PRIVACY AND PERSONAL DATA PROTECTION POLICY

Effective as of November 2025

This Privacy and Personal Data Protection Policy (hereinafter — the "Policy") describes how the website https://www.100rokiv.com.ua (hereinafter — the "Website") collects, uses, stores, and discloses information about its users (hereinafter — the "Users").

This Policy has been developed in accordance with the laws of Ukraine, including the Laws of Ukraine "On Personal Data Protection," "On the Protection of Consumer Rights," "On Information," and with consideration of European data protection standards, as the Website may be accessed by users both within Ukraine and abroad.

1. Application of the Policy

This Policy applies to all Users who visit the Website, place orders, submit forms, provide information, or otherwise interact with the Website.

By using the Website, the User confirms their full agreement with the terms of this Policy.

If the User does not agree with the terms of the Policy, they should refrain from using the Website.

2. Information Collected About Users

The Website may collect and process the following categories of data:

2.1. Personal Data Provided Directly by the User:

• Full name (if provided)
• Email address
• Mobile phone number
• Delivery or billing address
• Order information
• Other data that the User voluntarily provides when using the Website

2.2. Technical and Automatically Collected Data:

• IP address (may be collected and stored anonymously)
• Browser type and version
• Device type
• Time and duration of visits
• Cookies and similar technologies
• Website usage statistics

2.3. Data Provided When Making Orders and Payments:

• Order details
• Payment confirmation data (the Website does not store payment card numbers)

The Website does not collect sensitive personal data such as data on racial or ethnic origin, political views, religious beliefs, health, biometric or genetic data.

3. Purpose of Data Processing

User data is processed for the following purposes:

• To create and manage orders on the Website
• To provide goods and services
• To contact the User regarding orders, delivery, service updates, or support
• To send informational, service-related, and promotional messages (SMS, email, etc.)
• To comply with applicable laws, accounting requirements, and tax obligations
• To analyze Website usage and improve services
• To ensure the security and functioning of the Website

4. Legal Basis for Processing

User data is processed based on:

• User consent
• Performance of a contract (placing an order)
• Compliance with legal obligations
• Legitimate interest of the Website (e.g., improving services, ensuring security)

5. Use of Cookies

The Website uses cookies to:

• Ensure proper Website operation
• Analyze Website traffic
• Personalize the User experience

Users can change their browser settings to refuse cookies or delete existing ones. Some Website functions may not work correctly without cookies.

6. Disclosure and Transfer of User Data

User data may be shared with third parties in the following cases:

• With the User’s explicit consent
• To service providers, such as delivery services, IT infrastructure providers, or analytics tools (e.g., Google Analytics)
• To government authorities, upon official legal request related to criminal investigations or suspected illegal activity
• In the form of anonymized statistical data, which does not identify the User personally

The Website does not sell or rent User personal data to third parties.

7. Data Retention Period

User data is stored for up to three (3) years or as long as required by applicable law. Certain data (e.g., accounting records) may be stored longer according to legal requirements.

After the retention period expires, the data will be deleted or anonymized.

8. Data Security

The Website undertakes to apply necessary technical and organizational measures to:

• Prevent unauthorized access
• Protect data from alteration, loss, or destruction
• Ensure confidentiality and integrity of User data

Despite all efforts, no system can guarantee absolute data security.

9. Protection of Minors

The Website is not intended for children under 14 years old. If a child provides personal data without parental consent, the parent or guardian may contact the Website to request deletion of such data.

10. User Rights

Users have the following rights under the Law of Ukraine "On Personal Data Protection":

• To know the sources, purpose, and method of data processing
• To receive information on third parties who receive their data
• To access their personal data
• To request correction or deletion of incorrect or unlawfully processed data
• To withdraw consent for data processing
• To object to data processing
• To request cessation of data processing
• To protect their data by law and file complaints with authorities

Users may exercise their rights by contacting us via the contact information provided on the Website.

11. Amendments to the Policy

The Website may update this Policy from time to time. All changes will be published on this page with an updated “Effective Date.”

If the User continues to use the Website after such changes, it will be considered as acceptance of the updated Policy.

If you need, I can further adjust the text, simplify it, translate it to Ukrainian, or format it for your website.