Privacy Policy

1. Who we are?

"We”, “us”, “our” or WhiteBridge ai means Lithuanian Limited Liability Company UAB Whitebridge ai, legal entity code 306680556, registered at Krivių str. 5, Vilnius LT-01204, Republic of Lithuania.

Your privacy is important to us, therefore we've developed this Privacy Policy, which sets out how we collect, disclose, transfer and use ("process") the personal data that you share with us, as well as which rights you have. Please take a moment to read through this Privacy Policy. We only process personal data in accordance with this Privacy Policy. WhiteBridge ai acts both as a "data controller" and in some cases as a "data processor" of personal data. The data controller of the personal data determines the purposes and means of the processing of personal data and the data processor processes the personal data on behalf of the data controller.

We hold your privacy in high regard and are committed to safeguarding your personal data. will process your personal data in strict adherence to the prevailing legal norms of the European Union and Lithuania, inclusive of the Regulation (EU) No 2016/679 (General Data Protection Regulation, the “GDPR”), and other relevant personal data protection laws, as well as directives from competent authorities. The terminology employed in this Privacy Policy aligns with the definitions provided in the GDPR.

Should you have any questions, concerns or complaints regarding this Privacy Policy or our processing of your personal data; or you wish to submit a request to exercise your rights as set out by the GDPR, you can contact us:

  • E-mail address:

2. How and for which purpose do we collect your personal data?

Why are we collecting information about you?Which information do we collect about you?Why are we legally allowed to collect your information?How long do we keep information about you?
To inform you about our products and services that may be relevant to you  Name, surname, name of the company you represent, e-mail address, signature, information about similar services availed (purchase history)You agreed to that (Art. 6(1)(a) of the GDPR, Art. 69(1) of Lithuanian Law on Electronic Communications; Customer relationship between you and us)5 years
To handle queries, requests and complaints submitted by youName, surname, name of the company you represent, e-mail address, query, request or complaint, information, related to the query, request or complaint, communication with usWe have a legitimate interest to do that (to handle your queries) (Art. 6(1)(f) of the GDPR)10 years
To manage our accounts on social networking sitesName, surname, comments on a post, post shares, information about “like” and “follow” clicks on WhiteBridge’s profile, information about post reactions, picture, message, time and date the message was received, content of the message, message attachments, response to the message, time of response to the message, information about attendance to the WhiteBridge’s events, information about WhiteBridge’s ratingYou agreed to that (Art. 6(1)(a) of the GDPR)10 years
To maintain business relations with natural and legal persons you represent  Name, surname, personal code, address, power of attorney, power of attorney expiration date, signature, connection with the represented person, the person you represent, position, phone number, e-mail address, communication with us, information about the person you represent  We have a legitimate interest (to maintain relations with natural or legal persons you represent) (Art. 6(1)(f) of the GDPR)  Until expiration of the contract and 10 years after expiration of the contract with you and/or the person you represent  
To offer you the AI and analytics solutions you've requested, ensuring seamless service deliveryName, surname, e-mail address, query, request, information, related to query or request, report, report date, profile photo (if provided voluntarily), the name, surname of the searched person, the LinkedIn profile link of the searched person, other publicly available personal data about the searched person you are ordering a report about, our assumptions about that searched personWe have a contractual obligation and a legitimate interest (to conduct business and provide services that you requested from us which are not prohibited by law) (Art. 6(1)(b) and Art. 6(1)(f) of the GDPR)Until expiration of the contract and 10 years after expiration of the contract with you and/or the person you represent  
To process payments and to prevent fraudulent transactionsName, surname, e-mail address, billing and payment information, payment method information (like credit or debit card number, bank account details), location details, amount and date of purchase, purchase historyWe have a contractual obligation, a legal obligation and a legitimate interest (to verify the identities of individuals and be compliant with Anti-Money Laundering ("AML") and Know-Your-Customer (“KYC") regulations, also to provide our services to you) (Art. 6(1)(b-c) and Art. 6(1)(f) of the GDPR)10 years after the payment with you and/or the person you represent  
To engage in legal proceedings related to you  All information mentioned above, documents and attachments sent to you, documents and attachments submitted by you, procedural documents, court rulings, resolutions, decisionsWe have a legitimate interest (to defend WhiteBridge’s rights in legal proceedings) (Art. 6(1)(f) of the GDPR)  Until expiration of the contract and 10 years after expiration of the contract with you and/or the person you represent

Please note that the retention periods are determined in accordance with the General Document Retention Periods Index of the Republic of Lithuania and Article 1.125(1) ('general statutory limitation term’) of the Civil Code of the Republic of Lithuania.

3. How we process personal data from publicly available information?

When providing our AI and analytics solutions services, we process not only the personal data of the individual who ordered a report about themselves and/or another third party, but also the personal data of the searched person, and only those personal data which is available in public information sources (e.g., from public sources such as Facebook, LinkedIn, Instagram, Google, media outlets, other social media networks, websites, etc.).

Considering that when providing our AI and analytics solutions services, we only directly obtain personal data from the individual who ordered the report, i.e., we do not have direct contact details of the third party (searched person) that would allow us to contact and inform the searched person about the processing of their personal data. As a result, such information proves to be impossible or would involve a disproportionate effort, and therefore, in compliance with Article 14(5)(a-b), the privacy notice is publicly disclosed here. In cases where special categories of personal data are processed, it only includes those personal data which are manifestly made public by the data subject as provided for in Article 9(2)(e) of the GDPR.

The processing of personal data from publicly available sources is both legal and appropriate. This is supported by Recital 4 of the GDPR, Article 16 of the EU Charter of Fundamental Rights, and Article 48 of the Constitution of the Republic of Lithuania, along with other relevant laws. It aligns with the freedom to conduct business and complies with GDPR requirements. For this purpose, WhiteBridge ai, as a legal entity developing business and conducting its activities, can process publicly available personal information about the searched person (regardless of whether the individual ordered a report about themselves and/or a third party).

4. Who do we share information about you with?

We share information concerning you with our staff, intermediaries, representatives, suppliers, or subcontractors when it's deemed necessary. For instance, this could be with our payment service providers who manage financial operations on, hosting service providers for, server maintenance service providers, email service providers, and so forth.

Moreover, we might disclose information about you to:

  • Courts, arbitrators, mediators, opposing parties, and their legal counsels (if necessary for court or related proceedings).
  • Law enforcement, tax authorities, other state or municipal bodies (if required by applicable laws), or other persons fulfilling their official obligations (e.g., notaries, debt recovery companies).
  • Professional consultants such as lawyers, advisors, auditors, or accountants (to safeguard our legitimate interests).
  • Service providers offering IT, cloud computing, system administration, payment collection or administration, marketing, accounting, postal or courier services, but only as required for service provision.
  • Other entities within our corporate group, only if needed for proper company group administration.
  • During business transactions (e.g., selling, its assets or shares, merging or splitting, to potential or actual buyers, those conducting due diligence, or others involved in the respective business transaction. In such instances, will only transfer the necessary personal data, ensuring its confidentiality.

Whenever we transfer your personal data to a third country (outside the EU/EEA), one of the following conditions will apply:

  • The data will be transferred to countries approved as having adequate data protection.
  • Data transfers will employ appropriate safeguards as outlined in legal regulations. will always strive to ensure data transfers align with GDPR stipulations, taking suitable measures to safeguard your personal data.

5. How we protect your personal data?

We will treat your data with the utmost care and take all appropriate steps to protect it. We secure access to our websites and apps using 'https' technology. Access to your personal data will be protected by using various means such as password protection, SSL encryption, etc.

Your personal data will be processed in line with the GDPR standards, the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other relevant legal provisions. During the data processing, we employ both legal, organisational and technical strategies to ensure the safeguarding of personal data from inadvertent or illegal destruction, modification, disclosure, and any other unauthorised processing.

We regularly monitor our systems to identify ways to further strengthen security measures.

6. Do we process minor’s personal data?

The services offered by are exclusively for individuals aged 14 and above. Should we suspect that we are processing data for individuals below the age of 14, we will promptly delete such data from our databases. If you are aged 14 or older but below 18, please ensure that you review this Privacy Policy with a parent or guardian to fully understand and comply with its terms.

7. What data subject rights do you have?

You are granted several rights with regard to your personal data:

  • Right to Information and Access: At, we value transparency. You have the right to clear, comprehensible, and easily accessible information about how we handle your personal data. This is detailed in our Privacy Policy. If any segment of this Privacy Policy seems ambiguous, don't hesitate to reach out via e-mail address Moreover, you can request a copy of the personal data we possess related to you. For any additional copies, we reserve the right to charge a fee, which will be based on the administrative costs incurred.
  • Right to Rectification of Data: It's vital to ensure that your personal data is accurate. Thus, provides you the right to have any incorrect or incomplete data rectified upon request. You hold the responsibility to ensure the data you provide to us remains accurate, precise, and complete. Should there be any changes to your provided data, it is imperative that you notify us promptly. You can update the information through the registration form. If the information isn't mentioned in the form, an email notification will suffice. Please understand that will not be held accountable for any harm resulting from incorrect or incomplete data you have provided or any lack of updates on your part.
  • Right to Data Erasure (Also Known as "Right to be Forgotten"): Your data is your own, and respects that. Thus, you hold the right to request us to delete or erase your personal data under certain conditions stated in the Article 17 of the GDPR. It’s also crucial to understand that the Article 17(3) of the GDPR lists certain exceptions where data processing is necessary, even if a deletion request has been made. If any of these exceptions apply to your data, we will inform you about the same transparently.
  • Right to Restrict Data Processing: recognises your autonomy over your personal data, and you can choose to limit how we use it. Specifically, you can request us to put a halt or limit the processing of your data. Once processing is restricted, we won't process the affected data any further, except for storing it, unless there are exemptions by the Article 18 of the GDPR.
  • Right to Data Portability: Your personal data belongs to you, and we at respect your rights over it. Specifically, you have the right to the portability of your data.
  • Right to Object: At, your rights and preferences are of paramount importance. Among the rights you possess concerning your personal data is the right to object. You can raise an objection at any time, without any prerequisites. If there are no justified reasons (e.g., legal obligations) for further processing, we will not process your personal data.
  • Right to Withdraw Consent: At any given point, should you choose to retract the permission you previously granted us to process your personal data, you have the absolute right to do so. However, it's important to note that any processing activities we undertook with your data before this withdrawal will remain lawful.
  • Right to File a Complaint with a Supervisory Authority: If you feel that our processing of your personal data doesn't align with the standards set by GDPR, you're entitled to submit a complaint to the State Data Protection Inspectorate, legal entity code 188607912, registered address at L. Sapiegos str. 17, LT-10312 Vilnius, Republic of Lithuania, email address, phone (+370) 271 28 04, (+370) 279 1445. Before escalating the matter to the supervisory authority, we humbly request that you reach out to us first with your concerns. We prioritise your satisfaction and are committed to addressing and resolving any issues you might have in a timely and thorough manner.

Timely Response to Your Requests

When you exercise your rights as a data subject and send us a request, we commit to addressing it within a month. In the event that we're dealing with numerous or complex requests, we might need to extend this by another two months. However, we'll always inform you within the first month of receiving your request if we need this additional time and will provide our reasons.

Identity Verification

For the protection of your personal data, if there's any doubt regarding your identity when we receive a request, complaint, or claim from you, we reserve the right to ask for more information to confirm your identity. This ensures that your data remains secure and is shared only with you.

8. Do we process cookies?

Cookies are small text files that are stored in a computer's browser directory. They help site providers with things like understanding how people use a site, remembering a individual’s login details, and storing site preferences. WhiteBridge ai uses cookies as well as similar technologies (e.g., URL tracking, local storage). For the purpose of this Privacy Policy, such technologies are included in the term ‘cookies’.

Therefore, yes, we use cookies ensure that our services function properly, advertise our products and services, where allowed and analyse and improve our services and your experience at our website

You can configure your browser to decline some or all cookies or to ask for your permission before accepting them. Please note that by deleting cookies or disabling future cookies you may be unable to access certain areas or features of our website. For information on how to adjust or change your browser settings, visit or

For the information on, policy and control options for the third-party cookies, please read cookie policies of such third parties.

9. Periodic Revisions

In a world of continuous technological change, we will need to update this Privacy Policy on a regular basis.

Therefore, we reserve the right to periodically review, modify, and update this Privacy Policy. Upon implementing such modifications, the updated Privacy Policy will become effective from the moment it is published on In instances where significant alterations are made to the Privacy Policy, we will ensure to notify you accordingly. Always stay informed by frequently reviewing our Privacy Policy to keep abreast of any changes.

Last updated 12 April 2024

Cookie Consent

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.