Privacy Policy

This Privacy Policy (hereinafter referred to as the “Privacy Policy”) outlines and explains how we process your personal data.

General information

1. Edita Milaševičiūtė (hereinafter referred to as the Data Controller or Service Provider) is the controller of the dearmemory.lt website (hereinafter referred to as the Website).

2. The Privacy Policy applies to all persons who visit the Website, and the terms and conditions set out therein apply each time you access the content and/or service provided by us, regardless of the device (computer, mobile phone, tablet, etc.) you use.

3. The Data Controller processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the Regulation) and other legal acts regulating the protection of personal data. The terms used in the Privacy Notice have the same meaning as the terms used in these legal acts.

4. If you have any questions about the processing of personal data, requests or comments, don't hesitate to get in touch with us:

   Edita Milaševičiūtė

   Tel. +370 627 31301

   E-mail: info@dearmemory.lt

Sources of the personal data subject

5. The personal data of the data subject, i.e. any information about you that allows us to identify you, is obtained directly from you (when you submit inquiries or orders), or from publicly available sources (e.g. your website or social networks, if it is related to the fulfilment of an order).

Rights of data subjects and their implementation

• 6. Data subjects have the following rights:

• to know (be informed) about the processing of their personal data;

• to get acquainted with their personal data being processed;

• to demand the correction of inaccurate personal data;

• to demand the erasure of personal data (“right to be forgotten”);

• to demand the restriction of personal data processing;

• to object to the processing of personal data;

• to demand the transfer of personal data;

• to withdraw consent to the processing of personal data;

• to withdraw consent to the use of their image for marketing or publicity purposes at any time;

• to request the removal of a publicly available image from a website or social networks;

• to receive a copy of their personal data (photos) that you store;

• to demand the deletion of photos when they are no longer necessary for the performance of the contract or there is no reason to continue storing them;

• to file a complaint with the State Data Protection Inspectorate (Valstybin4 duomen7 apsaugos inspekcija) regarding a violation of personal data processing.

  7. To exercise any of your rights specified above, don't hesitate to get in touch with us by phone at +370 627 31301 or by e-mail at info@dearmemory.lt. Your rights will be implemented after confirming your identity in person (by providing a personal identification document: identity card or passport) or by electronic means of communication (e.g., electronic signature).

  8. We may not provide you with the conditions to exercise the above rights when, in cases provided for by law, it is necessary to ensure the prevention, investigation and detection of crimes, violations of official or professional ethics, as well as the protection of the rights and freedoms of the data subject or other persons.

Scope, purpose and legal bases of the personal data processed

9. We also process information about your use of our website. Website usage data may include your IP address, geographical location (approximate), browser type and version, operating system, duration of visit, pages viewed and other technical information related to browsing. We obtain this data through necessary cookies or similar technologies to ensure the proper functioning of the website (e.g. reservation calendar function or service ordering). The basis for processing this data is our legitimate interest in ensuring the technical functionality of the website and providing services. Our website does not use marketing or analytical cookies; therefore, we do not request your consent to the use of cookies. For more detailed information, please refer to the Cookie Policy.

10. In addition to the specific purposes specified in this privacy policy, we may also process your personal data when processing is necessary to comply with legal obligations to which we are subject, as well as when it is necessary to protect your vital interests or those of other natural persons.

Personal data protection

11. To ensure a level of security appropriate to the risk when processing personal data, we implement appropriate technical and organisational measures to ensure adequate security of personal data, including protection against unauthorised or unlawful processing of personal data and against accidental loss, destruction or damage.

12. Personal data is processed only to the extent necessary for the provision of services.

13. The service provider and/or other persons who, in the course of performing their direct functions, become aware of personal data must adhere to the principle of confidentiality and keep secret any information related to personal data that they have become aware of, unless such information is public in accordance with the provisions of legal acts. The obligation to maintain the secrecy of personal data also applies after the termination of individual activities.

Provision of data and lawful data processing

14. Personal data processed by the service provider may not be disclosed to third parties, except in cases provided for by legal acts and the performance of contracts for the provision of personal data, but without violating the principle of confidentiality.

15. Personal data shall not be provided to any third party, except for the data subject himself, in the absence of a written request from the third party (in the case of a one-time provision), a contract concluded with him (in the case of a permanent provision) or other legal basis.

16. Upon receiving a request to provide personal data, the service provider shall assess both the purpose of the request to provide personal data and the proportionality and lawfulness of such a request. Personal data shall be provided to data recipients only to the extent necessary to achieve the specific purpose.

17. Personal data may be transferred only to:

-website hosting service provider;

-e-mail or cloud service provider;

-photo laboratories, printing houses or data media suppliers, when necessary to fulfil an order;

-postal or courier services;

-in cases established by law – to state institutions (e.g., the State Tax Inspectorate).

18. When we use third-party services (e.g. email or cloud providers), these service providers process data in accordance with their own privacy terms and in compliance with the GDPR. The service provider ensures that only trusted and GDPR-compliant service providers are used.

19. When photos or design mockups are stored or transferred using third-party cloud services (e.g. Google Drive, Canva, Mailchimp or WeTransfer), data may be transferred to countries outside the European Economic Area. In such cases, it is ensured that the service providers apply GDPR-compliant safeguards (e.g. standard contractual clauses or an adequacy decision).

20. During public events or excursions, general photographs may be taken that may show participants. Such images are considered informational and are not used for commercial advertising without the express consent of the individual. In such cases, if an event or excursion is photographed, participants will be informed of this beforehand or at the start of the event.

External websites

21. The website may contain links to external websites, i.e. websites of institutions related to Lithuanian tourism (for example, accommodation, catering, leisure and entertainment organisations). When following such links, please note that these websites and the services accessible through them may have their own separate individual privacy policies (rules) for which we cannot assume responsibility; therefore, we recommend that you review them in detail before submitting any of your personal data.

Final Provisions

22. The Privacy Policy is reviewed and updated according to the needs of the Service Provider, but not less than once every two years, or upon changes in the legal acts regulating the processing of personal data. The Service Provider shall inform about the changes made by publishing a new version of the privacy notice on the website.

This Privacy Policy is valid from 12 November 2025.

Service Provider

Edita Milaševičiūtė