Last updated: 10 April 2025

The present Privacy Policy concerns persons who cooperate or intend to cooperate with the Data Controller, use the services provided by the Data Controller, or visit the website at www.domillion.eu (hereinafter referred to as the Website), or through the services provided in Lithuania, Spain, or any other country where Domillion operates.

1. Data Controller

Domillion, UAB

Šiaulių g. 10-28, LT-01134 Vilnius

founder@domillion.eu

2. General Definitions

‘Data Subject’ means an individual or their authorised representative, a representative of a legal entity, who uses, has used, or intends to use the services and opportunities provided on the Website, and whose personal information is collected and processed by the Data Controller in compliance with the present Privacy Policy.

‘Personal Data’ means any information pertaining, either directly or indirectly, to an identified or identifiable natural person (including but not limited to name, surname, personal identification number, contact details, location data, internet identifier, or other attributes of a natural person’s identity).

‘Data Processing’ means any action or series of actions (e.g., collection, recording, categorisation, organisation, storage, adaptation, modification, access, deletion, etc.) performed on personal data or sets of personal data.

3. Principles Relating to Processing of Personal Data

The Data Controller shall process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the Regulation), the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other legal acts regulating the processing of personal data.

The Data Controller shall adhere to, inter alia, the following basic principles of data processing:

the processing of personal data shall be lawful, fair, and transparent (principle of lawfulness, fairness, and transparency);

personal data shall be collected for specified, explicit, and legitimate purposes (purpose limitation principle);

the personal data undergoing processing shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (principle of data minimisation);

personal data shall be kept up to date (principle of accuracy);

personal data shall be stored securely and for no longer than is necessary for the purposes for which the personal data are processed or required by law (principle of storage limitation);

personal data shall only be processed by employees of the Data Controller who are authorised to do so by virtue of their job functions or by processors who provide services to the Data Controller and process personal data on behalf of the Data Controller and for the benefit of the Data Controller or the Data Subject (principle of integrity and confidentiality);

The Data controller shall be responsible for ensuring compliance with the aforementioned principles (principle of accountability). When processing and storing personal data, the Data Controller shall implement organisational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, and disclosure, as well as against any other unlawful processing.

The Data Subject shall be responsible for ensuring that the personal data provided by him or her are accurate, true, and complete. If the personal data provided by the Data Subject is updated, the Data Subject shall immediately inform the Data Controller of the changes. The Data Controller shall not be liable for any damage incurred by a person and/or third parties as a result of the Data Subject’s provision of incorrect and/or incomplete personal data or failure to request the data to be supplemented and/or amended in the event of a change in the data.

In cases where the Data Subject provides personal data of third parties to the Data Controller, the Data Subject undertakes to inform these persons about the provision of their data to the Data Controller and to acquaint them with the present Privacy Policy.

4. Sources of Personal Data

We collect personal data directly from you via:

• Contact forms on our website
• Email communication

5. Personal Data Subject to Processing

The Data Controller shall process the following primary categories of personal data, which include but are not limited to:

Name

Email address

Telephone number

Property address (if submitted)

Photos of the property (if submitted)

Content of your enquiry

IP address and basic usage data from website visit (cookies – see section 17)

6. Grounds for Processing Personal Data

Data shall only be processed where one or more of the following criteria for lawful processing apply: (i) to ensure that the Data Subject is able to use the Website and the services it provides; (ii) to act upon the Data Subject’s request for the purpose of entering into a contract; (iii) upon the Data Subject’s consent; (iv) to meet an applicable legal obligation; (v) where processing is necessary to meet Our legitimate interests or legitimate interests of a third party.

7. Purposes of Personal Data Processing

The Data Controller processes personal data submitted through the website’s contact form for the purpose of responding to enquiries and communicating with potential clients regarding the services offered, including optional information about the property (such as address and photos), if submitted by the Data Subject.

The following personal data may be processed:

Name, email address, telephone number, and the content of the enquiry.

Personal data is processed on the basis of the Data Controller’s legitimate interest in responding to requests and providing information about services (Article 6(1)(f) of the GDPR).

Personal data shall be stored for up to 2 (two) years from the date of the last communication, unless a longer retention period is required due to ongoing cooperation or legal obligations.

12. Provision of Personal Data

The Data Controller undertakes to respect the duty of confidentiality towards data subjects. Personal data may be disclosed to third parties only where necessary for the conclusion and performance of a contract for the benefit of the Data Subject, or for other legitimate reasons.

The Data Controller may provide your personal data to:

State bodies and institutions, other persons exercising functions vested in them by law (e.g., law enforcement authorities, bailiffs, notaries, tax administration, supervisory, financial crime investigation authorities);

Authorised auditors, legal and financial advisers;

Persons who have entered contracts, for the purpose of fulfilling contractual obligations;

Other persons involved in the conclusion and performance of contracts, data processors.

Upon any event where personal data have been transferred to other independent controllers under the present paragraph, the independent processors shall be responsible for ensuring that the requirements for the protection of personal data are duly respected.

13. Personal Data Retention Period

Personal data collected by the Data Controller shall be stored in paper documents and/or information systems. Personal data shall be processed for no longer than is necessary for the purposes for which the personal data are processed or required by law.

Normally, contracts and the data therein are stored for a period of 2 (two) years from the date of termination of the contract in case of any future claims or legal claims that may arise.

Individual data retention periods are specified in the present Privacy Policy under the individual description of the purpose of personal data processing.

14. Transferring Data Outside the EU/EEA

The Data Controller notes that in cases where data is transferred outside the EU/EEA, the Data Controller applies the data transfer framework provided for in Chapter V of the GDPR and sufficient technical and organisational measures to ensure data security.

15. Rights and Responsibilities of the Data Subject

You shall have the right to:

Obtain information pertaining to your personal data, where and how the personal data are collected, and grounds for processing your personal data;

Request the Data Controller to rectify your personal data, suspend the processing thereof, or erase your personal data if they are incorrect, incomplete or inaccurate, or if they are no longer necessary for the purposes for which they were collected. In this case, you shall submit a request, upon receipt of which the Data Controller shall verify the information provided and take the necessary action;

Request the Data Controller to erase the personal data or to suspend the processing thereof, with the exception of storage, in the event that upon accessing your personal data you establish that the personal data are being processed unlawfully or fraudulently;

Object to the processing of your personal data where the processing is carried out or intended to be carried out for a legitimate interest pursued by the Data Controller or by a third party to whom the personal data are provided;

Withdraw your consent to the processing of your personal data at any time.

You may exercise all your rights as a Data Subject by contacting the Data Controller by e-mail at founder@domillion.eu

The Data Subject shall have the right to contact the State Data Protection Inspectorate (https://vdai.lrv.lt/), which oversees and controls legislation on the protection of personal data.

You shall:

Inform the Data Controller of any changes to the information and data provided;

Provide the necessary information allowing the Data Controller to identify the Data Subject at the request of the Data Subject and to verify that the communication or cooperation actually is with the Data Subject concerned (provide proof of identity in accordance with the procedure laid down by law or by means of electronic communications which permit the proper identification of the Data Subject). This is necessary for the protection of the Data Subject’s data and the data of other persons so that the disclosed information pertaining to the Data Subject is provided only to the Data Subject, without prejudice to the rights of other persons.

16. Cookies

This Website uses cookies. Cookies are small pieces of site data that are sent to your web browser and stored on your computer’s hard drive. Cookies are placed on your computer the first time you visit this Website. Cookies are then used to identify your computer and make it easier for you to access this Website or the information it contains.

Using cookies helps identify users and ensures the full functionality of the Website.

If you give your consent or unless you adjust your browser settings to prevent all or certain cookies from being stored, cookies will be placed on your device when you first visit this Website. To accept the cookies used on the Website, please click the “Accept” button. If you do not click “Accept” or click “Reject”, you will not be consenting to storing non-essential cookies on your device.