We are a “data controller” for the purposes of the EU General Data Protection Regulations 2016/679 (hereinafter referred to as “GDPR”) and other applicable European legislation on data protection, and we are also the “owner of the personal data” in the understanding of the Law of Ukraine “On the Protection of Personal Data” dated 01 June 2010, No. 2297-VI.
We shall process your personal data only if one of the conditions specified in Article 6 of the GDPR is fulfilled, including but not limited to:
- You gave your consent to the processing of personal data;
- The processing is required for the conclusion or performance of an agreement with you or provision of additional services to you;
- Such processing is required by the legislation of countries with which we have contractual relations.
- Personal data shall mean any information of a personal nature that allows a third party to identify an individual (data subject).
- User shall mean an individual to whom personal data belong and who can be identified by this personal data or who has already been identified.
- Site administration shall mean an individual or legal entity that manages the Sites, including the personal data collection.
Sites using the personal data of users (hereinafter referred to as the “Sites”):
What data do we store:
Where are the Cookies files stored?
All cookies files that we collect shall be stored in the user browsers in your mail (for example, on Microsoft servers, if you use Office365) and in the MailChimp. The cookies stored on your device do not identify the specific user, but the computer or mobile device you are using by random identification tags.
- Section I. General Provisions:
- 1.1.This Agreement shall govern the relations on the using of Sites and the “Users”.
- 1.2.The personal data shall be processed in accordance with the requirements of the Law of Ukraine “On Protection of Personal Data”. The processing of personal data of Users, who are located in the EU or are EU citizens, shall be governed, in particular, by the EU General Data Protection Regulations 2016/679 (hereinafter referred to as the “GDPR”).
- 1.3.This Agreement shall be a public agreement in accordance with which the user shall testify his/her accession to this agreement. He/she shall fully agree with the terms and conditions listed below. The Sites shall offer the User access to the use of online services through a software application under the terms and conditions provided for in this Agreement.
- 1.6.The Site administration shall not verify the accuracy of personal data provided by the User, Site.
- Section II. Objectives of data processing:
- 2.1.The Site administration shall use the data for the following purposes:
- 2.1.1.Processing of incoming requests and communication with the User;
- 2.1.2.Conducting of marketing, statistical and other researches;
- 2.1.3.Targeting of advertising materials on the Site.
- 3.2.The Site administration shall store the data and ensure their protection from the unauthorized access and distribution in accordance with the internal rules and regulations.
- 3.3.In order to improve the quality of work, the Site administration shall be entitled to keep log files about actions performed by the User within the framework of using the Site for 1 (one) year.
- Section IV. Personal Data Processing Principles:
- 4.1.To process the data in a legal, legitimate and transparent way (“Legality, legitimacy and transparency”);
- 4.2.To consider the data sufficient and appropriate and limit them as appropriate, taking into account the purpose of processing (“data minimization”);
- 4.3.To collect the data for specific, clear and legitimate targets and do not process them in future in a way incompatible with such targets; further processing to achieve the targets of public interest, goals or objectives of scientific or historical research or statistical targets may not be considered incompatible with the primary targets (“target restrictions”) according to article 89 (1);
- 4.4.To process the data in a way that protects personal data from unauthorized or illegal processing and against unintentional loss, destruction or damage using appropriate technical and organizational tools (“integrity and confidentiality”).
- Section V. Legitimacy of Processing:
- 5.1.The processing shall be legal if the following conditions are met:
- 5.1.1.The Users gave their consent to the use of data with one or several specific purposes;
- 5.1.2.The provision of the data is required to fulfill the agreement with the User and (or) any obligations preceding the conclusion of the Agreement of obligations;
- 5.1.3.Processing is required to fulfill the statutory duties entrusted to the Site administration;
- 5.1.4.Processing is associated with a particular task, which is carried out in the public interest or in the exercise of official powers laid on the Site administration;
- 5.1.5.Processing is required to ensure the legitimate interests pursued by the Site administration or a third party.
- Section VI. User Rights:
- 6.1.To obtain all information about the collected personal data from the Site administration;
- 6.2.To know the period of personal data storage, or, if this is not possible, the criteria for determining such a period;
- 6.3.To receive confirmation of the processing of her or his personal data from the Site administration;
- 6.4.To correct his or her inaccurate personal data that shall be carried out by the Site administration without any unreasonable delay. Considering the processing objectives, the user shall have the right to fill in blank personal data, including by submitting an additional application.
- 6.5.To erase their personal data that shall be carried out by the Site administration without any unreasonable delay;
- 6.6.To limit the processing of personal data;
- 6.7.To receive his or her personal data that were provided by the Site administration, in a structured, generally accepted format, easy to read by the machine, and that has the right to transfer such data to another controller without interference from the controller;
- 6.8.Users shall be entitled to submit a claim on data protection to the competent authority.
- Section VII. Cookies and Other Tracking Technologies:
- 7.2.You can set up your browser so that it reports the arrival of a cookie, and you can choose whether to accept it or not. At the same time, disabling cookies in your browser settings, you can not use all the personalization features.
Cookie files are small data files, in the form of text and/or numbers, that are stored on your computer or any other device having an Internet browser when you visit a website so that your device will be recognized at your next visit.
- 7.3.Fulfilling the requirements of the General Data Protection Regulations (GDPR) adopted by EU Regulation 2016/679, in terms of personal data processing and privacy protection in the electronic communications sector (e- Privacy Directive), we need your consent to the use of cookie files and their installation on your devices.
- 7.4.What are the types of cookie files:
- 7.4.1.Mandatory cookie files are cookie files required for the proper functioning of the Site. They allow you to use certain functions of the Site, for example, ensure the security of login to the account on the Site.
- 7.4.2.Analytical / working cookie files – these files collect data on the number of users of the Site, their choice of information during the search, as well as other data necessary to enhance the functionality of the Site
- 7.4.3.Functional cookie files are cookie files used to recognize the user when he/she visits the Site again. They help to personalize the content of the Site, save the selected settings, etc.
- 7.4.4.Advertising cookie files / third-party cookie files – using these files, information about the user’s behavior on the Site is used to show him/her targeted advertising or other information of interest to him/her.
- 7.5.The following cookie files are used in the activities of the Sites:
- 7.5.1.Strictly Necessary:
- cookie files required to perform basic functions.
- cookie files used to store user-specific settings, such as account name, language and location.
- 7.5.3.Advertising and Analytics:
- cookie files allowing you to create anonymous data on the use of the Sites by the Users, define demographic statistics, as well as to distinguish requests from different browsers and store useful information.
- 7.5.4.Embedded Content:
- cookie files belonging to different third-party applications and services to improve the convenience of visitors of the Sites. They include embedded content from Youtube, etc. We do not have direct control over the information collected by these cookie files.
- cookie files that are part of the security mechanism. They protect the website from hackers, cybercriminals, spammers and bots. We do not store any personal or sensitive data in these cookie files.
- Section VIII. Technical, Organizational and Other Data Protection Measures:
- 8.1.In order to safely store your personal data, we have implemented many technical and organizational measures that protect personal data from unauthorized or unlawful processing and from inadvertent loss, destruction or damage.
- 8.2.The Site administration shall follow the principle of minimization of personal data. We process only the information about you that we need, or the information that you shall agree to provide beyond the scope of the necessary processing. In addition, we have set up all the interfaces of our website and application for the provision of services so that the highest possible confidentiality is respected, the settings of which you can adjust as you wish.
- 8.3.When transferring personal data to government agencies, we always use the most secure and proven ways to transfer such data.
- 8.4.We use, among other things, Google Analytics information, IP, cookies, which do not allow the Company to identify data about them and the purpose of such monitoring, namely:
- 8.4.1. WP Cerber plugin. Two-factor authorization. Monitoring requests for hacking bottlenecks and blocking by ip.
- 8.4.2. SHA-256 with RSA Encryption encryption of HTTPS connections by Let’sEncrypt publisher.
- 8.4.3.Using a STARTTLS connection to send mail via SMTP Relay Gmail or Office 365 with fixed server IP addresses.
- 8.4.4.SHA-256 with RSA Encryption server access keys via SSH.
- Section IX. Personal Data Storage Period:
- 9.1.We will not store your data for the period longer than it necessary to fulfill the purpose for which they are processed, or to comply with statutory requirements.
- 9.2.To determine the appropriate storage period, we determine the nature and category of personal data, the purposes for which we process them, and whether we can achieve these goals through other means.
- 9.3.Personal data shall be processed and stored as long as they are required for the purposes for which they were collected.
- 9.4.1.Personal data collected for purposes related to the execution of an agreement between the User and the Site administration shall be stored until such agreement is executed in full.
- 9.4.2.Personal data collected in order to ensure the legitimate interests of the Site administration shall be stored until they are needed for such purposes. Users may find specific information about the legitimate interests pursued by the Site administration in the relevant sections hereof.
- 9.4.3.The Site administration may be allowed to save Personal data for a longer period of time if the User has agreed to such processing until such consent is withdrawn. In addition, the Site administration may be required to store personal data for a longer period of time, if it is required to fulfill the statutory obligations or in accordance with the order of an authority.
- 9.5.Upon expiration of the storage period, personal data shall be deleted. Thus, the right of access, the right of deletion, the right of correction and the right to transfer data may not be exercised through legal proceedings after the expiration of the storage period.
- Section X. Withdrawal of the Personal Data Processing Consent and the Right to Be Forgotten:
- 10.1.If the Site administrations processes your personal data on the basis of consent to the processing of personal data (in particular, for the purpose of marketing campaigns), the further processing may be stopped at any time. All you have to do is to withdraw your consent to such processing.
It is sufficient to withdraw consent to such processing using a written request.
- 10.2.You may also exercise your right to be forgotten. In the cases provided for in Art. 17 of GDPR, the Site administrations will destroy your personal data that it processes, with the exception of those personal data that we will be obliged to keep in accordance with legal requirements.