Home » Privacy Policy

Privacy Policy

  1. KEY CONCEPTS

Personal data – information or a range of data about an identified or identifiable natural person.

Special categories of personal data – so-called “sensitive” personal data that could harm the data subject at work, at an educational institution, in their living environment, or could lead to their discrimination in society. For example, this is personal data containing information about racial origin, political or religious views, trade union membership, health status, sexual life, biometric or genetic data. According to Ukrainian legislation, this is personal data, processing of which carries a special risk for the data subjects.

Website – corporate websites of the NESPAT group of companies consisting of NESPAT Corp (USA) and NESPAT LLC, which are responsible for your personal data.

The Websites are available on the Internet at: https://nespat.ua, https://nespat.ushttps://nespat.net.

The Website Administration – NESPAT group of companies, which consists of NESPAT Corp (USA) and NESPAT LLC.

If you have any questions about this Policy, including any requests to exercise your legal rights, please, contact us using the information below. 

Nespat Corp (USA): 1712 Pioneer Ave Suite 500, Cheyenne, Wyoming 82001, USA

NESPAT LLC: Ukraine, 04053, Kyiv, VOZNESENSKYY UZVIZ, 14, room 16/19.

As NESPAT LLC and Nespat Corp (USA) are companies located outside the European Union, to comply with Article 27 of the General Data Protection Regulation (EU) 2016/679, GDPR-Rep.eu has been defined by our representative in the European Union. If you are willing to exercise your data privacy rights, please visit: https://gdpr-rep.eu/q/18492039 or send an email to our Data Protection Officer: y.danilenko@nespat.net

An identifiable natural person (Website User) is a natural or legal person who has placed their personal information with the Feedback Form on the Website for the purpose of further transfer of data to the Website Administration.

A personal data subject is an individual to whom personal data relates and who can be identified or has already been identified by that personal data.

A personal data controller is a natural or legal person who determines the purposes and means for personal data processing and is primarily responsible for its processing. The controller of personal data is the “personal data owner” in terms of Ukrainian legislation.

2. GENERAL PROVISIONS

2.1 This Privacy Policy is an official document of the Administration of the Website and defines the procedure for processing and protecting information about individuals and legal entities under NESPAT Group’s CONFIDENTIALITY POLICY.

2.2 The purpose of this Privacy Policy is to ensure the proper protection of information about the User, including his personal data from unauthorized access and disclosure. 

2.3 Relationships associated with the collection, storage, distribution and protection of User information are regulated by this Privacy Policy and the current legislation of the European Union and Ukraine.

2.4 The current version of the Privacy Policy is a public document developed by the Website Administration and is available to any Internet User by clicking on the “Privacy Policy” hypertext link. 

2.5 The Website Administration has the right to change the current Privacy Policy. 

2.6 When changes in Privacy Policy are introduced, the Website Administration notifies the User about it by posting a new Privacy Policy version on the Website nespat.ua. 

2.7. When placing a new Privacy Policy edition on the Website, the previous edition is kept in the documentation archive of the Website Administration. 

2.8. By using the Feedback Form, the User expresses their consent to the terms of this Privacy Policy. 

2.9. The Website Administration does not check the reliability of the received (collected) information about the User.

3. CONDITIONS AND PURPOSES OF PERSONAL DATA COLLECTION AND PROCESSING

3.1 Your personal data may be used and processed within the Group of Companies. Any use of your personal data within the Group of Companies occurs under this Policy. Personal data is provided by exchanging information by e-mail and/or by using telecommunication means.

3.2 Personal data of the User such as name, surname, patronymic, e-mail, phone, skype, etc. are transferred by the User with the consent of the User.

3.3 Transfer of personal data by the User to the Site Administration through the Feedback Form means the User’s consent to his personal data transfer.

3.4 The Website Administration processes the User’s personal data with the User’s consent for the purposes of the services, offered at the Website.

3.5 Processing of personal data is carried out on the basis of the principles:

a) the legitimacy of the purposes and methods of personal data processing and good faith;

b) compliance of the personal data processing purposes with the purposes predetermined and stated when collecting personal data;

c) compliance of the amount and nature of the processed personal data with the methods of personal data processing and the purposes of personal data processing

d) inadmissibility of combining databases containing personal data created for incompatible purposes.

3.6 The Group of Companies uses an automatic collection of site visitors’ personal data without obtaining additional consent.

3.7. The Group of Companies uses the personal data of the Users for communication in order to inform the Users about the details of the services provided by the Group of Companies. If the applicable law requires obtaining the User’s consent before sending certain notifications, the Group of Companies sends these to the User only after having obtained their consent.

4. STORAGE AND USE OF PERSONAL INFORMATION

User’s personal data is stored only on electronic media and is used solely for the purpose specified in clause 3 of this Privacy Policy.

5. TRANSFER OF PERSONAL DATA

5.1 Personal data of the User is not transferred to any third parties.

5.2 Provision of personal data of the User at the request of state agencies and local authorities is carried out according to the procedure established by the legislation of Ukraine.

6. TERMS OF STORAGE AND DISPOSAL OF PERSONAL DATA

6.1 Personal data of the User is stored on the electronic media of the Website for 1 year. 

6.2 Personal data of the User is deleted at the User’s request on the basis of his application or at the initiative of the Administrator of the Website without explaining the reasons by removing the information posted by the User by the Administration of the Website.

7. MEASURES TO PROTECT USER INFORMATION

To ensure the protection of personal data We adhere to recognized international security standards, and our information security management system for sensitive data complies with ISO/IEC 27001: 2013. We have a system of policies, procedures and training in data protection, privacy and security, and we regularly review the adequacy of the measures available to ensure the consistent security of the data in our possession.

We control the way we collect your personal data and determine the purposes for which personal data is used by the Group of companies.

8. RIGHTS OF NATURAL PERSONS

Natural persons have certain rights regarding their personal data, which the data controller is responsible for enforcing. When we decide on the purposes and methods of processing personal data, we are the data controller and provide further information on the rights of natural persons and the ways in which these rights can be exercised.

Accessing personal data 

You have the right to become acquainted with the personal data that we possess as a data controller. To exercise this right, contact us by email at info@nespat.ua, office@nespat.us, office@nespat.net or contact our representative at https://gdpr-rep.eu/q/18492039.

The right to restrict or prohibit our processing of personal data 

You have the right to restrict or prohibit the processing of your personal data at any time for justified reasons relating to your particular situation unless the processing is required by law. 

In this case, we will not process or will limit personal data processing unless we can provide compelling legal grounds for the processing or the establishment, implementation or defence of legal requirements.

Other rights of data subjects 

This newsletter is intended to inform you what personal data we collect about you and how it is used. In addition to the rights to access, modify and limit or object to processing listed above, individuals may have other rights concerning the personal data we hold, such as the right to delete data and the right to data portability. 

If you are willing to exercise these rights, please send an email to info@nespat.ua, office@nespat.us, office@nespat.net or contact our representative at https://gdpr-rep.eu/q/18492039.

9. USER INQUIRIES

9.1 The User has the right to submit their requests to the Site Administration, including requests regarding the use/deletion of their personal data, stipulated by Clauses 3 and 8 of this Privacy Policy, in writing to the address provided in Clause 1. 

9.2 The request sent by the User must contain the following information 

for an individual: 

– number of the basic identity document of the User or their representative; 

– information about the date of issue of the specified document and the body that issued it; 

– date of registration through the Feedback Form; 

– free-form text of the request; 

– the signature of the User or their representative. 

for a legal entity: 

– free-form request on letterhead; 

– The date of registration through the Feedback Form; 

– the request must be signed by an authorized person with documents confirming the person’s credentials attached.

9.3 The Website Administration undertakes to consider and respond to User’s request within 30 days from the date of its submission. 

9.4 All correspondence received by the Administration from the User (requests in written/electronic form) refers to restricted information and is not subject to disclosure without the User’s written consent. 

Personal data and other information about the User, who sent a request, can not be used without the special consent of the User other than to answer the subject of the received request or in cases expressly provided by law.