Privacy
Policy.

The Company complies with its obligations under the GDPR by ensuring that personal data is processed lawfully, fairly, and transparently; kept accurate and, where necessary, up to date; stored securely; retained only for as long as necessary; and protected against loss, misuse, unauthorised access, disclosure, alteration, or destruction.

We implement appropriate technical and organisational measures to protect personal data, including reasonable safeguards designed to maintain the confidentiality, integrity, and security of the personal data we process.

When you provide your personal data to us, we process it only where we have a lawful basis to do so. Depending on the situation, this may include your consent, the performance of a contract, steps taken before entering into a contract, compliance with a legal obligation, or our legitimate business interests.

We may process data relating to your use of the Aftercare Agency website, including your user ID, country, city, IP address, device information, operating system, browser type, pages visited, time spent on the website, and other website usage data. The source of this data may be our analytics and tracking systems. We use this data for analytics, website improvement, performance monitoring, security, and business development purposes.

You may submit your name and email address for marketing purposes, including newsletters, updates, offers, and other communications related to Aftercare Agency. Where required by law, we will only send marketing communications with your consent.

We may use third-party email marketing platforms, such as Mailchimp, owned by The Rocket Science Group LLC, or similar service providers, to manage and send newsletters or marketing emails. You may unsubscribe from marketing emails at any time by clicking the “unsubscribe” link included in each email or by contacting us directly.

You may choose to allow us to send you push notifications. We may use third-party service providers, such as OneSignal or similar platforms, to send push notifications. You may unsubscribe from push notifications at any time through your browser, device settings, or other available unsubscribe options.

You may contact us through our website or other communication channels by providing your name, email address, phone number, company name, and the content of your message. We process this information to respond to your enquiry, provide information about our services, manage business communication, and, where relevant, take steps before entering into a contract.

We do not collect personal data that is excessive or unnecessary for the purposes described in this Privacy Policy.

Where we rely on your consent to process personal data, you may withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

Personal data processed by the Company will not be kept for longer than is necessary for the purpose or purposes for which it was collected, unless a longer retention period is required or permitted by law.

For analytics purposes, your submitted or collected data may be stored for 3 years from the moment you provided the relevant information to us or from the last time you used our website or services.

For marketing purposes, your personal data may be stored for 5 years from the moment you provided the relevant information to us, from the last time you used our services, or until the moment you object to or withdraw consent for the processing of your data for marketing purposes, whichever occurs earlier, unless a longer retention period is legally justified.

We make reasonable efforts to ensure the security and confidentiality of your personal information during the retention period.

After the applicable retention period expires, we will delete, anonymise, or securely destroy your personal data, unless we are legally required or permitted to retain it for a longer period.

Right of access — you have the right to request a copy of the personal data we hold about you. Provided that the rights and freedoms of others are not adversely affected, we will provide you with a copy of your personal data. The first copy will usually be provided free of charge, but additional copies may be subject to a reasonable fee.

Right to rectification — you have the right to request that we correct inaccurate or outdated personal data.

Right to erasure — you have the right to request deletion of your personal data where it is no longer necessary for us to retain it, or where another legal ground for deletion applies.

Right to withdraw consent — where processing is based on your consent, you have the right to withdraw that consent at any time.

Right to data portability — where applicable, you have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format and, where technically possible, transmit it directly to another data controller.

Right to restriction of processing — you have the right to request restriction of processing where there is a dispute concerning the accuracy, lawfulness, or use of your personal data.

Right to object — you have the right to object to the processing of your personal data, including processing based on our legitimate interests and processing for direct marketing purposes.

Right to lodge a complaint — you have the right to lodge a complaint with a relevant data protection supervisory authority.

You may instruct us at any time not to process your personal data for marketing purposes.

We may withhold personal data requested by you to the extent permitted or required by applicable law.

We will provide you with an opportunity to opt out of the use of your personal data for marketing purposes, including by using the unsubscribe link in our marketing emails.

We will respond to your request without undue delay and no later than 30 calendar days from the date of receipt of your request, unless a longer period is permitted under applicable law due to the complexity or number of requests.

You may exercise your rights by contacting us at: agencyaftercare@gmail.com

We respect the confidentiality of the personal data you provide to us. Under normal circumstances, we do not disclose your personal data to third parties unless this is necessary for the proper operation of our website, the provision of our services, communication with you, fulfilment of legal obligations, or another lawful purpose described in this Privacy Policy.

We may disclose your personal data to trusted third-party service providers, including website hosting providers, analytics providers, email marketing platforms, push notification platforms, IT service providers, payment providers, accounting service providers, legal advisers, and other professional advisers, where such disclosure is reasonably necessary.

Where third-party service providers process personal data on our behalf, we take reasonable steps to ensure that they process such data in accordance with applicable data protection laws and appropriate confidentiality and security obligations.

We may disclose your personal data to competent authorities, courts, regulators, law enforcement bodies, or other public authorities where required by law or where such disclosure is necessary for the establishment, exercise, or defence of legal claims.

We may disclose your personal data to professional advisers, including lawyers, auditors, insurers, and consultants, where reasonably necessary for obtaining professional advice, managing business risks, or protecting our legal interests.

As Aftercare Agency may operate internationally and use third-party service providers located outside Lithuania or the European Economic Area, your personal data may be transferred to and processed in countries outside your country of residence.

Where personal data is transferred outside the European Economic Area, we will take appropriate steps to ensure that the transfer is carried out in accordance with applicable data protection laws, including by relying on adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms where required.

We reserve the right to update or modify this Privacy Policy at any time. Any changes will take effect from the moment the updated Privacy Policy is published on our website, unless stated otherwise.

We encourage you to review this Privacy Policy regularly to stay informed about how we process and protect your personal data.

If we intend to process your personal data for a new purpose that is not covered by this Privacy Policy, we will provide you with appropriate information about that new purpose before starting the processing. Where required by law, we will request your prior consent.

Any dispute related to the Company, our services, our website, or the processing of your personal data should first be addressed through negotiation by contacting us at: agencyaftercare@gmail.com

Since our data processing activities are currently carried out in Lithuania, the competent supervisory authority is the State Data Protection Inspectorate of the Republic of Lithuania. You may contact the supervisory authority if you believe that your personal data has been processed unlawfully or that your rights under applicable data protection laws have been violated.