UUENDATUD: 2020-06-18

UAB “Vesta Consulting” (“us”, “we”, “our” or “Vesta Consulting”) is the controller of the personal data you provide to us. We operate the http://localhost/vesta-online/en/ website (“Website”) to provide our users (“you” and “your”) with information about our services (“Services”).

Here we describe how we collect, use and handle your information when you use our Website. By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy.

Please note that this Privacy Policy applies only to the Website. This Website may contain links to other websites not operated or controlled by us. The links from this Website do not imply that we endorse or reviewed the such third-party websites.


  1. aastal 2016 27. aprill Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”);
  2. Law on Legal Protection of the Republic of Lithuania (lt. “ADTAĮ“);
  3. Electronic Communications Law of the Republic of Lithuania (lt. “ERĮ“).

When processing your data, we adhere to the GDPR, ADTAĮ, ERĮ, and other applicable data protection laws.


UAB „Vesta Consulting”

Org. No.: 302746261

Registered address: 1 Bebrų Street, LT-08117 Vilnius, Lithuania

E- mail:

Tel. +370 611 19961



Data protection officer is not appointed.


We collect and use the following information:

  • Personal Data
    When you use our Website, we may collect certain personally identifiable information about you (“ Personal Data”), i.e. when you voluntarily provide such information such as when you use our Services, contact us with inquiries, etc. Wherever we collect Personal Data we provide a link to this Privacy Policy.
  • Usage Data
    We may also collect information that your browser sends whenever you visit our Website or when you access the Website by or through a mobile device (“Usage Data”).This Usage Data may include information such as IP addresses, the type of browser and device you use, the web page you visited before coming to our sites, and identifiers associated with your devices. When you access the Website by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data. Please note that such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. This Website may use such information and pool it with other information to track, for example, the total number of visitors to our Website, the number of visitors to each page of our Website, the domain names of our visitors’ Internet service providers, and how our users use and interact with the Services.
  • Tracking Cookies Data
    We use cookies and similar tracking technologies to track the activity on our Website and hold certain information. Please visit our Cookie Policy to learn more.


We process your Personal Data for the following purposes:

  1. To contact us with inquiries (using contact form).
  2. To contact you for the purposes of direct marketing.

We use Personal Data for various purposes stated in this Privacy Policy. If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services. We and our subsidiaries and affiliates (“Related Companies”) may also use your Personal Data and other personally non-identifiable information collected through the Website to help us improve the content and functionality of the Website, to better understand our users and to improve the Services. We and our Related Companies may use this information to communicate with you regarding the Services.


We process your Personal Data for the purposes described in this Privacy Policy, based on the following legal grounds according to the GDPR, i.e.,

  1. The legal basis for processing is a legitimate interest (GDPR Article 6(1)(f)), i.e., when you fill the form to contact us (to respond to the correspondence);
  2. The legal basis of your consent (GDPR Article 6(1)(b)), i.e. when personal data are processed for direct marketing purposes.


For the purpose of using contact form, we may collect and process the following data:

  1. Mandatory data:
    1. your name;
    2. E- address;
    3. your phone number;
  2. The following optional data may be submitted at the initiative of the person filling out the request form:
    1. other contact information;
    2. other information provided in the message.
  3. For the purpose of direct marketing:
    1. Mandatory data:
      1. your name;
      2. E- address.
    2. The following optional data may be submitted at the initiative of the person:
      1. your phone number;
      2. other contact information.


Please note that in order for us to respond to your correspondence, you must provide us the abovementioned Personal Data.


We receive data:

  1. directly from you, i.e. when you provide your Personal Data through our Website;
  2. from your representative.


We retain your data to the extent required by law. In cases where the law does not set time limits for the retention of personal data, the Personal Data you submit through the Website is stored:

  1. for the purposes of direct marketing – 5 (five) years from the date of giving consent or until the date of withdrawal of consent;
  2. in other cases (when the term for storage of personal data is not specified in legal acts) Personal Data is stored for 3 (three) years from the date of last correspondence with you.


The information you provide to us, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are outside the Republic of Lithuania, please note that we transfer such data to Lithuania and process it here. By voluntarily providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy.

Please note that we will not share your Personal Data with others, without your permission, except for the following purposes:

  1. Others working for us (service providers)

Personal Data may be transferred to certain companies in order to collect, store, hold and manage your Personal Data through cloud based or hosting services or a third party or a party affiliated or connected to us, as reasonable for business purposes. We also use certain trusted third parties (for example, providers of customer support and IT services) to help us improve our Website. These third parties may access information only to perform tasks on our behalf in compliance with this Privacy Policy, and we’ll remain responsible for their handling of your information per our instructions.

  1. Related Companies

We may also share your Personal Data with our Related Companies for purposes consistent with this Privacy Policy.

  1. Business transfers

As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.

  1. Law & Order

We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of us or our users; or (d) protect our property rights.

We do not transfer your Personal Data to third country or international organisation, i.e., outside the European Union, unless required to do so by law or by the courts or as required for one of the purposes set out in this Policy.


Regarding the submission of your Personal Data via our Website and according to the GDPR, you have the following rights:

  • the right to be informed about data processing;
  • the right of access;
  • the right to rectification;
  • the right to erasure (‘right to be forgotten’);
  • the right to data portability;
  • the right to restriction of processing;
  • the right to object.

Please be advised that you have the right to lodge a complaint with a data protection authority (more information at

You also have the right to withdraw your consent (if you have given one) for the processing of your Personal Data at any time. You can withdraw your consent at any time by writing to us at

In order to exercise abovementioned rights, you must submit a request in writing and in a way that identifies you, i.e., affirming your identity. We do not process requests without the ability to identify the applicant.

All requests regarding personal data management can be submitted:

  1. by email;
  2. in person at the company office at 1 Bebrų street, LT-08117, Vilnius;
  3. by post: 1 Bebrų street, LT-08117, Vilnius;

Your requests regarding the implementation of your rights established by the GDPR are considered for no longer than 1 month. Depending on the complexity of the request and the number of requests received, this period may be extended by 2 months.


  1. the request must be legible;
  2. the request must be signed;
  3. the request must include your name, surname, address, and contact information;
  4. the request must specify which right you wish to exercise and, if applicable, include supporting arguments and documents;
  5. if the request is being submitted by a representative, the request must include all abovementioned information as well as your representative’s name, surname, adress, and contact information.


  1. Submitting a request in person at the company office: by presenting an identification document to an employee;
  2. Submitting a request by post: by including a notarized or otherwise legally approved copy of an identification document with the request;
  3. Submitting a request by email: the request must be signed using a qualified email or created using electronic means which allow confirmation of the document’s uniformity and authenticity (excluding requests to rescind your consent to data management according to this Policy).

Signing the request using a qualified email allows us to properly identify you and ensure that the requested information or information about fulfillment (refusal to fulfill) of your requested actions may be revealed only to the intended persons, i.e., you.

Scanned copies of signed requests or complaints submitted by email without qualified email signature do not meet the legal requirements. This kind of submission may hinder the acceptance of your request for consideration. In this case, if you do not have a qualified email, you should submit the request by post or in person at the company office.

Submitting a request through a representative: the request must include documentation affirming the representation or a legally approved copy of such document.


We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. This Privacy Policy was last updated on the date indicated above. Your continued use of the Website after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.