BFA Management

Privacy Policy



  1. The Controller of personal data managed on the website – Mandola, MB (Small Partnership), company code 303091595, address of the headquarters Kalvarijų g. 125B-606, LT-08221 Vilnius.

  2. The terms of this Privacy Policy apply to all users of our website, the actions they may take on the website, including (but not limited to) registering on the website, using search facilities, reading published information, submitting and receiving any information and data.

  3. We advise all parents and guardians to educate their children about safe and responsible use of their personal data online. Minors should not transmit their personal information to us without the consent of their parents or guardians.

  4. Mandola, MB reserves the right to change the Policy, therefore, it is necessary to re-read it every time using our website. By using our services, you confirm that you are aware of our Privacy Policy.

  5. Mandola, MB follows a customized and standardized approach to data protection and, therefore, has established internal policies to implement appropriate personal data protection and security measures.

  6. This Policy has been drawn in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as the GDPR), Law on Legal Protection of Personal Data, as well as other legal acts of the European Union and the Republic of Lithuania.




  1. When processing personal data on this website Mandola, MB will apply the following data processing principles:

  2. Personal data must be processed in a lawful, fair and transparent manner (principle of legality, fairness and transparency) with respect to the Data subject;

  3. Personal data must be collected for specified, explicitly described and legitimate purposes and not further processed in a way incompatible with those purposes; further processing for archiving purposes in the public interest, for scientific purposes or for statistical purposes is not considered to be incompatible with the original purposes (purpose limitation principle);

  4. Personal data must be adequate, appropriate (relevant) and only necessary for the purposes for which they are processed (principle of data reduction);

  5. Personal data must be accurate and, where necessary, updated (accuracy principle);

  6. Personal data must be kept in a form, which permits the identification of the Data subjects for no longer than is necessary for the purposes for which the personal data is processed (principle of limitation of retention time);

  7. Personal data must be processed in such a way as to ensure adequate security of personal data by application of appropriate technical or organizational means, including protection against unauthorized processing or unlawful processing and from unintentional loss, destruction or damage of data (integrity and confidentiality principle);

  8. The Data Controller is responsible for complying with the abovementioned principles and must be able to demonstrate that they are being followed (accountability principle).




  1. To provide our users with a smooth, effective and secure experience on our site, we collect certain information. The information enables us to provide services that best meet our customers’ needs, and enhances security and efficiency by tailoring these services to our customers’ needs. We only collect information that helps us achieve these goals.

  2. We automatically examine the information based on your activity on our site. This information is used to conduct internal research: to identify demographics, interests, and behaviour. This information is collected and processed on an aggregated basis. This information includes your URL link from which you came from (whether you are browsing our site or came from elsewhere), the URL link you continue to use (whether you are browsing our site or come from elsewhere), the browser you are using and your IP address.

  3. In order to provide our services to our users, we ask you to provide the following personal data:

    1. Names;

    2. Surnames;

    3. Email addresses;

    4. Telephone numbers.

  4. All the submitted data is managed with the intention of providing the service and communicating with the customer.

  5. In particular cases, users may provide additional data needed to ensure the provision of services. In such cases, any additional data provided is subject to this Policy and must be managed in accordance with the General Data Protection Regulation.




  1. When providing services, there are links to certain third-party websites that may contain the same information as in website as we collect information from other websites (social networks). Please note that any information that you provide to us through social networking tools is controlled not by Mandola, MB but by the respective social network controller. 

  2. In certain circumstances, we may be forced to disclose information to the institutions of the state, law enforcement, and third parties, or third parties may illegally take over or gain access to transfer or private connections. 




  1. We implement organizational and technical measures to protect personal data from accidental or unlawful destruction, change, and disclosure, as well as from any other illegal management.

  2. Employees of the company must observe the principle of confidentiality and maintain the confidentiality of any information relating to personal data which they have accessed in the course of their duties unless such information is made public in accordance with applicable laws or regulations. The employees of the company must observe the principle of confidentiality even after the end of the employment relationship.

  3. Mandola, MB implements the following technical and physical data security measures:

    1. Users’ right to use the software is managed;

    2. The internal network is protected by firewalls;

    3. Logins to the internal network of employees and third parties are controlled;

    4. Certified software is used;

    5. The software is updated according to the manufacturer’s recommendations;

    6. Antivirus software is installed on the electronic devices used by the company;

    7. Employees are not permitted to install the software themselves;

    8. Employees are trained to work with software;

    9. Equipment is maintained in accordance with the manufacturer’s recommendations;

    10. Maintenance and troubleshooting are performed by qualified technicians;

    11. Passwords to login into the system must be at least eight (8) characters long, preferably chosen randomly. The names of people or geographic locations that a person may be associated with should not be used. The password must contain at least one number, one capital letter, a lowercase character, and one special character. The password cannot be the same as the username. All passwords must be changed at least every three months;

    12. If a file of unknown origin is received, it cannot be opened until it is checked for viruses;




  1. You have the following rights of the Data Subject, which we will fulfil upon your request (via email; sent by mail to the address Kalvarijų g. 125B-606, LT-08221 Vilnius, and once you have properly confirmed your identity:

    1. To familiarize with your personal data and how it is managed;

    2. To request correction of inaccurate personal data, as well as completion of incomplete personal   data;

    3. To demand us to delete any personal data relating to you if it is no longer necessary for the purposes for which it was collected or otherwise processed, or if you withdraw your consent and there is no other legal basis for processing your personal data, or your personal data has been processed illegally;

    4. To require us to restrict the processing of your personal data;

    5. To receive personal data relating to you that you have provided to us in a systematic, common, and computer-readable format;

    6. The right to request the transfer of your personal data to another controller;

    7. To disagree with the processing of personal data relating to you (e.g. through direct marketing or otherwise).




  1. We also use information-gathering methods like Cookies. A cookie is a small text file which a website saves on your computer’s hard drive or mobile device when you visit our site. The next time you visit the site, this file may be scanned in order for to recognize your computer or mobile device.

  2. We perform real functions through cookies. Cookies are used to enter your password less frequently during your visit. Cookies allow us to collect information that is related to your interests. Most cookies are only active during your visit and afterwards are deleted.

  3. Cookies are saved only if you confirm your consent in the pop-up notification on the site, except for the essential and technical cookies that are required to provide our services.

  4. A person visiting the website, while continuing to browse this site and without changing their existing settings, agrees to the use of cookies.

  5. Cookies we use:


Cookies used during the browsing session:

Name of the cookie Expiry Purpose

is_eu Deleted when the webpage is closed Operation

__cf_bm Deleted when the webpage is closed Operation

Cookies written on your device

Name of the cookie Expires in Purpose

cf:term 1 year For operation

cf:source 1 year For operation 

cf:name 1 year For operation 

cf:medium 1 year For operation 

cf:content 1 year For operation 

cf:cf_affiliate_id 1 year For operation 

cf:affiliate_id 1 year For operation 

cf:aff_sub 1 year For operation 

cf:aff_sub3 1 year For operation 

cf:aff_sub2 1 year For operation 

7419264_viewed_1 1 year For operation 

15vlf5f295iq5b29 1 year For operation 

__cfduid 1 year For operation 

cf:visitor_id 1 year For operation 

cf:Mjk2OTQxMDg 1 year For operation 

_ga 2 years For statistics

_gid 24 hours For statistics

Fr 3 months For statistics


  1. You may revoke your consent to the use of cookies at any time. To do this, you can change the parameters in your web browser settings so that it does not allow cookies to be stored on your device. How you do this depends on your operating system and web browser. You will find detailed information about cookies and the possibility of their opt-out at 

If you do not agree with our Privacy Policy or if you believe your rights have been violated, we recommend to you to contact us to resolve this matter by mutual negotiations. If you fail to do that, you can file a complaint to the supervisory authority:

State Data Protection Inspectorate

Company code 188607912

L. Sapiegos g. 17, Vilnius 10312

Tel.: (+370 5) 271 2804, 279 1445

Fax: (+370 5) 261 9494