We are responsible for the security of personal data of our customers and website visitors, therefore we have developed this privacy policy (hereinafter referred to as the “Policy”), the purpose of which is to inform you about the procedure for collecting, storage, personal data processing and information which is provided by you using this website.
We control the methods of collecting your personal data and determine the purposes for which personal data is used. We are the “Data Controller” for the purposes of the EU General Data Protection Regulation 2016/679 (hereinafter referred to as the “GDPR”) and other applicable data protection legislation, and the “Personal data Owner” within the meaning of the Law of Ukraine “On Personal Data Protection” dated 01.06.2010 No. 2297-VI.
We process your personal data only if one of the conditions specified in Article 6 of the GDPR is fulfilled, including but not limited to:
- You have given consent to the processing of personal data;
- Processing is necessary for the purpose of concluding with you and/or performing the Contract on the provision of a set of works/services;
- Such processing is required by the legislation of the countries with whose residents we cooperate.
We may periodically update this Policy, including if required by law. Therefore, we ask you to visit the website https://www.galafrut.com.ua/ to make sure that you have up-to-date information.
Basic concepts (terms)
Personal data is any information of a personal nature relating to an individual (data subject) who is identified or can be identified.
Identifiable individual is a natural person who can be identified directly or indirectly, in particular by reference to a specific identifier (name, surname, telephone number, other identifier) or by analyzing several elements of the physical, genetic, psychological, economic, cultural or other identity of this natural person.
Personal data subject is an individual to whom the personal data relates and who can be identified or has already been identified by this personal data.
Personal data controller is an individual or legal entity that determines the purposes and means of processing personal data and has the primary responsibility for their processing. The personal data controller is the “personal data owner” in the terminology of Ukrainian legislation.
Personal data processor is a natural or legal person who, on the basis of instructions (guidelines, orders) of the controller, processes personal data for the controller. A personal data processor is the “personal data manager” in the terminology of Ukrainian legislation.
Personal data processing is any operation or set of operations that are carried out with personal data or sets of personal data, with or without the use of automated procedures, such as collection, recording, systematization, structuring, storage, alteration, arrangement, consultation, use, dissemination or other type of access to third parties, including employees of the controller or processor of personal data, as well as deletion.
Legislation governing the processing of personal data
The personal data processing is carried out in accordance with the requirements of the Law of Ukraine “On Personal Data Protection”. The personal data processing of customers who are located in the EU or are EU citizens is regulated, in particular, by the EU General Data Protection Regulation 2016/679 (hereinafter referred to as “GDPR”). In addition, the legislation of the countries may establish additional requirements if we have business partnership relations with their residents.
Scope of this Policy
This Policy applies to “personal data and information” collected by us through this website. “Personal data and information” includes, but is not limited to, information that personally identifies you, either separately or in combination with other information available to us. Examples of personal data include, but are not limited to, your name, location, telephone number, email address, IP address and other information that you may provide when using our website.
By using this website and providing your explicit consent to the processing of your personal data, you accept the practices described in this Policy. If you do not agree to this Policy, please do not use/visit this website.
Personal data and information collected through our website
Personally identifiable information (personal data) means information that allows us to specifically know who you are. Personal information is obtained when ordering goods or services, registering a request for a consultation, etc. In particular, but not exclusively, this information may include your name, address (both legal and actual), email address, telephone number, name of the product/service being ordered, quantity and cost. This information may be stored in our databases in connection with past or current cooperation with you or due to the fact that, in our opinion, you may be interested in receiving materials from us about our activities and services. This allows us to manage more effectively our relationships, improve our site, the goods and services offered to you, as well as target the materials that we may send you based on your interests.
Non-personally identifiable information means information of exclusively statistic character which doesn’t identify particular natural persons or legal entities and which depends on your visiting of the website. For example, this information may include the IP address from which you access the Internet, the date and time you access the site and the address of the website from which you linked to the website. This information is used in summary form using the resource https://analytics.google.com/ to improve the usefulness and attractiveness of the website for users.
Use of Special Features and Password-Protected Sections
This website may contain special features and password-protected sections. When you register to use special features or password-protected sections, you may be required to agree to special terms and conditions governing your use of the special features or password-protected sections. In these cases, you will be asked to consent to the special terms and conditions, for example, making the field or clicking the button, which confirms accepting of the user agreement – “I agree”.
Purposes of personal data processing
We provide services in the territory of Ukraine, the European Union and other countries. We need your personal data so that we and our Partners can provide you with correct information on the term of cooperation and ensure high-quality communication in the process of fulfilling obligations and/or preparing for the conclusion of contracts, it’s necessary to comply with official legislative acts or legitimate interest, according to Art. 6 of the GDPR.
We kindly ask you to inform us those personal data that are necessary to provide the service you have chosen, receive information, or respond to your special request/complaint. At the same time, if you decide to inform us about additional personal data, we can also process them as necessary level of protection.
Processing (storage) time of personal data
We will not store your data longer than is necessary to fulfill the purpose for which they are processed or to comply with legal requirements.
To determine the right storage period, we define the character and category of personal data, purposes for which we process them, and whether we can achieve these purposes by other means.
In general, the maximum processing time of personal data in our Company is 1 (one) year. This doesn’t apply to information required to submit tax reports for the period in which the relevant transaction took place. This processing time complies with the Tax Code of Ukraine on the storage periods for documents related to the accrual and payment of taxes and fees.
Cookies and similar technologies
We use cookies and other web technologies to collect information and support certain functions of our websites. For example, we use these technologies to:
- collect information about how visitors use our sites, the pages they visit, the links they use and how long they stay on each page;
- determine the effectiveness of our advertising campaigns and manage them;
- support the functions of our websites, such as eliminating the need to re-enter login information that is already in our database or to re-set the settings that have already been set during previous visits to our websites; and to personalize your work with our websites.
Usually, the information collected through these web technologies does not allow you to be personally identified without excessive effort. However, if you left information by filling out a callback or email form or in other way, then we are required to inform you about the methods of processing and storing this information upon your request.
If you don’t want to receive cookies, you can set your browser to reject these files. In addition, you can also delete our cookies after leaving the site. Although you are not required to download our cookies when visiting our site, if you set your browser to reject cookies, you will not be able to use all the functions of our website.
We can also send you messages via Viber, Telegram, Instagram, Facebook Messenger and other messages via various OTT applications, SMS messages, messages of another type/means of transmission, depending on the communication channel you have chosen.
Sharing Your Personal Information
Service Providers. We share personal information with companies and organizations that provide services on our behalf, such as companies that provide us with support services (including transactional and logistics services, data center services, and web hosting services) or Partners that help us provide our services. These third parties (Processors in GDPR terminology) are required by confidentiality agreements to use the personal information we share with them only to provide the services, using commercially reasonable measures to protect the privacy and security of your personal information.
Legal Compliance, Protecting of Our Rights and the Rights of Others. We reserve the right to disclose any personal information when we honestly believe that the disclosure is required by law, or in accordance with a court order or other law enforcement agency. We also have a right to disclose personal information to prevent or investigate potential crimes, including fraud or identity theft, to enforce or apply our online terms of use or other agreements and to protect our rights, property, safety of our users or others.
Aggregate Information. We have the right to share demographic or survey information with third parties, but such information will be anonymous and will not contain any personal information or details. The aggregate information we share may include anonymous information collected through the use of cookies and other similar tracking technologies, as described in the “Cookies and similar technologies” section.
General Recommendations
We respect your right to choose how we collect, use and disclose your personal information. We also provide an “opt-out” link in news or promotional emails so that you can inform us that you don’t wish to receive such messages from us in the future.
Direct Marketing
Before using your personal data for direct marketing purposes (or providing permission to our structural units), we will provide you with the opportunity to consent or prohibit such use of your information. At any time, you can exclude yourself from our direct marketing communications by sending an email or written notice to the data privacy officer. Please provide your full name, address and email address and phone number in case of refusal, so that we can recognize you in our mailing lists. As soon as we receive the necessary information, we will remove you from our mailing list in accordance with the current legislation of Ukraine and the European Union.
Procedure for accessing, updating or correcting your personal data
By contacting us in a way convenient for you – phone call, email, Viber, Telegram, Instagram, Facebook, Messenger, you can submit a request to correct your personal information.
Rights of personal data subjects
Rights of personal data subjects in accordance with the legislation of Ukraine
- to know about the sources of collection, location of their personal data, purposes of their processing, location or place of residence of the owner or controller of personal data or to give a corresponding instruction to obtain this information to persons authorized by them, except for cases established by law;
- to receive information about the conditions for providing access to personal data, including information about third parties to whom their personal data are provided;
- to access their personal data;
- to receive a response on whether their personal data are being processed, as well as to receive the content of such personal data no later than thirty calendar days from the date of receipt of the request, except for cases provided by law;
- to present a reasoned request to the owner of personal data with an objection to the processing of their personal data;
- to present a reasoned request for the change or deletion of their personal data by owner and manager of personal data if these data are processed illegally or are inaccurate;
- the modification or destruction of their personal data by any owner and controller of personal data, if these data are processed unlawfully or are inaccurate;
- to protect their personal data from illegal processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision, as well as protection from the provision of information that is inaccurate or discredits the honor, dignity and business reputation of an individuals;
- to file complaints with the Commissioner for Human Rights of the Verkhovna Rada of Ukraine or to the court about the processing of their personal data;
- to apply legal remedies in case of violation of the legislation on personal data protection;
- to make a reservations limiting the right for processing their personal data when granting the consent;
- to withdraw the consent to the processing of your personal data;
- to know the mechanism of automatic processing of personal data;
- to be protected from an automated solution that has legal consequences for them.
Other rights of personal data subjects under the GDPR:
- the right to processing information;
- the right to correct information concerning you;
- the right to withdraw consent to the processing of personal data and the right to be forgotten;
- the right to restriction of processing;
- the right to access personal data;
- the right not to be subject of automated solution.
Protection of Personal Information
We use a comprehensive data security program, including commercially reasonable administrative, physical and technological security measures to protect your personal information from unauthorized access, unauthorized or accidental destruction, modification or disclosure. Although we take the necessary precautions to ensure the level of security, we cannot guarantee the absolute security of information provided over the Internet or stored in our databases from criminal interference by third parties (hacker attack)
Links to Our Other Websites
This website contains links to other websites of our business units. These other websites are separate and distinct websites. Each of them performs a specific function. Therefore, each other website may be governed by its own terms of use and privacy policy. When you access other websites via links from this website, please take a few minutes to review the privacy policy posted on each other website you visit.
Links to Other Websites
This website may contain links to websites of other companies, including websites of our partners and third parties. This Policy doesn’t apply to personal information that is collected on any of these websites. When you access third-party websites via links on this site, please take a few minutes to review the privacy policy posted on that website.
Children
We don’t use our site for intentional transfer of data from and to children under the age of 18. If you are under 18, please do not provide us with any personal information. If we discover that a person under the age of 18 has provided us with such information through one of our sites, we will use reasonable efforts to remove that information from our databases.
Contact information for questions related to the privacy policy:
If you have any questions about this Policy or our privacy practices, please send an email or written notice to the Data Privacy Officer (see Contact information on this page).
For correspondence:
E-mail: info@galafrut.com

