Privacy Policy

1. Data Controller

Roi Bachmutsky is the data controller responsible for your personal data collected through this website and in connection with our consultancy services.

For inquiries, please use the contact form on this website.

2. Information We Collect

Information You Provide Directly:

• Contact information (name, email address, phone number, organization)
• Information submitted through contact forms or email inquiries
• Information provided in connection with consultancy engagements
• Any other information you choose to provide

Information Collected Automatically:

• Technical information such as IP address, browser type, and operating system
• Usage data including pages visited, time spent on the website, and referring websites
• Cookies and similar tracking technologies (see Section 8 below)

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

• Consent: When you provide explicit consent for us to process your data for specific purposes
• Contract: When processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract
• Legitimate Interests: When processing is necessary for our legitimate business interests, such as responding to inquiries and improving our services, provided these interests are not overridden by your rights
• Legal Obligations: When processing is necessary to comply with applicable legal or regulatory obligations

4. How We Use Your Information

We use the information we collect for the following purposes:

• To respond to your inquiries and communicate with you
• To provide consultancy services and fulfill contractual obligations
• To send information about our services, publications, or events (only with your consent or where permitted by law)
• To maintain and improve our website and services
• To analyze website usage and traffic patterns
• To comply with legal obligations and protect our legal rights
• To prevent fraud and ensure website security

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: With trusted third-party service providers who assist in operating our website or providing services (e.g., web hosting, email services), subject to appropriate data protection agreements
• Legal Requirements: When required by law, court order, or government regulation, or when necessary to protect our rights, property, or safety, or that of others
• Professional Advisors: With lawyers, accountants, and other professional advisors when necessary for the provision of professional services
• With Your Consent: In any other circumstances where you have provided explicit consent

We ensure that any third parties who process your data on our behalf implement appropriate technical and organizational measures to protect your personal data.

6. International Data Transfers

As we operate internationally and may engage service providers located outside the European Economic Area (EEA), your personal data may be transferred to and processed in countries that may not provide the same level of data protection as your home country.

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with an adequacy decision by the European Commission
• Other legally recognized transfer mechanisms under GDPR

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Retention periods vary depending on the type of data and the purpose for processing:

• Contact form submissions: Retained for up to 2 years or until the inquiry is resolved
• Client data related to consultancy engagements: Retained for the duration of the engagement plus 7 years to comply with professional obligations and legal requirements
• Website usage data: Typically retained for up to 2 years

When personal data is no longer needed, we will securely delete or anonymize it.

8. Cookies and Tracking Technologies

This website may use cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic.

What are cookies? Cookies are small text files stored on your device that help us understand how you use our website.

Types of cookies we may use:

• Essential cookies: Necessary for the website to function properly
• Analytics cookies: Help us understand how visitors use our website
• Functional cookies: Remember your preferences and settings

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

9. Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights regarding your personal data:

• Right of Access: Request access to your personal data and information about how we process it
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restriction: Request that we restrict processing of your personal data in certain circumstances
• Right to Data Portability: Request transfer of your personal data to another organization or directly to you
• Right to Object: Object to processing of your personal data based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise any of these rights, please contact us using the information provided in Section 1. We will respond to your request within one month.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest where appropriate
• Regular security assessments and updates
• Access controls limiting who can access personal data
• Staff training on data protection and security

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

11. Children's Privacy

This website is not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete it.

12. Third-Party Websites

This website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will notify you of any material changes by posting the updated policy on this website with a new "Last Updated" date.

Your continued use of the website after any changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact me through the contact form on this website.

I will respond to your inquiry as promptly as possible, typically within 30 days.