Privacy policy

 This Privacy Policy specifies information collected by UAB “DG21” legal entity code 304079090, address Dariaus ir Girėno g. 21, Vilnius, (hereinafter – the “Company”, “we”), means and sources wherefrom this information is obtained, as well as actions taken with the collected information and measures taken to protect this information by the Company. By using our services and/or by browsing the Company’s website / aero (hereinafter – the “Website”), you agree with the terms of this Privacy Policy.

All personal data are processed in accordance with the requirements of the Lithuanian and European Union data protection legislation, including the General Data Protection Regulation (hereinafter – the “GDPR”) and the Law on Legal Protection of Personal Data of the Republic of Lithuania.

If you have any questions regarding this Privacy Policy or requests regarding the processing of your personal data, please send us an email to: [email protected]


  1. 1. Data controller

The personal data presented on or collected by the Website are managed by the Company, therefore, the Company is the controller of the personal data of the Website Visitor’s, as indicated in the GDPR.

  1. 2. Application of Privacy Policy

This Privacy Policy applies to the Website and to any service provided by the Company through the Website, regardless of what devices are used by the Website visitor (hereinafter – the “Visitor”) to visit the Website or for the usage of Website’s services.

This Privacy Policy does not apply to the links to third parties’ websites provided on the Website, therefore we advise you to review the respective policies of personal data processing, which are valid and applied to such websites.

  1. 3. Purposes of personal data processing

The Company processes the personal data of Visitors for the following purposes:

  1. 4. Basis for personal data processing

The Company processes personal data of Visitors as it is required for:

Visitor consent as a legal basis is used for direct marketing or third parties access to personal data. Visitors may revoke their consent to process their personal data at any time. If the Company does not have other legal basis for the processing of personal data, the Company will terminate processing of such personal data and destroy the data, unless the laws establish the obligation for the Company to retain such personal data.

  1. 5. The Visitors’ personal data collected on the Website

 The Company processes the Visitors’ personal data which is received from the Visitors submitting such data to the Website and using the Website and the services and functions provided by it.

In addition to the following cases, the Company processes the personal data of Visitors when:

The list of personal data collected by the Company is not definite, whereas the Company may need to collect additional personal data due to exceptional cases and depending on the reason of the Visitor’s reference to the Company and in order to achieve the purposes indicated in this Privacy Policy.

When Visitors use the Website, the Company collects and processes the technical data about Visitors by using cookies. To learn more about cookies and how the Company uses them, please visit the Company’s Cookie Policy, shared in Website.

Each time the Visitor visits the Website, the Company collects and processes the following technical personal data:

These technical data are collected automatically, without any additional actions of the Visitor. To learn how to control the scope of data to be collected, visit the Company’s Cookie Policy, shared in Website.

  1. 6. Storage of personal data

We store personal data of Visitors no longer than necessary pursuant to the purposes indicated in this Privacy Policy. Personal data is stored:

Longer storage of Visitor’s personal data may only be performed when:


  1. 7. Transfer of personal data to third parties

Personal data of Visitors will not be sold, provided or otherwise transferred without any legal basis, to third parties, and will not be used for purposes other than those specified in this Privacy Policy. The Company does not use personal data of Visitors in any other way, subject to this Privacy Policy. However, the Company reserves the right to provide information about the Visitor if the Company is required to do so in accordance with the law or if the Company would require legally operating law enforcement agencies or prosecuting authorities. The Company may use third parties for the processing of personal data of Visitors and, for this purpose, transmit information about Visitors to other legal entities, subject to the conditions set forth in this Privacy Policy.

Personal data of Visitors may be transferred to the following third parties:

  1. 8. Processing of the personal data of minors

 The processing of personal data of minors on the basis of consent for the provision of information society services is lawful if the minor is at least 16 years of age. If such a minor is less than 16 years of age, such processing is legal only if the consent was given or processing was allowed by the minor’s parents or carers, and therefore:



 The Company processes personal data of Visitors for direct marketing purposes in the following cases:

For the purpose of direct marketing, we process the following data of our Visitors: name, email address, phone number.

By the Visitor consenting to receive direct marketing communications or subscription to newsletters, you agree to receive the following notices:

Your personal data can be used for direct marketing purposes in the following ways:

Please be advised that you may at any time refuse our newsletters or other promotional messages by clicking on a link to it in our outgoing newsletters and / or other notices.

You can also at any time refuse to receive information about events or any other information we send by sending an email to [email protected] .


 Visitors are given certain rights related to the protection of their personal data. These rights are:

 In order to exercise your rights, please send us an e-mail to: [email protected] or directly. Upon receipt of your request, we may ask you to provide proof of identity, as well as any additional information required by us for the request, which we undertake to delete after identification.

Upon receipt of your request, we will respond to you within 30 calendar days of receipt of your claim and from the date of submission of all documents necessary to prepare the answer.

If we think we need to, we will stop the processing your personal data, except for storage, until your application is resolved. If you have legally waived your consent, we will immediately terminate the processing of your personal data and within no more than 30 calendar days, except in the cases provided for in this privacy policy and in the cases provided for by law when further processing of your data is binding on us by the legislation in force, by our legal obligations, by court judgements or by binding instructions from the authorities.

By refusing to comply with your requirement, we will clearly indicate the grounds for such refusal.

Should you disagree with our actions or the response to your request, you make complain to the competent state authority – the State Data Protection Inspectorate (for more information – In all cases, we recommend that you contact us before making a formal complaint so that we can find the right solution.


The Company, by implementing technical and organizational measures, protects Personal data of Visitors from loss, misuse, unauthorized access, disclosure or modification.

The Company recommends that the Visitors comply with the following minimum safeguards for personal data protection:

Unfortunately, the transmission of any information on the Internet is not completely secure. Although the Company makes efforts to protect the Visitor’s personal data, it is not possible to ensure the full security of personal data when Visitors provide the data on the Website, therefore, Visitors must assume the risks associated with the transfer of personal data to the Website.

In the event of breach on personal data security that may cause a serious threat to the rights or freedoms of the Visitors and after determination of the circumstances under which unauthorized access to personal data has been obtained, the Company will immediately inform the Visitor.


This Privacy Policy may be updated by the Company. The Company will inform Visitors about the updates by submitting a new version of the Privacy Policy on the Website, together with the dates of the corrections made. Visitors should understand that by continuing to use the Website after the updates made to the Privacy Policy, they agree to the changes made.

If any provision of the Privacy Policy is void or inapplicable, this provision shall not affect the legality and validity of the remaining provisions of the Privacy Policy.

This Privacy Policy applies from the date it is posted on the Website.