Login

Privacy Policy

Last updated: 2026-02-07

This Privacy Policy (the “Privacy Policy”) explains how the “Gile” website and its services (the “Service”) process personal data. The Privacy Policy applies to all visitors and users who browse the website or use the Service’s features.

1. Data controller and contact

Data controller: MB “Bearitstudio” (Lithuania), operating and administering “Gile”. For questions about the Privacy Policy or personal data processing, you can contact us by email: vytautas@bearitstudio.lt.

2. Definitions

  • Personal data – any information that can directly or indirectly identify a person.
  • Data subject – the person whose data is processed (e.g., Service user, client, website visitor).
  • Data controller – MB “Bearitstudio”, which determines the purposes and means of processing.
  • Data processor – a service provider processing data on behalf of the Data controller (e.g., hosting or analytics provider).
  • Cookies – small data files or similar technologies that help ensure the Service works properly and conveniently.

3. What data we may collect

Depending on how you use the Service, we may process the following categories of data:

  • Account data (e.g., email address, authentication status, security settings, login events).
  • Profile / business data you provide (e.g., name, company code, VAT code, address, email, phone, website).
  • Data related to creating and managing invoices (e.g., client/partner data, items/services, prices, payment information, notes).
  • Uploaded files (e.g., logos, images, attachments), if you use such features.
  • Communication data (e.g., email content if you contact us for support).
  • Technical and usage data (e.g., IP address, device and browser type, operating system, error logs, approximate traffic metrics).

4. Purposes and legal bases for processing

We only process data for clear, defined purposes and based on legal grounds under the GDPR:

  • Providing the Service, creating and administering your account (contract performance / pre-contract steps).
  • Security, abuse prevention, maintaining login sessions, investigating incidents (legitimate interest and, in certain cases, legal obligation).
  • Customer support and communication about the Service (legitimate interest or contract performance).
  • Improving the Service and usage analytics (legitimate interest; where required by law – consent for non-essential cookies).
  • Compliance with legal requirements (legal obligation).

5. Cookies and similar technologies

Cookies are a common web technology that helps recognize a browser, maintain a login session, and ensure the Service works smoothly. Cookies generally do not store your passwords; they help manage sessions and settings.

5.1 Essential cookies

Essential cookies are required to provide the Service. Without them, some functionality (e.g., login) would not work. This may include session/authentication cookies and saving preferences (e.g., language).

  • Authentication and session cookies (to maintain login state and ensure security).
  • Language preference cookie (e.g., “locale”), so the Service remembers your selected language.

5.2 Analytics

For analyzing Service usage, we may use “Plausible Analytics” and/or “Vercel Analytics”. “Plausible” typically operates without cookies. If we use non-essential cookies or similar technologies in the future, we will do so in accordance with legal requirements.

Cookie names, expiration periods, and exact usage may change due to technical updates. You can always manage cookies in your browser settings.

6. How we use the collected information

We may use the collected data, for example:

  • to create and administer an account and provide access to features;
  • to generate, store, and provide your invoices and related documents;
  • to improve Service performance, convenience, and user experience;
  • to ensure security, detect suspicious activity, and prevent abuse;
  • to respond to requests and provide support.

7. Updating and accuracy of data

Please provide accurate data and update it when it changes. This is important so the Service works correctly (e.g., correct details on invoices).

8. Security measures

We apply technical and organizational measures to protect data against loss, unauthorized access, disclosure, or alteration. However, absolute security of data transmitted over the internet cannot be guaranteed, so we encourage you to use strong passwords and keep your login credentials secure.

9. Data recipients (processors) and service providers

To provide the Service, we may use third-party service providers (data processors), such as:

  • “Supabase” – authentication, data storage, and related features.
  • “Vercel” – website hosting and performance/analytics measurement.
  • “Plausible Analytics” – website usage analytics.
  • Email delivery providers – system messages and security communication (if applicable).
  • Business data providers (e.g., “Rekvizitai”) – automatic company details suggestions (if applicable).

We share personal data only to the extent necessary to provide the Service and under contractual obligations.

10. Transfers outside the EEA

Some service providers may process data outside the European Economic Area. In such cases, we apply lawful transfer mechanisms, such as Standard Contractual Clauses (SCC) approved by the European Commission or other safeguards provided under the GDPR.

11. Retention periods

We retain data only as long as reasonably necessary to provide the Service, comply with legal obligations, resolve disputes, and protect legitimate interests. When data is no longer needed, we delete or anonymize it.

12. Your rights (GDPR)

You have the right to:

  • access your personal data;
  • request correction of inaccurate data;
  • request deletion of data, where applicable;
  • restrict processing, where applicable;
  • object to processing, where applicable;
  • receive data in a portable format, where applicable;
  • lodge a complaint with a supervisory authority (in Lithuania – the State Data Protection Inspectorate).

To exercise your rights, email us at vytautas@bearitstudio.lt.

13. Account, login credentials, and responsibility

To use certain Service features, you may need to create an account. You are responsible for keeping your login credentials confidential and for actions performed using your account.

14. Data deletion

If you want to delete your account or personal data, contact us by email vytautas@bearitstudio.lt. In some cases, we must retain certain data due to legal obligations.

15. Updates to this Privacy Policy

We may update this Privacy Policy due to Service changes, legal updates, or security reasons. The latest version is always published on this page.