1. Name and address of the controller

The controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Republic of Lithuania and other provisions related to data protection is:

UAB Baltic Virtual Assistants, UAB Baltic Assist Finance, Baltic Assist SP. Z O.O

J. Savickio str. 4,

LT-01108 Vilnius,

Republic of Lithuania

legal entity code 303554716

Phone: +370 647 70357

Email: info@balticassist.com

Website: https://balticassist.com/

  1. Purpose and scope of the privacy policy

This document sets out Baltic Assist policy regarding the collection, use, storage, disclosure of and access to personal data, including sensitive information. This policy aims to foster trust and confidence of our clients, partners and general public in the professionalism of Baltic Assist by ensuring that our company complies with Data Protection legislation and handles personal data in our possession in accordance with the GDPR principles.

This policy describes how Baltic Assist collects, uses, stores, shares and protects personal data and applies to all personal information collected and maintained by Baltic Assist.

  1. Groups of personal data processed by Baltic Assist

Baltic Assist processes the personal data in relation to which Baltic Assist acts as a controller, where it determines the purpose and means of its processing; and the personal data in relation to which Baltic Assist acts as a processor, where it processes the respective data on behalf of its clients which determine the purpose and means of its processing.


  1. Purpose and legal basis for the processing of personal data

Baltic Assist carries out processing of personal data on the legal basis of Art. 6(1) lit. a GDPR when Baltic Assist obtains consent for a specific processing purpose.

Baltic Assist carries out processing of personal data on the legal basis of Art. 6(1) lit. b GDPR when the processing of personal data is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Baltic Assist carries out processing of personal data on the legal basis of Art. 6(1) lit. c GDPR when Baltic Assist is subject to a legal obligation by which processing of personal data is required.

Baltic Assist carries out processing of personal data on the legal basis of Article 6(1) lit. f of the GDPR, when it is necessary for the purposes of the legitimate interests pursued by our company, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Where Article 6(1) lit. f of the GDPR is the legal basis for the processing of personal data the legitimate interest is (a) to carry out business in favor of the well-being of all the employees and shareholders; (b) to protect the rights and interests of UAB Baltic Virtual Assistants.


  1. Categories of personal data concerned

Baltic Assist may collect and process your personal data, such as your name, surname, address, telephone, email and other contact details, and any other information relating to you which you may provide, when you visit our website and look at our services; enquire about our services; contact Baltic Assist via phone, email or website; apply for a position in our company through our website; enter into a contract with us and purchase our services.


  1. Recipients of the personal data and third parties access

We do not sell, trade, or otherwise transfer the personal data to outside parties, except where required with your express consent or where this is necessary and in accordance with applicable law. This does not include trusted third parties who assist us in operating our website, conducting our business, or providing services necessary for the performance of a contract in accordance with art. 6(1) lit. b of the GDPR (e.g. payment services). Trusted third parties have access to your personal data only to the extent necessary for the performance of the above-mentioned tasks on our behalf and are obliged not to disclose or use it for any other purpose. Trusted third parties ensure safeguards and use technical and organizational security measures in accordance with the requirements of the GDPR.


  1. Transfer of personal data to third countries

The data that we collect from you will be only transferred to, and stored at, a destination inside the European Economic Area (EEA). When the transfer of data is necessary in accordance with the contractual or legal obligations, we conduct a review prior to the transfer taking place to ensure that the transfer falls within the limits imposed by the GDPR and the personal data is transferred with legitimate purpose and appropriate safeguards.


  1. Protection of personal data

Having regard to the rules and principles of the Regulation Baltic Assist adopted the appropriate technical and organisational measures in order to ensure the protection of the rights of the data subjects; the personal data against unlawful or unauthorised access, accidental loss or destruction, damage, unlawful or unauthorised use and disclosure. All our staff and employees who work or have access to personal data have received adequate training.

  1. The storage period

We process and store the personal data only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which Baltic Assist is subject to. We have a retention policy for personal data, that we adhere to, in line with legal and statutory requirements. After expiration of the storage period, the corresponding data is routinely deleted. We also may retain your information for the period of time needed for Baltic Assist to pursue legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.

  1. The rights of data subjects in relation to personal data processing

a) Right of confirmation

Each data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed.

b) Right of access

Each data subject shall have the right to obtain from the controller free information about his or her personal data stored at any time and a copy of this information. Furthermore, the data subject shall have the right to access to the following information:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • the existence of automated decision-making, including profiling and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject. 

Furthermore, the data subject shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organisation. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.

c) Right to rectification

Each data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

d) Right to be forgotten

Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing;
  • the data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
  • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

e) Right of restriction of processing

Each data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

  • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
  • the data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

f) Right to data portability

Each data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to the controller in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on the consent or contract concluded with the data subject and personal data are being processed by automated means.

g) Right to object

Each data subject shall have the right to object the processing of the personal data related to him or her when such processing is based on point Article 6(1) lit e or f of the GDPR. If the data subject submit such request, the controller without undue delay terminates actions of the processing free of charge, except cases, where the controller proves that the personal data are processed for compelling legitimate grounds, which override the interests, rights and freedoms of the data subject or on purpose to declare, execute or defend legal claims.

h) Right to withdraw data protection consent

Each data subject shall have the right to withdraw his or her consent to processing of his or her personal data at any time.

If a data subject wishes to exercise any of the above-mentioned rights, he or she may, at any time, contact Baltic Assist at gdpr@balticassist.com


  1. Changes to Privacy Policy

Baltic Assist reserves the right to update our Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. New version of Privacy Policy becomes effective once posted on this page. We encourage you to periodically review this Privacy Policy to stay informed about our information practices.


  1. The right to lodge a complaint with a supervisory authority

As a data subject you have a right to file a complaint concerning the processing of personal data with the Lithuanian Data Protection Agency:

Valstybinė duomenų apsaugos inspekcija

L.Sapiegos g. 17,

10312 Vilnius

Tel.: +370 5 271 2804, +370 5 279 1445

Faks.: +370 5 261 9494

Email: ada@ada.lt


  1. Contact us

By using our website or contacting us, you consent to our Privacy Policy. We respect your right to control the personal information of yours that we hold, therefore, we encourage you to contact us in case you wish to modify or delete your personal data and for any questions about our Privacy Policy at gdpr@balticassist.com.


Our website uses cookies, as described below. By using our website, or by clicking on “Agree” button, you consent to our use of cookies in accordance with this Cookie Policy unless you have disabled cookies in your browser settings. You may revoke consent in relation to this Cookies Policy at any time by deleting the cookies stored on the computer through the configuration and settings of your Internet browser, as listed below.


  1. Description of cookies

Cookies are small bits of data, which are stored on the user’s computer or any device by the web browser. Based on the browser, this data is stored either in small separate files or in a common file, which records the data of browsed websites. Cookies are used by numerous advanced websites in Lithuania and around the globe and can be stored only when your device settings allow it. There are different types of cookies, and websites would not function without them in the way you are used to them functioning. For example, not using cookies, which confirm that you are logged in, would mean that the website would either not know that it needs to show your profile, or the website would repeatedly display “Error: You must log in” since it would not recognize that you are logged in.


  1. Cookie usage on our website

We use the following types of cookies on our website:

  • Technical and performance enhancing cookies, which allow our website to function correctly and enable you to browse the web page, platform, or application and use the different options or service on it. Some functions of our website may not be available without this type of cookies.
  • Analytical cookies, which collect information on how you use our website, e.g., visited pages and your behavior on our website. They allow us to remember the user’s actions taken on the website (for instance, the language settings), as well as to collect the overall statistics of how often the website is visited.
  • Functional cookies, which record your preferences in order to improve browsing quality and provide enhanced and more personalised experience on our website.
  • Advertising cookies, which are used to send advertising messages in line with the preferences shown during navigation on our website.


We use third-party cookies on balticassist.com to improve the functionality of our website. These cookies, along with collected information, are not managed and controlled by Baltic Assist, but exclusively by each provider. This information is managed and controlled by third-party companies according to what is indicated in the relative privacy policies.

Our website uses third-party Google Analytics cookies, a statistical analysis service provided and managed by Google that makes it possible to analyze your behavior on the site. You can find the privacy policy of Google Analytics, clicking on the links below:


Our website uses third-party Facebook advertising cookies designed by Facebook to deliver a series of advertisement products on Facebook. You can find the Facebook privacy policy on:


Our website uses third-party HubSpot cookies to deliver customer support on our website. You can find HubSpot’s privacy policy on:


  1. List of cookies used on https://balticassist.com:

In accordance with new legislation, we have prepared a detailed description of cookies used on our website so that you can decide for yourself if they satisfy you or if you would rather delete the present cookies or maybe even disable cookie usage in balticassist.com.

Cookie NameDescriptionTime of Validity
_gaUsed to recognize users.2 Years
_gidUsed to recognize users.24 Hours
_gatUsed to throttle request rate.1 Minute
_gcl_auUsed to understand how a user to our website uses the website by generating analytical data.3 Months
ajs_anonymous_idUsed for Analytics and help count how many people visit a certain site by tracking if you have visited before.1 year
ajs_group_idUsed to track visitor usage and events within the website.1 Year
ajs_user_idUsed to track visitor usage, events, target marketing, and can also measure application performance and stability.1 Year
1P_JARUsed to collect site statistics and monitor conversion rates.1 Month
SID, HSIDUsed together to block many types of attack, for example, attempts to steal the content of online forms.
SAPISIDUses Google to save user preferences and information about Google Maps2 Years
CONSENTApp for cookie policy display20 Years
SIDCCSecurity cookie to protect user data from unauthorized access3 months
SSIDCookies are set by the Google+ tool; they allow you to integrate the Google+ plugin on the site.2 Years
DVUsed to collect information about how visitors use our site which we use to compile reports to help us make improvements.6 Months
APISIDSaves Google Maps settings2 Years
NIDUsed to remember your preferences and other information6 Months
_zlcmidUsed to store the Zopim Live Chat ID used.1 year
_zlcidUsed to store the Zopim Live Chat ID used to identify a device across visits.1 Year
_zlcstoreUsed to store the Zopim Live Chat ID used to identify a device across visits.2 Years
_hjidUsed to persist the Hotjar User ID, unique to that site on the browser.1 Year
_hstcUsed to help tracking visitors.
_hjIncludedInSampleUsed to let Hotjar know whether a visitor is included in the sample which is used to generate funnels.1 Year
_cfduidUsed to speed up page load times.1 Year
_fbpUsed by Facebook to deliver a series of advertisement products on Facebook.Session
__hsscUsed to store the time of visit.13 Months
__hssrcUsed by Hubspot. Session
_hjAbsoluteSessionInProgressUsed to store unique visits.Session
_hjSession_*Used by Hotjar to track site usage areas. Session
_hjSessionUser_*Used by Hotjar.Session
_icl_current_languageUsed by wpml to maintain the language selected by the client to navigate the website.Session
hubspotutkUsed to keep track of a visitor’s identity.13 Months
  1. Social media buttons

Our website uses social network buttons – Facebook, Twitter, Instagram. If you choose to click on a social network button, a new window will open in your browser which will call our page on the respective service. The information obtained by third-party websites accessed via our website is not covered by our Privacy Policy and Cookie Policy and is governed by the terms applicable to your relationship with that third party. Baltic Assist accepts no responsibility or liability in respect of third-party websites.


  1. How to manage cookie settings

If you do not agree to the use of cookies, you can disable cookies on your web browser from being stored in your computer for privacy reasons by means of a corresponding setting of the Internet browser used. However, if you disable cookies, not all functions of our website may be entirely usable, which might affect your online experience on our website. You may withdraw your consent to our use of cookies on our website at any time. You may also delete/disable cookies on your web browser from being stored on your computer, or to alert you when cookies are being sent to your device. The method depends on the type of browser you use:

Google Chrome;

Microsoft Internet Explorer;

Mozilla Firefox;


For any other web browsers to change cookie settings, please visit the official webpage of the browser.

  1. Contact us

For any questions and inquiries regarding our Cookie Policy, please contact us by email: gdpr@balticassist.com