This website uses cookies
Altro uses cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. You can at any time change or withdraw your consent from the Cookie Declaration on our website. Read our Cookie Policy
Cookies settings
Altro logo

Privacy Policy

Last date of update: 2026-02-24
1. GENERAL PROVISIONS
    1.1. We respect your privacy and are committed to protecting your personal data. This privacy policy (“Privacy Policy”) explains how we collect, use, and process your personal data and sets out your rights as a data subject.
    1.2. In this Privacy Policy, the term “personal data” (“Personal Data”) refers to any information or set of information that can directly or indirectly identify you, such as your name, surname, email address and other similar details.
    1.3. When we refer to “data controller” (“Data Controller”) we mean an entity primary responsibility for determining the purposes and means of processing Personal Data, whereas the “data processor” ( “Data Processor”) means an entity that is responsible for processing Personal Data on behalf of the Data Controller. “Sub-processor” (“Sub-Processor”) is an entity that is engaged to assist the Data Processor.
    1.4. When processing Personal Data, we adhere to the requirements of the General Data Protection Regulation No. 2016/679 (EU) (“GDPR”) and the requirements of the legal acts of the Republic of Lithuania, other legal acts that might be applicable to us, also the instructions and guidelines of the data protection authorities.
    1.5. This Privacy Policy applies when you in any form engage with Altro – an e-platform which helps to identify and assess potential security risks, vulnerabilities, and threats to Client’s or their customers’ cloud infrastructure, and provides recommendations for improving security, administered by Extendity and available at Altro (“Platform”). This includes but is not limited to: visiting the Platform, registering as the User of the Platform, using the information, services, or functionalities provided therein, accessing our social network accounts on LinkedIn (hereinafter referred to as “Social Accounts”), indicating interest in our offerings, reaching out to us via email, phone, or other electronic means, or applying for other matters.
    1.6. We designate the organization you represent or act on behalf of while registering on and using the Platform as the “client” (“Client”). Any natural person who registers on, accesses, or uses the Platform on behalf of the Client, including the Client’s employees, officers, contractors, or other authorized representatives, is referred to as a “User”. The Clients may use the Platform for their own internal cyber security operations or use the Platform as a tool to track and monitor the cyber security needs of their customers, i.e. in their activities as managed security service provider (“MSSP”). By registering on the Platform and creating a User account, you affirm that you are duly authorized to represent the Client. If the Client uses the Platform for the needs of its customers acting as the MSSP, we assume that the Client has obtained the necessary authorization from those customers to do so.
    1.7. The Platform and Social Accounts may contain links to external websites, such as business partner websites, websites promoting our services, platforms integrated with our offerings, etc. When you follow links to any of these websites, please note that these sites and the services accessed through them have their own separate privacy policies and that we assume no responsibility or liability for their policies or for the collection of Personal Data on these sites. Before submitting Personal Data to these websites or using their related services, you should review their privacy policies.
    1.8. If you use the Platform, our Social Accounts, contact us, subscribe to our news, we assume you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, we kindly ask you to stop engaging with us in any form.
    1.9. We may update this Privacy Policy from time to time, so we recommend reviewing it regularly to stay informed about any changes.
2. ABOUT US
    2.1. We are Extendity, UAB, a private limited liability company established in the Republic of Lithuania, with the legal entity code 306011750 and registered address at Kareivių str. 11B, LT-09133 Vilnius (hereinafter referred to as “Extendity” or “we”).
    2.2. In relation to the Platform, we may act either as a Data Processor, Data Sub-processor or a Data Controller depending on the nature of the Personal Data we process and our role in determining the purposes and means of such processing in connection with the Platform:
      2.2.1. We act as the Data Controller for the Personal Data and data processing activities outlined in detail in the “Collection of Personal Data” section of this Privacy Policy below. This primarily involves the management of Platform User accounts, the resolution of Platform usage issues, also maintenance, development and improvement of the Platform;
      2.2.2. As previously explained, our Clients may use the Platform for their own internal cyber security needs or to address the cyber security needs of their customers when acting as MSSP. When using the services provided via the Platform, the Clients assume the roles of Data Controllers (regarding their own data) or Data Processors (regarding the data of their customers);
      2.2.3. Where we access and process Personal Data controlled by our Clients (including yourself or the Client you represent), the Client acts as the Data Controller, and we act as a Data Processor or, where applicable, a Sub-Processor, engaged by the Client in accordance with the Data Processing Addendum. In such cases, the Personal Data processed through the Platform is generated, submitted, or otherwise made available by or on behalf of the Client, who determines the purposes and means of the processing. We process such Personal Data solely to provide the services available on the Platform and in accordance with the Data Processing Addendum, which sets out the scope of the processing and the respective rights and obligations of the parties. Clients are encouraged to review the Data Processing Addendum carefully.
    2.3. This Privacy Policy, together with our Terms of Use and the Data Processing Addendum, explains how the Platform is provided and how Personal Data is processed in connection with its use. Clients and Users should review these documents carefully prior to using the Platform.
3. COLLECTION OF PERSONAL DATA
    3.1. As Data Controller we process Personal Data obtained through the following means:
      3.1.1. When you provide Personal Data to us, for example, you register, use the Platform, order our services, contact us by email or phone, etc.;
      3.1.2. When we collect your Personal Data while you use our services and the Platform, Social Accounts, such as service usage history, including inputs and outputs while using AI Assistant, your IP address, cookies, Platform visit history, preferences, open URL links, etc.;
      3.1.3. When we receive Personal Data from other parties, for example, when we receive information from public registers, state or local government institutions or bodies, our partners, other third parties, such as payment institutions, about payments made, etc.;
      3.1.4. When your Personal Data, with your consent, is provided to us by other persons, including companies using our services, for example, when such companies indicate your contacts, refer to you as an authorized person, etc.
    3.2. We process Personal Data to offer and provide services, to fulfil our contractual obligations, while pursuing our own or third parties’ legitimate interests, as well as to comply with legal regulations or obligations.
    3.3. If you provide Personal Data about yourself or others, it is your responsibility to ensure it is accurate, complete, and up to date, and to obtain any necessary consents from others or inform them that you shall share their Personal Data with us. We may ask you to confirm that you have the right to share such data with us.
    3.4. We, as the Data Controller, process Personal Data for the following purposes and under the following conditions:
    Purpose of the processing of Personal DataPersonal data being processedPersonal Data processing periodLegal basis for the processing of Personal Data
    Registration on the Platform, use of User account, provision of services via the Platform. Name, surname, username, email address, password, Google account data, GitHub account data, workplace information, service and account usage history, content associated with services and account, information about the services ordered and used and changes therein.We shall retain the proof of your acceptance of our Terms of Use for the duration of our relationship and 10 years after the termination of the Terms of Use;

    Account data is retained for 1 month after the end of provision of services.
      Data processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) of the GDPR).
      The legitimate interests of Extendity to ensure the quality of the operation of the account, the provision of services to the clients by allowing them through their representatives to create the accounts and use the services (Article 6(1)(f) of the GDPR).
    Provision of Platform support, communication with you. Name, surname, username, email address, phone number (if provided), Google account data, GitHub account data, workplace information, information needed to address quality of service issues, contents of the request and response to the request. During the administration of the question and 5 years after the end of the administration of the question or the last contact.
      We shall process your data based on your consent (Article 6(1)(a) of the GDPR) which you express by contacting us and our legitimate interests to provide you with requested information and assistance (Article 6(1)(f) of the GDPR).
      If matter relates to the performance of the contract between us and you, as our Client, Personal Data shall be processed based on the contract (Article 6(1)(b) of the GDPR).
    Conclusion and execution of contracts necessary for the Company’s activities, other internal management.Name, surname, email address, phone number, address, position, relationship with the represented legal entity, self-employment certificate data (if relevant), other data required for cooperation.During the period of provision of services / cooperation and 10 years after the end of provision of services / cooperation unless a longer storage period is mandatory in accordance with the in the Index of Retention Periods for Internal Administrative Documents, as approved by the order of the Chief Archivist of Lithuania or other legal acts.
      Data processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) of the GDPR).
      Our legitimate interest to perform our contractual obligations in a high-quality and efficient manner(Article 6(1)(f) of the GDPR).
    Managing payments, accounting, debt management.Name, surname, email address, phone number, address, position, relationship with the represented legal entity, account number, credit institution, payment information, debt information, data transferred by the company collecting the contributions and confirmations of payments.
      The data shall be retained in compliance with the Lithuanian legislation governing financial transactions and financial accounting and where such legislation does not specify time limits, for a period of 10 years from the date of the payment.
      Data processing is necessary for the conclusion and performance of the contract (Article 6(1)(b) of the GDPR).
      The processing is necessary for compliance with a legal obligation imposed on Extendity to ensure proper financial accounting (Article 6(1)(‌c‌) of the GDPR) in accordance with the Law on Tax Administration of the Republic of Lithuania, Law on Financial Accounting of the Republic of Lithuania, Law on Companies' Financial Reporting of the Republic of Lithuania, Law on Payments of the Republic of Lithuania, Law on Companies of the Republic of Lithuania and other applicable legislation.
      The legitimate interests of Extendity to effectively manage financial operations and debts (Article 6(1)(f) of the GDPR).
    Platform administration, quality assurance, development of the Platform and services provided via the Platform, maintenance of security of the Platform, management of Social Accounts.
      IP address, data collected with the help of cookies and settings, browser used, date and time of login, password usage information, service-related data (see Section “AI Functionalities, Platform Administration and Development” of this Privacy Policy for more information).
      Data collected through the integration of Google and GitHub accounts.
      Cookie data is retained as outlined in the Section “Use of Cookies and Other Tracking Technologies” of this Privacy Policy.
      Service-related data shall be retained for the duration of the account’s use and for a period of 1 month after the end of provision of services, unless specified otherwise in Section “AI Functionalities, Platform Administration and Development” of this Privacy Policy.
      When processing is based on your consent, we shall process your Personal Data until you withdraw your consent.
      Information stored on Social Accounts is subject to the terms established by the respective network owner.
      Consent of the data subject to the processing of such data (Article 6(1)(a) of the GDPR).
      The legitimate interests of Extendity to ensure the smooth functioning, development and security of the Platform and services provided via it (Article 6(1)(f) of the GDPR).
    Sending news, conducting surveys, direct marketing, advertising services.Name, email address, phone number, the data requested in the survey announcement / questionnaire. Data are processed for 5 years from the receipt of consent. In the event of consent revocation, data will be retained until the revocation.
    Consent of the data subject to the processing of such data (Article 6(1)(a) of the GDPR).
    Resolving disputes and claims.Name, surname, phone number, email address, the content of the claim or other similar document, information / documents related to the dispute / claim.
      During the resolution of the dispute and for the period of 10 years following the conclusion of the dispute procedure (or, in the case of a judicial dispute, after the final judgment has become final).
      Requests and correspondence from you shall be kept for the period of 5 years following the conclusion of the processing of the request.
      The processing is necessary for compliance with a legal obligation imposed on Extendity (Article 6(1)(‌c‌) of the GDPR) in accordance with the Civil Code of the Republic of Lithuania, the Code of Civil Procedure of the Republic of Lithuania and other legislation.
      Legitimate interests of Extendity or of a third party to assert claims or defend their rights (Article 6(1)(f) of the GDPR).
    3.5. The retention of Personal Data for periods longer than specified above may only be carried out when:
      3.5.1. It is necessary for us to defend ourselves against claims, demands, or lawsuits and to exercise our rights;
      3.5.2. There are reasonable suspicions of illegal activity under investigation;
      3.5.3. Personal Data is required for the proper resolution of a dispute or complaint;
      3.5.4. There are other grounds provided for by legal acts.
    3.6. In Social Accounts we can share information about ourselves, our events, news, surveys, etc. Social accounts Users are also subject to the privacy policies of the social networks owners that include Social Accounts. When you contact us on Social Accounts, depending on the privacy settings you choose, we may see certain User account information such as profile first name, surname, image, sex, email address, location. If a User posts information by communicating with us on our Social Accounts (e.g. posts a comment in the comments section of our Social Account or posts a message on our Social Account profile), depending on the privacy settings chosen, the posted information may be made public (for example, visible on our Social Account to other users).
    3.7. We will send messages related to the ordering or provision of our services through the contacts provided by you, for example, to inform you about the confirmation of the services ordered, the expiration date of the ordered services, changes in the provision of services. Such communications are necessary for the proper provision of our services and are not considered promotional communications or direct marketing activities.
    3.8. You have the right to change and update your information provided to us by changing it on the Platform or by contacting us. In some cases, we need to have accurate and up-to-date information about you, so we may ask you to periodically confirm that the information we have about you is correct.
    3.9. When providing our services, we may, in certain cases, apply automated data processing decision-making, for example to clarify your needs and compliance with the requirements of the service. Automated decision-making refers to the processing of personal data using, for example, a software code or algorithm that does not require human intervention. We regularly review the criteria and models used in automated decision-making to ensure their integrity, efficiency, and impartiality. We do not use profiling-based automated decision-making processes that may have legal consequences or similarly have a significant impact on the rights or freedoms of data subjects. Nevertheless, you have the right to request human intervention to express your opinion or object to the results of an automated decision, in which case your situation will be assessed by our specialist.
4. AI FUNCTIONALITIES, PLATFORM ADMINISTRATION AND DEVELOPMENT
    4.1. Some functionalities within the Platform (i.e., “AI-driven Security Investigations”, “AI-driven Automated Response”, “AI Assistant”) are powered by artificial intelligence (“AI”). If the Client chooses the plan allowing those functionalities, we will process Personal Data related to the usage of those functionalities as Data Processor or Sub-Processor in accordance with the requirements set out in the Data Processing Addendum. Notwithstanding the above, specific categories of data generated in connection with the use of the AI functionalities may be processed by us acting as an independent Data Controller, solely for the purposes of administering, maintaining, 7 improving, and developing the Platform and the services made available through it, as further described below:
    Service powered by AIDescription of the serviceUsage of the data for Platform administration and development purposes
    AI-driven Security Investigation
      This service employs AI agents based on large language models (“LLMs”) to assist with the analysis and investigation of security events.
      Security event metadata (such as timestamps, event types, source identifiers, and associated system information) is being processed to summarize and contextualize activity.
      AI Agents may extract entities and attributes from event data (e.g., user IDs, device names, or IP addresses) to perform automated triage based on applicable compliance frameworks or user-defined security and policy rules.
      Upon processing automated reasoning outputs are generated that categorize incidents (e.g., false positives, confirmed positives, or benign cases) and compiles a final summary report for review by the Client and recordkeeping.
      No direct access to user credentials, file contents, or Personal Data is required beyond what is contained in the security metadata or explicitly provided by the user.
    		 Data processed through this service is retained by Extendity in anonymized or aggregated form for Platform optimization and performance tuning.
    AI-driven Automated Response
      This service uses AI agents powered by LLMs (together – “AI system”) to analyze, transform, and communicate security-related data and insights to the Client.
      It processes security event metadata to perform automated transformations such as information extraction, summarization, and contextual analysis.
      Based on processed data, the AI system generates human-readable communications (e.g., system alerts, email notifications, or internal messages) that are transmitted through the User’s selected communication channels.
    AI Assistant
      This service enables interactive communication between the User and the chatbot – “AI Assistant”.
      The AI assistant can answer queries related to the User’s security environment, including event data, asset inventory, and investigation results.
      It performs data retrieval, summarization, and reasoning operations on security-related datasets to respond to User questions within the Platform interface.
      User inputs (e.g., chat messages or queries) and relevant contextual data (e.g., security events, assets, and investigations) are processed to generate responses. These interactions are stored as part of the User’s account history for service continuity, auditability.
      Data processed through this service is retained by Extendity to gain a better understanding of the Client, their systems, and their environment, thereby enabling Extendity to provide more precise recommendations.
      This data may be used to train LLMs, however, only with prior explicit consent of the User.
5. PRINCIPLES WE RELY ON WHEN PROCESSING YOUR PERSONAL DATA
    5.1. We collect and process only such Personal Data as is necessary to achieve the Personal Data processing purposes we have specified.
    5.2. When processing Personal Data:
      5.2.1. We comply with the requirements of current and applicable legislation, including GDPR;
      5.2.2. We process Personal Data in a lawful, fair, and transparent manner;
      5.2.3. We collect your Personal Data for specified, clearly defined and legitimate purposes and do not process them in a way incompatible with those purposes, except to the extent permitted by law;
      5.2.4. We take all reasonable steps to ensure that Personal Data that is inaccurate or incomplete, in accordance with the purposes for which they are processed, would be rectified, supplemented, suspended, or destroyed without delay;
      5.2.5. We hold them in such a form that your identity can be established for no longer than is necessary for the purposes for which the Personal Data are processed;
      5.2.6. We do not provide Personal Data to third parties or disclose them, other than as set forth in the Privacy Policy or applicable law;
      5.2.7. We ensure that your Personal Data is processed securely, we ensure technical and organizational security measures, as well as we provide access to Personal Data only to those of our employees who need such access due to their work functions.
6. SHARING OF YOUR PERSONAL DATA
    6.1. We may share your Personal Data with:
      6.1.1. Our partners or consultants such as auditors, lawyers, tax advisors, etc., as well as the Data Processors we use, such as ancillary service providers, partner IT companies, advertising and marketing companies, accounting companies, etc. We require data processors to store, process and treat Personal Data as responsibly as we do and only in accordance with our instructions. We have such partners and Data Processors:
        6.1.1.1. Cloud and hosting providers;
        6.1.1.2. Marketing, Advertising Partners;
        6.1.1.3. Electronic Communications Partners;
        6.1.1.4. Payment partners;
        6.1.1.5. Accounting, financial services;
        6.1.1.6. IT solutions, IT security maintenance and technical services;
      6.1.2. To publish your content on Social Accounts, we provide data to these social media platform operators;
      6.1.3. State or local government institutions and authorities, law enforcement and pre-trial investigation institutions, courts and other dispute resolution institutions, other persons performing functions assigned by law, in accordance with the procedure provided for by legislation of the Republic of Lithuania. We provide these entities with mandatory information required by law or specified by the entities themselves;
      6.1.4. Other third parties, such as payment institutions, etc.;
      6.1.5. If necessary, to companies that intend to buy or would buy the Company’s business or would conduct joint activities with us or would cooperate in another form, as well as to companies established by us.
    6.2. We generally process Personal Data within the EU / EEA, but in some cases your Personal Data may be transferred outside the EU / EEA. The transfer of your Personal Data outside the EU / EEA is based on:
      6.2.1. an adequacy decision adopted by the European Commission, which means that the European Commission has recognized the country in which the third party is established and/or carries on business as providing an adequate level of protection of personal data; or
      6.2.2. a data processing or sharing agreement that describes such transfer and includes Standard Contractual Clauses for international transfers; or
      6.2.3. your consent to the transfer of your Personal Data outside the EU/EEA, when you initiate such transfer; or
      6.2.4. other appropriate legal grounds under GDPR.
7. YOUR RIGHTS
    7.1. As a data subject, you have the following rights in relation to your Personal Data:
      7.1.1. the right to be informed: you have the right to be provided with clear, transparent and easily understandable information on how we use your Personal Data and your rights. This is why we are providing you with the information in this Privacy Policy;
      6.1.2. To access your Personal Data and the way they are processed (right of access);
      7.1.2. the right to access: you have the right to access the Personal Data we hold about you;
      7.1.3. the right to rectification: you have the right to ask us to rectify your Personal Data if it becomes inaccurate;
      7.1.4. the right to erasure: you have the right to ask us to erase your Personal Data. If Personal Data is erased under your request, we will only retain such copies of the information which are necessary for us to protect our or third parties’ legitimate interests, comply with governmental orders, resolve disputes, troubleshoot problems, or enforce any agreement you have entered with us;
      7.1.5. the right to restrict processing: you have the right to restrict our processing of your Personal Data in certain circumstances, including if we no longer need your Personal Data but you would like us to retain it to ensure its continued availability to you in connection with any legal claims;
      7.1.6. the right to data portability: you have rights to obtain and reuse your Personal Data for your own purposes across different services in certain circumstances;
      7.1.7. the right to object: you have the right to object at any time to processing of Personal Data concerning you which is based on legitimate interests of ours or third parties. If we can show compelling legitimate grounds for processing your Personal Data which override your interests, or we need your Personal Data to establish, exercise or defend legal claims, we can continue to process it. Otherwise, we must stop using the relevant Personal Data;
      7.1.8. the right to withdraw consent: where you may have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Please be informed that the withdrawal of consent shall not affect the
      7.1.9. the right to ask us to carry out a human review of an automated decision if we make such: if we make an automated decision about you that significantly affects you, you can ask us to carry out a manual review of this decision;
      7.1.10. the right to lodge a complaint: you have the right to lodge a complaint with the relevant data protection supervisory authority.
    7.2. We may refuse to fulfil your rights, except for the right to withdraw consent, where we are not permitted to comply with your request under the GDPR.
    7.3. If you wish to withdraw your consent for the processing of your Personal Data based on your consent or to exercise any of your rights set out above, you may contact us by email at info@extendity.tech or via your account on the Platform.
    7.4. Your request should contain a detailed, accurate description of the Personal Data you want access to or against which you want to exercise your rights. When there are reasonable doubts regarding your identity, you might be asked by us to provide a copy of a document, which helps us to verify your identity. It can be any document such as your ID card or passport. Our use of the information on your identification document is strictly limited: the data will only be used to verify your identity and will not be stored for longer than needed for this purpose.
    7.5. Upon receipt of your request or instruction regarding the processing of your Personal Data, we will respond within 1 (one) month from the date of the receipt of the request and will either carry out the actions specified or inform you why we are unable to do so. If necessary, the time limit may be extended by additional 2 (two) months due to the complexity and number of requests. In such a case, we will notify you of the extension within 1 month of receiving your request.
    7.6. If Personal Data is erased at your request, we may further retain copies of the information as necessary to protect our legitimate interests and those of others, to comply with obligations of public authorities, to resolve disputes, to identify disturbances or to comply with agreements.
8. DIRECT MARKETING
    8.1. With your consent, we may use your Personal Data for direct marketing purposes to provide you with newsletters, offers and information about our services, services that we think may be of interest to you, as well as to inquire about the quality of our services.
    8.2. News can be sent by email, messages to the phone number specified by you, as well as messages in your account. Your contacts may be transferred to our partners / Data Processors who provide us with news sending or quality assessment services.
    8.3. Even if you have given your consent to the processing of Personal Data for direct marketing purposes, you can easily withdraw this consent at any time. To do this, you can:
      8.3.1. notify us of your withdrawal in the manner specified in the electronic notices and / or offers (e. g. by clicking on the “unsubscribe” link in the newsletter, etc.); or
      8.3.2. send us a notification to the email address specified in this Privacy Policy. If you request withdrawal of consent in this manner, we may ask you to verify your identity.
    8.4. Once you withdraw your consent, we will stop sending you direct marketing messages.
9. SECURITY OF YOUR PERSONAL DATA
    9.1. Your Personal Data is processed responsibly, securely and is protected from loss, unauthorized use, and alteration. We have put in place physical and technical measures to protect the information we collect from accidental or unlawful destruction, damage, alteration, loss, disclosure, as well as from any other unlawful processing. Security measures for personal data shall be determined considering the risks arising from the processing of Personal Data.
    9.2. Our employees are under a written obligation not to disclose or distribute your Personal Data to third parties, unauthorized persons.
10. USE OF COOKIES AND OTHER TRACKING TECHNOLOGIES
    10.1. Cookies are a small text file that stores information (often consisting only of a sequence of numbers and letters that identifies the device but may also contain other information) that is used in the browser of the device (computer, tablet, mobile phone, etc.) (e. g. Google Chrome, Internet Explorer, Firefox, Mozilla, Opera, etc.) according to its settings and stored on the device's hard drive. In our Privacy Policy, we use the term "cookies" to describe cookies and other similar tracking technologies, such as Pixel Tags, Web Beacons, Network Data Collectors. The use of cookies ensures better and more efficient operation of the Platform.
    10.2. Cookies may be used to ensure the smooth and secure operation of the Platform, to prevent fraud, to ensure proper functionality, to remember and recognise Users and their choices, monitor website traffic and usage statistics, analyse visitor behaviour, and provide personalised marketing content. In general, cookies are used for the following purposes:
    Cookie categoryDescription
    Strictly necessary cookies These cookies are essential for the proper functioning of the Platform – they allow you to log in, browse and use the features of the website. They can also be used to ensure the accessibility, integrity and security of the Platform and to determine whether visitors comply with the rules.
    Performance or analytical cookies These cookies help us improve the performance of the Platform, for example by ensuring that Users can easily find the information they are looking for.
    Functional cookies Functional cookies enhance the functionality and security of the Platform.
    Targeting cookies
      These cookies are used to provide with personalised offers and advertisements based on your interests, to create a profile of your preferences, and to support email marketing campaigns.
      They are also used to limit the number of times an advertisement is shown and to measure the effectiveness of advertising campaigns. Such cookies may be placed on the Platform by advertising partners.
      Targeting cookies do not directly store personal data; however, they operate by uniquely identifying your browser and device. If you do not consent to the use of these cookies, you will receive less personalised advertising content.
    10.3. When you first visit the Platform, we may only store strictly necessary cookies on your device in accordance with applicable law. We will ask for your consent before storing any other types of cookies.
    10.4. If you consent to the use of cookies, you agree that we and the relevant third parties may use your personal data collected through cookies. Based on your consent, the corresponding cookies will be stored on your device for their specific lifetime.
    10.5. You can change or withdraw your consent to the use of cookies at any time. Even if you withdraw your consent, cookies that were previously stored may remain on your computer or other device. In this case, you may need to delete them manually. Additional information about cookies, their use and management options can be found at: www.AllAboutCookies.org.
    10.6. Cookies used on our Platform:
    Cookie nameCookie categoryPurpose of cookieData processedValidity
    i18n_redirected Functional Used by the nuxt-i18n package which attempts to redirect users to their preferred language by detecting their browser's language. Language identifier. 365 days
    cf_clearance Necessary Cloudflare Clearance Cookie stores the proof of challenge passed. It is used to no longer issue a challenge if present. It is required to reach an origin server. Session
    auth.strategy Necessary Current authentication method used to sign-in to Altro. Authentication identifierSession
    auth.register/github.state Necessary Used to store and validate Github authentication state. Authentication stateSession
    auth.github.state Necessary Used to store and validate Github authentication state.
    auth._token_expiration.register/google Necessary Expiration token for Google registration method. Expiration tokenSession
    auth._token_expiration.register/google Necessary Expiration token for Google registration method. Expiration tokenSession
    auth._token_expiration.register/github Necessary Expiration token for Github registration method. Expiration tokenSession
    auth._token_expiration.google Necessary Expiration token for Google authentication method. Expiration tokenSession
    auth._token_expiration.github Necessary Expiration token for Github authentication method. Expiration tokenSession
    auth._token_expiration.fishbait Necessary Expiration token for Altro (username & password) authentication method. Expiration tokenSession
    auth._token.register/google Necessary Authentication token for Google registration. Authentication token2 days
    auth._token.register/google Necessary Authentication token for Google registration. Authentication token2 days
    auth._token.register/github Necessary Authentication token for Github registration. Authentication token2 days
    auth._token.google Necessary Authentication token Google sign-on. Authentication token60 seconds.
    auth._token.github Necessary Authentication token Github sign-on. Authentication token60 seconds.
    auth._token.fishbait Necessary Authentication token for username / password sign-on. Authentication token60 seconds.
    auth._refresh_token_expiration.register/google Necessary Refresh expiration token for Google registration. Refresh tokenSession
    auth._refresh_token_expiration.register/github Necessary Refresh expiration token for Github registration. Refresh expiration tokenSession
    auth._refresh_token_expiration.google Necessary Refresh expiration token for Google sign-on. Refresh expiration tokenSession
    auth._refresh_token_expiration.github Necessary Refresh expiration token for Github sign-on. Refresh expiration tokenSession
    auth._refresh_token.register/google Necessary Refresh token for Google registration. Refresh tokenSession
    auth._refresh_token.register/github Necessary Refresh token for Github registration. Refresh tokenSession
    auth._refresh_token.google Necessary Refresh token for Google sign-on. Refresh tokenSession
    auth._refresh_token.github Necessary Refresh token for Github sign-on. Refresh tokenSession
11. CONTACT US
    11.1. If you have any questions, comments or complaints about how we collect, use and store information about you, or if you wish to exercise your rights as a data subject, you may contact us at: info@extendity.tech or via your account on the Platform.
    11.2. If you wish to submit a complaint regarding our processing of Personal Data, please provide it to us in writing, giving as much information as possible. We will cooperate with you and try to resolve all issues without undue delay.
    11.3. You have the right to make a complaint regarding the privacy or data processing issues at any time to the supervisory authority. You can complain in the EU member state where you live or work, or in the place where the alleged breach of data protection law has taken place. In Lithuania, the State Data Protection Inspectorate, address L. Sapiegos g. 17, Vilnius, Lithuania, email: ada@ada.lt, is the competent authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance.
12. FINAL PROVISIONS
    12.1. We may change this Privacy Policy. We will notify you of the changes by placing an updated Privacy Policy on the Platform, or by other common means of communication. Additions or changes to the Privacy Policy shall take effect from the date of renewal specified in the Privacy Policy unless another effective date is specified.
    12.2. If you continue to use the Platform, order services from us or contact us, you are deemed to have accepted the amended terms and conditions of the Privacy Policy.