Privacy Policy
We value your privacy and are committed to protecting your personal data
Last Updated: May 6, 2025
This Privacy Policy (hereinafter – the "Policy") explains how we collect, use, store and otherwise process your personal data when you visit our website or use our products and services. The Policy has been prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation, "GDPR"), the Law on Legal Protection of Personal Data of the Republic of Lithuania and other applicable legislation.
Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.
1.Definitions
**"Personal data"** – any information relating to an identified or identifiable natural person.
**"Data subject" (you, your)** – a natural person whose personal data we process.
**"Processing"** – any operation performed on personal data (collection, recording, storage, disclosure, etc.).
**"Third party"** – a natural or legal person, public authority, agency or other body which is not the Data subject, Data controller, Data processor or persons who, under the direct authority of the controller or processor, are authorised to process personal data.
**"Data subject" (you, your)** – a natural person whose personal data we process.
**"Processing"** – any operation performed on personal data (collection, recording, storage, disclosure, etc.).
**"Third party"** – a natural or legal person, public authority, agency or other body which is not the Data subject, Data controller, Data processor or persons who, under the direct authority of the controller or processor, are authorised to process personal data.
2.Personal data we collect
We only collect the personal data necessary to achieve the purposes set out in this Policy:
- **Identity data:** first name, last name.
- **Contact data:** e‑mail address, telephone number, postal address.
- **Payment and accounting data:** bank account number, payment card details (processed by payment service providers), invoice information.
- **Website usage data:** IP address, browser type, access times, pages visited, cookies.
- **Communication data:** your inquiries, feedback, correspondence.
3.Purposes and legal bases of processing
| Purpose | Legal basis (Article 6 GDPR) |
|---|---|
Provision of services and performance of a contract | b) performance of a contract |
Issuing accounting documents | c) legal obligation |
Customer support, responses to inquiries | b) performance of a contract / f) legitimate interest |
Website administration and improvement | f) legitimate interest |
Direct marketing (newsletters, offers) | a) consent / f) legitimate interest |
Compliance with legal requirements, dispute resolution | c) legal obligation / f) legitimate interest |
4.Retention periods
| Category of data | Retention period |
|---|---|
Accounting documents | 10 years after the end of the financial year |
Contractual data | 10 years after the end of the contract |
Direct marketing data | 2 years after your last active action or until consent is withdrawn |
Cookies | as specified in the Cookie Policy |
5.Data disclosure and recipients
Where data is transferred outside the EEA, we apply the safeguards required by GDPR (such as Standard Contractual Clauses).
- **Service providers (Data processors)** – IT infrastructure, payment, accounting, marketing, hosting and related service providers who process data on our behalf and under our instructions.
- **Public authorities** – where required by law or court order.
- **Professional advisers** – auditors, lawyers and similar advisers where necessary to protect our legitimate interests.
6.Cookies
Detailed information on the types of cookies, their validity periods and management instructions is available in our **Cookie Policy**. You can change your browser settings at any time to delete or block cookies, but some website functions may then not work properly.
- ensure the website functions properly;
- remember your preferences;
- analyse traffic and improve our services;
- provide personalised content and advertisements.
7.Your rights
You can exercise your rights by contacting us at [email protected]. We will respond within one month of receiving your request.
- Obtain confirmation whether we process your personal data and access such data.
- Rectify inaccurate or incomplete data.
- Request the erasure of data ("right to be forgotten") or restriction of processing.
- Object to processing based on legitimate interest.
- Receive your provided data in a structured, commonly used and machine‑readable format and transmit those data to another controller (data portability).
- Withdraw consent where processing is based on consent.
- Lodge a complaint with the State Data Protection Inspectorate (vdai.lrv.lt) if you believe your rights have been violated.
8.Data security
We implement appropriate technical and organisational measures to protect personal data against unauthorised destruction, loss, alteration, disclosure or any other unlawful processing. Such measures include access control, firewalls, encryption, employee confidentiality obligations and regular security assessments.
9.Amendments to the Policy
We may revise this Policy from time to time to reflect changes in our practices. The updated Policy will be posted on our website and will apply from the date of publication. Where changes are material, we will inform you separately (e.g. by e‑mail).
Important Notice
This Privacy Policy applies to all services provided by BidDeals. By using our services, you acknowledge that you have read and understood this Policy.
Contact details
If you have any questions, comments or wish to exercise your rights, please contact:
BidDeals
Ateities g. 12
Vilnius, LT-08303, Lietuva
E‑mail: [email protected]
BidDeals
Ateities g. 12
Vilnius, LT-08303, Lietuva
E‑mail: [email protected]
This Policy was approved and published on May 6, 2025.
Have questions about how we handle your data?
Contact Our Support Team