Data protection policy
This personal data processing policy has been drawn up on the basis of the Constitution of Ukraine and the Law of Ukraine “On Personal Data Protection” dated 01.06.2010 No. 2297-VI (hereinafter - the Law), as well as the General Data Protection Regulation (EU) 2016/679 dated 27.04.2016. (EU General Data Protection Regulation, hereinafter referred to as GDPR) and other applicable European data protection legislation, hereinafter referred to as the Legislation, and determines the procedure for processing personal data and measures to ensure the security of personal data taken by LLC “Law Firm EUROVECTOR” (hereinafter referred to as the Operator).
1.1. The Operator sets as its most important goal and condition for the implementation of its activities the observance of human and civil rights and freedoms in the processing of their personal data, including the protection of the rights to privacy, personal and family secrets.
1.2. This Operator's policy on the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors to the website https://eurovector.ua/
1.3. The law, GDPR and this Policy apply to all personal data processing functions, including those performed in relation to the personal data of customers, employees, suppliers and partners, as well as any other personal data that the organization processes from various sources.
1.4 This policy applies to all employees and stakeholders of Law Firm EVROVECTOR LLC, including external suppliers. Any violation of this policy will be considered as a violation of labor discipline, and in case of suspected crime, it will be referred to the relevant state authorities as soon as possible.
1.5.Partners and third parties working with or for Eurovector Law Firm LLC, as well as those who have or may have access to personal data, must familiarize themselves with this policy, understand and comply with it. No third party may have access to personal data stored by EVROVECTOR Law Firm without first entering into a data confidentiality agreement that imposes obligations on the third party that are no less onerous than those assumed by EVROVECTOR Law Firm and that entitles EVROVECTOR Law Firm to conduct audits of compliance with the obligations imposed by the agreement.
1.6. The Management of Law Firm EVROVECTOR is responsible for the development and promotion of good practices in the field of information processing.
This responsibility of the Management includes:
- development and implementation of the requirements of the Law, GDPR in accordance with the requirements of this policy;
- managing security and risks in relation to compliance with the policy;
- is a point of contact for employees who want to get clarification on any aspect of data protection compliance.
Responsibility for compliance with data protection legislation lies with all employees of Eurovector Law Firm LLC who process personal data.
2. Basic concepts used in the Policy
2.1. Automated processing of personal data means the processing of personal data by means of computers;
2.2. Blocking of personal data - temporary suspension of the processing of personal data (except if the processing is necessary to clarify personal data);
2.3.Website shall mean a set of graphic and informational materials, as well as computer programs and databases that ensure their availability on the Internet at the network address https://eurovector.ua/
2.4. Personal data information system means a set of personal data contained in databases and information technologies and technical means ensuring their processing;
2.5. Depersonalization of personal data - actions in which it is impossible to determine, without the use of additional information, the ownership of personal data to a specific personal data subject or other personal data subject;
2.6. Processing of personal data - any action (operation) or set of actions (operations) performed with the use of automation tools or without the use of such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), removal, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
2.7. Operator - a state body, municipal body, legal entity or individual who, independently or jointly with other persons, organizes and (or) processes personal data, as well as determines the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data;
2.8. Personal data - any information relating directly or indirectly to a specific or determined Subject of personal data of the website https://eurovector.ua/
2.9. Personal Data Subject - an individual whose personal data is processed and/or any visitor to the website https://eurovector.ua/
2.10. Provision of personal data - actions taken to disclose personal data to a certain person or a certain circle of persons;
2.11. Dissemination of personal data - any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or familiarization with personal data of an unlimited number of persons, including disclosure of personal data in the media, placement in information and telecommunication networks or providing access to personal data in any other way;
2.12. Cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to a foreign state authority, foreign individual or foreign legal entity;
2.13. Destruction of personal data - any actions as a result of which personal data is destroyed irrevocably with the impossibility of further restoring the content of personal data in the personal data information system and (or) material carriers of personal data are destroyed.
3. The Operator may process such personal data (any information relating to an identified individual who can be identified directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or one or more characteristics specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual).
The Subject's personal data also includes:
3.1. Surname and patronymic;
3.2. Email address;
3.3 Phone numbers;
3.4. Other information provided by the Personal Data Subject to the Controller.
3.5. The data in the text of the Policy are united by the general concept of Personal Data.
In most cases, consent to the processing of personal and special categories of data is usually obtained from the Personal Data Subject using standard consent documents (for example, when a new client signs a contract or when hiring a new employee of LLC “Law Firm EUROVECTOR”)
4. Purposes of personal data processing:
4.1 The personal information provided by the Personal Data Subject to the Controller will be used for the purposes specified in these rules or on the relevant pages of the website. We may use your personal information for the following purposes:
-administration of the website and business;
-personalization of the website for the Personal Data Subject;
-providing the Personal Data Subject with the opportunity to use the services available on the website;
-sending notifications, invoices and payment reminders to the Personal Data Subject and receiving payments from the Personal Data Subject;
-sending to the Personal Data Subject by e-mail messages that the Personal Data Subject has specifically requested;
-sending the Personal Data Subject marketing messages regarding business activities or business activities of carefully selected third-party companies that may be of interest to the Personal Data Subject;
-processing of requests and complaints made by the Personal Data Subject through the website;
-to ensure the security of the website and prevent fraud;
And for other purposes.
If the Personal Data Subject has provided personal information for publication on the website, the Controller may publish it.
4.2 The purpose of processing personal data of the Personal Data Subject is to inform the Personal Data Subject by sending e-mails; conclude, execute and terminate civil law contracts; provide the Personal Data Subject with access to services, information and/or materials contained on the website.
The purpose is also to protect the “rights and freedoms” of individuals and to ensure that personal data is not processed without the knowledge of the Personal Data Subject, and where possible, is processed with his or her consent.
4.3. The Operator also has the right to send the Personal Data Subject notifications about new products and services, special offers and various events. The Personal Data Subject can always refuse to receive information messages by sending a letter to the Controller to the e-mail address marked “Refusal to receive notifications about new products and services and special offers”.
4.4. Anonymized data of the Personal Data Subject collected through Internet statistics services are used to collect information about the actions of the Personal Data Subject on the website, improve the quality of the website and its content.
4.5. All processing of personal data is carried out in accordance with the principles of data protection set forth in the Law, GDPR.
5. Legal basis for the processing of personal data:
5.1. The Controller processes the personal data of the Personal Data Subject only if they are sent by the Personal Data Subject to the Operator. By sending his/her personal data to the Controller, the Personal Data Subject agrees to this Policy.
6. The procedure for collecting, storing, transferring and other types of processing of personal data.
Personal data must be adequate, relevant, limited to what is necessary for their processing for the relevant purpose.
Personal data must be accurate and up-to-date at all times to ensure that the necessary efforts are taken to ensure the possibility of immediate (within the limits of possible technical solutions) deletion or correction.
The security of personal data processed by the Controller is ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.
6.1. The Controller ensures the safety of personal data and takes all possible measures to exclude access to personal data of unauthorized persons.
6.2. The personal data of the Personal Data Subject will never, under any circumstances, be transferred to third parties, except in cases related to the implementation of applicable law.
The Operator reserves the right to disclose the personal information of the Personal Data Subject:
-in cases where we are required to do so by law;
-in connection with any current or future legal proceedings;
-to establish, exercise or defend our legal rights (including providing information to other parties to prevent fraud or reduce credit risks);
-to the buyer (or potential buyer) of any business or assets that the Controller sells (or intends to sell);
-to any person who may request a court or other authorized body to disclose such personal data and, in the reasonable opinion of the Controller, such court or authorized body may issue an order to disclose such personal data.
6.3. In case of inaccuracies in personal data, the Personal Data Subject may update them independently by sending a message to the Controller to the Controller's e-mail address marked “Personal data update”.
6.4. The period of personal data processing is unlimited. The subject of personal data may at any time withdraw his or her consent to the processing of personal data by sending a notification to the Controller via e-mail to the Controller's e-mail address marked “Withdrawal of consent to the processing of personal data”.
7. Cross-border transfer of personal data:
7.1.At the beginning of the cross-border transfer of personal data, the Controller is obliged to make sure that the foreign state, the territory of which is supposed to transfer personal data, provides reliable protection of the rights of personal data subjects.
7.2. Cross-border transfer of personal data in the territory of foreign countries that do not meet the above requirements may be carried out only if there is a written consent of the personal data subject to the cross-border transfer of his/her personal data and/or the execution of an agreement to which the personal data subject is a party.
8. Final provisions:
8.1. The subject of personal data may receive any clarifications on issues of interest regarding the processing of his or her personal data by contacting the Controller by e-mail.
The personal data subject may make requests for access to data. Law Firm EUROVECTOR LLC ensures a timely response to the request of the Personal Data Subject in accordance with the requirements of the Law, GDPR.
The Personal Data Subject has the right to file complaints to the EUROVECTOR LLC related to the processing of their personal data, processing of the Personal Data Subject's request and the Personal Data Subject's request regarding the method of complaint handling in accordance with the methods of communication in case of complaints and requests from the Personal Data Subject.
8.2. This document will reflect any changes to the personal data processing policy of the Controller. The Policy is valid indefinitely until replaced by a new version.
8.3. The current version of the Policy is freely available on the Internet at:
|
Contact with the Personal Data Controller: |
||
|
Website: https://eurovector.ua/ |
Email: info@evrovektor.com |
Phone:+380965182838 |