the current version, starting from 25.04.2025

Previous editions

Welcome! 
We created the Notification about personal data processing («Notification») so that individuals («You»), who use the Site understand, how We process personal data.

WHO WE ARE

Under the name NÚKOT, operations are carried out by the administrator, sole proprietor Tokun Anna Anatoliivna, with the business address: Ukraine, 49010, Dnipropetrovsk region, Dnipro city, Marii Curie Street, Building 13, Apartment 27; TAX Number: 3156322705, and the Seller. The Seller’s name, location, and other detailed information are available on the website nukot.com.ua in the "PAYMENT" section and can be accessed without making a purchase or incurring any direct costs.
Website: https://nukot.com.ua
Email for contact (inquiries, complaints, or suggestions): customercare@nukot.com.ua

TERMINOLOGY WE USE

1. Consent. Any freely given, specific, conscious and unambiguous representation of a subject´s will means his consent to the processing of personal data concerning him.
   
2. Controller. An individual or legal entity, etc., who defines the goals and determines the personal data processing procedures. NÚKOТ is the Controller.
   
3. Co-controller. An individual or legal entity who defines the goals and determines, the personal data processing procedures together with another Controller.
   
4. Registration number. Any alpha-numeric code that a legal entity received during registration.
   
5. Personal data protection body. A government body that protects subjects´ data from illegal processing.
   
6. Subject of personal data. An individual entity whose personal data is processed.
   
7. Legal address. A registration address of a business entity.
   
8. Legal basis for processing. One of the statutory recognized grounds due to which the processing of personal data is permitted.
   
9. Personal data. Any relevant information that relates to an identifiable individual or a person that can be identified.
   
10. Violation of the security of personal data. Any violation of security that leads to accidental or illegal destruction, loss, change, unauthorized disclosure or access to personal data which is transferred, stored or otherwise processed.
    
11. Processing. Any action or a set of actions with personal data.
    
12. Processor. An individual or legal entity who processes personal data on behalf of the Controller.
    
13. Profiling. Any form of automated processing of personal data consisting in the use of personal data to evaluate certain personal aspects related to an individual in order to analyze or predict aspects related to the performance of this individual at work, economic situation, health, personal preferences, interests, reliability, behavior, place of person´s residence or person´s movement.
    
14. Third party. Any person other than the Controller or Processor and Personal Data Protection Body to whom the Controller or Processor transfers personal data.
    
15. Site. This is a group of web pages created due to HTML, CSS, JavaScript and other programming languages and accessible via the Internet. In our case, it is https:// nukot.com.ua/.
    

WHAT PERSONAL DATA WE PROCESS

In most cases, NÚKOТ processes the personal data provided by You on the basis of a Public offer Agreement within the entire period of existence your data account on the site and within one year after its delition.  NÚKOТ processes personal data in order to provide You with services, to promote own business, improve the Site, meet your needs etc.

We process the following personal data:

• Name and surname;
  
• Contact information;
  
• Account settings and interests;
  
• Information from news published by the user;
  
• Information about payments received from you;
  
• Data from your devices;
  
• Data from activity on the Site and our social media accounts.

Data processing. We process the personal data received from You on the basis of a Public offer Agreement concluded with You in most cases when You use Your account on Our Website and within one year after its delition. When You visit Our Website, We process Your personal data on the basis of legitimate interest to provide access to and improve Our Website.

Comments.

When visitors leave comments on the Site, we collect data displayed in the comment form, as well as the IP-addresses of visitors and the user´s browser agent line to help detect spam.

Anonymous line created with your E-mail address (also called-hash), can be provided to the Gravatar service privacy policy is available here: https://automattic.com/privacy/. Once your comment is approved, your profile picture will be visible to the public in the context of your comment.

Media files.

If you upload images to a site, you should avoid uploading images with embedded location data (EXIF GPS). Visitors of the site can download and extract any location data from images on the site.

Embedded content from other websites.

Materials on our site can contain embedded content (for example: video, images, articles, etc). Embedded content from other sites behaves just as if a user were visiting another site.

These sites may collect data about you, use cookie files, built-in third party tracking applications, and monitor your interactions with this embedded content. In particular, track interactions with embedded content if you have a data account and are logged in to this site.

Data storage. We store Your personal data on servers around the world.

Other data processing. NÚKOТ does not use profiling for all of You and does not process personal data of persons under 13 years of age. In the event that You are under the age of 13, You have to let us know.

Purpose of processing	What kind of data is processed
User login to the site	IP-address, login time, browser, its version, screen size, etc.
Registering an account on the site via    e-mail	Name, surname, e-mail address.
Account settings	Gender, name, surname, internal name on the site.
Ensuring the optimal content of the material line for the user	Request for a range of goods and services.
Registration	Name, surname, e-mail address.
Users´ comments	Date of publication, content of a comment, author of a comment, fact of editing a comment. In reviews, We fix the type of review, the fact of leaving a review (without a date the review publication).
Formation of delivery orders and delivery of ordered goods	Name, surname, e-mail address, phone number, address.
Payment for services	Transaction amount, transaction date, transaction currency, user bank, card type, bank card country, can be phone number, can be payer´s name, product, can be action identifier, we also record the source where the user came from (UTM-mark).
Subscription to social networks	Profile (user´s name, nickname) and all public data associated with it
Work of technical support service	All individual user´s profile data
Contact support	Name, surname, login, phone number, e-mail, etc.
Appeal regarding personal data	All the data necessary to identify the subject.

Processors processing personal data

1. Meta Platforms Inc. Instagram, Facebook;
   
2. Telegram Messenger Inc. Telegram;
   
3. Universal Bank; 
   
4. Google LLC. Google Search Engine, Google Workspace;
   
5. NÚKOТ can transfer personal data to any other Processors, when it is necessary to provide You with services, for Our business, etc.

Тable: Processors and purpose for the use of personal data

Processor	Software	Purpose of use	Notification of personal data processing
Google LLC	Google Workspace	Creation of an e-mail with a company domain name.  Workflow, creation of forms, etc.	https://policies.google.com/privacy?hl=uk
	Google Search Engine	Marketing.	https://policies.google.com/privacy?hl=uk
Meta Platforms, Inc.	Instagram	Communication with You  and marketing	https://www.facebook.com/privacy/policy/
Telegram Messenger Inc.	Telegram	Communication with You, marketing and provision of services	https://telegram.org/privacy/ua
АТ "УНІВЕРСАЛ БАНК"	Plata by mono	Processing your payments	https://monobank.ua/

HOW PERSONAL DATA IS PROCESSED IN CERTAIN SITUATIONS

We mean:

1. Direct marketing. NÚKOТ may call, send e-mails, SMS, push-notifications and other e-mails of informational and advertising nature to promote business, services, NÚKOТ brand, and any of Our partners and clients.
   
2. Personal data for direct marketing. We may use all personal data for direct marketing in accordance with the provisions of this Notification.
   
3. Grounds for direct marketing. NÚKOТ may process personal data for direct marketing on the basis of
   
• Consent;
• Request to receive any information and/or advertising;
  
• Legitimate interest in promoting business, services, NÚKOТ brand and any of our partners and clients;
  
• Creating an account, subscription and/or using software and Internet-platforms of NÚKOТ Co-controllers. For example: Google, Instagram, Telegram, etc.
  
4. Targeted advertising. NÚKOТ can customize targeted advertising to You using software and Internet-platforms of NÚKOТ Co-controllers to promote business, services, NÚKOТ brand and any of our partners and clients.
   
5. Personal data for targeted advertising. We may use the following personal data for targeted advertising:
• Full name;
  
• Gender;
  
• Address, provided by You;
  
• Phone number, links to social networks and messengers;
  
• Physical and e-mail addresses;
  
• Search queries and preferences;
  
• Responses;
  
• Information from accounts;
  
• Any other information
  
6. Grounds for targeted advertising. The Grounds for targeted advertising are the creation of an account by you, subscription and/or for use of software and Internet-platforms of the NÚKOТ Co-controllers. For example: Google, Instagram, Telegram, etc.  NÚKOТ processes this personal data on the basis of agreements, in particular public contracts, with Co-controllers. All conditions regarding the processing of personal data by Co-controllers should be found in their privacy documents. 
   
7. Sale of personal data. As a rule, We do not sell personal data but We can do so, if necessary, in advance having received Your consent.
   
8. Advertising on the Website. NÚKOТ can display advertising on Our Site on the basis of a Legitimate interest, to promote Our services and provide a profit from it to Our business. With Your consent, We may also transfer Your personal data to other individuals or legal entities, for example, using Google AdSense or Instagram audience.
   
9. Exercising the rights of personal data subjects. To exercise your rights as a subject of personal data, you need to check the settings of the platforms of the respective Co-controllers or contact their support services.
   

HOW AND WHOM WE CAN TRANSFER PERSONAL DATA

NÚKOТ can transfer personal data to Processors, Co-controllers and the Third parties within Ukraine and/or abroad, if it is necessary for Our business. When it is about the transferring of personal data abroad, We can do it on the following basis:

• Agreement on the processing of personal data, when it is necessary to transfer personal data of citizens of Ukraine;
• A high level of personal data protection in the country of destination, defined by the European Commission, and/or via legal instruments.

In any case, We may be required to disclose personal data in line with decision of a court or a government body.

The conditions for the personal data transferring by Co-controllers are specified in their privacy documents.

1. General conditions for the transfer of personal data. NÚKOТ may transfer personal data to Processors, Co-controllers and the Third parties within Ukraine and/or abroad, if it is necessary for Our business.
   
2. Transfer of personal data of citizens of Ukraine. For the pesonal data transferring within Ukraine and abroad, We use personal data processing agreements.
   
3. Transfer of personal data of the European Union member-states´ citizens. To transfer the personal data within Ukraine, We use agreements on the processing of personal data along with the Standard Contractual Clauses. Data is transferred abroad on the basis of a high level of personal data protection in the country of destination, defined by the European Commission, and/or through various legal instruments, such as: Standard Contractual Clauses, certification, international agreements, etc.
   
4. Other cases of personal data transferring. We can be obliged to disclose personal data to the government bodies of Ukraine and the EU in line with a decision of a court or a government body.
   
5. Transfer of personal data by Co-controllers. The terms of the personal data transferring by Co-controllers are specified in their privacy documents.
   

COOKIE FILES

Details about cookie files we use, are provided for You in the Notification about use of cookie files.

WHAT RIGHTS YOU HAVE WITH RESPECT TO YOUR PERSONAL DATA

You have the following rights:

1. Right to access your personal data. You can gain access to information about which personal data is processed or a list of this data in a format that is readable by a person or a machine.
   
2. Right to rectification of data. You can correct inaccurate or out-of-date personal data.
   
3. Right to delete data. You can request the deletion of personal data.
   
4. Right to restriction of data processing. You can prohibit a Controller to use personal data, but a Controller may continue to store it.
   
5. Right to data transfer. You can get personal data from a Controller in the machine-readable format and transfer it to another Controller.
   
6. Right to object. You can object to the processing of personal data that is collected on the basis of legitimate interest or for marketing purposes.
   
7. Profiling. You have the right to be protected from making decisions based solely on automated data processing, including profiling.
   
8. Right to protection of personal data. You can file a lawsuit against the Controller or file a complaint with the data protection bodies.
   
9. Right to protection of personal data. You can withdraw your consent to the processing of personal data at any time.
   
10. Right to receive information. You have the right to receive information about the conditions for providing access to personal data, in particular information about Third parties to whom personal data is transferred.
    
11. Right to information about sources. You have the right to receive information about the sources of collection, the location of your personal data, the purpose of its processing, the location of the Controller or Processor.

HOW WE PROTECT PERSONAL DATA

NÚKOТ protects personal data in a few organizational and technical ways, among which are the following:

1. We do not have direct access to most of the personal data collected through cookie files (when they are used);
   
2. We do not combine personal data that We have access to with personal data from other sources, which may affect the ease of your identification;
   
3. We teach employees the basics of cybersecurity and privacy;
   
4. We use enhanced password requirements.

Table:  Means of personal data protection

Name of a tool	Effect
Cyber security and data privacy training of employees	We teach employees the basic approaches to information and cyber security, as well as the way they can use the Internet, their work and personal devices, etc. We also tell employees about the basics of legislation on the personal data processing, so that they understand all the necessary requirements that must be met. Each employee has a signed non-disclosure agreement, including information about visitors to our site.
Secure Data center	We store personal data in secure data centers, which are confirmed by many certificates
HTTPS-connections	You connect to Our Site via the protocol HTTP that is protected by certificates SSL or TLS.
Password encryption	We encrypt Your passwords using hash-functions (MD5, SHA1, SHA256, SHA512, etc).
Distribution of access to personal data	Our employees have different levels of access to personal data depending on the functions they perform.
Enhanced password requirements	We require Our employees to use secure passwords that they will use to access Our information resources. Such passwords must have a certain length, consist of alpha-numeric and special characters, as well as periodically change.

WHAT WE WILL DO IN THE EVENT OF DATA BREACH

In the event of a breach of the personal data security,We will notify personal data protection Authorities (if it goes about personal data of citizens of the EU member states), accompanying the notification with materials about such a problem.

However, in cases when a data breach seriously threatens Your rights and interests, We will inform You immediately. In addition, We record information about each fact of personal data breach in Our internal register.

Notification of the personal data protection Authority. We will notify the personal data protection Authorities if We become aware of a breach of personal data security of citizens of EU member states within 10 working days after We become aware of the breach of personal data security and provide the following information:

• Describe the nature of the breach of personal data security;
  
• Provide the contact details of the responsible person who can give additional information about the breach of the personal data security;
  
• Describe the possible consequences;
  
• Describe the measures that were taken or propose appropriate actions to eliminate a further breach of the security of personal data.

Notification of the Verkhovna Rada Commissioner for Human Rights. In accordance with Ukrainian legislation, We are not obliged to notify the Commissioner of the Verkhovna Rada of Ukraine for human rights about the violation of the security of personal data.

Notification of personal data subjects from the EU. If a breach of the security of personal data can lead to a violation of Your rights and freedoms, or there is a high risk of this, We will immediately notify You of the fact of the personal data breach and will do the following actions:

• Describe in clear and simple language the nature of the breach of personal data security;
  
• Provide the name and contact information of the responsible person, from whom further information can be obtained;
  
• Inform about the possible consequences of a violation of the security of personal data;
  
• Inform about the measures that were taken or propose appropriate actions to eliminate the subsequent violation of the security of personal data;
  
• Provide useful pieces of advice that can help reduce possible risks.

Notification of personal data subjects from Ukraine. We will notify You within 10 working days from the moment the personal data breach is detected and take actions from the third point of this section.

HOW TO MAKE A REQUEST OR COMPLAIN

Contacts of NÚKOТ. You can ask us any questions about Your personal data or make a complaint by e-mail: customercare@nukot.com.ua.

Response from NÚKOТ. We will give You an answer in response as soon as possible, but not later than in 30 calendar days.

Appeal to the Authorities for the protection of personal data.

• If You are a citizen of Ukraine You should contact the  Verkhovna Rada of Ukraine Commissioner for Human Rights. You can find more detailed information on the official website https://www.ombudsman.gov.ua/.
  
• If You are a citizen of a member state of the European Union, You should contact the relevant  state authority of Your country, which You can find at the link: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en

Response from the personal data protection Authorities. The time and procedure for providing a response depends on the internal policy of the personal data protection Authorities.

HOW TO DELETE PERSONAL DATA

Deletion of an Account. You can delete your personal data having deleted your account on Our Site in accordance with functionality of the site.

Contact of NÚKOТ. You can also contact our client support service by e-mail: customercare@nukot.com.ua.

Response. We give an answer in response as soon as possible, but not later than in 30 calendar days.

Other provisions

Date of entry into force. This version of the Notification is valid as of the effective Date.

Making changes to the Notification. NÚKOТ can make changes to the Notification from time to time without warning and Your consent. The new version is valid from the moment the effective date is changed.

Regulatory legislation. This Notification is regulated and interpreted in accordance with the legislation of Ukraine with special regard to the General Data Protection Regulation (EU GDPR).

Dispute resolution. All disputes arising in connection with this Notification are resolved by the competent court of Ukraine in accordance with the substantive and procedural law of Ukraine.

Language. This Notification is written in Ukrainian and its translation into English is available. In case of any discrepancy between the Ukrainian version and the translation into another language, the Ukrainian version will have the predominant force.

Payments

For your convenience, NÚKOT may utilize the services of various payment systems and banks to process payments, and these services may handle buyer data.

Currently, NÚKOT accepts payments through JSC "UNIVERSAL BANK" (detailed information about the service is available at https://monobankinfo.com.ua/uk/privacy-policy-ua).

In the event of any changes or additions to the list of payment systems, we will update this section accordingly.

During payment processing, some of Your data will be transferred to payment systems or the bank, including information necessary to process or maintain payment information such as total purchase cost and payment information.