct : The right to correct inaccuracies in your Personal Data.
Right to Delete : The right to delete Personal Data provided by or obtained about you.
Right to Data Portability : The right to obtain a copy of your Personal Data in a portable and, to the extent technically feasible, readily usable format.
Right to Opt-Out : The right to opt-out of the processing of Personal Data for targeted advertising, the sale of Personal Data, or profiling in furtherance of decisions that produce legal or similarly significant effects.

For Colorado Consumers (CPA):

Right to Opt-Out : The right to opt-out of the processing of Personal Data for targeted advertising, the sale of Personal Data, or profiling in furtherance of decisions that produce legal or similarly significant effects. This includes the option to use a Global Privacy Control (GPC) for opt-out requests.
Right to Access : The right to confirm whether we are processing your Personal Data and to access such data.
Right to Correct : The right to correct inaccuracies in your Personal Data.
Right to Delete : The right to delete Personal Data provided by or obtained about you.
Right to Data Portability : The right to obtain a copy of your Personal Data in a portable and, to the extent technically feasible, readily usable format.

For Connecticut Consumers (CTDPA):

Right to Opt-Out : The right to opt-out of the processing of Personal Data for targeted advertising, the sale of Personal Data, or profiling in furtherance of decisions that produce legal or similarly significant effects. This includes the option to use a Global Privacy Control (GPC) for opt-out requests.
Right to Access : The right to confirm whether we are processing your Personal Data and to access such data.
Right to Correct : The right to correct inaccuracies in your Personal Data.
Right to Delete : The right to delete Personal Data provided by or obtained about you.
Right to Data Portability : The right to obtain a copy of your Personal Data in a portable and, to the extent technically feasible, readily usable format.

For Utah Consumers (UCPA):

Right to Opt-Out : The right to opt-out of the processing of Personal Data for targeted advertising or the sale of Personal Data.
Right to Access : The right to confirm whether we are processing your Personal Data and to access such data.
Right to Delete : The right to delete Personal Data provided by you.
Right to Data Portability : The right to obtain a copy of your Personal Data that you provided to us in a portable and, to the extent technically feasible, readily usable format.

For Brazilian Users (LGPD):

Right to Confirmation : The right to obtain confirmation of the existence of processing activities concerning your Personal Data.
Right to Access : The right to obtain free access to your Personal Data.
Right to Correction : The right to request the correction of incomplete, inaccurate, or outdated Personal Data.
Right to Anonymization, Blocking, or Deletion : The right to request the anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed Personal Data.
Right to Portability : The right to data portability to another service or product provider, upon express request, in accordance with regulatory requirements, and subject to commercial and industrial secrets.
Right to Deletion : The right to deletion of Personal Data processed with your consent, except in cases provided by law (e.g., legal obligation to retain).
Right to Information on Sharing : The right to obtain information about public and private entities with which we have shared your Personal Data.
Right to Information on Consent : The right to obtain information about the possibility of not providing consent and the consequences of such denial.
Right to Revoke Consent : The right to revoke your consent at any time.
Right to Oppose Processing : The right to oppose processing based on legitimate interests, if there is non-compliance with the LGPD.

11. International Data Transfers

Given the global nature of the internet and our use of international service providers, your Personal Data may be transferred to, and processed in, countries other than your country of residence, including the United States. These countries may have data protection laws that are different from (and potentially less protective than) the laws of your country.

When transferring your Personal Data internationally, we implement appropriate safeguards to ensure that your data remains protected in accordance with this Privacy Policy and applicable data protection laws. These safeguards may include:

Adequacy Decisions : Relying on countries or regions deemed to provide an adequate level of data protection by relevant authorities (e.g., European Commission adequacy decisions for transfers from the EEA to certain third countries).
Standard Contractual Clauses (SCCs) : Implementing SCCs approved by relevant authorities (e.g., European Commission SCCs for GDPR, UK International Data Transfer Addendum for UK GDPR), which are contractual commitments to protect data even when it leaves the originating jurisdiction.
Data Privacy Framework (DPF) : For transfers to the United States, we and our service providers may rely on certification under the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, which provides a mechanism for lawful data transfers from these regions to the US, subject to specific commitments and oversight.
Binding Corporate Rules (BCRs) : For transfers within our corporate group, if applicable, which are internal codes of conduct approved by data protection authorities for international transfers within multinational corporations.
Your Explicit Consent : Where specific legal mechanisms are in place, we may seek your explicit consent for the transfer after informing you of the potential risks of such transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. When we make changes, we will revise the "Effective Date" at the top of this Policy. If the changes are significant, we will provide a more prominent notice (e.g., a banner on our Website, a pop-up notice, or a direct communication to you via email if we have your contact information) prior to the changes becoming effective. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information and your rights.

13. Contact Us

If you have any questions or concerns about this Privacy Policy, our data processing practices, or if you wish to exercise any of your data protection rights, please contact us using the following details:

By Email: [email protected]

By Mail: V. Nageviciaus g. 3, 08237, Vilnius (Lithuania)

We may require you to verify your identity before responding to certain requests to ensure the security and privacy of your Personal Data.

14. Definitions and Legal References

Personal Data : Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Sensitive Personal Information (as per U.S. state laws) : A subcategory of Personal Information that includes, for example, government identifiers, financial account details (with access credentials), precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, content of mail, email, or text messages (unless the business is the intended recipient), genetic data, biometric information, health information, and sexual orientation.
Processing : Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Controller : The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
Processor : A natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the controller.
GDPR : General Data Protection Regulation (Regulation (EU) 2016/679) – European Union law concerning data protection and privacy for all individual citizens of the European Union and the European Economic Area.
CCPA/CPRA : California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act – A California state statute intended to enhance privacy rights and consumer protection for residents of California.
VCDPA : Virginia Consumer Data Protection Act.
CPA : Colorado Privacy Act.
CTDPA : Connecticut Data Privacy Act.
UCPA : Utah Consumer Privacy Act.
LGPD : Lei Geral de Proteção de Dados (Brazilian General Data Protection Law) – Brazilian law governing data protection and privacy.
Usage Data : Data collected automatically, either generated by the use of the service or from the service infrastructure itself (e.g., the duration of a page visit, interactions with website features).
Latest Update : June 27, 2025