Skip to content
Last updated: 2026-06-10

Privacy Policy

1. Data Controller

This website (rebi.lt) is operated, and your personal data is processed, by Rebi, MB, legal entity code 307574545, registered address V. Nagevičiaus g. 3, Vilnius, Lithuania (the “we”, “Rebi” or “data controller”).

Email: renatas@rebi.lt

Phone: +370 625 72710

For any questions relating to the processing of personal data, you may contact us using the details above.

2. Data We Collect

We only process data that is necessary for the purposes set out below:

  • Data you provide directly: name, email address, phone number, company name and the content of free-form messages when you fill in the contact form, request a free website audit, or communicate with us.
  • AI chat content: the messages you type into the chat window.
  • Free audit data: the website address (URL) you submit and the audit results.
  • Automatically collected technical data: IP address, browser and device type, operating system, date and time of visit, pages viewed and the source you arrived from (server logs).
  • Data collected via cookies: see Section 4.

We do not collect or ask you to provide special categories of (sensitive) personal data.

3. Purposes and Legal Bases

We process your data on the legal bases set out in Article 6 of the GDPR (Regulation (EU) 2016/679):

  • To respond to enquiries, provide quotes and to enter into and perform a contract — legal basis: performance of a contract or pre-contractual steps (Art. 6(1)(b)).
  • To provide free tools (website audit, AI chat) — performance of a contract and our legitimate interest (Art. 6(1)(b) and (f)).
  • To analyse website usage, carry out marketing and personalise content via cookies — your consent (Art. 6(1)(a)).
  • To ensure the security of the website and prevent fraud and abuse — legitimate interest (Art. 6(1)(f)).
  • To comply with legal requirements (e.g. accounting) — legal obligation (Art. 6(1)(c)).

4. Cookies and Similar Technologies

We use cookies and similar technologies on the website. On your first visit a consent banner is shown where you can accept, reject or select cookie categories. Necessary cookies are always used because the website would not work without them; all others (analytics, marketing and preferences) are only enabled after you give prior consent.

Cookie categories:

  • Necessary — required for the website to function and to store your choices.
  • Analytics — help us understand how the website is used (Google Analytics, Microsoft Clarity).
  • Marketing — used for advertising and its relevance (Meta Pixel).
  • Preferences — remember your choices (e.g. language).

You can change or withdraw your consent at any time in the website's cookie settings or by deleting cookies in your browser. Withdrawing consent does not affect the lawfulness of processing carried out beforehand.

5. Third-Party Tools and Recipients

We use tools from the following providers, which act as data processors or independent controllers:

  • Google Analytics 4 (Google Ireland Ltd / Google LLC) — website traffic analysis; enabled only with analytics consent.
  • Microsoft Clarity (Microsoft Corporation) — session and click analytics and “heatmaps” that may record interactions on the website; enabled only with analytics consent.
  • Meta Pixel (Meta Platforms Ireland Ltd) — advertising performance measurement and retargeting; enabled only with marketing consent.
  • Google reCAPTCHA (Google) — protection against automated abuse on the audit form; used on the basis of our legitimate interest in security.
  • Google PageSpeed Insights API (Google) — when you run a free audit, the website address you submit is sent to this service for evaluation.
  • Anthropic, PBC (Claude AI) — powers the AI chat assistant; see Section 6.
  • n8n (a server operated by us) — internal handling of enquiries and contacts.

Data may also be processed by our hosting provider. We do not sell your data or share it with third parties for their own marketing without your consent.

6. AI Chat Assistant

The website features an artificial intelligence chat assistant. The messages you type are sent to our provider Anthropic, PBC (USA), which processes them to generate a response. The assistant can make mistakes, so its answers should not be regarded as professional advice.

Please do not enter passwords, payment card details, personal identification numbers or other sensitive information into the chat. If you provide contact details and a request to be contacted during the chat, we use them solely to respond to your enquiry.

7. International Data Transfers

Some providers may process data outside the European Economic Area (EEA), including in the USA. In such cases we ensure appropriate safeguards required by the GDPR:

  • Google, Microsoft and Meta participate in the EU–US Data Privacy Framework, which ensures an adequate level of protection.
  • Anthropic relies on Standard Contractual Clauses approved by the European Commission (Art. 46 GDPR) for international transfers.

Further information about the specific safeguards is available on request.

8. Data Retention

We retain personal data no longer than necessary to achieve the purposes:

  • Enquiry and correspondence data — up to 24 months from the last contact if no contract is concluded.
  • Contract and related accounting records — for the periods required by law (typically up to 10 years).
  • Data collected via cookies — for the lifetime of the cookies or until consent is withdrawn.
  • Server log data — up to 12 months for security purposes.

Once the retention period expires, data is securely deleted or anonymised.

9. Data Security

We apply appropriate technical and organisational measures to protect your data against loss, unauthorised access, disclosure or destruction, including an encrypted (HTTPS) connection, access control and the principle of data minimisation. However, no method of transmission over the internet is completely secure, so we cannot guarantee absolute protection.

10. Your Rights

Under the GDPR you have the following rights:

  • the right to access your data;
  • the right to have inaccurate data corrected;
  • the right to have data erased (“right to be forgotten”);
  • the right to restrict processing;
  • the right to data portability;
  • the right to object to processing based on legitimate interest;
  • the right to withdraw consent at any time.

To exercise your rights, contact us at renatas@rebi.lt. We will respond within 1 month at the latest. If you believe your rights have been infringed, you have the right to lodge a complaint with the State Data Protection Inspectorate of Lithuania (L. Sapiegos g. 17, 10312 Vilnius; email ada@ada.lt; phone +370 5 271 2804; www.vdai.lrv.lt).

11. Children's Privacy

Our services are intended for business clients and adults. We do not knowingly collect data from persons under the age of 14. If we learn that such data has been provided without the consent of a parent or guardian, we will delete it.

12. Changes to This Policy

We may update this privacy policy. We will notify you of significant changes on the website. The current version is always published on this page, indicating the date of the last update.

13. Contact

For any questions relating to privacy or personal data, please contact:

Rebi, MB

Email: renatas@rebi.lt

Phone: +370 625 72710

Address: V. Nagevičiaus g. 3, Vilnius, Lithuania