Privacy Policy

Date: April 15, 2025

DarkGuard Limited Liability Company (hereinafter – “DarkGuard,” “we,” “us,” or “our”) is committed to ensuring transparency and control over the processing of your personal data. This Privacy Policy (hereinafter – the “Policy”) describes how we collect, use, and protect the information you provide to us while using our services or visiting the website https://darkguard.com.ua/ (hereinafter – the “Site”).

This Policy also details your rights regarding the access, rectification, erasure, and other aspects of managing your personal data in accordance with applicable legislation.

As the data controller, we strictly comply with the requirements of the legislation of Ukraine on personal data protection and the General Data Protection Regulation (GDPR) of the EU.

Core Data Processing Principles: All our personal data processing activities are based on the principles of lawfulness, fairness, and transparency. We collect data only for specified and legitimate purposes and process only the amount of data necessary to achieve those purposes (data minimization). We strive to maintain data accuracy, store it no longer than necessary, and ensure its integrity and confidentiality through appropriate security measures. We are accountable for compliance with these principles.

Children’s Privacy: Our services are not directed at individuals under 16. We do not knowingly collect personal data from children. If you discover that a minor under your care has shared information with us without consent, please notify us immediately so we can take appropriate action.

1. Types of Data We Collect

We may collect the following categories of personal information:

  • Identity and Contact Information: This may include your first name, last name, patronymic (if provided), phone number, and email address.
  • Information Collected Automatically: Certain data is gathered automatically when you access or interact with our Site.
    • Technical Information: This includes your Internet Protocol (IP) address, browser type and version, operating system and platform, device identifiers, as well as time zone and language settings.
    • Usage Information: Data on your interaction with the Site, including pages viewed, date and time of access, duration of stay, navigation patterns, referral links, and related statistical data.
  • Cookie Information: We use cookies and similar tracking technologies to ensure our Site functions properly, analyze traffic, and improve your experience. For detailed information, please refer to our Cookie Policy.
  • Information You Provide Voluntarily: Any additional information you provide to us at your own discretion, including details shared via feedback forms, surveys, or during interactions with our customer support.

2. Methods of Data Collection

We collect information through several methods:

  • Directly from you: When you actively provide us with data by filling out forms on the Site, contacting us via email, phone, or social media, ordering services, or participating in surveys.
  • Automatically: During your interaction with the Site, we automatically collect technical and usage data through server logs, cookies, and similar technologies (for more details, see our Cookie Policy). This data may be stored separately from other personal user data in respective system logs to ensure security and analyze Site performance.
  • From third parties: occasionally, we may receive information about you from third parties, such as analytical service providers (e.g., Google Analytics, usually in anonymized or aggregated form) or business partners, provided this is relevant for the provision of services to you and complies with the law. We use such data only when there are legal grounds to do so.

3. Purposes and Legal Bases for Data Processing

We process your personal information only for clearly defined purposes and with a valid legal basis. Our key processing activities and their legal grounds are outlined below:

Purpose of Processing

Type of Data (Examples)

Legal Basis (GDPR / Law of Ukraine)

Responding to your inquiries and communicating with you

Identity and contact information, as well as any data provided at your own discretion

Art. 6(1)(b) or (f) GDPR (performance of a contract or our legitimate interest in providing responses and support) and Art. 11(1)(3) or (6) of the Law of Ukraine “On Protection of Personal Data” (necessity of performing a legal transaction or protecting legitimate interests).

Improving Site performance, analytics, and user experience

Technical information, usage statistics, and data collected via cookies

Art. 6(1)(a) GDPR (your consent to the use of non-essential cookies), Art. 6(1)(f) GDPR (our legitimate interest in improving the Site and services subject to a balance of interests), and Art. 11(1)(1) and (6) of the Law of Ukraine “On Protection of Personal Data” (your consent or protection of our legitimate interests).

Ensuring the security of the Site and systems

Technical data, including IP addresses, server logs, device identifiers, and patterns of interaction with the Site.

Art. 6(1)(f) GDPR (our legitimate interest in ensuring network and information security and protection against cyberattacks) and Art. 11(1)(6) of the Law of Ukraine “On Protection of Personal Data” (protection of legitimate interests).

Compliance with legal obligations and responding to requests from public authorities

Any relevant data requested by law or public authorities

Art. 6(1)(c) GDPR (compliance with a legal obligation); Art. 11(1)(2) of the Law of Ukraine “On Personal Data Protection”

Provision of ordered services

Identity and contact data, as well as any specific information provided by you for the audit or service.

Art. 6(1)(b) GDPR (performance of a contract or taking steps at your request prior to entering into a contract); Art. 11(1)(3) of the Law of Ukraine “On Personal Data Protection” (necessity to perform a transaction).

More about our legitimate interests. When we use legitimate interest as a legal basis, it means we pursue objectives critical to the functionality and security of our service: ensuring system resilience and protection against cyber threats, analyzing Site usage for optimization, preventing abuse, and providing high-quality responses to your inquiries. We perform a mandatory balancing test to ensure that our business interests do not override your fundamental rights and freedoms; you maintain the unconditional right to object to such processing at any time (see Section 8).

4. Data Transfer to Third Parties

We do not sell your personal data. We may share your data with a limited number of recipients only when necessary and on legal grounds:

  • Service Providers (Data Processors). We engage third-party companies to provide certain services (e.g., hosting, analytics, customer support, IT services). These companies act strictly according to our instructions and are legally obligated to protect your data. They only have access to the specific information necessary to perform their functions.
  • Law enforcement and other public authorities. We may disclose your data if required by law, a court order, or a legal request from authorized authorities (e.g., for the investigation of offenses, fraud, or security threats).
  • Other Third Parties (with your explicit consent). We may share your data with other third parties not listed above only if we have obtained your separate and explicit consent for such a transfer (e.g., for participation in joint partnership programs or integration with third-party services at your request). You have the right to withdraw such consent at any time.
  • In the event of business reorganization. We may transfer your personal data to third parties in the event of a sale, merger, reorganization, or liquidation of our business or a part thereof. In such cases, your data will be transferred to the new owner or successor only on the condition that they agree to comply with the terms of this Policy. We will notify you of such a transfer and your rights in connection with it, if required by law.

5. International Data Transfers

Your data is primarily processed in Ukraine and/or within the European Economic Area (EEA). However, some of our service providers may be located outside these territories. If we transfer data to countries that do not ensure an adequate level of data protection according to the European Commission’s decision, we implement appropriate safeguards to protect your information, such as Standard Contractual Clauses (SCCs) approved by the European Commission or other instruments provided for by the GDPR. You may contact us to obtain more information about the specific safeguards applied to international transfers.

6. Data Retention Period

We retain your personal data only for as long as necessary to achieve the purposes for which it was collected, as well as to comply with legal requirements and protect our rights. The criteria for determining retention periods include the purpose of collection, the applicable legal basis, and our statutory and legal obligations.

Specific Retention Examples:

  • Communication Data: stored for the period necessary to process your request, and typically for up to 1 year after the last contact for potential follow-up questions, unless you withdraw your consent or request deletion earlier. This allows us to ensure high-quality support and effectively counter recurring social engineering attempts. This allows us to ensure high-quality support and effectively counter recurring social engineering attempts.
  • Technical data and logs: stored for up to 1 year for security analysis, anomaly detection, and troubleshooting. This is necessary to ensure the stable operation of the Site and to protect from cyber threats, including hacking attempts or the use of social engineering techniques. Once these purposes are achieved, the data is deleted or anonymized.
  • Cookie-related data: the retention periods for this data are defined in our separate Cookie Policy. You can change your settings or withdraw your consent for cookies at any time through your browser settings or the Site interface.
  • Data necessary for contract performance: stored for the duration of the contract and for the statute of limitations period after its termination (typically 3 years in Ukraine), or longer if required by law (e.g., for tax and accounting purposes). This ensures legal transparency and the ability to protect the interests of both parties in the event of disputes.

Upon expiration of the retention period or achievement of the processing purpose, your personal data will be securely deleted or anonymized (processed in such a way that it can no longer be associated with you).

7. User Rights Regarding Personal Data

You have a number of rights regarding your personal data under the GDPR and the legislation of Ukraine:

  • Right of Access: Obtain confirmation as to whether your data is being processed, access the data itself, and receive information about the processing conditions (purpose, categories of data, recipients, retention periods, sources of collection, your rights, etc.).
  • Right to Rectification: Request the correction of inaccurate data or the completion of incomplete data.
  • Right to Erasure (“Right to be Forgotten”): Request the deletion of your personal data if it is no longer necessary for the original purposes, if you have withdrawn consent (and there is no other legal basis), if you object to the processing, or if the data was processed unlawfully. Please note that this right is not absolute and may be limited, for example, if the data is necessary to fulfill a legal obligation, to protect public interests, or to establish, exercise, or defend legal claims.
  • Right to Restriction of Processing: Request a temporary suspension of processing (except for storage) in certain cases: while verifying data accuracy; if the processing is unlawful but you oppose deletion; if we no longer need the data but you require it for legal claims; or while your objection to processing is being considered.
  • Right to Data Portability: Receive the personal data you provided to us, which is processed by automated means based on your consent or a contract, in a structured format. You also have the right to request the transfer of this data directly to another controller, where technically feasible.
  • Right to Object: Object to the processing of your personal data based on our legitimate interests, citing your specific situation. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing is necessary for legal claims. You also have an unconditional right to object to the processing of your data for direct marketing purposes at any time.
  • Right to Withdraw Consent: If data processing is based on your consent, you have the right to withdraw it at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. Consent can typically be withdrawn by the same method it was provided (e.g., through cookie settings or by contacting us).
  • Right to Lodge a Complaint: If you believe the processing of your personal data violates GDPR requirements or the Law of Ukraine “On Protection of Personal Data,” you have the right to lodge a complaint with a competent supervisory authority. In Ukraine, this is the Ukrainian Parliament Commissioner for Human Rights (website: https://ombudsman.gov.ua/).

To exercise any of the aforementioned rights, please contact us using the contact information provided in Section 12 of this Policy. To protect your data, we may ask you to provide additional information to verify your identity before processing your request. We will make every reasonable effort to respond to your request without undue delay, but no later than one month from its receipt. In complex cases or when receiving a large number of requests, this period may be extended by an additional two months, of which we will notify you, stating the reasons for the delay. The processing of requests is free of charge; however, we may charge a reasonable fee or refuse to fulfill a request if it is clearly unfounded, excessive, or repetitive.

8. Automated Decision-Making and Profiling

We do not use your personal data for decision-making based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (pursuant to Article 22 of the GDPR).

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, loss, or destruction. These measures include, but are not limited to, access control, encryption (where appropriate), firewalls, security policies, staff training, and contracts with service providers.
Despite all our efforts, it is important to understand that no method of data transmission over the Internet is 100% secure. We cannot guarantee the absolute security of your data, but we do our best to ensure its proper protection.

10. Links to Other Resources

Our Site may contain links to third-party websites that are not controlled or managed by us (e.g., links to social media or partner sites). If you click on such a link, you will leave our Site.
This Privacy Policy does not apply to the data collection and processing practices of such third-party resources. We strongly recommend that you review the privacy policies of every website or service you visit before providing them with your personal data. We are not responsible for the content, privacy policies, or practices of any third parties.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, services, or in response to changes in legislation. We will post the updated version of the Policy on this page and will definitely update the “Last Updated” date at the top of the document.

In the event of material changes that may significantly affect your rights or the way your data is processed (for example, a change in the purpose of processing or categories of data recipients), we will make reasonable efforts to notify you in advance. This may include posting a prominent notice on the Site’s homepage for a certain period or sending a notification to your email address (if you have provided us with your address and consent for such communication).

We recommend that you periodically review this Policy to stay informed about how we protect your information.Continued use of our Site after changes are posted constitutes your awareness of the updated Policy.

12. Contact Information

If you have any questions or comments regarding this Privacy Policy, or if you wish to exercise your rights regarding your personal data, please contact us using the following details:

  • Data Controller: DarkGuard LLC

  • EDRPOU Identification Code: 45778079

  • Email for inquiries: contact@darkguard.com.ua

  • Phone number: +38 (073) 780-80-70

We will make every effort to respond to your request within the timeframes established by law.

13. Language of the Policy

This Privacy Policy is drafted in Ukrainian. For your convenience, we also provide a translation of this Policy into English. In the event of any discrepancies between the Ukrainian version and a version translated into any other language (including English), the Ukrainian text shall prevail.