Privacy policy

1. General provisions

1.1. This privacy policy (hereinafter referred to as the Policy) regulates MB "Didelis pasaulis", a company established and operating in accordance with the laws of the Republic of Lithuania, legal entity code 306260755, registered office address: V.Nagevičiaus st. 3, Vilnius, Republic of Lithuania, data about the company is collected and stored in the Register of Legal Entities of the Republic of Lithuania (hereinafter - we, the Data Controller), the principles and procedure of personal data processing and our website (hereinafter - Internet website), operating conditions.
1.2. We aim to ensure that the buyers of our goods and services, the users of the website whose personal data we process, fully trust our activities and are transparently informed about how we process their data. In this Policy you will find information about how we collect and use (or wish to collect and use) your personal data.
1.3. We follow the following data management principles during our activities;
1.3.1. Personal data must be processed in a legal, fair and transparent manner in relation to the data subject (principle of legality, fairness and transparency);
1.3.2. Personal data must be collected for established, clearly defined and legitimate purposes and not further processed in a manner incompatible with those purposes; further data processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered incompatible with the original purposes (principle of purpose limitation);
1.3.3. Personal data must be adequate, appropriate and only necessary to achieve the purposes for which they are processed (principle of reducing the amount of data);
1.3.4. Personal data must be accurate and updated when necessary; all reasonable measures must be taken to ensure that personal data that are not accurate, taking into account the purposes of their processing, are immediately deleted or corrected (principle of accuracy);
1.3.5. Personal data must be kept in such a form that the identity of the data subjects can be determined no longer than is necessary for the purposes for which the personal data is processed; personal data can be stored for longer periods if the personal data will be processed only for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes, after implementing the appropriate technical and organizational measures necessary to protect the rights and freedoms of the data subject (principle of limitation of storage duration);
1.3.6. Personal data must be processed in such a way that adequate security of personal data is ensured through the application of appropriate technical or organizational measures, including protection against unauthorized or illegal data processing and against accidental loss, destruction or damage (principle of integrity and confidentiality);
1.3.7. We are responsible for ensuring that the above principles are followed and must be able to demonstrate that they are followed (accountability principle).
1.4. This Policy is drawn up in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons in the processing of personal data and on the free movement of such data and which repeals Directive 95/46/EC (General Data Protection Regulation, hereinafter - GDPR), of the Republic of Lithuania the Law on Legal Protection of Personal Data (hereinafter - ADTAĮ), other legal acts of the European Union and the Republic of Lithuania. Terms used in the policy are understood as they are defined in GDPR and ADTAĮ.

2. Collection, processing and storage of personal data
2.1. By submitting your personal data, you agree and do not object to us processing them for the purposes, means and procedure provided for in this Policy and legal acts.
2.2. It is very important that you read the Policy carefully, because when you visit the website, purchase goods and services and in other cases of providing personal data, this Policy will be directly applied to the collection, processing and, in the cases provided for in the Policy, the transfer of your personal data to data recipients.
2.3. If you do not agree with this Policy and the processing of personal data described in it, please do not visit the Website and/or do not purchase our products and services.
2.4. You are responsible for ensuring that the data you provide is accurate, correct and complete. Entering information that is known to be incorrect is considered a violation of the Policy. If the data provided changes, you must inform us about it. We are under no circumstances responsible for damage caused to you and/or third parties due to the fact that you provided incorrect and/or incomplete personal data or did not apply for the addition and/or change of data after they have changed.
2.5. Entities to whom we may disclose your personal data are described for each data processing activity described below. 

3. Processing of personal data for the purpose of selling services

3.1. We provide travel consulting and personalized travel planning services (hereinafter referred to as goods and services) remotely, via the website, e-mail and telephone, and therefore we must use your personal data for the following purposes related to the sale of goods and services:
3.1.1. Creating and paying for customized travel plans requires communication with you.
3.1.2. Sending you newsletters with travel stories and tips. This clause applies exclusively only after subscribing to the newsletter using the dedicated form on our website. The storage of data required for sending newsletters takes place through the Mailerlite platform. This data is processed in accordance with the procedure and conditions set by the aforementioned service provider, published at
3.2. In the event that your personal data is necessary for us to fulfill the service you have purchased, the provision of personal data is necessary, without providing it we will not be able to sell you services.
3.3. The following personal data received directly from customers are processed for the above purposes (personal data is processed to a different extent depending on the purpose):
3.3.1. Name of the legal entity, company code, name and surname of the manager, e-mail postal address, telephone number;
3.3.2. Name and surname of a natural person, e-mail postal address, telephone number and information about purchased services;
3.3.3. Information about visiting the Website (session date, time, content);
3.3.4. Other information necessary to provide specific services (such as the dates and duration of your vacation, number of fellow passengers, etc.).
3.4. Access to personal data processed for these purposes will be granted to IT service companies acting as data processors.
3.5. Your billing/bank details are not collected or processed. This is done by payment service companies in accordance with their approved privacy policies. During the validity of this version of the Privacy Policy, payment services are provided by "kevin.", data about the data processor UAB "Kevin EU", i.c. 304777572, you can find it on their website at

4. Processing of personal data for the purpose of debt management
4.1. If you, as our customer, cancel or stop payment for services that have already been provided to you, or delay payment for services provided by us, we may be forced to process such personal data received from you for the purpose of debt management:
4.1.1. Name, address, telephone number and e-mail address of a natural person. mail adress;
4.1.2. Other data necessary in this context.
4.2. The legal basis for processing personal data is Article 6 GDPR. Section 1(f) – our legitimate interest in receiving payment for goods sold and services provided.
4.3. Your data, which we process for this purpose, can be transferred to third parties - courts, bailiffs, and for their processing we use IT service companies and lawyers acting as data processors.

5. Processing of personal data for accounting purposes
5.1. In the event that you purchase our goods or services, we process the following personal data of yours for accounting purposes:
5.1.1. Name and surname of a natural person;
5.1.2. Address, email address, phone number.
5.2. The legal basis for the processing of personal data is Art. 6 GDPR. Point b) of paragraph 1 – performance of the contract with you as the sender and point c) – performance of our legal obligations to keep proper accounting.
5.3. We do not transfer your data, which we process for this purpose, to third parties, but for their processing we use companies that provide us with IT services, acting as data processors.

6. Personal data storage procedure and terms
6.1. When processing and storing your personal data, we implement organizational and technical measures that would ensure the protection of personal data against accidental or illegal destruction, alteration, disclosure, as well as against any other illegal processing.
6.2. We apply different personal data storage terms depending on the purpose for which your specific personal data is processed.
6.3. We apply the following personal data storage terms:

6.4. Exceptions to the storage terms specified above can be established to the extent that such deviations do not violate your rights as a data subject, meet legal requirements and are properly documented.
6.5. In the event that certain of your personal data will be required in order to assert, execute or defend legal claims, we will store them to the extent that they are necessary to achieve such purposes in accordance with a judicial, administrative or extrajudicial procedure.

7. Your rights
7.1. You have the right at any time, by submitting a request to us, to familiarize yourself with the personal data processed by us and to find out how they are processed, to demand the correction of incorrect, incomplete, inaccurate personal data, to demand the suspension, except for storage, of the processing of your personal data, if the data is processed not complying with the legal requirements.
7.2. To the extent that the processing of personal data is based on consent, you have the right to withdraw consent at any time without affecting the legality of data processing based on consent until the withdrawal of consent.
7.3. You can exercise your rights by submitting a written request by e-mail. by mail, by mail at the address Vasario 16-osios g. 2-39, Vilnius, Republic of Lithuania.

8. Contact information and complaints
8.1. If you have any questions related to the operation of the Online Store or the protection of personal data, please contact us by e-mail. by mail
8.2. If you are not satisfied with our answer or think that we are processing your data without complying with legal requirements, you have the right to file a complaint with the State Data Protection Inspectorate of the Republic of Lithuania as a supervisory authority.

9. Information about the cookies used
9.1. When you visit the Internet sites, we want to provide such content and provide such functionality that meets your needs. We use cookies for this. Cookies are small text files stored in your browser or device (personal computer, mobile phone or tablet).
9.2. With the help of cookies, we aim to ensure a more pleasant experience for people browsing the Internet sites and to improve the Internet sites themselves.
9.3. With the help of cookies, we collect the IP addresses of the computers of Internet site visitors. IP address is a computer identifier in Internet Protocol networks. It may be used to collect various statistical and demographic information for website administration and network troubleshooting, but is not used to identify you. Using cookies, we collect data about the purchase of goods and services, the use of the website.
9.4. You can delete or block cookies by selecting the appropriate settings in your browser that allow you to refuse all or part of cookies. Every browser is different, so if you don't know how to change your cookie settings, you should find this information in its help menu. Please note that using browser settings that block cookies (including essential cookies) may result in problems using all or part of the website's functions.

10. Processing of personal data by third parties
10.1. In certain cases, we may disclose your information to entities other than those described above:
10.1.1. In order not to violate the law or in response to a mandatory legal process request (such as receiving a court order to provide data);
10.1.2. To confirm the legality of your actions;
10.1.3. To protect your rights, property or ensure their safety;
10.1.4. In other cases, with your consent or legal request.
10.2. Any personal data you provide to us may be transferred to the competent authorities in the cases directly provided for in the legislation.
10.3. We also draw your attention to the fact that the website contains links to the websites of other persons, companies or organizations, and that we are not responsible for the content of such websites and/or the methods of ensuring the privacy policy used by them, therefore, before submitting any information about yourself on another website, you should familiarize yourself with the rules, privacy policy and other information provided by the respective website.

11. Final Provisions
11.1. Legal relations related to this Policy are governed by the law of the Republic of Lithuania.
11.2. We are not responsible for damage, including damage caused by interruptions in the use of the Internet site, for data loss or corruption, caused by the actions or omissions of you or third parties acting with your knowledge, including incorrect data entry, other errors, deliberate damage, other improper use of the Internet use of websites. We are also not responsible for disturbances in connection and/or use of websites and/or damage caused by them, caused by the actions or inaction of third parties unrelated to us, you or other data subjects, including disruptions in the supply of electricity, internet access, etc. .
11.3. This Policy is reviewed and, if necessary, updated at least once every two years. Additions or changes to the policy take effect from the date of their publication on the Internet sites.
11.4. If you use the website, purchase goods and services after the Policy has been updated, we will assume that you do not object and that you are aware of the changes.

Privacy Policy Version Date: 4th January 2024