1. What does this Privacy Policy mean?
In this privacy policy (hereinafter referred to as the Privacy Policy) we provide you with information about how UAB (hereinafter referred to as the Company), processes your personal data obtained: when the Company provides you with real estate development, sale, lease, brokerage or consulting services; when the Company carries out the offering, reservation and sale of real estate objects; in order to perform contracts concluded between the Company and legal or natural persons; in order to promote the Company’s visibility; when you visit the Company’s website or the Company’s social media accounts; when you make enquiries; etc. All the following persons whose data is processed by the Company are referred to as Data Subjects.
2. About the Company
The Company means UAB, legal entity code 303473926, address Panevėžys, Tinklų g. 25, LT-35115, Republic of Lithuania. The data about the Company is collected and stored in the Register of Legal Entities of the Republic of Lithuania. The contact e-mail address for personal data protection issues is info@preneta.lt.
3. What is personal data?
Personal data is any information collected by the Company about a Data Subject that can be used to identify the Data Subject and is stored electronically or otherwise.
Personal data includes any information, including the Data Subject’s name, address, telephone number, email address, information about the real estate object of interest, financing needs, etc., which the Company collects about the Data Subject for the purposes set out in this Privacy Policy or in the Data Subject’s individual consent or agreement with the Company.
4. Processing of personal data in the course of registration for a consultation or property viewing
| Categories of data subjects | Legal basis for data processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Registering a person for a consultation or property viewing | |||||
| Persons who register for a consultation or property viewing | Article 6(1)(a) GDPR (consent), Article 6(1)(b) GDPR (steps prior to entering into a contract) | Name, surname, email, phone number, property or service of interest, preferred consultation / viewing time, additional information (to the extent the person chooses to provide it). | None | IT administrators and suppliers | Until the consultation or viewing takes place, unless the data is necessary for further cooperation |
| Representatives of the persons who register for a consultation or property viewing | Article 6(1)(c) GDPR (legal obligation) or Article 6(1)(f) GDPR (legitimate interest) | Name, surname, email, phone number, relationship to the person (basis of representation) | None | IT administrators and suppliers | Until the consultation or viewing takes place |
5. Provision of real estate services
| Categories of data subjects | Legal basis for data processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Provision of real estate services | |||||
| Clients | Article 6(1)(a) GDPR (consent), Article 6(1)(b) GDPR (contract), Article 6(1)(c) GDPR (legal obligation), Article 6(1)(f) GDPR (legitimate interest) | Name, surname, contact details (telephone number, email address, residential address), information about the real estate object of interest or being purchased / leased, reservation and negotiation data, payment and settlement information (bank account number, price of services or property, date of payment, information contained in invoices and other accounting documents), and other information related to the provision of services. | Supervisory authorities of the data controller, notaries, banks, insurance companies, partners involved in the execution of the transaction | IT administrators and suppliers, accounting company, CRM or customer management system providers | Personal data is stored within the periods established by legal acts and for as long as necessary for contract performance and protection of legitimate interests. |
| Client representatives | Article 6(1)(c) GDPR (legal obligation), Article 6(1)(f) GDPR (legitimate interest) | Name, surname, email, phone number, relationship to the person (basis of representation), other data related to the administration of the transaction or service. | Supervisory authorities of the data controller, notaries, banks, partners involved in the execution of the transaction | IT administrators and suppliers, accounting company | Personal data is stored within the periods established by legal acts. |
6. Sale, lease and reservation of real estate objects
| Categories of data subjects | Legal basis for data processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Sale, lease and reservation of real estate objects | |||||
| Employee / representative of the buyer, tenant or investor | Article 6(1)(f) GDPR (legitimate interest in respect of the counterparty’s employees) | Name, surname, e-mail address, telephone number, content of correspondence | Legal person | None | 10 years from the completion of the specific transaction / end of the contractual relationship |
| Client | Article 6(1)(b) GDPR (contract), Article 6(1)(f) GDPR (legitimate interest) | Name, surname, date of birth, contact details, information about the property of interest or reserved property, creditworthiness or financing information (if provided), other information related to concluding the transaction | Legal person, banks, notaries, partners involved in the execution of the transaction | None | 10 years from the completion of the specific transaction / end of the contractual relationship |
7. Increasing the visibility and marketing of the Company, publicising client testimonials
| Categories of data subjects | Legal basis for data processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Increasing the Company’s visibility and marketing, publicising client testimonials | |||||
| Persons who have agreed to have their personal data made public by the Company | Article 6(1)(a) GDPR (consent) | Name, surname, testimonial about the services provided or property purchased / leased, other information the person chooses to disclose, email address, signature, date of consent. | https://preneta.lt website visitors | Website administrator | 5 years from receipt of consent |
8. Direct marketing
| Categories of data subjects | Legal basis for data processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Direct marketing (service and property offers, invitations to presentations, project updates, etc.) | |||||
| Persons who have consented to direct marketing | Article 6(1)(a) GDPR (consent) | Name, surname, email address, phone number. | None | Supplier of marketing services | Personal data is stored for 2 years after consent is given |
9. Video surveillance for the protection of property and persons
| Categories of data subjects | Legal basis for processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Video surveillance for the protection of property and persons | |||||
| Persons entering the video surveillance field | Article 6(1)(f) GDPR (legitimate interest) | Personal image data (image) | None | Supplier of video surveillance equipment | 14 calendar days after the creation of the video recording |
10. Selection of candidates
| Categories of data subjects | Legal basis for processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Selection of candidates | |||||
| Candidates | Article 6(1)(a) GDPR (consent), Article 6(1)(f) GDPR (person providing the recommendation) | Name, surname, contact details (e-mail, telephone number), preferred position, work experience (workplace, position, contact person / person providing the recommendation), education, and any other details provided in the CV, application form or motivation letter | None | None | 3 days after the conclusion of the contract with the selected candidate or the adoption of the decision to terminate the selection process, unless a separate consent is given for the retention of the candidate’s personal data for the period specified in the consent. |
11. Drawing up and executing the Company’s contracts with legal entities and natural persons
| Categories of data subjects | Legal basis for processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Drawing up and executing contracts with legal entities and natural persons | |||||
| Employees of the legal entity of the counterparty | Article 6(1)(f) GDPR (legitimate interest in relation to the counterparty’s employees), Article 6(1)(b) GDPR (contract in relation to the employee) | Name, surname, e-mail address, telephone number, content of the communication | Supplier legal person | None | 10 years after expiry of the contract |
| Counterparty | Article 6(1)(b) GDPR (contract) | Name, surname, personal identification number, contact details (telephone number, e-mail), individual activity number, bank account details, other information specified in the contract with the natural person | None | None | 10 years after expiry of the contract |
12. Protecting legitimate interests
| Categories of data subjects | Legal basis for processing (Article 6 GDPR) | Categories of personal data | Data recipients (controllers) | Data recipients (processors) | Data storage, deletion periods |
|---|---|---|---|---|---|
| Protecting rights and interests | |||||
| Other party to the dispute, employees of the disputing party | Article 6(1)(f) GDPR (legitimate interest) | Name, surname, position, date, circumstances of the dispute, other information relevant to the dispute | Law enforcement authorities, lawyers, courts, bailiffs | None | 5 years from the date of entry into force of the judgment |
13. Contact us
There are several ways you can contact the Company: by phone or email. We receive, review and respond to all enquiries ourselves. If you contact us, we may process the data you provide to us, i.e. name, surname, email address, telephone number, the content of the enquiry (information you choose to provide to us).
Such data will be processed in order to answer your questions and to process your suggestions. If you do not provide your contact details, we will not be able to contact you and respond to you.
The personal data provided will be stored for 1 year from the date of receipt of the enquiry and/or request, with the exception of information for which other time limits have been set in this Privacy Policy or in legal acts.
Any personal data you provide when you communicate with us is used only for the purposes set out above.
Please note that we may need to contact you by post, email or telephone. Therefore, please notify us of any changes to your personal data.
14. Website
Our website https://preneta.lt uses cookies. A cookie is a small file made up of letters and numbers which we place on your browser or hard drive of your computer with your consent. We use different cookies for different purposes. Cookies also help us to distinguish you from other users of the website, thus ensuring a more pleasant experience and allowing us to improve the website.
Most browsers allow you to reject all cookies, and some browsers only allow you to reject third-party cookies. So you can take advantage of these options. However, please note that blocking all cookies will have a negative impact on the use of the website and without cookies you may not be able to use all the services provided on the website. For more information please visit AllAboutCookies.org or www.google.com/privacy_ads.html.
We may use the following cookies:
| Klaro | https://preneta.lthttps://preneta.lt | Necessary cookie to block the use of other cookies before consent is given. | 1 year | HTTP cookie |
| _fbp | Meta Platforms, Inc. | Used by Facebook to deliver a series of advertisement products such as real-time bidding from third-party advertisers. | 3 months | HTTP cookie |
| _gcl_au | Used by Google Ads for experimenting with advertisement efficiency across websites using their services. | 3 months | HTTP cookie | |
| _ga | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 2 years | HTTP cookie | |
| _ga_# | Used by Google Analytics to collect data on the number of times a user has visited the website as well as the dates for the first and most recent visit. | 2 years | HTTP cookie | |
| _hjSession_# | Hotjar | Collects statistics on visitors’ visits to the website, such as the number of visits, average time spent on the website and which pages have been read. | 1 day | HTTP cookie |
| _hjSessionUser_# | Hotjar | Collects statistics on visitors’ visits to the website, such as the number of visits, average time spent on the website and which pages have been read. | 1 year | HTTP cookie |
15. Social media
The information you provide to us via social media (including notifications, use of the “Like” and “Follow” fields, and other communications) is controlled by the operator of the social network.
Our website contains links to our social media accounts.
We process the information contained in our accounts for the purpose of administering our accounts on the basis of your consent.
We recommend that you read the privacy notices of third parties and contact the service providers directly if you have any questions about their use of your personal data.
16. Receipt and disclosure of data
We receive your data from you, your legal representatives, your devices, our employees, banks and our contractors.
We may disclose information about you to our employees, service providers such as IT professionals, website administrators, etc., if reasonably necessary for the purposes set out in this Privacy Policy, as well as to banks, notaries, partners and other recipients specified in the Policy.
In addition, we may disclose information about you:
- if we are required to do so by law;
- in the event of a proposed sale of the Company’s business (shares) or part of its assets by disclosing your personal data to a potential buyer of the business (shares) or part of it;
- in the event of a sale of the Company’s business (shares) or a substantial part of its assets to a third party.
Except as provided in this Privacy Policy, we do not provide your personal data to any third parties.
The recipients or categories of recipients listed in the Privacy Policy may change, so we recommend that you check the Privacy Policy regularly for any changes.
17. Security of your personal data
Your personal data will be processed in accordance with the requirements set out in the General Data Protection Regulation (EU) 2016/679, the Law on the Legal Protection of Personal Data of the Republic of Lithuania and other legal acts. When processing your personal data, we implement organisational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure, as well as against any other unlawful processing.
18. Your rights
In this section we provide information about your rights in relation to our processing of your personal data and when you can exercise these rights.
The Company will provide you with information about the steps it will take to implement your rights without undue delay, but at the latest within 1 (one) month of receiving your request.
Depending on the complexity of the request and the number of requests received, the above deadline may be extended by a further 2 (two) months. In this case, we will inform you within 1 (one) month of receipt of the request of such extension and the reasons for it. The Company will only refuse to enforce your rights in the cases provided for by law.
19. The right to access your personal data
We want you to fully understand how we use your personal data and not to experience any inconvenience as a result. You can contact us at any time to enquire whether we are processing any of your personal data. If we store or use your personal data in any way, you have the right to access it. To do so, please make a written request to us at the email address set out in this Privacy Policy, provide us with proof of your identity, and observe the principles of fairness and reasonableness when making such a request.
19.1. Right to withdraw consent
If you have given us your explicit consent to the processing of your data, you may withdraw it at any time. You can provide us with information about the withdrawal of your consent by sending us an email at the email address specified in this Privacy Policy.
19.2. Additional rights
Please find below information about additional rights that you may have, which you can exercise by following the procedure described below.
- You have the right to ask us to correct any inaccuracies in the data we hold. In this case, we may ask you to confirm the corrected information.
- You have the right to ask us to erase your personal data. This right shall be exercised in the cases provided for in Article 17 of the General Data Protection Regulation (EU) 2016/679.
- You have the right to ask us to restrict or not to process your personal data:
- for the period necessary to verify the accuracy of your personal data when you make a data accuracy claim;
- when our collection, storage or use of your personal data is unlawful, but you choose not to request erasure;
- when we no longer need your personal data, but you need it to establish, exercise or defend a legal claim;
- for the period necessary to determine whether we have an overriding legal basis to continue processing your personal data if you have exercised your right to object to the processing of your personal data.
- You have the right to the transfer of data processed by automated means and which we have received from you with your consent or for the purposes of concluding a contract. If you choose to make use of this right, we will transfer a copy of the data you have provided to us upon your request.
- You have the right to object to our use of your personal data in accordance with Article 21 of the GDPR. You have the right to object when your personal data is processed on the basis of legitimate interest or for direct marketing purposes.
19.3. The right to request further information
We hope that you will understand that it is very difficult to discuss all the ways in which personal data may be collected and used. We endeavour to provide as clear and comprehensive information as possible and we undertake to update this Privacy Policy as and when the use of personal data changes.
However, if you have any questions about the use of your personal data, we will be happy to answer them or provide any additional information that we may disclose. If you have any specific questions or if you do not understand the information provided, please contact us.
20. Complaints
If you believe that your rights as a Data Subject have been and/or may be violated, please contact us immediately at the email address provided in this Privacy Policy. We assure you that upon receipt of your complaint we will contact you within a reasonable period of time to inform you of the progress of the investigation and subsequently of the outcome.
If you are not satisfied with the outcome of the investigation, you may lodge a complaint with the supervisory authority, the State Data Protection Inspectorate (www.vdai.lrv.lt).
21. Responsibility
You are responsible for the confidentiality of the data you provide to us and for ensuring that the data you provide to us is accurate, correct and complete. If the data you have provided changes, you must inform us immediately by email. Under no circumstances will we be liable for any damage caused to you as a result of you providing incorrect or incomplete personal data or failing to inform us of any changes to such data.
22. Changes to the Privacy Policy
We may update or change this Privacy Policy at any time. You can always find the current version of this Privacy Policy on our website https://preneta.lt.
Privacy Policy last updated on 2026-04-14