Privacy Policy

This Privacy Policy sets out how your personal data is processed by Professional Law Partnership Degesys ir Partneriai (hereinafter – the Partnership).

We process personal data in accordance with the requirements of data protection and processing set out in Regulation (EU) 2016/679 (hereinafter – the General Data Protection Regulation) as well as applicable data protection laws in Lithuania.

For what purposes do we process your personal data?

In the course of our daily activities, we process personal data for various purposes. Below we describe the reasons why we need to process different types of personal data:

  • Data about our clients is processed in order to manage and develop client relationships.

  • Data related to our tasks is processed to fulfil our obligations in accordance with legal requirements.

  • Data about certain interest groups (e.g. potential clients, former lawyers and employees of the Partnership, students, representatives of student and professional organisations, and persons working in the legal services sector) is processed for purposes such as:
    - Sending invitations to our events;
    - Sending newsletters;
    - Sending information about our activities and other marketing communications.

  • Data of website visitors is processed to ensure that our website meets the needs of the Partnership.

  • Data of job applicants is processed in order to make recruitment decisions.

  • Employee data is processed in order to fulfil our duties as an employer.

  • We ensure the security of our office and IT systems using various systems, such as security cameras.

To whom do we disclose or transfer your data?

Our main rule is not to disclose your information to third parties. If disclosure is required by law or an order from authorities, we assess each request on a case-by-case basis to determine whether disclosure would be lawful. In certain circumstances, we may disclose your information to a third party or another data controller if we have separately agreed with you to do so.

We also have agreements with certain service providers who may process your personal data on our behalf while providing services. In such cases, we ensure that appropriate agreements are in place to guarantee proper data processing.

Are your data processed in third countries?

As a rule, the Partnership processes personal data within the European Union. In specific cases, when carrying out a client’s assignment or in other agreed situations, personal data may be transferred outside the European Union or European Economic Area in accordance with data protection legislation and its restrictions. In such cases, we are required to ensure an adequate level of data protection under the GDPR, including transfers based on European Commission adequacy decisions, and where necessary, applying standard contractual clauses approved by the European Commission and additional safeguards.

How do we protect your information?

Confidentiality is the foundation of our activities. To ensure a sufficient level of data security, we use various technical and organizational methods and safeguards. We also restrict employee access to data by applying role-based access rights.

How long do we keep your personal data?

We retain your data for as long as necessary to carry out the Partnership’s activities and as required by law. Retention periods vary depending on the type of processing:

  • Personal data for direct marketing purposes is retained, in line with local laws and practices, for no longer than 10 years.

  • Job applicant data is retained for the duration of the recruitment process and no longer than 1 year afterwards.

  • Data used to prepare responses to inquiries is retained for no longer than 1 year.

  • Data collected to comply with anti-money laundering and counter-terrorism financing laws is retained for up to 10 years after services have been provided, as required by applicable law.

Your rights

Right to object

You have the right, based on your specific situation, to object to profiling and other processing carried out on the basis of our legitimate interests. These situations may relate, for example, to receiving newsletters or invitations to events that we believe may interest you based on your company’s field of activity.
You may send your objection to us at privacy@dplaw.lt.

Direct marketing

You may consent to or prohibit our direct marketing through specific channels, including profiling for marketing purposes.

Right of access

You have the right to review the data we have collected about you. We may refuse such a request on the grounds provided by law. Exercising this right is usually free of charge.

Right to rectification, erasure, or restriction

You have the right to request correction of inaccurate data. You may also request erasure of certain data or restriction of its processing, based on grounds set out in law.

Right to data portability

If you have provided us with data that we process based on your consent, you have the right to receive such data in a machine-readable format and to transfer it to another data controller.

Right to lodge a complaint

You have the right to lodge a complaint with the competent supervisory authority if you believe that we are not complying with applicable data protection rules.

More information

If you have questions related to our data protection policy or wish to exercise your rights, please contact us at privacy@dplaw.lt.