Privacy Policy

MB “Gravada”, taking care of the protection of your personal data and valuing your privacy, seeks to inform you transparently about the processing of personal data.

General information

MB “Gravada” (hereinafter referred to as “Data Controller”, “we”, “us”) hereby informs you about the processing of personal data when you use the website, as well as about your rights and how you can exercise them.

Data controller details:

MB “Gravada”

Company code: 305558503

Registered office address Vaikystės g. 2A, Avižienių km., LT-14184 Vilniaus r.

Tel: +370 627 51627


Data Protection Officer’s email.

Supervisory authorities: the Committee for the Development of the Information Society under the Ministry of Transport and Communications and the State Data Protection Inspectorate. Data on the data controller shall be collected and stored in the State Enterprise “Centre of Registers”.

Your personal data will be processed in accordance with the requirements of the applicable legislation of the European Union and the Republic of Lithuania, as well as the instructions of the controlling authorities. Technical and administrative measures are in place to protect the data collected by us against loss, unauthorised use and alteration. The Data Controller’s employees are under a written obligation not to disclose or distribute information obtained in the workplace to third parties.

For the purposes of this document, the terms used herein shall be understood as they are defined in the General Data Protection Regulation 2016/679 (EU) (“GDPR”).

The Privacy Policy applies only to data of natural persons. We apply the provisions of the Policy also in cases where we started processing personal data before the entry into force of this document.

What information do we collect about you and how do we process your data?

Purpose of processing personal dataGroup of data subjectsList of personal data processedDuration of storage of personal dataBasis for lawful processing
Order processing and fulfilmentCustomers who have placed an order in the e-shopName, surname, address, email address, phone number, payment information, other free form information2 years from the date of placing the orderConsent
Publicising visitor feedbackVisitors who have left a reviewName, testimonial, type of service (visit, engraving, etc.)3 years from the date of the reply    Consent
Responding to enquiriesEnquirersName, depending on the method of enquiry and the preferred method of contact: email address and/or telephone number, other free form information1 yearLegitimate interest* to respond to requests
Analysing and improving website performance, making suggestionsWebsite visitorsSee list of cookiesSee list of cookiesConsent**

* – where we process data on the basis of legitimate interest, you have the right to object to such processing, in which case we will examine whose interests prevail in the particular situation;

** – please note that you can withdraw your consent at any time by contacting us via email., and you can revoke your consent to cookies by clicking on “Clear cookies” in your browser settings.

You must provide personal data if you wish to make a request, otherwise we will not be able to respond to your request.

Who do we disclose your information to?

We will disclose your information to the following entities:

  • Companies that provide services at our request, such as IT service providers, delivery services, and other persons providing services we need: consultants, auditors, lawyers, etc. These companies are limited in their ability to use your information; they cannot use this information for purposes other than to provide services to us;
  • To other parties where required to do so by law or as necessary to protect our interests.

When we may disclose your information to other parties:

  • To comply with the law or in response to a mandatory requirement of a court proceeding (e.g. a lawful search warrant or order or other court decision);
  • To confirm the legality of your actions;
  • To protect the Data Controller or the rights, property or security of the Data Controller;
  • We may disclose/transfer your information to a third party in the event of a reorganisation of the company, a spin-off, a sale, transfer, lease or lease of the business or part of the business or the contribution of the business as an asset to another legal entity or in the event of bankruptcy;
  • In other cases, where there are legitimate grounds (e.g. Your consent or request, legitimate interest of a third party, etc.).

What do we do to protect your information?

We have put in place physical and technical measures to protect the information we collect for the purposes of providing content/services. However, please keep in mind that while we take reasonable steps to protect your information, no website, online transaction, computer system or wireless connection is completely secure.

Your rights and how to exercise them

The data subject whose data are processed in the course of the Data Controller’s activities has the following rights:

  • Know (be informed) about the processing of your data (right to know);

We provide information about the processing of your personal data before or at the time of data collection by making this PP available. 

  • To know your data and how it is processed (right of access);

You have the right to obtain confirmation as to whether we are processing personal data relating to you. If we process your personal data, you have the right to have access to the personal data we process and to information about the purposes of processing, categories of personal data, recipients of the data, retention periods etc. 

  • Request rectification or, depending on the purposes of the processing of the personal data, completion of incomplete personal data (right to rectification);

You have the right to request that we rectify inaccurate personal data concerning you and, taking into account the purposes of the processing, supplement incomplete personal data concerning you.

  • Request the erasure of your data (‘right to be forgotten’);

You have the right to request the erasure of the personal data processed for the reasons set out in Article 17 GDPR.

  • Have the right to require the Data Controller to restrict the processing of personal data on one of the legitimate grounds (right to restrict);

In the cases referred to in Article 18(1) of the GDPR, you have the right to request the restriction of the processing of your personal data.

  • You have the right to data portability (right to port);

Where personal data are processed by automated means and this is technically feasible, you may request the transfer of your personal data to another controller in a commonly used and computer-readable format.

  • Right to object to the processing of personal data;

You have the right to object to the processing of personal data in accordance with Article 6(1)(e) or (f) of the GDPR, including profiling on the basis of those provisions. You also have the right to object at any time to processing for direct marketing purposes, including profiling insofar as it relates to direct marketing.

  • Right to lodge a complaint with the State Data Protection Inspectorate.

If you believe that we are in breach of the GDPR or other data processing legislation when processing your personal data, you have the right to lodge a complaint with the State Data Protection Inspectorate (the registered office address is L. Sapiegos g. 17, LT-10312 Vilnius, However, we recommend that you contact us first before filing a complaint with the State Data Protection Inspectorate – we will try to resolve the situation.

To exercise your rights, please contact We will identify you and process your request. Please be informed that we will reply to you within one month at the latest with the action we have taken on your request.

The Data Controller may exclude data subjects from the exercise of the rights listed above where, in cases provided for by law, it is necessary to ensure the prevention, investigation and detection of crimes, breaches of official or professional ethics, as well as the protection of the data subject’s or other persons’ rights and freedoms.

Third party websites, services and products on our website

The Data Controller’s website may contain third-party banners, links to their websites and services, which are not under the Data Controller’s control. The Data Controller is not responsible for the security and privacy of information collected by third parties. You should be careful to read the privacy statements applicable to the third-party websites and services that you use.


A cookie consists of information sent by a network service station to a web browser and stored by the browser. This information is then sent back to the service station whenever the browser requests a page from that service station. This allows that network service station to identify and track the web browser. We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about the use of the website by using cookies that are stored on users’ computers. The information generated in relation to our website is used to create reports on the use of this website. This information will be stored by Google. Google’s privacy policy is available here: . Our advertisers or payment service providers may also send you cookies. We publish interest-based Google Adsense advertisements on our website. These are selected by Google to reflect your interests. Google will track your online behaviour by using cookies to identify your interests. You can view, delete and add interest categories associated with your browser using Google’s Ads Preference Manager, available at You can opt out of the Adsense Partner Network cookie at . However, this opt-out mechanism uses a cookie and if you delete cookies from your computer, your opt-out will not be saved. To ensure that your opt-out is saved for your specific browser, you should use the Google browser plugin available at . Most browsers allow you not to accept any cookies, although some browsers only allow you not to accept third party cookies. For example, in Internet Explorer, you can refuse all cookies by clicking on Tools > Internet Options > Privacy and selecting Block all cookies (by flipping a switch). However, blocking all cookies will have a negative impact on your ability to use many websites, including this one.

Contact us

If you notice an error, a security vulnerability on our website or have any other questions, please contact us in any way that is convenient for you:

By post: MB “Gravada” Vaikystės g. 2A, Avižienių km., LT-14184 Vilniaus r.

Data Protection Officer’s email:

Final provisions

When we update our Privacy Policy, we will inform you of what we consider to be material changes by posting a notice on our website. If you access the website after such notice is posted, we will assume that you have acknowledged the changes set out in the update.

Published on the website on 13 January 2022

We use cookies to ensure that you are comfortable with the use of the website. By continuing to browse our website, this constitutes your consent to the use of cookies.