Why is this Privacy Policy necessary?
UAB “Admita”, company code 125323158, VAT payer code LT253231515, registered address: Oslo g. 5, LT-04131 Vilnius (hereinafter – the Company or We), is committed to protecting your personal data and privacy. When processing your personal data, we adhere to:
The General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council, dated 27 April 2016 (hereinafter – the Regulation or GDPR),
The Law on the Legal Protection of Personal Data of the Republic of Lithuania,
And other applicable data protection legislation.
In order to transparently inform you about how we collect, use, and safeguard your data, we hereby publish this Privacy Policy (hereinafter – the Policy). This Policy applies to all individuals who use our services, visit our websites, or interact with us in any other way.
Where does this Policy apply?
This Policy applies when you use:
Our short-term or long-term car rental services, including via the platforms https://admita.lt and https://admitaflex.lt;
Our car parking services, including reservation and automated entry via https://admitaparking.com;
Our customer service channels – by phone, email, self-service system, or through social media platforms.
In this Policy, you will find information about:
What personal data we collect and for what purposes we use it;
Who your data may be shared with;
How long we retain it;
What rights you have and how you can exercise them.
Please note that this Policy may be updated. We will clearly inform you about any significant changes, but we also recommend reviewing it periodically on our websites.
What is personal data and how is it processed?
Personal data is any information that allows us to identify you directly or indirectly. This may include, for example, your name, surname, email address, phone number, vehicle license plate number, reservation or payment details. Personal data processing refers to any operation performed on personal data: collecting, recording, storing, modifying, transferring, reviewing, deleting, and so on.
When processing your data, we follow these key principles:
Purpose limitation and data minimization – we collect only the data necessary for a specific purpose;
Lawfulness and transparency – we inform you about how your data is used and comply with applicable legal requirements;
Accuracy – we ensure that your data is accurate and updated when necessary;
Storage limitation – data is retained only as long as necessary or required by law;
Security – we apply organizational and technical measures to protect your data from unauthorized disclosure, loss, or destruction.
For what purposes do we process your personal data?
I. Contract Conclusion and Administration
What personal data do we process?
In order to conclude and manage contracts for car rental services (short-term or long-term) and car parking services, as well as to properly register orders on our websites https://admita.lt, https://admitaflex.lt, and https://admitaparking.com, we process the following personal data:
First name, last name;
Date of birth or personal identification number (when necessary for identification);
Driver’s license information (in the case of rental services);
Email address;
Phone number;
Address (residential or legal entity’s registered address);
Company name, company code, and VAT number (if the client is a legal entity);
Vehicle license plate number;
Service order details (reservation code, date, service type, duration, location);
Contract details (selected vehicle, rental period, parking lot, additional services);
Payment information (amount, payment method, status);
Self-service system login credentials (email, password).
How do we obtain this data?
Directly from you, when you submit an inquiry or place an order via our websites, or when contacting us by phone, email, or in person;
When you use our self-service system or automated parking systems;
From our partners, when a service is booked or provided in cooperation with third parties (e.g., through other rental platforms or parking lot operators);
From payment operators – for the purpose of processing payments.
For what purposes is your personal data used?
To process service (rental or parking) orders and conclude contracts;
To reserve, provide, and manage the services;
To verify your identity, including checking driver eligibility (for rental services);
For invoicing and payment management;
To grant access to parking spaces or vehicles via license plate recognition systems or rental terminals;
To create and manage a customer account (self-service).
Who may your personal data be shared with?
Your personal data may be shared only to the extent necessary for service provision or in cases specified by law:
IT system providers and infrastructure partners – for self-service, reservation, contract, and payment administration purposes;
Car and parking lot operators/partners – if the service is provided in their managed areas or using their platforms;
Payment service providers – to ensure payments or refunds;
Legal advisors, consultants, auditors – for internal administration or dispute resolution purposes;
State and law enforcement authorities – only when required by law;
Debt management or recovery service providers, if the client fails to fulfill obligations;
Insurance companies – in case of accidents or damage.
Your data will not be shared for commercial or marketing purposes without your consent. It will also not be transferred outside the European Union or European Economic Area unless an adequate level of protection is ensured in accordance with the GDPR.
On what legal grounds do we process your personal data?
When processing your personal data, we comply with the General Data Protection Regulation (GDPR) and other applicable legal acts. Depending on the situation, your data is processed based on the following legal grounds:
Performance of a contract (GDPR Article 6(1)(b))
When you provide your data by registering or booking car rental or parking services through our websites (admita.lt, admitaflex.lt, admitaparking.com) or via the self-service system, a contract is concluded between you and UAB “Admita.” In this case, your personal data is processed in order to properly fulfill the contract and provide the ordered services (e.g., assigning a vehicle, granting access to a parking lot, contacting you about your order, etc.).
Compliance with legal obligations (GDPR Article 6(1)(c))
After the contractual relationship ends, certain data must be retained in accordance with applicable legal requirements – for example, for accounting, tax, or archiving purposes. In such cases, data is processed to comply with legal obligations established by:
The Civil Code of the Republic of Lithuania;
The Law on Value Added Tax of the Republic of Lithuania;
The General Document Retention Period Index approved by the Chief Archivist of Lithuania;
And other legal acts.
How long do we retain your personal data?
The data related to contracts concluded with you and/or your submitted orders, including all supporting documents and personal data you provided, is processed for the entire duration of the contract.
After the contract ends or the order is fulfilled, this data is retained for ten (10) years, as stipulated by law.
This retention period allows us to protect our legal interests, meet audit and accountability requirements, and properly respond to potential disputes or inquiries from state authorities.
II. Service Administration by the Company
(Provision of Parking and Car Rental Services)
What personal data do we process?
To ensure the proper administration of our parking and car rental services, we process the following personal data:
For parking services:
Vehicle license plate number;
Parking location;
Parking start and end date and time (or reserved period);
Duration and selected type of service (e.g., with/without cancellation option);
Payment status (paid/unpaid), amount, chosen payment method;
Transaction data (e.g., bank payment ID);
Phone number.
For car rental services:
First and last name;
Date of birth or personal identification number;
Contact details – email, phone number, address;
Driver’s license information (if applicable);
Copy of driver’s license (if applicable);
Rental period, selected vehicle, pickup and return locations;
Payment and invoice details;
Account information (email, login credentials, order history);
Any documents or consents provided by the client.
How do we obtain this data?
Directly from you – when you register, book, or use our websites, self-service, phone, or email;
Automatically – when you enter a parking lot equipped with a number plate recognition system (ANPR);
From payment service providers or partner platforms – when services are booked through third parties.
What is your personal data used for?
For parking services – to identify the vehicle, determine service duration, calculate fees, and manage payments;
For rental services – to assess driver eligibility, prepare the vehicle, ensure proper service delivery, and manage returns;
In all cases – for customer support, service quality, payments, self-service access, and invoicing purposes.
Who may your personal data be shared with?
Your data may be shared with:
Our IT and system administration partners (e.g., providers of self-service, payment, or reservation systems);
Car or parking lot operators/owners – when services are provided through partners;
Payment service providers – banks, payment processors;
Mobile network operators – if SMS-based payment is used;
Legal advisors, debt collection, and consulting service providers – in case of unpaid services or disputes;
Insurance companies – for claims or incident management;
State authorities – only when required by law.
All data is shared only with trusted recipients who apply GDPR-compliant security measures. Your data is not transferred outside the European Economic Area unless an adequate level of protection is ensured.
On what legal grounds do we process your data?
Performance of a contract (GDPR Article 6(1)(b)) – when you order a service (e.g., book a parking space or rent a vehicle), your data is processed to provide that service;
Legal obligation (GDPR Article 6(1)(c)) – when data must be retained according to accounting, tax, or archiving laws;
Legitimate interest (GDPR Article 6(1)(f)) – to ensure service security, proper operation, dispute prevention, or quality assurance.
How long do we retain your personal data?
Parking and one-time order data – for 3 years from the date of service or final payment;
Long-term contract data – for 10 years after the end of the contract;
Entry and parking event data (e.g., license plate images) – up to 2 months, unless required to retain longer for legal or dispute resolution purposes.
III. Debt Management
(Administration of Payment Defaults, Including Identity Verification)
What personal data do we process?
In cases where a client fails to pay for services provided by UAB “Admita,” violates payment terms, or ignores payment obligations, we process the following personal data:
Renter’s personal details: first name, last name, personal identification number, residential address;
Vehicle license plate number;
Vehicle and/or rental period information (pickup/return date and time, type of service);
Vehicle and/or parking period information (entry/exit date and time, parking location or zone, type of service);
Vehicle image or license plate photo (when collected via ANPR or video surveillance cameras);
Amount due and details of the outstanding debt;
Information generated during correspondence, notifications, or debt recovery processes (debtor’s responses, communication history).
How do we obtain your data?
From our systems – when you use Admita’s car rental or parking services but fail to make payment under the agreed terms;
Through video surveillance systems – when parking is recorded but payment is not completed;
From Regitra (Lithuanian State Enterprise) – when we need to identify the registered owner of the vehicle;
From publicly available sources or state registries, when required as part of the lawful debt administration process.
What is your personal data used for?
To identify which vehicle and which person (owner or user) used the service and failed to pay;
To justify the circumstances of the payment default and collect evidence of services rendered but not paid for;
To initiate communication with the client regarding the debt and encourage payment;
If necessary – to pass information to debt collection partners, legal advisors, or insurance companies;
To protect the Company’s legitimate financial interests in the event of pre-litigation or litigation debt recovery.
Who may your personal data be shared with?
Debt administration or collection agencies acting on behalf of UAB “Admita” in performing debt management functions (including debtor identification, notifications, pre-litigation or litigation representation);
Legal advisors, notaries, bailiffs – when necessary to prepare or execute legal procedures related to the debt;
Insurance companies, if the service was insured or the debt is related to compensation for damages;
State or law enforcement authorities (e.g., police, courts, the State Tax Inspectorate) – only in accordance with legal requirements and when necessary for the protection of our rights or fulfillment of obligations.
In all cases, your data is shared only with trusted recipients who ensure an adequate level of personal data protection. Data is not transferred outside the European Union or the European Economic Area unless done in full compliance with GDPR requirements.
On what legal basis do we process your personal data?
According to Article 6(1)(f) of the GDPR, we have a legitimate interest in recovering unpaid fees for services rendered. Therefore, the data is processed to protect the legitimate financial interests of UAB “Admita” related to the collection of outstanding amounts, as well as to maintain payment discipline and fairness toward other clients.
How long do we retain your data?
Data related to debt management is processed until the debt is fully paid or the legal claim is terminated;
After recovery of the debt, the data is retained for an additional 3 years together with the related service order information, in order to protect legal interests or respond to official inquiries.
IV. Fulfillment of Tax Obligations
(Issuance and Administration of Accounting Documents)
What personal data do we process?
To ensure proper accounting and the fulfillment of tax obligations related to the car rental and parking services provided by UAB “Admita,” we process the following personal data:
First name, last name;
Date of birth (if necessary for accurate identification or for document entries);
Address (residential or company headquarters);
Email address;
Phone number;
Company name, company code, and VAT number (if the service recipient is a legal entity);
Vehicle license plate number;
Service details (type of service: rental or parking; duration; location; vehicle or parking lot information);
Invoice or receipt data (number, date of issue, amount, VAT).
How do we obtain your data?
Directly from you – when you submit a request via the websites admita.lt, admitaflex.lt, or admitaparking.com, register via the self-service system, or submit a “Request an invoice” form;
Automatically – when data is generated through the use of our platforms, reservation, or payment systems;
From service providers or payment partners – if invoice generation is conducted via integrations with external systems.
What is your personal data used for?
To correctly issue VAT invoices, credit notes, or receipts;
To report information to state authorities (e.g., the State Tax Inspectorate – VMI) in accordance with legal requirements;
To manage accounting systems and conduct internal control procedures;
To ensure compliance with tax obligations related to the parking or rental services provided;
To organize the issuance and delivery of invoices to clients.
Who may your personal data be shared with?
Providers of accounting and IT systems – who support our self-service, payment, or invoice management functions;
Consultants, auditors, accountants – who perform oversight or provide financial services;
The tax administrator (VMI) – in accordance with applicable legal acts of the Republic of Lithuania;
Legal or supervisory authorities, when required by law.
Your data is shared only with recipients who ensure appropriate personal data processing and security measures. Your data is not transferred outside the EU/EEA unless adequate safeguards are provided in accordance with the GDPR.
On what legal basis do we process your data?
When processing accounting documents, we act in accordance with Article 6(1)(c) of the GDPR – data is processed to comply with legal obligations arising from:
The Law on Value Added Tax of the Republic of Lithuania;
The Law on Accounting of the Republic of Lithuania;
The Law on Tax Administration of the Republic of Lithuania;
Other applicable legislation governing financial and tax reporting.
How long do we retain your personal data?
Accounting documents and any related personal data are retained for 10 years from the date of issuance, as required by applicable legislation.
V. Service Administration, Process Quality Assurance, and Asset/Infrastructure Protection
(Video Surveillance of Parking Areas and Vehicles)
What personal data do we process?
To ensure proper administration of services provided by UAB “Admita” (including parking and car rental), and to protect our property, vehicles, and infrastructure, we process the following personal data:
Photographs of vehicle license plates (e.g., during entry/exit);
Video recordings (which may capture personal images, vehicle license plates, actions, or incidents);
Technical data related to the video footage: date, time, duration, location (parking lot, vehicle handover point).
How do we obtain your data?
Directly from video surveillance cameras installed in our managed parking lots and vehicle pick-up/drop-off locations;
Clients are informed about video surveillance through informational signage (e.g., at parking entrances or vehicle collection points), as required by law.
What is your personal data used for?
To register automatic vehicle entry/exit (ANPR system), used for service management and payment control;
To record service usage time and conditions (e.g., parking duration, vehicle return time);
To identify potential rule violations, public order disturbances, or legal infractions (e.g., improper behavior, damage to vehicles or infrastructure);
To protect our property (vehicles, infrastructure, systems) and proactively manage risks;
To provide evidence in case of disputes or damages, including in court or insurance procedures.
Who may your personal data be shared with?
Your data may be shared only on legitimate grounds and with the following recipients:
Our IT and security service providers, who assist in managing video surveillance systems or data storage;
Parking lot and vehicle operators/partners involved in joint service administration;
Competent law enforcement or supervisory authorities (e.g., police, courts, the State Data Protection Inspectorate) – when required due to legal violations or dispute resolution;
Insurance companies – for the purpose of documenting damages or incidents;
Legal or debt collection companies – when necessary to protect legitimate interests.
Your data is not transferred to third parties located outside the European Economic Area unless an adequate level of protection is ensured in accordance with GDPR requirements.
On what legal basis do we process your data?
In accordance with Article 6(1)(f) of the GDPR, your data is processed based on legitimate interest:
To ensure the quality and control of the services provided (parking and car rental);
To protect the assets and infrastructure of the company and its partners from unlawful actions;
To record and manage incidents, violations, or events (including in the context of dispute resolution).
How long do we retain your data?
Routine video recordings are retained for no longer than 2 months from the date of capture, unless they are required for a longer period (e.g., due to an incident);
License plate photographs taken at the time of entry/exit (used as service proof) are retained for 3 years from the date of service or full payment;
Recordings capturing specific incidents (e.g., property damage, theft, rule violations) are retained for the full duration of pre-trial, court, or administrative proceedings, until matters of liability or compensation are resolved.
VI. Improvement of Customer Service and Information Quality
(Recording of Phone Calls)
What personal data do we process?
To ensure high-quality customer service, smooth provision of services (especially when concluding car rental or parking agreements over the phone), as well as to monitor employee performance and resolve disputes, UAB “Admita” records and stores the following personal data:
Call recording (including your voice and the content of the conversation);
The phone number from which you are calling;
Technical call data: date, time, and duration of the call;
If necessary – additional information related to the content of the call (e.g., service type, booking number).
How do we obtain your data?
This data is obtained directly from you when you call us using the provided customer service numbers (e.g., +370 616 00141) and provide information verbally. Calls are recorded only when you are informed of the recording prior to the conversation (via a voice message).
What is your personal data used for?
To ensure that the information provided is accurate, service delivery is smooth, and matters are handled in a documented and substantiated manner;
To evaluate the quality of employee service and for training purposes;
When a transaction is made over the phone (e.g., rental reservation, modification, cancellation), the recording may serve as evidence of the service agreement or content of obligations;
For resolving complaints, disputes, responding to inquiries, or clarifying situations related to the services provided.
Who may your personal data be shared with?
Your call data may be shared with:
Internal staff responsible for customer service quality, service management, or training;
External service providers acting as data processors (e.g., call center service providers, IT system administrators);
Legal authorities – only when required by law or necessary for dispute resolution (e.g., police, courts, the State Data Protection Inspectorate, attorneys, or debt collection agencies).
Your data is not transferred outside the European Union or European Economic Area unless an adequate level of protection is ensured in accordance with the GDPR.
On what legal basis do we process your data?
Your data is processed based on:
Your consent (GDPR Article 6(1)(a)) – which is considered given if you continue the conversation after being informed that it is being recorded;
Additionally – if a verbal agreement or reservation is made during the call, the data may be processed under contract performance (GDPR Article 6(1)(b));
Legitimate interest (GDPR Article 6(1)(f)) – to ensure service quality, resolve complaints, and protect the rights of the company or the client.
How long do we retain your data?
Standard phone call recordings are retained for 3 months from the end of the call;
Calls involving important matters (e.g., transactions, complaints, or claims) may be assigned to other processing purposes and retained as long as necessary to fulfill the specific purpose (e.g., for the duration of a dispute or legal proceedings).
VII. Administration of Requests, Complaints, and Inquiries
(Handling of Inquiries and Complaints)
What personal data do we process?
To objectively assess your submitted requests, complaints, claims, or other inquiries, and to provide responses or take legal action, UAB “Admita” processes the following personal data:
First name, last name;
Vehicle license plate number;
Contact details: email address, phone number, (and, if necessary, residential or company address);
The content and context of the inquiry/complaint/claim;
Attached documents (e.g., booking confirmations, receipts, photos, videos, or other evidence).
How do we obtain your data?
From you or your representative, when you contact us by email (e.g., info@admita.lt), phone, contact form on admita.lt, admitaflex.lt, or admitaparking.com, by post, or via social media platforms;
The data may be supplemented with information we already hold about you as a client (e.g., booking history, payment information, or technical data captured by our systems).
What is your personal data used for?
Your personal data is used to:
Properly assess the situation related to your inquiry;
Identify you as a client and provide a personalized, well-founded response;
Ensure smooth internal process coordination (e.g., analyzing compliance with service terms);
Assert, exercise, or defend the legitimate interests of UAB “Admita” or its clients in the event of a dispute or incident.
Who may your data be shared with?
Your data may be shared with:
Legal or dispute resolution institutions (e.g., courts, the State Consumer Rights Protection Authority, the State Data Protection Inspectorate);
Attorneys, bailiffs, consultants, insurance companies, or debt collection agencies;
Service providers (e.g., IT system or customer service providers) acting as data processors, but only if necessary for resolving a complaint or inquiry.
Such data is shared only in accordance with legal requirements and only when necessary to protect our or third parties’ legitimate interests.
Your personal data is not transferred outside the European Economic Area unless an adequate level of protection is ensured in accordance with the GDPR.
On what legal basis do we process your data?
We process your data:
On the basis of Article 6(1)(c) of the GDPR – when your inquiry relates to legally protected rights or interests (e.g., consumer rights, data protection);
On the basis of Article 6(1)(f) – when we aim to protect legitimate interests (e.g., dispute resolution, damage claims, or protection of company property);
On the basis of Article 6(1)(a) – when you provide feedback, an opinion, or informal remarks (i.e., based on your consent).
How long do we retain your personal data?
Personal data related to the handling of complaints, requests, or inquiries is retained for 3 months from the date the matter is closed;
If the complaint or claim is not resolved within this time or involves a legal dispute, the data may be retained for a longer period – for the entire duration of the legal or pre-litigation process;
If the dispute is resolved by settlement or court decision – related data is retained for up to 10 years.
VIII. Public Representation and Brand Awareness in the Public Sphere
(Social Media Communication)
What is the purpose of processing data?
To increase the visibility of UAB “Admita” (hereinafter – the Company), to engage with current and potential clients, and to represent the services we offer – including car rental, parking, and mobility solutions – the Company manages the following social media accounts:
Facebook
LinkedIn
Instagram
What personal data do we process?
When interacting with you on social media, we may process the following data:
Your first and last name or username;
Your profile picture or photos in which the Company is tagged;
Public actions (e.g., “like”, “comment”, “share”, “follow”, etc.);
Messages and their content (e.g., message text, time sent, attachments, message history);
Information about your participation in contests, campaigns, or events organized by the Company;
Feedback, reviews, and opinions about our services.
How do we obtain your data?
Directly from you – when you interact with us on our social media pages or tag our content;
When you participate in social media contests, surveys, or other initiatives.
What is your personal data used for?
To ensure smooth and effective communication with you;
To respond to your questions, suggestions, or complaints received through social media;
To provide information about our services (rental terms, offers, news);
To shape the Company’s public image and promote our services in the public domain.
Who may your personal data be shared with?
Advertising or social media communication partners (e.g., marketing agencies, consultants, content creators) acting as our data processors;
Competent authorities (e.g., courts, the State Data Protection Inspectorate, the police), only when required by law;
Data is never shared with third parties that do not ensure appropriate data protection safeguards.
Your data is not transferred to third countries (outside the EEA), unless the social media platform provider (e.g., Meta Platforms or LinkedIn Corporation) applies GDPR-compliant safeguards.
Important: Your data is also processed by the operators of the respective social media platforms. We recommend reviewing their privacy policies (e.g., Facebook, Instagram, LinkedIn).
On what legal basis do we process your data?
Article 6(1)(a) of the GDPR – You interact with us on social media on your own initiative, therefore your data is processed based on your consent;
Article 6(1)(f) of the GDPR – We have a legitimate interest in maintaining contact with our audience, providing information about our services, and building our reputation. Thus, data is also processed on the basis of legitimate interest.
How long do we retain your data?
Your data is retained for as long as it remains visible on our social media platforms, or until you request its removal;
Data related to legal or reputation-sensitive incidents (e.g., defamation) is retained for the entire duration of the dispute or legal process.
End of Privacy Policy
