Privacy Policy

The text of the Privacy Policy set out below was developed by the COMPANYМ WITH LIMITED LIABILITY "JUSTTECH", USREOU 45418680 (hereinafter - "Rightholder" and/or "Company") and addressed to an unspecified circle of persons, Users of the Web site https://justsmart.com.ua/en and/or Mobile application on the Internet and determines the procedure for receiving, collecting, accumulating, storing, processing, using, ensuring protection and disclosure of personal data (hereinafter - "Data" ) using the Website and/or Mobile Application and/or related services and tools.

If you do not agree with the terms of this Privacy Policy, or other documents posted by the Rightholder on the Website, do not use the Website and/or the Mobile Application.

1. Terms and Definitions

   The website – is a collection of information, texts, graphic design elements, images, photos and video materials and other results of intellectual activity, as well as programs contained in an information system that ensures the availability of such information by network address (domain) on the Internet. Website address on the Internet https://justsmart.com.ua/en

   Mobile application is a copy of a computer program in the form of a mobile application (application) for mobile devices iOS, Android, which is provided by the Company to the User (Personal Data Subject) for temporary use (during the term of this Agreement) according to the functional appointment by the end user as a tool for obtaining access to the Company's services;

   The platform is a technological platform in the form of an interconnected set of computer programs and electronic data in the form of numbers, letters, symbols, images and their combinations (including graphic information, video information, etc.), intended for automated monitoring, provision and/or receipt of Services, collection, processing, distribution, storage, presentation of data on Orders placed on it by Users, and on Service offers placed by the Company, to provide evaluations, etc. The Platform is the result of computer programming belonging to software products;

   User is any person who visits the Website and/or Mobile Application for any purpose. Parties – Company and/or Rightholder and User.

   Parties – Company and/or Rightholder and User.

   Legislation of Ukraine – a system of laws and other normative acts adopted by the Verkhovna Rada of Ukraine and higher executive bodies, — resolutions of the Verkhovna Rada, decrees of the President of Ukraine, resolutions and decrees of the Cabinet of Ministers of Ukraine, as well as norms of international legal acts , contracts, agreements, conventions, protocols, the binding consent of which was given by the Verkhovna Rada of Ukraine.

   Personal data is information or a set of information about a natural person who is identified or can be specifically identified, any information that directly or indirectly refers to a specific User. This can be: first name, last name, patronymic (if available), information about the type of activity, marital status, education, e-mail address, phone number, region of residence, address of the place of residence/stay, information about the User's actions on On the website and/or in the Mobile application, the IP address, device data (computer, browser type, mobile device operating system) used by the User, messages (information that contains in correspondence between Users and the Company), other information through which communication is carried out, which is optional User provided by him in the registration form and/or when filling out his own Account on the Website and/or in the Mobile application, when completing a survey (by filling out a questionnaire or in another way), writing a message or reply or information received during oral communication between the User and the Company, information provided during payment and/or use by the User of any service (service) provided to the Company, and may include the recording of one or more cookies or anonymous identifiers .

   Сookies are files created by websites visited by the User. They make your web experience easier by saving your browsing information. With the help of cookies, you will be able to keep your account on the websites, save the settings of the Website and/or Mobile Application and display the relevant content.

   Personal data database is a named collection of organized personal data in electronic form and/or in the form of personal data files.

   The owner of the personal data base is a natural or legal person who is authorized by law or with the consent of the subject of personal data to process this data, which approves the purpose of processing personal data in this database, establishes the composition of this data and procedures their processing, unless otherwise determined by law.

   Responsible person is a designated person who organizes the work related to the protection of personal data during their processing, in accordance with the law;

   The consent of the subject of personal data is a voluntary expression of the will of a natural person (provided he is informed) regarding the granting of permission for the processing of his personal data in accordance with the stated purpose of their processing, expressed in writing or in a form that enables conclusion on granting consent.

   Processing of personal data is any action or set of actions performed in whole or in part in the information (automated) system and/or personal data files, which are related to the collection, registration, accumulation, storage, adaptation , change, renewal, use and distribution (distribution, implementation, transfer), depersonalization, destruction of information for a natural person.

   Anonymization personal data - Removal of personally identifiable information.

   The administrator of the personal data base is a natural or legal person who is authorized by the owner of the personal data base or by law to process this data. A person who is instructed by the owner and/or manager of the personal data base to carry out technical work with the personal data base without access to the content of personal data is not a manager of the personal data base.

   Personal data subject is a natural person whose personal data is processed in accordance with the law.

   Third party is any person, with the exception of the subject of personal data, the owner or manager of the personal data base and the authorized state body for the protection of personal data, to whom the owner or manager of the personal data base transfers personal data, respectively to the law

2. General provisions

   1. This Policy is mandatory for application by the responsible person and employees of the Company who directly process and/or have access to personal data in connection with the performance of their official duties.
   2. Data processing means any action with Data, including, but not limited to: access, provision, distribution, collection, systematization, storage, accumulation, recording, transmission, blocking, deletion, clarification, updating and/or modification , depersonalization and other ways of using Data by the Company.
   3. The Data Controller is JUSTTECH LIMITED LIABILITY COMPANY, USREOU 45418680.
   4. User, having registered on the Website and/or in the Mobile application, enters his personal data and/or provides this Data in another way, and/or taking any action within the Website and/or using any part of the Website and/or Mobile Application, by providing consent - asseted by pressing the "continue" button ("register") and/or activating (clicking) the "place an order" button through the Website and/or Mobile Application form (check mark) and/or entering the Data on his own, expresses his agreement with the provisions of this Policy and provides "JUSTTECH" LIMITED LIABILITY COMPANY, as well as to third parties who provide the services of COMPANIES LIMITED JUSTTECH, including but not limited to processing payments, providing financial services, consent to the processing of its own personal data.
   5. Users may provide Data independently by placing such data on the Website and/or in the Mobile Application or by reporting via telephone channels and/or to the Company's email and/or postal address, by filling out questionnaires (filling in a questionnaire or in another way), or Data may be provided from other sources (in accordance with this Policy), for example, from User feedback (rating, comments, confirmation of information) or other information from third parties persons provided in the course of sending claims, complaints and/or when considering disputes, and/or information from well-known sources on the Internet.
   6. The company does not process data related to racial, ethnic origin, national affiliation, political views, religious, worldview and other beliefs, membership in political parties and professional unions, public organizations, as well as data related to health or sex life (special categories of data). Information that characterizes the physiological characteristics of Users is also not processed.
   7. The User may not use the Website and/or Mobile Application if he does not agree to the terms of this Policy.
   8. The User acknowledges that in the case of his careless attitude to the security and protection of his Data and authorization data (password, login), third parties may gain unauthorized access to the User's account and Data. The company does not carryliability for damages caused by such Access.
   9. Data processing and storage terms are determined based on the purposes of Data processing, as well as based on the conditions specified indocuments/agreements concluded with Users in accordance with the requirements of the current legislation of Ukraine.

3. List of databases of personal data.

   The right holder is the owner of the following personal data bases: the customer personal data base.

4. Purpose of personal data processing.

   1. Collecting and processing personal data in accordance with Articles 6 and 7 of the Law of Ukraine "On the Protection of Personal Data".
   2. The purpose of processing personal data is to ensure the implementation of civil-law relations, economic and tax relations, providing/receiving and making payments for purchased services and goods in accordance with the Tax Code of Ukraine, the Law of Ukraine "On Accounting and Financial Reporting in Ukraine", keeping accounting and management records and other duties assigned by law to the owner of personal data, to protect the legitimate interests of the owner of personal data or a third party to whom personal data is transferred.
   3. The purpose of processing personal data is to identify the User as a client of the Website and/or Mobile Application, for communication with the User, including for the provision of services, supply/sale of goods, payment processing, shipping, settlement operations, reporting , in order to improve the quality of service provision, analyze the activity of Users, manage traffic on the Website and/or in the Mobile application, analyze and forecast preferences, interests Users; to ensure compliance by Users with the terms of the User Agreement, the Rules for posting information on the Website and/or in the Mobile application, the Rules for publishing reviews.
   4. The purpose of personal data processing is the creation and implementation of bonus programs, loyalty programs, sending messages in the form of e-mails, SMS messages, notifications in the Mobile application, notifications in the web browser, including for the purpose of sending commercial offers, for the purpose of improving the quality of service provision, forming ratings, analyzing activity, conducting searches by keywords, sending informational and marketing mailings (news, promotions advertising campaigns, information about promotions, promotional codes and discounts, personal recommendations, personal discounts and offers), which contain information about services and/or goods, advertising and commercial offers regarding such services and/or goods, etc.
   5. Company may exchange Data with affiliates (companies operating under common ownership) who may process and use Data for the purpose specified in this section.

5. Personal data processing procedure. Obtaining consent, notice of rights.

   1. Processing of personal data, which is carried out to fulfill the purpose of processing provided for in section 4 of this Regulation, is carried out on the basis of Article 11 of the Law of Ukraine "On the Protection of Personal Data".
   2. Processing of personal data is carried out on the basis of the consent of the subject of personal data or for the fulfillment of offers accepted by the subject of personal data.
   3. The consent of the subject of personal data must be a voluntary expression of will of a natural person to give permission for to process his personal data in accordance with the formulated purpose of their processing. The consent of the subject of personal data can be given in the following forms:
      • a document on a paper medium with the details that make it possible to identify this document and the natural person;
      • electronic document, which must contain mandatory details that allow identification of this document and a natural person. Voluntary expression of the will of a natural person regarding the granting of permission for the processing of his personal data is certified by the electronic signature of the subject of personal data, if possible.
      • mark on the electronic page of the document or in the electronic file processed in other information system on the basis of documented software and technical solutions, including through the form of the Website and/or Mobile application (tick), or through activation (clicking on the "Accept" button).
   4. Notification of the subject of personal data about the inclusion of his personal data in the personal data base, about the rights defined by the Law of Ukraine "On the Protection of Personal Data", about the purpose of data collection and the persons to whom his personal data is transferred is carried out during the registration of civil legal relations in accordance with current legislation.

6. Data that may also be collected.

   1. Company may also collect the following Data:
      • information about the User's account, login and password, phone number, e-mail address, other Data necessary to provide services to Users of the Website and/or Mobile Application, communication with Users including, in the process of the User contacting the support service of the Website and/or Mobile application;
      • information that Users provide to the Company when concluding contracts for the provision of services/purchase and sale of goods and/or services by accepting a public offer posted on the Website and/or in the Mobile Application;
      • information that is necessary for communication between Users and the Company on the Website and/or in the Mobile application, including for the execution and confirmation of agreements, receiving and sending messages, posting reviews, comments, making payments, to fulfill requests from Users and receiving feedback from Users if necessary, information posted by Users based on the results of their service, feedback, comments, contacting the customer support service, complaints, claims, other appeals;
      • data about devices used by Users, information about Users' Websites and/or their mobile data (in case the User uses Mobile Applications) such as: IP address; date and time when the User benefitsused by the Website and/or Mobile Application, information about the software, as well as the Internet browser used by the User, information about the operating system of the mobile device, information about the operation of the User's devices, individual identifiers of the devices used by the Users;
      • information about the User's actions on the Website and/or Mobile Application (consumer behavior regarding purchased services, goods on the Website and/or Mobile Application);
      • information posted or provided by the User during their participation in bonus programs, promotions, special offers organized by the Company;
      • information received from Users by filling out questionnaires or otherwise communicated to the Company;
      • information received by the Company in a lawful manner from partners and/or third parties;
      • Cookies files.

7. Protection of personal data: methods of protection, responsible person, employees of the Owner of the personal data base, period of storage of personal data.

   1. The database of personal data is equipped with system and software and communication tools that prevent loss, theft, unauthorized destruction, distortion, forgery, copying of information and meet the requirements of national and international standards.
   2. The responsible person organizes the work related to the protection of personal data during their processing in accordance with the law. The responsible person is determined by the order of the Owner of the personal database. The duties of the responsible person regarding the organization of work related to the protection of personal data during their processing are specified in this policy and in the order.
   3. The responsible person is obliged to:
      • know the legislation of Ukraine in the field of personal data protection;
      • to develop procedures for access to personal data of employees in accordance with their professional or official or employment duties;
      • to enforce employees of the Owner of the personal data base of the requirements of the legislation of Ukraine in the field of personal data protection and internal documents regulating the activities of the Owner of the personal data base regarding the processing and protection of personal data in the personal data bases;
      • to observe and monitor compliance by other employees of the Personal Data Base Owner with the requirements of Ukrainian legislation in the field of personal data protection and internal documents regulating the activities of the Personal Data Base Owner regarding the processing and protection of personal data in personal data bases;
      • to inform the Owner of the personal data base about the facts of violations of the requirements of the legislation of Ukraine in the field of personal data protection and internal documents regulating the activity of the Owner of the personal data base regarding the processing and protection of personal data in the personal data bases immediately but no later than one working day from the moment detection of such violations;
      • ensure the storage of documents confirming that the subject of personal data has consented to the processing of his personal data (regardless of the form of such consent) and notification of the said subject about his rights.
   4. In order to fulfill its duties, the responsible person has the right:
      • to receive the necessary documents, including orders and other administrative documents issued by the Owner of the personal data base, related to the processing of personal data;
      • to make copies of received documents, including copies of files, any records stored in local computer networks and autonomous computer systems;
      • to participate in the discussion of its responsibilities for the organization of work related to the protection of personal data during its processing;
      • to consider proposals for improving operations and improving work methods, to submit comments and options for eliminating identified deficiencies in the process of personal data processing;
      • sign and endorse documents within their competence.
   5. Employees who directly process and/or have access to personal data in connection with the performance of their official (labor) duties are obliged to comply with the requirements of the legislation of Ukraine in the field of personal data protection and internal documents of the Owner of the personal data base , regarding the processing and protection of personal data, and in case they violate the requirements of the Law of Ukraine "On the Protection of Personal Data", they are responsible according to the legislation of Ukraine.
   6. Personal data should not be stored longer than is necessary for the purpose for which such data is stored.
   7. To determine the appropriate storage period, the Company determines the nature and category of personal data, the purposes for which it processes them, and whether it can achieve these purposes by other means. As a rule, the term of personal data processing is no more than 2555 days from the date of submission of tax reports for the period during which the relevant transaction took place. The specified processing time corresponds to the provisions of the Tax Code of Ukraine on the conditions for storing documents related to the calculation and payment of taxes and fees.
   8. Personal data must be deleted or destroyed from personal data bases in cases established by the legislation of Ukraine and/or international legislation.
   9. Personal data is stored no longer than is necessary in accordance with its processing.
   10. Company makes changes at your request to personal data if these data are unreliable, inaccurate or out of date.

8. Rights of the subject of personal data.

   1. The subject of personal data has the right:
      • to know about the location of the personal database that contains his personal data, its purpose and name, location and/or place of residence of the owner or administrator of this database or to give an appropriate mandate to receive this information to persons authorized by him, except for cases established by law;
      • to receive information about the conditions for providing access to personal data, in particular information about third parties to whom his personal data contained in the relevant personal data base are transferred;
      • to access their personal data contained in the relevant personal data base;
      • to receive no later than 30 (thirty) calendar days from the date of receipt of the request, except in cases provided by law, an answer on whether his personal data is stored in the relevantpersonal data database, as well as to receive the content of his personal data , which are stored;
      • to make a reasoned demand for the change or destruction of its personal data by any owner and administrator of this database, if these data are processed illegally or are unreliable;
      • to present a reasoned demand with an objection to the processing of their personal data by state authorities, local self-government bodies in the exercise of their powers provided for by law;
      • to protect your personal data from unlawful processing and accidental loss, destruction or damage;
      • may apply for the protection of its rights regarding personal data to state authorities, local self-government bodies, whose powers include the protection of personal data. Apply all possible means of legal protection in case of violation of the legislation on the protection of personal data.

9. Procedure for processing requests of the subject of personal data.

   1. The subject of personal data has the right to receive any information about himself from any subject of relations related to personal data, without specifying the purpose of the request, except for cases established by law.
   2. The access of the subject of personal data to the data about himself is free of charge.
   3. The subject of personal data to obtain any personal data about himself submits a request for access (hereinafter - the request) to the owner of the personal data base.
   4. The request states:
      • surname, first name and patronymic, place of residence/residence and details of the document certifying the identity of the subject of personal data;
      • other information that makes it possible to identify the identity of the subject of personal data;
      • list of personal data requested
      • information about the database of personal data requested, or information about the owner or administrator of this database.
   5. The term of examining the request for its satisfaction cannot exceed 10 (ten) working days from the day of its receipt. Currently, the owner of the personal data base notifies the subject of personal data whether the request will be granted or whether the relevant personal data are not subject to provision, indicating the basis provided for in the relevant regulatory legal act.
   6. The request is satisfied within 30 (thirty) calendar days from the date of its receipt, unless another term is provided by law.

10. Disclosure of Personal Data to Third Parties.

    1. The procedure for access to personal data of third parties is determined by the terms of this policy and the terms of the consent of the subject of personal data, given by the owner of the personal data base to the processing of this data, in order to fulfill the obligations to the subject of personal data or in accordance with the requirements the law
    2. Access to personal data is not granted to a third party, if the specified person refuses to take on obligations forto ensure compliance with the requirements of the Law of Ukraine "On the Protection of Personal Data" or is unable to ensure them.
    3. A subject of relations related to personal data who wishes to receive any personal data submits a request for access (hereinafter - a request) to personal data to the owner of the personal data base.
    4. The request states:
       • surname, name and patronymic, place of residence (place of stay) and details of the document certifying the individual submitting the request (for an individual applicant);
       • name, USREOU code, location of the legal entity submitting the request, position, surname, name and patronymic of the person signing the request (for a legal entity, the applicant);
       • confirmation that the content of the request corresponds to the authority of the legal entity (for the legal entity — the applicant);
       • surname, first name and patronymic, as well as other information that makes it possible to identify the natural person about whom the request is made;
       • list of requested personal data;
       • information about the database of personal data, in relation to which the request is submitted, or information about the owner or manager of this database;
       • is the purpose of the request.
    5. The term of examining the request for its satisfaction cannot exceed 10 (ten) working days from the day of its receipt. During this period, the owner of the personal data base informs the person who submits the request whether the request will be satisfied or whether the relevant personal data are not subject to provision, indicating the basis provided for in the relevant regulatory legal act.
    6. The request is satisfied within 30 (thirty) calendar days from the date of its receipt, unless otherwise provided by law.
    7. Delay access to personal data of third parties is allowed if the necessary data cannot be provided within 30 (thirty) calendar days from the date of receipt of the request. At the same time, the total term for solving the issues raised in the request cannot exceed 45 (forty-five) calendar days.
    8. Notice of postponement shall be given to the requesting third party in writing, with an explanation of the procedure for appealing such a decision.
    9. The notice of postponement shall state:
       • the name, first name and patronymic of the official;
       • the date the message was sent;
       • reason for delay;
       • the period during which the request will be satisfied.
    10. Denial of access to personal data is permitted if access to it is prohibited by law.
    11. The refusal notice should state:
        • the surname, first name, patronymic of the official denying access;
        • reason for rejection.
    12. The decision to delay or deny access to personal data can be appealed to the authorized state body for personal data protection, other state authorities and local self-government bodies, whose powers include the implementation of personal data protection, or to a court.
    13. Company reserves the right, in accordance with the requirements of the current legislation of Ukraine, to exchange Data with state authorities for the purpose of: fraud prevention; settlement of disputed situations and clarification of circumstances that are/may be the cause of violation of the current legislation, as well as in case of detection by the Company of illegal actions of Users of the Website and/or Mobile Application and/or receipt of claims, complaints, appeals of third parties.

11. Change/deletion of data or withdrawal of consent

    1. Users can at any time change/delete personal information or refuse to receive messages, or withdraw consent to the processing of personal data through their Account or by sending a request to an e-mail address support@justsmart.com.ua.
    2. After receiving such a notification, the processing of the User's personal data will be stopped, and his personal data will be deleted, except when such processing may be necessary in accordance with the current legislation of Ukraine.
    3. The functioning of some features of the Website and/or Mobile Application, which require information about the User, may be discontinued from the moment the Data is changed/deleted.

12. Other Terms

    1. Company reserves the right to change the terms of this Policy at any time. In this case, the updated version will be posted on the corresponding page of the Website. In case the User does not agree with the changes, he undertakes to stop immediately and any use of the Website and/or Mobile Application.
    2. Company is not responsible for damage or loss suffered by the User or third parties as a result of misunderstanding or misunderstanding of the terms of this Policy.
    3. In the event that the provisions of this Policy, clauses or their parts, are recognized as contrary to the current legislation of Ukraine, or as invalid, this fact will in no way affect the other provisions of this Policy, they remain fully valid and continue to be in full force and effect, and any invalid or unenforceable provision shall be modified by the Rightholder to the extent necessary for ensuring its validity and feasibility.

Editorial by "01 "December 2024.