PRIVACY POLICY

 

Effective Date: September 1, 2022

This Privacy Policy (hereinafter referred to as the “Policy”) governs the protection of personal data of visitors to the website https://zrda.org/ (hereinafter referred to as the “Website”), owned by the “AGENCY FOR REGIONAL DEVELOPMENT” Institution (EDRPOU code 41502368, legal address: Korolyova Square 1, Office 401, Zhytomyr), registered in accordance with the laws of Ukraine (hereinafter referred to as the “Institution”).

 

1. GENERAL PROVISIONS

1.1. This Policy is developed to inform data subjects about the procedure for processing their personal data while visiting/using the Website, as well as to ensure the protection of their personal data during such processing. To improve the quality of service and the security of our users’ data, we inform you about the types of data we collect and how we use them on our Website. We respect the confidential information of any person visiting our website, and therefore, based on the requirements of Ukrainian legislation and the European Parliament and Council’s regulations, we have prepared this Privacy Policy. This Policy does not apply to websites accessed through hyperlinks posted on our Website.

1.2. This Policy, as well as the Institution’s activities related to the collection, processing, storage, and other lawful actions concerning personal data, are governed by: the Constitution of Ukraine; the Law of Ukraine “On Personal Data Protection” dated June 1, 2010, No. 2287-VI; and other applicable legal acts of Ukraine regulating the protection of personal data; as well as international legal acts ratified by Ukraine.

Relations arising in the Institution concerning the processing of personal data of residents of foreign jurisdictions are also governed by the laws (including international law), national and international legal acts that regulate the protection of personal data of residents of such countries.

1.3. In this Policy, the terms are used in the following meanings:

  • Personal data – information or a set of information about an individual who is identified or can be specifically identified;
  • Consent of the personal data subject – the voluntary declaration of will of an individual (subject to their awareness) regarding permission for the processing of their personal data in accordance with the formulated purpose of their processing, expressed in a form that allows concluding the provision of consent;
  • Processing of personal data – any action or set of actions performed wholly or partially in an information (automated) system and/or in personal data card files, related to the collection, registration, accumulation, storage, adaptation, modification, renewal, usage, and dissemination (distribution, sale, transfer), anonymization, destruction of information about an individual;
  • Personal data subject – an individual whose personal data is being processed;
  • Third party – any person, except for the personal data subject, the owner, or the processor of the personal data;
  • All other terms in this Policy are used in the meanings defined by the current legislation of Ukraine, including ratified international legal acts.

1.4. The owner of personal data processed in connection with the visit/use of the Website options is the Institution. The Institution has the right to delegate, fully or partially, the processing of personal data to third parties based on a contract concluded in accordance with the requirements of applicable legislation.

1.5. An individual is a subject of personal data under this Policy if they are a visitor to the Website, including if they use any options available on the Website.

The publication of this Policy at the link specified in clause 6.1 of this Policy constitutes notification to personal data subjects about the owner, the composition, and content of the personal data collected in connection with the visit/use of the Website, their rights, the purpose of collecting their personal data, and third parties to whom such personal data may be transferred.

1.6. The Institution guarantees that:

  • It adheres to proper practices and regulatory requirements regarding personal data protection;
  • It protects the rights of personal data subjects;
  • It prevents risks of security breaches in personal data processing.

1.7. The purpose of processing personal data obtained during the functioning of the Website is the performance of the Institution’s statutory activities:

  • Administering our Website and conducting social and public activities;
  • Providing the opportunity for feedback through the form on the Website;
  • Sending you non-marketing communications;
  • Sending you email communications related to our public activities, which you can unsubscribe from at any time;
  • Providing third parties with statistical information about our users (third parties will not be able to identify any individual user from this information);
  • Handling requests and complaints made by or about you regarding our Website;
  • Keeping our Website secure and preventing fraud;
  • Verifying compliance with the terms governing the use of our Website (including monitoring private messages sent through the Website’s private messaging service).

 

2. COLLECTION AND PROCESSING OF PERSONAL DATA.

2.1. The processing and storage of the provided personal data are carried out in data centers where the equipment ensuring the operation of the Site’s services is located. The provided personal data is processed and may be stored in a Personal Data Database or a separate table of the Site’s Database.

2.2. The Institution may collect and process the following information about you:

  • Information you provide to the Institution: this includes information about you that you provide by using the Site and its options, subscribing to email updates, communicating with the Institution through the options available on the Site, and so on.
  • Information collected by the Site and other systems: if you visit the Site, third parties may collect certain information about you and your visit, such as the type and version of your browser, the pages you visit on the Site, and your internet protocol (IP) address; if you contact the Institution’s staff through the Site or other electronic means of communication.
  • Information collected by third parties about you on the Site through their actions: this includes information about you that you provide to third parties (e.g., Facebook, Google, Twitter) when using the social media sharing options available on the Site, navigating from one page to another, or viewing materials linked to other platforms (websites).

2.3. How the Institution processes your personal data depends on how you use and interact with the Site. Some information may be provided directly by you during your use of the Site or otherwise; other information may be collected and processed by the Institution through automated technologies used on the Site.

2.4. Legal grounds for data processing: when visiting the Site, the Institution processes your personal data if:

  • The Institution has obtained your consent for such processing;
  • Your personal data is necessary for the Institution to conclude and execute a transaction with you or to take steps prior to concluding a transaction;
  • In cases where the Institution has a legitimate interest in processing your personal data, and this legitimate interest does not outweigh your data protection interests or your fundamental rights and freedoms;
  • And in other cases defined by applicable law. In some instances, the Institution may have a legal obligation to process your personal data for the formation, execution, or defense of legal claims.

2.5. The Institution uses your personal data solely for the purposes defined in this Policy and applicable law, including (but not limited to):

  • To process your request (inquiry) to the Institution made through the Site;
  • To ensure the exchange of information, relations in the field of advertising and communication in accordance with the Laws of Ukraine “On Personal Data Protection,” “On Information,” “On Advertising,” “On Telecommunications,” “On Information Protection in Information and Telecommunications Systems,” “On Public Associations”;
  • To carry out other statutory purposes of the Institution in the manner prescribed by applicable law.

2.6. The dissemination of your personal data is carried out only with your consent or in cases defined by this Policy and applicable law.

Personal data may be transferred to third parties in the following cases:

  • You have provided explicit consent for such transfer;
  • It is necessary for the conclusion or execution of a transaction between us and a third party for your benefit;
  • It is necessary for the formation and execution of legal procedures (claims, lawsuits, court proceedings, etc.);
  • There are significant public interest reasons;
  • In response to legitimate requests from government bodies that have the right to demand and receive such data and information.

Except for the cases provided in this Policy, we commit not to share your personal information with third parties.

2.7. Personal data retention period.

Your consent to the processing of personal data is valid indefinitely. The retention period of your personal data is not limited. Your personal data is processed for no longer than necessary according to its lawful purpose and the objectives defined by this Policy.

Your personal data shall be deleted or destroyed in the following cases:

  • Upon the expiration of the 2-year storage period or another period defined by applicable law;
  • Upon the termination of the legal relationship between the data subject and the Institution, unless otherwise provided by law;
  • In other cases defined by the applicable data protection laws.

2.8. The Institution does not process personal data regarding racial or ethnic origin, political, religious, or philosophical beliefs, membership in political parties and trade unions, criminal convictions, as well as data related to health, sexual life, biometric, or genetic data, except in cases defined by law.

 

3. RIGHTS OF PERSONAL DATA SUBJECTS.

3.1. When visiting/using the Website, you have the right to:

  • Receive from the Institution information not specified in this Policy regarding the processing and conditions for accessing your personal data or issue a relevant instruction to authorized persons to obtain this information, except in cases provided by law;
  • Know the location of the personal data containing your personal information, its purpose, the name, and location and/or residence (location) of the owner of this database, or issue a relevant instruction for obtaining this information to authorized persons, except in cases established by law;
  • Receive information about the conditions for accessing your personal data, in particular, information about third parties to whom your personal data contained in the relevant personal data database is transferred;
  • Submit a reasoned objection to the processing of your personal data by state authorities or local governments when exercising their powers as provided by law;
  • Submit a reasoned request for the modification or destruction of your personal data by any owner or administrator of this database if this data is processed illegally or is inaccurate;
  • Protect your personal data from illegal processing and accidental loss, destruction, or damage due to intentional concealment, failure to provide, or delay in providing it, as well as protect it from the provision of false information or information that discredits the honor, dignity, and business reputation of an individual;
  • Address issues of protection of your rights regarding personal data to state authorities or local governments, whose powers include the protection of personal data;
  • Apply legal remedies in case of violation of the legislation on personal data protection.

3.2. You have the right to address questions related to the collection, use, storage, and other processing of your personal data to the Commissioner of the Verkhovna Rada of Ukraine for Human Rights, who can be contacted at the email address hotline@ombudsman.gov.ua. If you have questions regarding this Policy or have received any unsolicited electronic notification sent by the Institution or allegedly sent on behalf of the Institution, please contact us directly at the email address invest@zrda.org.

 

4. PROTECTION OF PERSONAL DATA.

4.1. The protection of personal data of users of the Institution’s Website must be ensured by all employees and members of the Institution.

4.2. The Institution uses generally accepted standards of technological and operational protection of information and personal data from loss, misuse, alteration, or destruction but does not guarantee absolute protection from any threats that arise outside the Institution’s control.

4.3. The Institution ensures the application of all appropriate confidentiality obligations, as well as technical and organizational security measures to prevent unauthorized or illegal disclosure or processing of such information and data, accidental loss, destruction, or damage.

4.4. If there are complaints from users of the Institution’s Website regarding violations of the confidentiality of their data, such complaints are reviewed at a meeting of the Supervisory Board of the Institution. Further steps to resolve the situation are determined by the decision of the Supervisory Board. If the dispute cannot be resolved through negotiations, the dispute is resolved in court according to the current legislation of Ukraine.

 

5. INTERACTION OF THE INSTITUTION WITH THIRD PARTIES REGARDING PERSONAL DATA.

5.1. We do not transfer personal data to third parties except in cases where such transfer is required by the current legislation of Ukraine, at the request of the data subject, or in other cases outlined in this Policy.

5.2. Our authorized employees who have agreed to ensure the confidentiality of Users’ personal data, as well as third parties providing us with website support and administration services, or other services related to the Institution’s activities, may have access to your personal data. Our authorized employees and/or third parties, based on contracts concluded with us, are obliged to comply with all requirements of the current legislation of Ukraine regarding the protection of Users’ personal data and their confidentiality.

5.3. The Institution grants access to personal information to other legal and private individuals not related to the Institution only under the following limited circumstances:

  • With the User’s permission. The Institution requires explicit consent from the User to transfer any confidential information;
  • If there are grounds to believe that access, use, storage, or disclosure of such information is necessary to comply with any applicable laws, regulations, or valid government requests;
  • For investigating potential violations;
  • For detecting and preventing fraudulent activities;
  • For resolving security issues and addressing technical problems.

 

6.  CHANGES TO THE PRIVACY POLICY.

6.1. The Institution reserves the right to review and amend the provisions of this Policy. The current version of this Policy is available on the Website at the provided link.

6.2. Changes to the Privacy Policy. This Policy may be amended and supplemented periodically and without prior notice to Users, including, but not limited to, changes in legal requirements.

6.3. If significant changes are made to this Policy, a notice will be posted on the Website, specifying the effective date of these changes. If Users do not object to these changes in writing within the specified time frame, it will be considered that they agree with the corresponding changes to the Policy.

Scroll to Top