Privacy Policy

Last Updated: January 21, 2026

At NebulaLake Systems ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website aukstaitijadata.com (the "Website") or use our services.

We adhere to the General Data Protection Regulation (GDPR) and Lithuanian data protection laws. By accessing or using our Website and services, you consent to the practices described in this Privacy Policy.

1. Information We Collect

We may collect the following categories of information:

1.1. Personal Information

Personal information is data that can be used to identify you directly or indirectly. We may collect the following personal information:

  • Contact information (name, email address, phone number, company name)
  • Professional information (job title, department)
  • Account credentials (username, password) if you create an account
  • Communication preferences
  • Information you provide in forms, surveys, or other interactive portions of our Website

1.2. Usage Information

We automatically collect certain information about your device and how you interact with our Website:

  • IP address and device identifiers
  • Browser type and version
  • Operating system
  • Pages visited and time spent on those pages
  • Referring website or source
  • Language preferences
  • Date and time of access

1.3. Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. For more information about our use of these technologies, please see our Cookie Policy.

2. How We Collect Information

We collect information through the following methods:

  • Direct interactions: When you fill out forms, contact us, subscribe to newsletters, or interact with our Website.
  • Automated technologies: Through cookies, server logs, and other tracking technologies when you visit our Website.
  • Third parties: We may receive information about you from business partners, analytics providers, and advertising networks, but only where they have the legal basis to share this information with us.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1. Provide and Improve Our Services

  • To provide you with the information, products, and services you request
  • To personalize your experience on our Website
  • To improve our Website, products, and services
  • To develop new products and services
  • To ensure the technical functionality and security of our Website

3.2. Communication

  • To respond to your inquiries, comments, or questions
  • To provide customer support
  • To send you important information regarding our services, changes to our terms, conditions, and policies
  • To send you marketing communications (with your consent where required by law)

3.3. Business Operations

  • To administer and protect our business and Website
  • To prevent fraud and ensure the security of our systems
  • To generate analytics and statistical data for business intelligence
  • To comply with legal obligations and enforce our legal rights

4. Legal Basis for Processing

Under the GDPR and Lithuanian data protection laws, we process your personal information based on one or more of the following legal bases:

  • Consent: Where you have given clear consent for us to process your personal information for a specific purpose.
  • Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate interests: Where processing is necessary for the purposes of our legitimate interests or those of a third party, provided those interests are not overridden by your interests, rights, or freedoms.

5. Data Sharing and Disclosure

We may share your personal information with the following categories of recipients:

5.1. Service Providers

We may share your information with third-party service providers who perform services on our behalf, such as:

  • Hosting and cloud service providers
  • Analytics providers
  • Email service providers
  • Customer support services
  • Payment processors

These service providers are contractually obligated to use your information only as necessary to provide services to us and in compliance with applicable data protection laws.

5.2. Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

5.3. Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

5.4. Protection of Rights

We may disclose your information when we believe disclosure is necessary to:

  • Enforce our policies and agreements
  • Protect the rights, property, or safety of NebulaLake Systems, our customers, or others
  • Prevent or investigate possible wrongdoing in connection with our services

6. International Data Transfers

NebulaLake Systems is based in Lithuania, and your information may be processed in Lithuania and other countries where our service providers maintain facilities. These countries may have data protection laws different from those in your country of residence.

When we transfer personal information outside the European Economic Area (EEA), we implement appropriate safeguards in accordance with GDPR requirements, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules for transfers within our corporate group
  • Adequacy decisions by the European Commission for certain countries
  • Derogations in specific situations, such as with your explicit consent

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

  • Encryption of sensitive data
  • Regular security assessments and penetration testing
  • Access controls and authentication procedures
  • Secure network architecture and firewalls
  • Regular backup procedures
  • Employee training on data protection and security

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider:

  • The amount, nature, and sensitivity of the personal information
  • The potential risk of harm from unauthorized use or disclosure
  • The purposes for which we process the information and whether we can achieve those purposes through other means
  • Applicable legal, regulatory, tax, accounting, or other requirements

When personal information is no longer needed, we will securely delete or anonymize it.

9. Your Data Protection Rights

Under the GDPR and Lithuanian data protection laws, you have certain rights regarding your personal information. These rights may include:

  • Right to access: You can request a copy of the personal information we hold about you.
  • Right to rectification: You can request correction of inaccurate or incomplete information.
  • Right to erasure: You can request deletion of your personal information under certain circumstances.
  • Right to restrict processing: You can request restriction of processing of your personal information under certain circumstances.
  • Right to data portability: You can request transfer of your personal information to another service provider in a structured, commonly used, machine-readable format.
  • Right to object: You can object to processing of your personal information based on legitimate interests or direct marketing.
  • Right to withdraw consent: You can withdraw your consent at any time where we rely on consent as the legal basis for processing.
  • Right to lodge a complaint: You can lodge a complaint with a supervisory authority if you believe your rights have been violated.

To exercise any of these rights, please contact us using the contact information provided at the end of this Privacy Policy. We will respond to your request within 30 days.

10. Children's Privacy

Our Website and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us. If we discover that a child has provided us with personal information, we will delete such information from our systems.

11. Third-Party Links

Our Website may contain links to third-party websites, products, or services. These third-party sites have separate and independent privacy policies. We have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our Website and welcome any feedback about these sites.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. The updated policy will be posted on this page with a revised "Last Updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information.

If we make material changes to this Privacy Policy, we will notify you by email (if we have your email address) or by a notice on our Website prior to the changes becoming effective.

13. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions regarding this Privacy Policy. If you have questions about this Privacy Policy or our privacy practices, please contact our DPO:

Email: privacy@aukstaitijadata.com
Address: Stariškės g. 7, Klaipėda, 95366 Klaipėdos r. sav., Lithuania

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

NebulaLake Systems
Stariškės g. 7
Klaipėda, 95366 Klaipėdos r. sav.
Lithuania
Phone: +37046215572
Email: privacy@aukstaitijadata.com

15. Supervisory Authority

If you are located in the European Union and believe we are processing your personal information in violation of applicable law, you have the right to lodge a complaint with your local data protection supervisory authority.

In Lithuania, the supervisory authority is:

State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija)
L. Sapiegos str. 17, LT-10312 Vilnius, Lithuania
Phone: +370 5 271 2804
Email: ada@ada.lt
Website: https://vdai.lrv.lt/