Privacy Policy

This Privacy Policy (hereinafter referred to as the "Privacy Policy") explains how Repsense, UAB ("Repsense" or "we"), a limited liability company registered and operating under the legislation of the Republic of Lithuania, with a legal entity code 306014522, registration address V. Nagevičiaus str. 3, LT-08237 Vilnius, Lithuania, as the controller of your personal data, processes your personal data.

When processing personal data, Repsense is guided by and complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (hereinafter referred to as "GDPR"), the Law of the Republic of Lithuania on the Legal Protection of Personal Data, and any other applicable legal acts regulating personal data protection. 

This Privacy Policy applies to all individuals whose personal data is processed by Repsense, including (i) clients and their representatives with whom Repsense has a contractual relationship, and (ii) individuals whose personal data has not been obtained directly from them but is collected from publicly available sources and processed for the purposes of media monitoring, analytics and reporting services.

If you are using the website, it means that you have read and understood this Privacy Policy and the purposes, methods and procedures for processing your personal data set out therein.

I.           WHAT PRINCIPLES DO WE FOLLOW IN PROCESSING PERSONAL DATA?

When we process your personal data, we:

a) We will comply with the requirements of current and applicable laws, including the GDPR;

b) We will process your personal data in a lawful, fair and transparent manner;

c) We will collect your personal data for specified, explicit and legitimate purposes and will not further process your personal data in a way that is incompatible with those purposes, except to the extent permitted by law;

d) We will take all reasonable steps to ensure that personal data which are inaccurate or incomplete in relation to the purposes for which they are processed are promptly rectified, supplemented, suspended or destroyed;

e) We will keep them in a form which permits your identification for no longer than is necessary for the purposes for which the personal data are processed;

f) We will not disclose personal data to third parties or make it public, except as provided in the Privacy Policy or applicable law;

g) We will ensure that your personal data is processed in such a way that appropriate technical or organizational measures are taken to ensure adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.

II.          PROCESSING OF YOUR PERSONAL DATA 

Repsense processes your personal data for the following purposes:

1.  To provide media monitoring and analytics services to clients (including processing publicly available data related to individuals)

Data categories

Publicly available personal data collected from online sources, including:

• Name, surname, username or other identifiers (if publicly available);

• Content of publications, articles, comments, posts or other publicly available information;

• Metadata related to such content (e.g. publication date, source, URL);

• Professional or publicly disclosed affiliation (e.g. employer, position), where available.

Legal basis for processing

We process this data on the basis of legitimate interest (Article 6(1)(f) GDPR), namely to provide media monitoring, market analysis and reputation analysis services to our clients.

Time limit for data processing

Personal data is retained only for as long as necessary to achieve the purposes described above, including for the duration of the client relationship and for a limited period thereafter for reporting, analytics and service improvement purposes.

We get our data from

Publicly available sources, including online news portals, publicly accessible websites, blogs, forums, and publicly available social media content (to the extent permitted by applicable laws and platform terms).

We provide or transfer data

Our clients, who act as independent data controllers, in the form of analytics, reports or dashboards; IT, hosting and cloud service providers.

2.  To manage client relationships and provide services

Data categories

Name, surname, contact details (email address, phone number); company name, position; communication data; billing and payment information.

Legal basis for processing

Conclusion and performance of a contract with you (Article 6(1)(b) GDPR).

Time limit for data processing

Personal data is retained for the duration of the contract and for up to 10 years thereafter in accordance with applicable legal requirements.

We get our data from

You or your organization, as well as publicly available business sources (e.g. company websites or professional networking platforms).

We provide or transfer data

Payment service providers, IT and CRM system providers.

3.  To communicate with clients and other business contacts

Data categories

Email address, name, surname, communication content.

Legal basis for processing

Conclusion and performance of a contract with you (Article 6(1)(b) GDPR).

Time limit for data processing

Personal data is retained for 3 years from the date of consent or purchase of services.

We get our data from

You.

We provide or transfer data

IT and communication service providers.

4. To ensure the functionality of the website, to collect statistical information, to analyze information flows, to improve the website and the browsing experience, and to personalize the website for users. 

Data categories

Online identifier; type of web browser used; number of visits; number of web pages viewed; time spent on the website; online source from which the person came; information about the device used; language; country; internet service provider etc.

Legal basis for processing

Your consent (Article 6(1)(a) GDPR) 

Time limit for data processing

Personal data is stored as long as the specific cookie is valid, unless you withdraw your consent to the storage of cookies earlier. Please see Section VI of this Privacy Policy for more information.

We get our data from

Repsense receives personal data directly from data subjects using cookies when they use the website.

We provide or transfer data

Data managers (IT, service stations, virtual cloud storage, etc.).

5.  To create and manage user accounts and provide access to the Repsense platform

Data categories

Name, surname; e-mail address; login credentials (encrypted password); account-related data (e.g. account status, login information, usage data within the platform); company name, position (if provided).

Legal basis for processing

Where processing is necessary for the performance of a contract (Article 6(1)(b) GDPR)

Time limit for data processing

Personal data is retained for the duration of the account and for a limited period thereafter (5 years after account deletion), unless a longer retention period is required for legal claims or compliance purposes.

We get our data from

You (when creating an account or using the platform).

We provide or transfer data

IT, hosting and cloud service providers.

6.  To carry out recruitment (job application management of candidates)

Data categories

Name, surname, date of birth, email address, phone number, address, information about the position applied for, CV, information on education, work experience, qualifications, participation in trainings or other professional development activities (including supporting documents such as diplomas, certificates, etc.), information about previous employers, references, preferred working conditions, any other information provided during the recruitment process, IP address, date and time of submission, as well as information obtained from publicly available sources (e.g., professional social networks such as LinkedIn).

Legal basis for processing

Article 6(1)(a) GDPR – consent (for retaining candidate data for future recruitment purposes);

Article 6(1)(b) GDPR – to take steps at the request of the data subject prior to entering into a contract;

Article 6(1)(f) GDPR – legitimate interest (to verify the information provided by candidates and to assess their suitability, including by reviewing publicly available professional information)

Time limit for data processing

Until the end of the recruitment process; if the candidate provides consent, data may be retained for a longer period (e.g., up to 24 months) for future recruitment purposes.

We get our data from

You, publicly available sources

We provide or transfer data

IT, hosting and cloud service providers.

Repsense collects and processes personal data exclusively from publicly available sources on the internet. Repsense does not intentionally collect data from private, restricted or non-public sources.

Repsense uses automated analytical tools, including artificial intelligence-based solutions, to analyze publicly available information, identify trends and assess sentiment or other indicators.

Such processing may qualify as profiling within the meaning of Article 4(4) of the GDPR. However, Repsense does not carry out automated decision-making within the meaning of Article 22 of the GDPR. In particular, such processing is limited to analytical and statistical purposes and does not produce legal effects concerning individuals or similarly significantly affect them.

The results of such analysis are used exclusively to provide aggregated insights and reports to clients and are not used to make decisions about specific individuals.

III.    TO WHOM WE MAY TRANSFER YOUR PERSONAL DATA

Repsense may transfer or otherwise disclose personal data to the following categories of recipients: 

1. To our clients, to whom we provide media monitoring, analytics and reporting services. Personal data may be included in reports, dashboards or other analytical outputs derived from publicly available information. Please note that such clients act as independent data controllers and are responsible for their own processing of personal data;

2. To data processors who process personal data on our behalf and under our instructions (e.g. IT, hosting, cloud and analytics service providers);

3. To law enforcement authorities, courts, regulators and/or other recipients, where disclosure is required by applicable law or necessary for the establishment, exercise or defense of legal claims;

4. To other recipients with your consent, where such consent is required.

In cases where Repsense transfers data to data processors, Repsense requires the data processors process the transferred data only as directed by Repsense, for the purposes defined by Repsense, and in accordance with this Privacy Policy, the laws governing the protection of personal data, and the data processing agreements entered into between Repsense and the data processors. 

Repsense may transfer your personal data to entities outside the European Economic Area (EEA) on a lawful basis and for a lawful purpose (e.g. if the processors or recipients of Repsense’s personal data are located outside the EEA). In the case of transfers of personal data from the EEA to countries not recognized by the European Commission as providing an adequate level of protection of personal data, Repsense will take all appropriate measures to protect your personal data (e.g. by basing the transfer of your personal data on the standard terms and conditions for data transfer agreements approved by the European Commission). 

IV.     WHAT RIGHTS DO YOU HAVE AS A DATA SUBJECT? 

As a data subject, you have the following rights: 

1.     Right to be informed about the processing of personal data by Repsense. You have the right to obtain information about the processing of your personal data, the source of the personal data, the purposes of the processing, the legal basis, the duration of storage and the persons, recipients or processors of the data, the rights of the data subject, etc.

2.     Right of access to your personal data processed by Repsense. You have the right to have access to and obtain a copy of the personal data processed about you.

3.     Right to request correction of your personal data processed by Repsense. You have the right to request the rectification of inaccurate or erroneous personal data processed by Repsense.

4.     Right to withdraw consent. You have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on your consent prior to the withdrawal of your consent.

5.     Right to request erasure. You have the right to request that your personal data be deleted if (i) it is no longer necessary for the purpose for which it was collected; ii) you have withdrawn your consent to the processing of your personal data, where the processing was based on your consent; (iii) we are processing your personal data on the basis of legitimate interest and you object to such processing and there are no overriding legitimate grounds for processing; (iv) we are required to delete your personal data to comply with a legal obligation imposed on us; or (v) your personal data has been unlawfully processed.

6.     Right to restrict processing. You have the right to restrict Repsense’s processing of your personal data: (i) if you dispute the accuracy of the data and Repsense conducts a review; (ii) if your personal data has been processed unlawfully, but you do not consent to its erasure; (iii) if your personal data is no longer necessary for the purpose for which it was collected, but is required for the establishment, exercise or defense of a legal claims; or (iv) if you have objected to the processing of your data as described below, pending verification that Repsense's legitimate grounds override your grounds.

7.     Right to object to processing. You have the right to object to the processing of your personal data by Repsense for direct marketing purposes, the right to object to the processing of your personal data in the public interest or in the legitimate interests of Repsense, unless these interests override the grounds for your objection.

8.     Right to portability of your personal data. You have the right to receive the personal data that you have provided to us or to request the transfer of such data to another controller in a structured, commonly used and computer-readable format, provided that the processing of your personal data is based on your consent or on an agreement between us and that your personal data is processed by automated means.

9.     Right to complain. If you believe your rights have been violated, you can contact Repsense at support@repsense.io and/or file a complaint with the data protection authority. In Lithuania, the data protection authority is the State Data Protection Inspectorate (L. Sapiegos g. 17, LT-10312 Vilnius, email: ada@ada.lt), while in other countries you can contact the data protection authority of your place of residence or the place where Respense operates here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en.   

You can contact Repsense at support@repsense.io to exercise your rights. Repsense may ask you to provide proof of identity before exercising your right(s).

Repsense hereby informs you that the exercise of the foregoing rights may be subject to the conditions established by law for the exercise of a particular right, and that, therefore, Repsense has the right to refuse, in a reasoned written decision, your request to exercise a particular right for specific reasons established by law. 

Upon receipt of your request, Repsense undertakes to exercise your right as soon as possible, but in any event within one month of receipt of your request, or to refuse to do so in a reasoned written decision. Repsense may charge a reasonable fee if your request is manifestly unfounded, repetitive or excessive.

V.     ENSURING THE SECURITY OF YOUR PERSONAL DATA 

Repsense processes your personal data in a responsible and secure manner, taking into account the requirements for the security of personal data set out in the legislation. When determining the measures for the processing of personal data, as well as during the processing of the data, Repsense shall implement the technical and organizational measures for data protection set out in the legislation in order to protect the processed personal data against accidental or unlawful destruction, damage, alteration, loss, disclosure, as well as against any other unauthorized processing. The security measures and the level of security of personal data shall be determined taking into account the risks associated with the processing of personal data.

Among other things, Repsense employees who have access to personal data are made aware of the requirements for the protection of personal data and ensure the complete confidentiality of the personal data processed.

VI.     COOKIES

Repsense notifies you that the website uses cookies.

Cookies are small text files that are sent to and temporarily stored on the device of each visitor to the website from which the website is accessed.

The information collected by cookies helps to identify the visitor to the website, to store the visitor's history and to tailor content accordingly. The information collected by cookies enables us to provide you with a more convenient browsing experience, to provide you with attractive offers and to learn more about visitor behavior, to analyze trends and to improve the website and our services.

When you visit the website, you may actively choose to accept the use of cookies. If you do not consent to the use of cookies, cookies that are not necessary for the functioning of the website or are purely technical nature will not be placed on your device. 

Please note that you can also manage and/or delete cookies according to your preferences by selecting the cookie management tool on the website. You can also choose which cookies you want to accept and which you want to reject in the settings of your browser (Microsoft Edge, Safari, Firefox, Chrome, etc.). You can delete any cookies that are already on your device, and most browsers allow you to set them to not store cookies. The location of these settings depends on the browser you are using.

You may withdraw your consent to the use of cookies at any time by changing your preferences and deleting the cookies you have stored. Please note that if you choose to delete cookies, any options you have set will also be removed and the website may not function properly. For these reasons, we do not recommend that you disable cookies when you use the website. 

To learn more about cookies and how to manage or remove them, you can visit: www.allaboutcookies.org. 

We use the following cookies on the website:

VII.    CHANGES TO THE PRIVACY POLICY 

Repsense has the right to change the terms and conditions set forth in this Privacy Policy. If we change the terms of this Privacy Policy, we will post an updated version of this Privacy Policy on the Website.

Changes to the Privacy Policy have been made and are effective from 4 April 2026.