Skip to Content

PRIVACY POLICY

Version 1.0 | June 2025


This Privacy Policy explains how UAB Rasting (hereinafter “Rasting”, “we”, “our” or “us”) collects, uses and protects personal data in the limited context of our B2B activities. We do not run an online shop, send marketing newsletters or track individuals for advertising purposes. Our processing is therefore intentionally lean and consistent with Regulation (EU) 2016/679 (GDPR).

1. Who is the controller?2. What data do we collect and why?3. How long do we keep the data?4. Who receives the data?5. Do we transfer data outside the EEA?6. Your rights7. Data security8. Changes to this Policy

1. Who is the controller?

UAB Rasting

Legal address: Mokyklos str. 11-6, LT-91265 Klaipėda, Lithuania

Company code: 307027978

VAT no: LT100017591213

E‑mail: info@rasting.tech

Telephone: +370 628 25000

2. What data do we collect and why?

Data categorySourcePurposeLegal basis*
Business contact details(name, position, company, e‑mail, phone)Directly from data subject or employerRespond to enquiries, negotiate or perform contractsArt. 6 (1)(b) GDPR – contract or pre‑contractual steps
Transactional correspondence & documentsE‑mail, contracts, POs, invoicesContract performance, accounting, export‑control complianceArt. 6 (1)(c) GDPR – legal obligation; Art. 6 (1)(f) – legitimate interest (business administration)
Website server logs (IP address, date/time, URL, user‑agent)Visitor’s browserEnsure website security & debug errorsArt. 6 (1)(f) GDPR – legitimate interest (security)

* We rely on consent only if you voluntarily provide additional information not required for the above purposes.

3. How long do we keep the data?

Data categoryRetention period
Business contact details & correspondenceUp to 3 years after last interaction, unless needed longer for legal claims
Contracts, purchase orders, invoices10 years (Lithuanian accounting law)
Export‑control records3 years (Regulation (EU) 2021/821)
Server logsAutomatically deleted after 30 days

4. Who receives the data?

  • Service providers (e.g., secure e‑mail hosting, IT maintenance) bound by confidentiality and data‑processing agreements.
  • Public authorities if required by law (e.g., customs, tax, export‑control regulators).
  • We do not sell or rent personal data and have no joint controllers.

5. Do we transfer data outside the EEA?

We store data on servers located in the European Economic Area. International transfers occur only if necessary for a specific contract (e.g., shipping goods abroad) and then subject to GDPR Chapter V safeguards (Standard Contractual Clauses or an adequacy decision).

6. Your rights

Under GDPR you have the right to:

  1. Access your data (Art. 15).
  2. Rectify inaccurate data (Art. 16).
  3. Erase data (“right to be forgotten”, Art. 17) where applicable.
  4. Restrict processing (Art. 18).
  5. Data portability (Art. 20).
  6. Object to processing based on legitimate interest (Art. 21).
  7. Withdraw consent at any time, where processing relies on consent.
  8. Lodge a complaint with the Lithuanian State Data Protection Inspectorate (ada.lt) if you believe your rights are infringed.

7. Data security

We apply proportionate technical and organisational measures, such as TLS encryption, access controls, and regular backups, to safeguard personal data against loss, misuse and unauthorised access.

8. Changes to this Policy

We may update this Privacy Policy to reflect changes in law or our processing activities.