LEGAL // DATA_PROTECTION

Privacy Policy

Last updated: 26 June 2026

This Privacy Policy explains how AutoKultas handles personal data when individuals use our B2B parts platform on behalf of a trade customer. It covers what we collect, why we use it, who we share it with, how long we keep it, and the rights you have under the GDPR.

01

Who We Are

AutoKultas ("AutoKultas", "we", "us" or "our") operates a business-to-business platform for sourcing and supplying automotive and motorsport parts. This Privacy Policy explains what personal data we collect about the individuals who use our platform on behalf of trade customers, how we use it, who we share it with, and the rights you have over it.

For the purposes of the EU General Data Protection Regulation (GDPR), the data controller is UAB “AUTOKULTAS” (company code 303322027), registered at Šaltupio 11A, Vilnius, Lithuania, trading as AutoKultas. If you have any questions, you can reach us at [email protected] or by calling +370 600 68447.

02

Data We Collect

Because we serve businesses, most of the data we hold relates to companies. However, we also process personal data about the individuals who register accounts, place orders, and contact us. This includes:

Account & contact data

  • Name, business email address, telephone number and job role of account contacts.
  • Company name, trading address, delivery addresses and VAT identification number.
  • Login credentials and account preferences.

Transaction data

  • Orders placed, parts purchased, quotes requested, invoices and payment status.
  • Returns, warranty claims and related correspondence.

Technical & usage data

  • IP address, device and browser information, and the pages and parts you view on the platform.
  • Information collected through strictly necessary and analytics technologies needed to operate and secure the platform.

We do not intentionally collect special categories of personal data, and we do not knowingly collect data from consumers or children.

03

How We Use Your Data

We use personal data only where we have a lawful basis to do so. The bases we rely on are: performance of a contract, our legitimate business interests, compliance with a legal obligation, and, where required, your consent.

  • To create and administer your business account and verify your eligibility as a trade customer.
  • To process orders, arrange delivery, handle returns and provide customer and technical support.
  • To manage billing, credit terms, invoicing and the collection of amounts owed.
  • To operate, secure, maintain and improve the platform and prevent fraud and misuse.
  • To send service messages about your orders and account, and — where permitted — relevant product and availability updates, which you can opt out of at any time.
  • To comply with our legal, tax and accounting obligations.
04

Cookies & Similar Technologies

We use a limited set of cookies and similar technologies that are strictly necessary to operate the platform — for example to keep you signed in, remember your cart and account scope, and protect against fraudulent activity. These are required for the service to function.

Where we use optional analytics technologies to understand how the platform is used and improve it, we do so on the basis described in this policy and you can control them through your browser settings. We do not use cookies for third-party advertising.

05

How We Share Data

We do not sell personal data. We share it only with parties who help us run the platform and fulfil your orders, and only to the extent necessary:

  • Suppliers and manufacturers, where needed to fulfil an order, process a warranty claim, or confirm fitment.
  • Logistics and courier partners, to deliver goods to your chosen address.
  • Payment providers and financial institutions, to take payment and manage credit.
  • IT, hosting, communications and analytics providers acting as our processors under written agreements.
  • Professional advisers, auditors and authorities, where required by law or to establish, exercise or defend legal claims.

All processors are bound by contract to protect personal data and to use it only on our instructions.

06

International Transfers

Some of our suppliers and service providers may be located outside the European Economic Area or the United Kingdom. Where we transfer personal data to such countries, we put appropriate safeguards in place — such as an adequacy decision or the European Commission's Standard Contractual Clauses — so that your data continues to receive an equivalent level of protection.

07

Data Retention

We keep personal data only for as long as it is needed for the purposes set out in this policy. Account data is retained for the life of the account and for a reasonable period afterwards. Order, invoice and tax records are kept for the period required by applicable accounting and tax law. When data is no longer needed, we delete it securely or anonymise it.

08

Your Rights

Subject to the conditions set out in the GDPR, you have the following rights over your personal data:

  • Access — to obtain a copy of the personal data we hold about you.
  • Rectification — to have inaccurate or incomplete data corrected.
  • Erasure — to ask us to delete data where there is no continuing reason for us to hold it.
  • Restriction and objection — to limit or object to certain processing, including direct marketing.
  • Portability — to receive certain data in a structured, machine-readable format.
  • Withdrawal of consent — where processing is based on consent, to withdraw it at any time.

To exercise any of these rights, contact us at [email protected]. You also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your data properly.

09

Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or alteration. These include encrypted connections, access controls, and restricting access to data to those who need it. No system can be guaranteed completely secure, so we also encourage you to keep your account credentials confidential and to notify us promptly of any suspected breach.

10

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes we will update the "last updated" date and, where appropriate, notify account holders. We encourage you to review this page periodically.

Questions about this document? Reach our team at [email protected] or through the contact page.