Date: 2026-01-06
This Privacy Policy explains how MB Autoroyal (hereinafter – “We”, the “Company”) collects, uses, and protects your personal data when you use the website www.twinpart.lt (hereinafter – the “Website”) and the services it provides, including the posting of advertisements for motorcycles, their parts, accessories, and related services. When processing personal data, we comply with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the applicable laws of the Republic of Lithuania.
Data Controller
Name: MB Autoroyal Director: Justas Pacaitis Address: Jonažolių g. 3-16, LT-04134 Vilnius Company code: 306964930 Email: info@twinpart.com
Data We Process
Depending on how you use the Website, we may process the following data:
Account and user data: name, surname (or username), email address, phone number, profile information, password hash, account settings. Advertisement data: advertisement content, photos, motorcycle/parts/specification details, price, advertisement history. Payment data: payment status, amount, transaction ID, billing information. (Payment card information is typically processed by the payment service provider— we do not store it.) Communication data: messages via the platform, emails, notifications (including support requests). Technical and usage data: IP address, device and browser information, timestamps, login/usage activity, cookies, beacons, session identifiers, browsing statistics. Location data: approximate location based on IP (if required for functionality or security). Legal obligation data: invoices and accounting records, consent logs, data subject request records.
How We Collect Data
Data you provide directly (creating an account, posting advertisements, purchasing services, contacting us). Automatically collected data (cookies and similar technologies). Data from third parties (e.g., payment service providers, identity verification services—if used).
Purposes and Legal Bases of Processing (GDPR Article 6)
Service provision and administration (account creation, posting advertisements, enabling functionality) – performance of a contract (Art. 6(1)(b)). Payment processing and accounting – legal obligation (Art. 6(1)(c)) and performance of a contract. Customer support and communication – legitimate interest (Art. 6(1)(f)) or performance of a contract. Security and fraud prevention (abuse prevention, login monitoring, incident investigation) – legitimate interest and legal obligations. Direct marketing (newsletters, offers) – consent (Art. 6(1)(a)) or legitimate interest (where lawful). You may opt out at any time. Website improvement and analytics (usage analytics, UX improvements, error diagnostics) – legitimate interest. Compliance with legal obligations (taxes, accounting, dispute resolution) – legal obligation.
If personal data processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing prior to withdrawal.
Cookies and Similar Technologies
We use necessary (technical) cookies that ensure the Website’s operation and, with your consent, may use analytical and marketing cookies. Cookies may store: session identifiers, language/preferences, anonymized usage statistics. You can manage cookies via your browser settings or the Website’s cookie management tool (if available). Third-party cookies (e.g., analytics or advertising networks) are subject to the respective providers’ privacy policies.
Data Recipients and Data Transfers
We may share personal data with: Service providers (data processors):
IT infrastructure/hosting providers Email/SMS service providers Payment service providers (e.g., “[insert provider name]”) Analytics and error‑diagnostic providers Customer support systems Auditors, legal consultants, accounting firms
These entities process data on our behalf and under contract, strictly for specified purposes. Public authorities When required by law (e.g., law enforcement, tax authorities). Transfers to third countries (outside the EEA) When transferring personal data outside the EEA, we ensure GDPR Chapter V compliance (e.g., European Commission Standard Contractual Clauses, adequacy decisions, supplementary safeguards).
Data Retention Periods
We retain data for as long as necessary for the purposes described or as required by law:
Account data – while the account is active and up to 3 years after deletion (for dispute resolution and legitimate interests), unless a longer period is required. Advertisement content – while the advertisement is active and up to 24 months after archiving, unless required otherwise. Accounting records – according to legal requirements (e.g., 10 years under Lithuanian law, where applicable). Marketing data – until consent is withdrawn or an opt‑out request is received. Technical logs – typically 6–24 months, depending on security needs.
Your Rights (GDPR Articles 15–22)
You have the right to:
Access your data Rectify inaccurate or incomplete data Erase data (“right to be forgotten”), where applicable Restrict processing Data portability (receive your data in a structured, commonly used format and transfer it to another controller) Object to processing, including direct marketing Withdraw consent, where processing is based on consent
You can exercise your rights by contacting us through the details provided below. We respond within 1 month (extendable by up to 2 additional months depending on complexity).
Complaints
If you believe your data is processed unlawfully, you may:
Contact us first for a prompt resolution. File a complaint with the State Data Protection Inspectorate (VDAI): https://vdai.lrv.lt/
You also have the right to seek judicial remedies.
Data Security
We implement technical and organizational measures, including:
Access control Encryption (where applicable) Backups Incident response procedures Data minimization Employee confidentiality obligations
However, no online system can guarantee absolute security.
Data of Minors
Our services are not intended for children under 16 years of age. If you believe we have received data from a minor without a lawful basis, please contact us immediately — we will take steps to delete such data.
Third-Party Links
The Website may contain links to third‑party websites or services. We are not responsible for their content or privacy practices. We recommend reviewing their privacy policies.
Automated Decision-Making and Profiling
We generally do not perform automated decision‑making that produces legal or similarly significant effects. If applied in the future (e.g., fraud risk analysis), we will inform you clearly and ensure GDPR compliance.
Changes to This Privacy Policy
This Policy may be updated periodically. Significant changes will be announced on the Website and, where appropriate, via email or account notifications. The latest version will always be available on the Website.
Contact
If you have questions or wish to exercise your rights, please contact: MB Autoroyal Address: Jonažolių g. 3-16, LT‑04134 Vilnius Email: (e.g., privacy@twinpart.lt or info@twinpart.lt)