Products icon
Fasteners Hardware for straps and cords Quick release systems Repair kits Propellers Eyelets and buttons Protective elements All products
Services icon
Injection molding of plastics Design and manufacturing of injection molds Turnkey custom production from idea to finished product
About us Cooperation terms Blog Contacts
Eng icon
Ua Pl
icon Log in
Call us
+380 (67) 538-85-50
icon
Fasteners Hardware for straps and cords Quick release systems Repair kits Propellers Eyelets and buttons Protective elements All products
Injection molding of plastics Design and manufacturing of injection molds Turnkey custom production from idea to finished product
About us Cooperation terms Blog Contacts
Зателефонуйте нам
+380 (67) 538-85-50
icon
CART
0

Privacy Policy on the Protection and Processing of Personal Data

General provisions
  • For the purpose of ensuring proper access to and use by clients and counterparties of LIMITED LIABILITY COMPANY «AMMOLIT PLUS» (USREOU code 44012570), hereinafter referred to as the "COMPANY", of the website: https://amm-plus.com, the Instagram page, and the Facebook page, hereinafter referred to as the "Site", as well as for clients and counterparties to receive goods of the COMPANY provided for under the Public contract for the sale of goods (offer) posted at: http://amm-plus.com/public-offer, the COMPANY collects and processes personal data of Clients, counterparties and users of the Site, hereinafter referred to as "Clients".
  • By interacting with the COMPANY, visiting the Site, and contacting the COMPANY by telephone (mobile) communication and via messengers, the Client agrees to this Privacy Policy on the protection and processing of personal data, hereinafter referred to as the "Privacy Policy", and consents to the collection, processing, storage, disclosure and transfer of his or her personal data.
  • The COMPANY acts as the controller of Clients' personal data and may engage processors of Clients' personal data. The COMPANY does not intentionally collect personal data of minors without the consent of their legal representatives in cases provided for by the applicable legislation of Ukraine.
  • The COMPANY does not collect or process such categories of personal data as data on racial or ethnic origin, political, religious or worldview beliefs, membership in political parties and trade unions, criminal convictions, as well as data relating to health, sex life, biometric or genetic data of Clients ("sensitive personal data").
  • The COMPANY undertakes to take all available measures to protect Clients' personal data, taking into account the provisions of the applicable legislation of Ukraine on personal data protection.
  • This Privacy Policy is mandatory for application by the responsible person and employees of the COMPANY who directly process and/or have access to Clients' personal data in connection with the performance of their official duties.
1. Terms and definitions.
  • 1.1. Personal data database — a named set of structured personal data in electronic form and/or in the form of personal data card files.
  • 1.2. Responsible person — a designated person who organizes work related to the protection of personal data during their processing, in accordance with the applicable legislation of Ukraine.
  • 1.3. Controller of personal data — a natural person, a natural person-entrepreneur or a legal entity to whom the law or, with the consent of the personal data subject, grants the right to process such data, who approves the purpose of processing personal data in this database, establishes the composition of such data and the procedures for their processing, unless otherwise provided by law.
  • 1.4. Consent of the personal data subject — any voluntary expression of will by a natural person (provided that he or she is informed) to grant permission for the processing of his or her personal data in accordance with the stated purpose of such processing, expressed in writing or in a form that makes it possible to conclude that consent has been given. In the field of electronic commerce, consent of the personal data subject may be given during registration in the information and communication system of the subject of electronic commerce by marking consent to the processing of his or her personal data in accordance with the stated purpose of such processing, provided that such system does not create the possibility of processing personal data before the mark is made.
  • 1.5. Depersonalization of personal data — removal of information that makes it possible to identify a person.
  • 1.6. Card file — any structured personal data accessible according to defined criteria, regardless of whether such data are centralized, decentralized or divided on functional or geographical grounds.
  • 1.7. User — a natural person who is identified or can be specifically identified when interacting with the Site.
  • 1.8. Client — legal entities, natural person-entrepreneurs and natural persons who receive goods from the COMPANY and provide access to their personal data.
  • 1.9. Processing of personal data — any action or set of actions performed wholly or partly in an information (automated) system and/or in personal data card files related to the collection, registration, accumulation, storage, adaptation, modification, renewal, use and dissemination (distribution, implementation, transfer), depersonalization, destruction of information about a natural person.
  • 1.10. Recipient — a natural person, a natural person-entrepreneur or a legal entity to whom personal data are provided, including a third party.
  • 1.11. Personal data — information or a set of information about a natural person who is identified or can be specifically identified;
  • 1.12. Processor of personal data — a natural person, a natural person-entrepreneur or a legal entity to whom the controller of personal data or the law grants the right to process such data.
  • 1.13. Personal data subject — a natural person with respect to whom his or her personal data are processed in accordance with the law.
  • 1.14. Third party — any person, except for the personal data subject, the controller or processor of personal data and the authorized state body for personal data protection, to whom personal data are transferred by the controller or processor of personal data in accordance with the law.
  • 1.15. Sensitive categories of data — personal data on racial or ethnic origin, political, religious or worldview beliefs, membership in political parties and trade unions, criminal convictions, as well as data relating to health, sex life, biometric or genetic data of Clients.
2. Categories of personal data and their location. Purpose of personal data processing.
  • 2.1. Depending on how Clients use the Site, the scope, method, purpose and legal grounds for the collection and processing of Personal data by the COMPANY may vary.
  • 2.2. The COMPANY collects and processes the following categories of Clients' personal data:
  • - surnames, given names, patronymics or names of Clients; taxpayer registration number (for a natural person), USREOU code (for a legal entity), identification code (for a natural person-entrepreneur) of Clients; email addresses of Clients; mobile phone numbers of Clients; registration addresses and actual place of residence of Clients;
  • - Clients' login data on the Site;
  • - "cookies" files (technical, functional, analytical, marketing), technical data for the Site;
  • - other personal data that may be voluntarily provided by Clients on their own initiative and that cannot be deleted by the COMPANY without destroying other information and/or personal data that must be retained by the COMPANY in accordance with the requirements of the applicable legislation of Ukraine and to protect its rights and legitimate interests.
  • 2.3. With respect to personal data concerning bank payment cards, the COMPANY transfers data to payment providers who are independent controllers of personal data regarding payment card transactions. The COMPANY does not receive or store full payment card details. Payment data processing is carried out by payment services in accordance with their own privacy policies.
  • 2.4. The COMPANY also collects anonymized data that are not personal data (the COMPANY cannot independently identify Clients). Collection and processing of anonymized data takes place in consolidated form and is used to conduct marketing research and analytics.
  • 2.5. The COMPANY collects and processes personal data of Site Clients on the following legal grounds:
  • - consent to the collection and processing of personal data;
  • - performance of contractual obligations by the COMPANY;
  • - compliance with legal requirements applicable to the COMPANY.
  • 2.6. The COMPANY collects and processes personal data of Site Clients for the following purposes:
  • - creating an account on the Site;
  • - providing Clients with access to the Site;
  • - ordering goods from the COMPANY, order management, delivery of goods by the COMPANY;
  • - tracking Clients' preferences for the purpose of providing personalized information about the COMPANY's goods;
  • - providing responses to Clients' search and information requests about the COMPANY's goods;
  • - ensuring Clients' participation in surveys, promotions and loyalty programs of the COMPANY;
  • - managing subscription to newsletters about the COMPANY's goods;
  • - using feedback forms on the Site;
  • - ensuring exchange of information with the Site;
  • - conducting marketing research and trend analysis to improve the COMPANY's goods;
  • - improving the operation of the Site;
  • - providing information about the COMPANY's goods (newsletters, information about promotions and other marketing activities);
  • - protection against possible claims by Clients within the limitation period established by law for such claims.
  • 2.7. The purpose of processing personal data in the system is storage and maintenance of Clients' data, in accordance with the Law of Ukraine "On Personal Data Protection".
  • 2.8. The purpose of processing personal data is to ensure the implementation of civil law relations, provision/receipt and settlement for purchased goods in accordance with the applicable legislation of Ukraine.
  • 2.9. The personal data specified in this section are located at the actual address of the COMPANY. In the event of cross-border transfer of personal data, the COMPANY ensures an adequate level of protection of personal data in accordance with the requirements of the applicable legislation of Ukraine.
3. Personal data processing procedure.
  • 3.1. Consent of the personal data subject must be a voluntary expression of will by a natural person to grant permission for the processing of his or her personal data in accordance with the stated purpose of such processing.
  • 3.2. Consent of the personal data subject is given by acceptance of the Public contract for the sale of goods (offer) posted at: http://amm-plus.com/public-offer
  • 3.3. By this Privacy Policy, the personal data subject is informed about the inclusion of his or her personal data in the COMPANY's personal data database and the purpose of collecting personal data in accordance with the Law of Ukraine "On Personal Data Protection".
4. Conditions for disclosure of personal data information to third parties.
  • 4.1. The procedure for access to personal data of third parties and the list of such third parties to whom access may be granted are determined by the applicable legislation of Ukraine.
  • 4.2. Access to personal data is not granted to a third party if such person refuses to undertake obligations to ensure compliance with the requirements of the Law of Ukraine "On Personal Data Protection" or is unable to ensure such compliance.
  • 4.3. A party to relations related to personal data submits a request for access, hereinafter referred to as the "request", to the controller of personal data.
  • 4.4. The request shall specify:
  • - surname, given name and patronymic, place of residence (place of stay) and details of the document identifying the natural person submitting the request (for a natural person — applicant);
  • - name, location of the legal entity submitting the request, position, surname, given name and patronymic of the person certifying the request; confirmation that the content of the request corresponds to the powers of the legal entity (for a legal entity — applicant);
  • - surname, given name and patronymic, as well as other information that makes it possible to identify the natural person with respect to whom the request is made;
  • - information on the category of personal data to which the request relates, or information on the controller or processor of such database;
  • - list of personal data requested;
  • - purpose of the request.
  • 4.5. The period for reviewing the request for the purpose of satisfying it may not exceed 10 (ten) business days from the date of its receipt. Within this period, the controller of personal data shall notify the person submitting the request that the request will be satisfied or that the relevant personal data are not subject to provision, indicating the ground defined in the relevant regulatory legal act. The request shall be satisfied within 30 (thirty) calendar days from the date of its receipt, unless otherwise provided by law.
  • 4.6. All employees of the controller of personal data are obliged to comply with confidentiality requirements regarding personal data.
  • 4.7. Deferral of access to personal data of third parties is permitted if the required data cannot be provided within 30 (thirty) calendar days from the date of receipt of the request. In this case, the total period for resolving issues raised in the request may not exceed forty-five calendar days.
  • 4.8. Notice of deferral shall be communicated to the third party who submitted the request in writing with an explanation of the procedure for appealing such decision.
  • 4.9. The notice of deferral shall specify:
  • - surname, given name and patronymic of the official;
  • - date of dispatch of the notice;
  • - reason for deferral; period within which the request will be satisfied.
  • 4.10. Refusal of access to personal data is permitted if access to them is prohibited under the applicable legislation of Ukraine.
  • 4.11. The notice of refusal shall specify:
  • - surname, given name, patronymic of the official who refuses access;
  • - date of dispatch of the notice; reason for refusal.
  • 4.12. A decision on deferral or refusal of access to personal data may be appealed to the authorized state body for personal data protection, other bodies of state power and local self-government bodies whose powers include personal data protection, or to a court.
5. Protection of personal data.
  • 5.1. The controller of personal data shall ensure the use of personal data by system and software and technical means and means of communication that prevent loss, theft, unauthorized destruction, distortion, forgery, copying of information and comply with the requirements of international and national standards.
  • 5.2. The responsible person organizes work related to the protection of personal data during their processing, in accordance with the law. The responsible person is appointed by order of the Controller of personal data. The duties of the responsible person regarding the organization of work related to the protection of personal data during their processing are set out in the job description.
  • 5.3. The responsible person is obliged to:
  • - know the legislation of Ukraine in the field of personal data protection;
  • - develop procedures for employees' access to personal data in accordance with their professional, official or employment duties;
  • - ensure that employees of the controller of personal data comply with the requirements of the legislation of Ukraine in the field of personal data protection and internal documents regulating the activities of the controller of personal data regarding the processing and protection of personal data in personal data databases;
  • - develop a procedure for internal control of compliance with the requirements of the legislation of Ukraine in the field of personal data protection and internal documents regulating the activities of the Controller of personal data regarding the processing and protection of personal data in personal data databases, which shall include, in particular, provisions on the frequency of such control;
  • - notify the controller of personal data of cases of violation by employees of the requirements of the legislation of Ukraine in the field of personal data protection and internal documents regulating the activities of the controller of personal data regarding the processing and protection of personal data in personal data databases no later than 1 (one) business day from the moment such violations are detected;
  • - ensure storage of documents confirming the grant of consent by the personal data subject to the processing of his or her personal data and notification of such subject of his or her rights.
  • 5.4. For the purpose of performing his or her duties, the responsible person has the right to:
  • - receive necessary documents, including orders and other administrative documents issued by the controller of personal data related to the processing of personal data;
  • - make copies of received documents, including copies of files, any records stored in local computer networks and stand-alone computer systems; participate in discussions of duties performed by him or her regarding the organization of work related to the protection of personal data during their processing;
  • - submit proposals for improvement of activities and refinement of working methods, submit remarks and options for elimination of deficiencies identified in the process of personal data processing;
  • - receive explanations on matters of personal data processing;
  • - sign and endorse documents within his or her competence.
  • 5.5. Employees who directly process and/or have access to personal data in connection with the performance of their official (employment) duties are obliged to comply with the requirements of the legislation of Ukraine in the field of personal data protection and internal documents regarding the processing and protection of personal data in personal data databases.
  • 5.6. Employees who have access to personal data, including those who process them, are obliged not to disclose in any manner personal data entrusted to them or that became known to them in connection with the performance of professional, official or employment duties. Such obligation remains in effect after they cease activities related to personal data, except in cases established by law.
  • 5.7. Persons who have access to personal data, including those who process them, bear liability in accordance with the legislation of Ukraine in the event of violation of the requirements of the Law of Ukraine "On Personal Data Protection".
  • 5.8. Personal data are stored no longer than necessary to achieve the purpose of their processing, unless otherwise provided by the legislation of Ukraine. The retention period for personal data is determined taking into account: the purpose of processing personal data;
  • - retention periods established by the applicable legislation of Ukraine for the relevant categories of data;
  • - the period of validity of the personal data subject's consent to their processing;
  • - the need to protect the rights and legitimate interests of the COMPANY.
6. Rights of the personal data subject.
  • 6.1. The personal data subject has the right to:
  • 6.1.1. know about the sources of collection, location of his or her personal data, purpose of their processing, location or place of residence (stay) of the controller or processor of personal data or give appropriate authorization to authorized persons to obtain such information, except in cases established by law;
  • 6.1.2. receive information on the conditions for granting access to personal data, including information on third parties to whom his or her personal data are transferred;
  • 6.1.3. access his or her personal data;
  • 6.1.4. receive, no later than thirty calendar days from the date of receipt of the request, except in cases provided for by law, a response as to whether his or her personal data are being processed, and also receive the content of such personal data;
  • 6.1.5. submit a reasoned request to the controller of personal data objecting to the processing of his or her personal data;
  • 6.1.6. submit a reasoned request for modification or destruction of his or her personal data to any controller and processor of personal data if such data are processed unlawfully or are inaccurate;
  • 6.1.7. protection of his or her personal data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision thereof, as well as protection against provision of information that is inaccurate or defames the honor, dignity and business reputation of a natural person;
  • 6.1.8. file complaints regarding the processing of his or her personal data with the Commissioner or with a court;
  • 6.1.9. apply legal remedies in the event of violation of legislation on personal data protection;
  • 6.1.10. enter reservations regarding restriction of the right to process his or her personal data when giving consent;
  • 6.1.11. withdraw consent to the processing of personal data;
  • 6.1.12. know the mechanism of automatic processing of personal data;
  • 6.1.13. protection against an automated decision that has legal consequences for him or her.
7. Procedure for handling requests from the personal data subject.
  • 7.1. The personal data subject has the right of access to his or her personal data from any party to relations related to personal data without stating the purpose of the request, except in cases established by law, as well as the right to withdraw consent to the processing of personal data.
  • 7.2. Access by the personal data subject to data about himself or herself is provided free of charge.
  • 7.3. The personal data subject submits a request for access to personal data, hereinafter referred to as the "request", to the controller of personal data. The request shall specify:
  • - surname, given name and patronymic, place of residence (place of stay) and details of the document identifying the personal data subject;
  • - other information that makes it possible to identify the personal data subject;
  • - information on the personal data database to which the request relates, or information on the controller or processor of such database;
  • - list of personal data requested.
  • 7.4. The personal data subject sends an application for withdrawal of consent to the processing of personal data, hereinafter referred to as the "application", to the controller of personal data. The application shall specify:
  • - surname, given name and patronymic, place of residence (place of stay) and details of the document identifying the personal data subject;
  • - other information that makes it possible to identify the personal data subject;
  • - list of personal data to which the application relates;
  • - request for withdrawal of consent to the processing of personal data.
  • 7.5. The period for reviewing the request or application for the purpose of satisfying them may not exceed 10 (ten) business days from the date of their receipt. Within this period, the controller of personal data shall notify the personal data subject of the results of consideration of the request or application.
  • 7.6. The request or application shall be satisfied within 30 (thirty) calendar days from the date of their receipt, unless otherwise provided by the legislation of Ukraine.
8. Final provisions
  • 8.1. The COMPANY, as the controller of Clients' personal data, carries out collection, processing, storage, disclosure, transfer and protection of personal data in accordance with the Law of Ukraine "On Personal Data Protection".
  • 8.2. The COMPANY has the right to amend this Privacy Policy on the protection and processing of personal data unilaterally by posting a new version of the Policy on the COMPANY's website.
9. Company details.
  • LLC «AMMOLIT PLUS»
  • Location: 28/1 Rustaveli St., Kharkiv, Kharkiv region, 61001
  • USREOU code 44012570
  • Mobile tel. 067 545 66 06
  • E-mail: [email protected]