fbpx Skip to main content
Privacy Policy

UAB “MCT” (Ltd.) UPA Medical SPA (hereinafter – UPA) finds the protection of  the clients and patients’ as well as personal data of other data subjects of great importance. So, we are responsible to respect and save the privacy of every data subject.

This Privacy policy presents basic information about personal data processing, performed by UPA, its protection and rights of data subjects.



Personal data – any information concerning natural person, whose identity is set or could be set (data subject). Such natural person, whose identity could be set, is a person, whose identity can be directly or indirectly set according to the identificator, such as name, surname, personal identification number, location data and the Internet identificator or according to one or several physical, physiological, genetic, psychological, economic, cultural or social characteristics of that natural person;

Data subject – natural person, whose personal data is processed;

Data subject agreement – any free will, concrete and unequivocal properly informed data subject’s expression of will or unequivocal actions with which he/she agrees with his/her personal data processing.

Data processing – any automated or not automated means of processing personal data or personal data sets with a transaction or sequence of operations, such as collecting, recording, sorting, sorting, storing, adapting or otherwise making it available, as well as matching or linking with other data, limiting, deleting or destroying it.

Data recipient – natural or juridical person, public authority, agency or another institution, whom personal data is revieled, no matter if it is a third party or not. However, public authorities, which according to the Union or state membership right can get personal data while performing some particular research, are not considered to be data recipients; while proceeding the data, public authorities follow data protection rules, set according to the data processing objectives;

The third party – natural or juridical person, public authority, agency or another institution, which is not a data subject, data manager, data processor or people, who are authorized by direct data manager or data processor to proceed personal data;

Special cathegory data – personal data, which reveals racial or ethnic origin, political views, religious or philosophic beliefs, membership in professional associations, as well as data, revealing health data, data, related to natural person’s sexual life and/or his/her sexual orientation.


Legal criteria to administer personal data

UPA collects and further administers your personal data just referring to legal basis, defining personal data protection, regulatory legal acts:

-your agreement;

-making and (or) proceeding your contract.

Aims of personal data proceeding

UPA proceeds data for accomodation and rehabilitation centre service aims.

Processed personal data

UPA proceeds the following data:

  • personal data, which you agreed to present in the forms, presented in the website upa.lt (that is basic information, for example: name, surname, e-mail address);
  • personal data, which is received while making business (cooperation) contract (name, surname, e-mail address, telephone number);
  • another data, which is collected with your agreement and which is specifically described at the time when you are asked for agreement;
  • another data, which is received while trying to provide service, make and (or) proceed a contact, which was made with you;
  • video surveillance data when you visit UPA center, located at the address: Sveikatos Str.36, LT-66251, Druskininkai


To improve your experience while visiting UPA websites, we use cookies – small files which are automatically created while browsing websites and are stored in your computer or another piece of equipment. Information, which is collected by cookies, enables us to guarantee fluent operation of the website, your possibility to browse in a comfortable way as well as to get to know more about our website visitors’ behaviour, analyse tendencies and improve the website and service, provided by UPA.

You can choose if to accept cookies on the website. If you do not agree to receive cookies to your computer or another piece of equipment you will be able to change settings in the Internet browser or switch off all cookies or switch on/off them one by one. However, you should pay attention that in some cases it can slow down the Internet speed, limit some functions in some websites or block the access to the website.

Cookies data is not transferred to any third party.


Period to save personal data

We save your personal data  not longer than it is necessary for administrating the data or as it is set by legal acts, if the protection period is prolonged.

We do our best not to save out of date or unnecessary information and guarantee that personal data and another information, concerning clients, was always renewed and correct.

Personal data presentation

UPA provides your data:

  • when you agree to clearly defined data recipients;
  • companies or organizations, according to legal act requirements;
  • when you agree to other third persons, concerning some particular case.


UPA carries out online activity which meets all appropriate international legal acts, legal acts of the European Union and the laws of the Republic of Lithuania.

General data protection regulation (GDPR)

UPA processing data subject personal data follows the provisions of the General data protection regulation and has implemented the appropriate organizational and technical measures ensuring the security of personal data that helps to protect personal data against accidental or illegal destruction, replacement, disclosure as well as any other illegal processing.

Implementation of the rights of data subjects

You have a right to:

  • address UPA with a request to provide information about your processed personal data by UPA (“right to know” and “right to get to get information”)
  • address UPA with a request to correct or destroy your personal data when you identify that the data is not right, incomplete or inaccurate (“right to correct and destroy”);
  • address UPA with a request to suspend proceeding your personal data if you identify that personal data is processed illegally or dishonestly (“right to suspend”)
  • address UPA with a request to disagree on further procession of your personal data (“right to disagree”);
  • address UPA with a request to limit the procession of your data, if personal data is processed illegally (“right to limit”);
  • address UPA with a request to delete your data when personal data has been processed illegally or personal data is not necessary to achieve goals for which it has been collected or processed in different ways (“right to be forgotten”);
  • address UPA with a request to provide information about personal data, processed by UPA and get data in a systematized, commonly used and computer readable format (“right to data portability”).

Implementing Genderal Data Protection Regulation UPA signed an agreement concerning data protection officer service with a company MB“Legitima”. Data subjects and other concerned people can contact UPA officer, responsible for data protection, using the following contacts:

  • E-mail:dap@legitima.lt;
  • Telephone: + 370 607 97014
  • Address: Perkūnkiemio Str. 5, LT – 12129,Vilnius

If you fail to resolve the issue with UPA and if you have any doubts about UPA’s actions which is potentially in violation of this Privacy notice or legal requirements you have a right to address the Compliance Authority, which is in charge of personal data protection regulating legal acts and its control.

Book Book