The version of November 30, 2023
WHAT IS THIS POLICY ABOUT?
We, DiXi Group Nongovernmental Organization (address: 02154 Kyiv, Rusanivskyi Boulevard 6, apt. 22; EDRPOU code 36159679) (“DiXi Group”), are the controller of the personal data you provide when using the Energy Map website (the “Website”). We take care to ensure privacy of your personal data, processing it in accordance with Ukrainian law and generally accepted European practices, including requirements of the General Data Protection Regulation (Regulation (EU) 2016/679, or GDPR).
Account: a User’s Account created at the time of registration on the Website and allows identifying and authenticating the said User on the Website.
Controller: a person determining the purpose of processing personal data, the composition of this data and the data processing procedures.
DiXi Group is a controller of personal data for the purposes of the EU’s GDPR and the Law of Ukraine on Protection of Personal Data.
Personal data: any information relating to an identified or identifiable natural person, who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Website: an online information and analytical resource located at the URL address: https://map.ua-energy.org/, containing textual, graphic and other information perceived as a single whole, and run by a system hardware complex.
Data subject: a natural person whose personal data is being processed.
Third party: a natural or legal person, public authority, agency or body other than the data subject, controller and persons who, under the direct authority of the controller, are authorized to process personal data.
Cookies: small text or binary files stored in the device’s (computer’s or smartphone’s) browser after visiting websites.
1. WHAT KIND OF PERSONAL DATA DO WE COLLECT?
Data you provide to us
When visiting the Website, you could be asked to provide your certain personal data, in particular:
- information to create an Account: e-mail address, password, your name and surname, country, field of activity, company name;
- information to complete the feedback form: your name, e-mail address, phone number;
- information concerning your transactions on our Website (payment of subscription fees, one-time purchase of paid content), which may include your bankcard information;
- information you can provide to us in any messages you send by e-mail or via our Website.
All data mentioned above is provided with your personal voluntary consent.
Data we gather automatically
2. WHAT IS THE PURPOSE OF COLLECTING YOUR DATA?
We use your personal data solely for the purposes defined in this Policy, in particular, to:
- create and maintain your Account, and authenticate you on the Website;
- provide our services available on the Website to you in accordance with the Website Terms of service;
- ensure efficient performance and security of the Website, and prevent fraud;
- personalize our Website for you, and ensure comfortable Website navigation;
- communicate with you regarding your Account, the services you ordered (the purchase of paid content on the Website), and other aspects of using the Website;
- e-mail you our newsletters, including Website content update notices (if you created an Account). By registering on the Website, you provide consent to receiving our emails about Website updates. These emails will be regularly sent to the e-mail address you provided when creating your Account. You can unsubscribe from our newsletters at any time (see: our contact information in Section 13 of this Policy).
3. WHAT ARE THE LEGAL GROUNDS FOR PROCESSING YOUR PERSONAL DATA?
We process your personal data only upon availability of one of the following legal grounds:
- Obligation under agreement. Processing your personal data could be required under agreement, in particular, to comply with the Website Terms of service.
- Legislative obligation. In certain cases, we are required by law to process your personal data, for example, to provide information to a particular public authority under a court ruling.
4. HOW LONG DO WE STORE YOUR PERSONAL DATA?
We store your personal data during the period necessary to achieve the goals set forth in this Policy.
5. WHAT RIGHTS DO YOU HAVE AS A DATA SUBJECT?
You have the following rights concerning your personal data:
- Accessing your data. You can request us to provide access to your data. Thus, you can find out whether your personal data is being processed, and if it is, how exactly and for what purpose, and receive an access to it.
- Correcting your data. If you found out that your personal data we are processing is incorrect or outdated (for example, outdated e-mail address or phone number), you can request us to correct this data. Also, if you did not enter certain data earlier, when using forms on our Website, you can complete this data by placing a request with us.
- Objecting to data processing. You have the right to object to the processing of your personal data at any time, if, in your opinion, we do not have the right to continue using it. We shall review your request, and unless it can be legitimately denied, will stop processing your data.
- Suspending data processing. If you are disputing the accuracy of your data, or believe that we are processing it illegitimately, or want to object to its processing, you have the right to suspend the processing of your data to check the data processing circumstances. In that case, we shall stop processing your data for any purpose other than ensuring compliance with law, until the circumstances warranting suspension of data processing cease to exist.
- Withdrawing consent to data processing (“the right to be forgotten”). You have the right to withdraw your consent to personal data processing at any time by following the instructions in Section 10 of this Policy. Your consent will be withdrawn and the personal data we collected will be deleted. The withdrawal of your consent will not affect the legitimacy of data processing we did before you withdrew it.
- Complaining about data processing. If you believe that the processing of your personal data violates data protection legislation and your rights, you can complain to the supervisory authority concerned (in particular, to the Verkhovna Rada Commissioner for Human Rights). The lodging of this complaint does not restrict your right to seek protection of your rights and interests by other public authorities.
To exercise the aforementioned rights, contact us using our details provided in Section 13 of this Policy.
6. WHAT PERSONAL DATA-RELATED OBLIGATIONS DO YOU HAVE?
Besides the rights concerning personal data, you also have obligations, in particular:
- not to purport personal data of other persons to be your own, and not to take any actions with the aim of deceiving other users of the Website;
- not to provide your personal data for use by third parties;
- not to seek access to personal data of other users in any manner, including but not limited to fraud, abuse of trust, picking out authentication and identification data;
- not to collect, systemize, store, process or disseminate personal data of other users.
7. HOW DO WE INTERACT WITH THIRD PARTIES AS REGARDS PERSONAL DATA?
We value privacy of your personal data, and do not provide it to third parties or disseminate it for marketing purposes.
Please, note that your personal data could be disclosed to third parties solely in the following cases:
- If required by law, for example, under a court ruling.
- To ensure that you receive proper services when using the Website. We use analytical services to collect information about the Website use, for example, to identify devices from which users visit our Website. This information in its entirety allows us to analyze and improve the convenience of using the Website. In particular, we use the following analytical services:
The Website may also contain links to third party websites and services for information purposes. Even though DiXi Group carefully selects its partners, we cannot bear responsibility for security of these services and their terms of processing personal data. Therefore, we urge you to carefully read personal data processing policies of these services before using them. Also, bear in mind that third party services may use their own cookies, for which we cannot be responsible.
8. HOW DO WE PROTECT YOUR PERSONAL DATA?
We take all organizational and technical measures necessary to protect your personal data, in particular, against unauthorized or accidental access, processing, deletion, modification, blocking, copying, dissemination, and other forms of unlawful handling by third parties. At the same time, it is impossible in today’s conditions to guarantee absolute security against any information threats that could occur beyond our ability to control them.
On our part, we take all possible efforts to preserve the integrity and confidentiality of your personal data. Only DiXi Group’s employees responsible for Website maintenance and administration and required to maintain confidentiality of personal data are allowed to have direct access to your data. DiXi Group may also engage other legal and natural persons to process personal data on DiXi Group’s behalf (operators). All operators engaged by DiXi Group are obliged to abide by this Policy and maintain confidentiality of personal data.
9. HOW DO WE HANDLE PERSONAL DATA OF CHILDREN?
We do not purposefully collect and store personal data of persons under 18 years of age. If we become aware of any instance of collecting the child’s personal data without permission of either parent or legal guardian, we shall make sure that this personal data is deleted as soon as possible and cannot be used in the future.
10. HOW CAN YOU WITHDRAW YOUR CONSENT TO PERSONAL DATA PROCESSING?
You can withdraw your consent to personal data processing at any time by:
- deleting your Account on the Website using the relevant function in the Account settings, or by
- e-mailing us a statement of withdrawing your consent to personal data processing to: [email protected].
All data processing operations that took place before you withdrew your consent are legitimate. If you withdraw your consent, DiXi Group will delete your personal data.
11.1. WHAT ARE COOKIES?
Cookies are small text or binary files stored in the device’s (computer’s or smartphone’s) browser after visiting websites, particularly our Website.
These files improve the Website’s performance, and make it easier and more convenient to navigate. For example, cookies may remember information about your personal settings (such as the choice of language) or past activity (such as the filters used to browse the Website). At the same time, cookies collect no information whatsoever from your computer or other devices.
11.2. WHAT TYPES OF COOKIES DO WE USE?
- Depending on duration of storing cookies:
a) Temporary (session) cookies: files placed only while you are navigating our Website, and deleted after your session ends.
b) Persistent cookies: files that could be stored on your computer or another device after leaving the Website, and used when you visit the Website again.
- Depending on purpose of cookies:
a) Critically important (persistent) cookies: filed used for the following purposes:
- to store user’s session identifier, and for user’s registration and authentication on the Website. Without these files, the Website cannot remember, for example, whether you entered in your Account;
- to ensure the Website’s security: in particular, these files store CSRF tokens, which are used to prevent CSRF attacks (attacks at website users by maliciously exploiting other servers in the name of these users).
b) Functional (temporary) cookies: files allowing the Website to remember your personal settings or your past activity on the Website. It could include, for example, your choice of language, information you provided when completing forms on the Website, the tabs (filters) you selected on the Website’s pages. These files are placed only in response to your actions to save your settings when you return to the previous page during the same session.
- The Website also uses “external cookies”: permanent cookies from third parties, which we cannot control and for which we cannot bear responsibility. In particular, these third party services include:
b) Google Analytics
11.3. HOW CAN YOU MANAGE COOKIES?
You can manage cookie settings at any time at your discretion. In particular, you can turn off and delete all cookies from your device using your browser’s settings. You will find an instruction on how to do it in the relevant section of your browser’s menu.
Please, bear in mind that if you turn off cookies, certain sections or features of our Website could malfunction.
12. CHANGES IN THIS POLICY
We can make changes in this Policy at any time, which come into effect on the date of posting the revised version of the Policy on this page. Every time we make changes in the Policy, the effective date of the revised version hereof will be shown in the upper part of this page.
We recommend that you regularly check this Policy to be aware of any changes we can make. If changes would concern data processing for which your consent is required, we will ask you to provide consent again, if necessary.
13. OUR CONTACT INFO
DiXi Group Nongovernmental Organization (address: 02154 Kyiv, Rusanivskyi Boulevard 6, apt. 22; EDRPOU code 36159679), a controller of your personal data.
Should you have any questions, comments, suggestions or complaints concerning the way we handle your personal data, or should you want to exercise your rights mentioned in Section 5 of this Policy, please e-mail us to: [email protected].
Also, you can always contact us using the feedback form on our Website.