• Main
  • Privacy policy
← Main

Privacy Policy

This Privacy Policy (hereinafter referred to as the Policy) describes the rules of the Organization and procedures for collecting, using, and disclosing User information when using the Virtual Pop-Up Zone Service of Diia.Business (hereinafter referred to as the Service) and informs the user about their privacy rights and how the law protects them.

In accordance with paragraphs 1 and 2 of part two of Article 8, Article 11, part two of Article 12 of the Law of Ukraine “On the Protection of Personal Data” and in accordance with the European Union Regulation establishing rules for the protection of personal data of all persons within the EU and the EEA, giving them greater control over their information (GDPR).

The public organization “Consulting Center for Entrepreneurial Development” (hereinafter referred to as the Organization) in this notice on the processing of personal data informs about who collects and processes personal data, as well as the composition and purpose of the collection of personal data processed through the Service, third parties to whom such personal data is transferred, and the rights of the subject of personal data.

The Organization uses user account data to provide and improve the Service. By using the Service, you consent to the collection and use of information in accordance with this Privacy Policy.

Definitions for the purposes of this Privacy Policy:

User — a person who accesses or uses the Service, or a company or other legal entity on behalf of which such person accesses or uses the Service, where applicable.

Organization — Public Organization “Consulting Center for Entrepreneurial Development.”

Service Provider — a natural or legal person who processes data on behalf of the Organization. This applies to individuals or partners engaged by the Organization to assist in providing the Service, to provide the Service, to perform services related to the Service, or to assist the Organization in analyzing the use of the Service.

Third-party social networking service — any external website or social networking platform through which the User can create an account or log in to the Service.

Service — a set of functionalities of the Website of Diia.Business Virtual Pop-Up Zone that enable the creation, editing, and display of business profiles.

Website — the Internet resource of the Virtual Pop-Up Zone Diia.Business, available at https://pop-up.diia-business.com.

Account — a unique (individual) User record created to access the Service or part thereof.

Device — any technical means that can access the Service (computer, mobile phone, or digital tablet).

Cookies — small files that are placed on the User's Device by the Website and store information about the user's activity on the site.

Personal data — any information relating to an identified or identifiable natural person (data subject) and provided for in this Policy.

Business data — information about a legal entity or individual entrepreneur (IE) that may be provided to create a business profile and use the Service.

Usage data — technical information that is automatically collected when accessing or interacting with the Service.

Data from third-party services — information that the Organization receives from third-party authentication services or social networks if the user has decided to register or log in to the Service using them.

User account data — a set of all categories of data (personal data, business data, usage data, data from third-party services) that the Organization may collect, process, and store in accordance with this Policy.

Consent — a voluntary, specific, informed, and unambiguous expression of the User's will to process their account data.

Account data processing — any operation or set of operations performed on account data (collection, storage, use, distribution, deletion, etc.).

Collection and use of user account data

Types of data collected

Personal data

When using the Service, the Organization may ask the user to provide certain personal information that may be used to contact or identify the user.

Personal information may include, but is not limited to:

Email address

First and last name

Phone number

Links to social networks and other communication channels

Usage data

Information about the business

The Organization may collect and process information about the user's business that is necessary to create a business profile and display it on the Service.

Business data may include, but is not limited to:

legal form, name of the legal entity or full name of the individual entrepreneur, EDRPOU/RNOKPP code (tax code)

registration information (year of establishment, main and additional KVEDs (Classification of Economic Activities) industry and sectors of activity, type of activity, size of the enterprise, annual turnover)

business contact details (address, telephone number, email address, website, links to social networks)

marketing materials (logo, business descriptions, products and services, images, videos, links to sales platforms)

supporting documents (certificates, other materials uploaded by the user)

information on the export of goods or services.

Usage Data

Usage Data is collected automatically when you register for and use the Service.

Usage data may include information such as the user's device IP address (e.g., IP address), browser type, browser version, pages of the Organization's Service that the user visits, date and time of visit, time spent on those pages, unique device identifiers, and other diagnostic data.

When the user uses the Service using or through a mobile device, the Organization may automatically collect certain information, including, but not limited to, the type of mobile device the user uses, the unique mobile device identifier, the mobile device IP address, the mobile operating system, the type of mobile Internet browser the user uses, unique device identifiers, and other diagnostic data.

The Organization may also collect information that the user's browser sends whenever the user visits the Service or when accessing the Service using or through a mobile device.

Information from third-party social networking services

The Organization allows users to create an account and log in to use the Service through the following third-party social networking services:

• Google

• Facebook

• ID.GOV.UA

If the user decides to register through a third-party social networking service or provide access to it, the Organization may collect Personal Data already associated with the user's third-party social networking service account, such as: name, email address, actions associated with that account.

The user may also be able to provide the Organization with additional information through their third-party social networking service account. If the user decides to provide such information and Personal Data during registration or otherwise, the user grants the Organization permission to use, distribute, and store it in accordance with this Policy.

Monitoring technologies and cookies

The Organization uses cookies and similar monitoring technologies to further monitor activity on the Organization's Service and to store certain information. The monitoring technologies used are beacons, tags, and scripts to collect and monitor information, as well as to improve and analyze the Service.

The technologies used by the Organization may include:

• Cookies or browser cookies. A cookie is a small file placed on the User's Device. The User can configure their browser to refuse all Cookies or to notify them when a Cookie is sent. However, if the User does not accept Cookies, the User may not be able to use certain parts of the Service. If the User has not changed their browser settings to reject Cookies, the Organization's Service may use Cookies.

• Web beacons. Certain sections of the Service and emails from the Organization may contain small electronic files known as web beacons (also referred to as clear GIFs, pixel tags, or single-pixel GIFs) that allow the Organization to, for example, count the number of users who have visited pages or opened an email, and to obtain other related Website statistics (such as recording the popularity of a particular section and checking the integrity of the system and server).

The Service uses cookies and similar technologies to ensure proper operation, personalize content, analyze traffic, and for marketing purposes.

Consent

  1. When visiting the Service for the first time, the user sees a banner (pop-up window) with a description of cookie categories and the option to give or refuse consent.

  2. The user can:

  • Accept all cookies;

  • Reject all non-essential cookies (only those necessary for the website to function will remain);

  • Configure usage by category (e.g., “analytical,” “functional,” “marketing”).

  1. Consent is stored only for as long as necessary to achieve the purposes for which it was collected and can be changed at any time via the “Cookie Settings” link in the footer of the website.

  2. Opting out of non-essential cookies does not affect access to the main functionality of the Service.

Cookies can be “Persistent” or “Session” cookies. Persistent cookies remain on the User's personal computer or mobile device when the user goes offline, while Session cookies are deleted as soon as the user closes the web browser.

The Organization uses both Session and Persistent Cookies for the purposes described below:

Necessary/Essential Cookies

Type: Session cookies

Controlled by: The Organization

Purpose: These cookies are necessary to provide the User with the services available through the Website and to enable the User to use some of its features. They help authenticate users and prevent fraudulent use of accounts. Without these cookies, the services cannot be provided, and the Organization uses these cookies solely to provide Users with the capabilities of the Service.

Policy Cookies/Cookie Notice Acceptance

Type: Persistent cookies

Controlled by: The Organization

Purpose: These cookies determine whether users have agreed to the use of cookies on the Website.

Functional cookies

Type: Persistent cookies

Controlled by: The Organization

Purpose: These cookies allow the Organization to remember the choices the User makes while using the Website, such as saving login details or language settings. The purpose of these cookies is to provide the User with a more personalized experience and to avoid the need to re-enter their settings each time they use the Website.

Withdrawal of consent

The User may change or withdraw their consent to the use of cookies at any time in the “Cookie Settings”.

Use of User Account Data

The Organization may use Account Data for the following purposes:

  • Provision and support of the Service: ensuring the functioning of the Service, including monitoring its use.

  • Account management: registration, administration, and provision of access to the functional capabilities of the Service available to registered users.

  • Communication with the user: communicating with the user by email, phone, massages, or other equivalent means of electronic communication (including push notifications) regarding updates or informational messages related to functionality, services, or ordered services, including security updates, when necessary or appropriate for their implementation.

  • Information and marketing communications: providing news, special offers, and general information about the products, services, and events offered by the Service.

  • Processing User requests: reviewing and processing User requests to the Organization.

  • Analytics and improvement: analyzing data, identifying trends, determining the effectiveness of the Service, and evaluating and improving products, services, marketing tools, and user experience.

Providing certain account details is necessary to use the Service. If the User refuses to consent to the processing of data necessary to perform the functionality (e.g., creating an account, authentication, access to educational materials or consultations), the Organization will not be able to provide the User with full access to the Service.

At the same time, the User always has the right to refuse to provide non-mandatory data (for example, for marketing mailings), and such refusal does not affect basic access to the Service.

The Organization may disclose user account information in the following cases:

With service providers: The Organization may transfer User account information to service providers for monitoring and analyzing the use of the Service, as well as for communicating with Users.

With affiliates: We may provide information about Users to our affiliates, in which case the Organization will require these affiliates to comply with this Policy. Affiliates include the Organization and joint venture partners.

With partners: The Organization may provide information about Users to its partners in order to offer Users certain activities or services.

With other users: When any User shares account information or interacts in public areas with other users, such information may be accessible to all users and may be publicly distributed outside the Service. If a User interacts with other users or registers through a third-party social networking service, the User's contacts on that third-party service may see the User's name, profile, photos, and activity description. Similarly, other users can view any User's activity descriptions, communicate with and view the User's profile.

With the User's consent: The Organization may disclose the User's account information for any other purpose with the User's consent.

Storage of User Account Data

The Organization will only store User Account Data for as long as necessary for the purposes set out in this Policy. The Organization will retain and use User Account Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable Ukrainian law), resolve disputes, and enforce our legal agreements and policies, but within the limits of this Policy.

The Organization will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a short period of time, except when this data is used to strengthen the security or to improve the functionality of the Service, or when the Organization is legally obligated to retain this data for longer periods.

Transfer of User Account Data

User information, including Account Data, is processed at the Organization's office and in any other locations where parties involved in the processing are located. This means that this information may be transferred to — and stored on — computers located outside the Organization's office.

The User's consent to this Policy, confirmed by the User's provision of such information, constitutes the User's consent to such transfer.

The Organization will take all reasonably necessary measures to ensure the secure handling of User data in accordance with this Privacy Policy, and User Account data will not be transferred to organizations or partners unless appropriate controls are in place, including ensuring the security of User data and other personal information.

International data transfer is possible only if one of the Organization's partners is an international entity.

Removal of User Account Data

The User has the right to delete or request the Organization to assist in deleting the Account Data that the Organization has collected about the User.

The Service provides the User with the ability to delete certain information about the User directly within the Service.

The User may update, correct, or delete data at any time by logging into their Account, if they have one, and going to the account settings section, which allows them to manage their Account Data. The User may also contact the Organization to request access to any account information provided by the User to the Organization, its correction or deletion.

The Organization may need to retain certain information if the Organization has a legal obligation or legal basis to do so.

Disclosure of User Account Data

Law Enforcement

In certain circumstances, the Organization may be required to disclose User Account Data if required by law or in response to valid requests from authorities (e.g., a court or government agency).

Other legal requirements

  • The Organization may disclose User Account Data if it believes that such actions are necessary to:

  • Comply with a legal obligation;

  • Protect and defend the rights or property of the Organization;

  • Prevent or investigate possible illegal activities related to the Service;

  • Protecting the personal safety of Service Users or the public;

  • Protecting against legal liability.

Account Data Security

Account Data security is important to the Organization, but it should be noted that no method of transmission over the Internet or method of electronic storage is 100% secure.

The Organization strives to use commercially acceptable means to protect Account Data, but the Organization cannot guarantee its absolute security.

Children's Privacy

The Service is not intended for individuals under the age of 18. The Organization does not collect personally identifiable information from individuals under the age of 18. If you are a parent or guardian and have been informed that your child has provided the Organization with personal data, please contact the Organization. If the Organization learns that personal data has been obtained from a person under the age of 18 without parental consent, the Organization will take steps to delete this information from the Organization's servers.

Links to other websites

The Service may contain links to other websites that are not controlled by the Organization.

If the User clicks on a third-party link, the User will be directed to that third party's website.

The Organization strongly advises the User to review the privacy policy of each website that the User visits.

The Organization has no control over and is not responsible for the content, privacy policies, or practices of any third-party websites or services.

Changes to this Privacy Policy

The Organization may update its Privacy Policy from time to time. The Organization will notify Users of any changes by posting the new Privacy Policy on this page.

The Organization will notify the User by email and/or by a prominent notice on the Service prior to the changes taking effect, and will update the “Last Updated” date at the top of this Policy.

Changes to this Policy are effective when they are posted on this page.

Contact the Organization

The Organization is not currently required to appoint an official Data Protection Officer under the GDPR, but has designated a person responsible for data protection.

If the User has any questions about this Privacy Policy or other issues related to the processing of Account Data, the User may contact the Organization:

The following is responsible for data processing:

Public organization “CONSULTING CENTER FOR ENTREPRENEURIAL DEVELOPMENT”

88000, Ukraine, Uzhhorod district, Zakarpattia region, city Uzhhorod, Kapushanska Street, building 25, apartment 37

Email address: [email protected]