Skip to content
Aegis Brightsmark

Privacy Policy

Last updated: February 21, 2026

1. Data Controller

Aegis Brightsmark Capital MB
Company code: 307576279
Sembu 6, Buivydiskes, LT-14166, Vilniaus raj., Lithuania
Email: [email protected]

2. Data Protection Contact

As a small company, we have not appointed a dedicated Data Protection Officer. For any data protection enquiries, please contact us at [email protected].

3. What Data We Collect

We collect personal data only when you voluntarily provide it through our contact form:

  • Contact form submissions: Full name, email address, company name (optional), service interest, and project details.
  • Analytics data: If you consent to cookies, we may collect anonymised usage data through Google Analytics and/or Facebook Pixel. This includes pages visited, time spent, referral source, and device type. No personally identifiable information is collected through analytics.
  • Server logs: Our web server automatically records IP addresses, browser type, and access times for security and operational purposes. These logs are retained for a maximum of 30 days.

4. How We Use Your Data

We use the data we collect for the following purposes:

  • Responding to enquiries: We use your contact form data to respond to your project enquiry via email.
  • Website improvement: Anonymised analytics help us understand how visitors use our site so we can improve it.
  • Security: Server logs are used to detect and prevent malicious activity.

5. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data on the following bases:

  • Consent: For analytics cookies (Google Analytics, Facebook Pixel). You can withdraw consent at any time.
  • Pre-contractual measures (Art. 6(1)(b)): For responding to contact form submissions at your request.
  • Legitimate interest (Art. 6(1)(f)): For maintaining website security and operational integrity.

6. Data Sharing

We do not sell your personal data. We may share data with the following third parties, solely for the purposes described above:

  • Email service provider: To deliver responses to your enquiries.
  • Google Analytics: Anonymised usage statistics (only with your consent).
  • Facebook (Meta): Anonymised conversion tracking (only with your consent).

7. International Data Transfers

When you consent to analytics cookies, data may be transferred to servers outside the European Economic Area (EEA), specifically to:

  • Google LLC (United States) — for Google Analytics processing, covered by the EU-US Data Privacy Framework.
  • Meta Platforms, Inc. (United States) — for Facebook Pixel processing, covered by the EU-US Data Privacy Framework and Standard Contractual Clauses.

We ensure that appropriate safeguards are in place for any international transfers in accordance with GDPR Articles 44–49.

8. Data Retention

  • Contact form data: Retained for the duration of our business correspondence, then deleted within 12 months of last communication.
  • Analytics data: Retained according to the respective analytics provider's policies (typically 14–26 months).
  • Server logs: Retained for a maximum of 30 days.

9. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Withdraw consent for analytics tracking
  • Object to processing based on legitimate interest
  • Request restriction of processing of your data
  • Request data portability
  • Lodge a complaint with a supervisory authority (see below)

To exercise any of these rights, contact us at [email protected].

If you are unsatisfied with our response, you have the right to lodge a complaint with the Lithuanian State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija):
Address: L. Sapiegos g. 17, LT-10312 Vilnius, Lithuania
Phone: +370 5 271 2804
Email: [email protected]
Website: vdai.lrv.lt

10. Cookies

Our website uses the following cookies:

  • Essential cookies: Required for the website to function (e.g., CSRF protection). These do not require consent.
  • Analytics cookies: Google Analytics and Facebook Pixel cookies are loaded only after you provide consent through our cookie banner.

You can manage your cookie preferences at any time through your browser settings or our cookie consent banner.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), security headers, rate limiting, and access controls on our systems.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be indicated by updating the "Last updated" date at the top of this page.