Privacy Policy

We strive to protect the personal data we receive and process in the future. When processing personal data, the Company undertakes to take all necessary technical and organizational measures in accordance with the requirements of data protection legislation and with the application of world best practices.
This Policy applies to those individuals whose personal data is or may be processed in the future by us as a data owner, including, but not limited to, if such persons use our Website, send us a registration form, contact us with requests, order our Services, attend our online and offline events, accompanied by a collection personal data.
When we control the methods of collecting personal data and determine the purposes for which such data is used, the Company acts as the owner of personal data within the meaning of the Law of Ukraine “On the Protection of Personal Data” of 01.06.2010 (hereinafter referred to as the “Law”).
By using our Website or our Services, or when you give your separate consent to the processing of your data, you agree to this Policy. If you do not agree to the processing of your personal data in accordance with this Policy, do not provide us with information about you. In accordance with applicable law and this Policy, you have the right to ask us to delete your personal data.
Please note that our Policy may be updated from time to time, including if required by applicable law. If necessary, we encourage you to return to this Policy from time to time to know if changes have been made. Your continued use of the Website or receipt of our Services after making changes to the Policy will constitute your agreement to such changes.

We collect and process only the information about you that is necessary for us, including to respond to your request, to allow you to use the Website, to provide our Services, and only to the extent provided in this Policy.
By subscribing to our newsletter or marketing, you agree that we collect your name and surname and contact details. In addition, the Company may process other personal data if you voluntarily provide it to us.

Personal data that we may collect and process to provide you with our Services are:
• first and last name (sometimes also patronymic);
• contact details, including email address, telephone number, postal address;
• date of birth;
• place of work or study and your position;
• photos and videos with your participation;
• recording made during communication;
• data collected from a feedback or survey form.
You provide this data mainly when registering for our educational events, participating in them and communicating with our support team. Please note that we conduct surveys on customer satisfaction with our Services. These surveys can be carried out through different communication channels (email, calls, messages on WhatsApp or Telegram). We usually record communication with you and your answers to survey questions. If you give us permission, we may publish your feedback, including on the Website and/or in the Company's marketing materials.

We may collect the following information about you when you use the Website:
• information about your device, including the model, the version of the information system and information about the mobile network;
• Internet protocol address (IP address);
• version and settings of your browser;
• account data, such as username and password (for authentication and access);
• information about how you use our Website (using cookies and similar technologies).
We may use cookies and similar technologies to help us manage the Website and provide you with functionality and personalized messages. Please contact our Cookie Policiesto learn more about cookies and use our cookie settings tool.

When you complete a registration or contact form, for example, to obtain information about our Services, we ask for your full name, email address and telephone number. We need your contacts to provide the answer and information you request. We may contact you through various communication channels, such as email, call, SMS, WhatsApp or Telegram messages, social networks, etc. Once we start communicating with you, we may receive and store additional information about you, including personal data. In particular, we may record and store our communication with you (recording telephone conversations or correspondence by email).

The Company may collect your personal data from third parties from time to time, mainly when your employer orders and pays for our educational services in your interests.
We may also collect certain data about you from a third-party platform (website) if you provide a relevant link to your profile on such platform (website) during registration or if you provide your social network account details (e.g. Facebook, LinkedIn, Twitter, etc.) in your account on our Website or when using our Services.
We may also collect some information about potential customers from third parties in order to assess the demand for our services in the market and adjust our marketing strategy. The information collected is not identifiable (e.g. age, industry, country groups, etc.) and is not treated as personal data.

Please note that our Website and Services are not addressed to persons under the age of 16. We consider the user/client to be a child if he is not yet 16 years old, unless another age limit is established in his country of residence. Accordingly, we do not knowingly collect or process information about children. If you become aware of cases of use of the Website by children or that we receive data from children without checking parental consent, please notify us immediately. We will take steps to remove this information.

The Company does not collect or process any personal data that poses a particular risk to the rights and freedoms of data subjects, including data on racial or ethnic origin, political, religious or worldview beliefs, membership in political parties and professional associations, criminal convictions, and data relating to health, sexual life, biometric or genetic data.

The Company processes your data exclusively in accordance with applicable law. We process personal data for the following purposes on the following legal basis (data may be processed on several legal grounds):
• to register a user on the Website, create a personal account and provide access to our Services, including our educational activities (conclusion and/or performance of a contract);
• to offer Services that you request from us or, in our opinion, may be of interest to you in the future (conclusion of a contract, legitimate interest);
• to maintain our Website, including the educational platform through which we provide the Services (performance of contract, legitimate interest);
• to notify you, as a customer, of changes and other important information related to the Services (performance of the contract, legitimate interest);
• to comply with our other obligations when providing the Services under the Terms Public offer(performance of the contract, in some cases legitimate interest);
• to conduct internal research, development, testing and improvement of the characteristics and functions of our Services (legitimate interest);
• to establish and maintain communication between the Company and the user/customer, including to provide advice on the Services, provide technical support (performance of the contract);
• to process (consider) requests or complaints of users/customers and respond to them (consent, legitimate interest);
• to improve the quality of the Company's Services for customers and users of the Website (legitimate interest, in some cases consent);
• to comply with internal and external audit requirements, including our information security measures (performance of contract, legitimate interest);
• to protect against any malicious actions of users (such as fraud, etc.), to detect and/or investigate a crime, in connection with other security considerations of the Company (legitimate interest, compliance with legal requirements);
• for analytical and statistical purposes (legitimate interest);
• to receive your feedback about the Services or the Website or to participate in our survey (legitimate interest, consent);
• for marketing purposes (consent);
• to personalize the user experience of the Website using cookies and similar technologies (consent, in some cases legitimate interest);
• to respond to requests from regulatory and law enforcement agencies (compliance with legal requirements);
• to ensure other legitimate interests of the Company, for example, to prepare a claim or respond to a claim (legitimate interest).
If we rely on legitimate interests as a lawful basis for processing your personal data, we balance those interests with your interests, legal rights and freedoms in accordance with applicable law and industry best practices.

The Company may provide you with marketing information in several ways, including email, telephone, text messages (including via WhatsApp or Telegram) and online (when using the Website).
It is important for us to respect your marketing preferences and the requirements of applicable data protection laws. We send you marketing materials with your explicit consent or if we have a legitimate interest in direct marketing.
Direct marketing should not include information that is contrary to your interests. For example, from time to time we may advertise our Services that we believe may be of interest to you based on your past interest in them.
You can opt out of marketing, even if you have previously given us your consent, and you can also opt out of receiving direct marketing.If you choose to opt out of marketing or our direct marketing, you can find an “unsubscribe” link in every marketing email we send or by contacting our manager data protection by sending an email to bestpracticeseducation@gmail.com.
‍At the same time, even if you opt out of receiving marketing, we may send you service/service messages or important transaction information related to the Services that you have requested or have already purchased. This is necessary, among other things, for the purpose of fulfilling the contract between us.

The company applies physical, administrative and technical measures to protect personal data in accordance with the requirements of the current legislation of Ukraine. We regularly review our security measures to make sure they remain effective.
First, we use a normal scan for malware. Our antivirus product is one of the best on the market.The company adheres to the principle of data minimization. We provide access to our employees only on the basis of service necessity (who need access to relevant data to perform their functional duties). We conduct regular training of our employees, including on our personal data processing and protection policies and data security practices.
When transferring personal data outside the Company, we use VPN, encryption and password protection.

We will use all reasonable procedures and security measures to avoid unauthorized access, loss, disclosure or alteration of the personal data obtained.
Your data processed by us is stored or used in secure information technology systems owned or operated by the Company, as well as in cloud services in Europe.
We retain personal data only for as long as necessary to achieve the purposes for which we collected it, including to comply with any legal requirements, accounting or tax reporting requirements, as well as to ensure the execution of transactions we enter into with clients to provide the Services.
In determining the relevant retention period of personal data, we also take into account, in addition to the purposes of processing, the nature and category of data, the potential risk of harm from unauthorized use or disclosure of data, as well as the relevant requirements of applicable law.
Generally, we retain basic information about our clients for five (5) years after they cease to be customers (for tax and legal purposes).
If the law of the country where a customer of our Services resides contains limitation periods that specify the period during which you can file a claim or claim against us, and therefore we need appropriate evidence of a legal relationship with you, we may process your personal data during that period.
Over time, we may minimize the data we process about you or even make it anonymous (for research or statistical purposes) so that it is no longer associated with you. If the data becomes anonymous, we can use it indefinitely, since it no longer contains personal data.
If we process personal data in accordance with your consent to the processing (in particular, for marketing purposes), you have the right to withdraw your consent at any time or to request that the data be deleted or temporarily suspend the processing of the data. To do this, please contact our Data Protection Officer, in particular by sending an email to bestpracticeseducation@gmail.com.

We may transfer personal data to third parties or provide them with remote access to such data, including:
• Laba Group: We need to share your data with a group of our companies that work on our behalf and need access to your personal data to perform their part of the job, such as processing accounts, providing customer support, etc.
• External consultants and other service providers: we may provide your personal data to third-party service providers and/or consultants who work on our behalf and need access to your data to perform their work, such as website maintenance, account processing, accounting and legal support, CRM system, etc. These service providers are authorized to use your personal data only as necessary to provide the Company's services.
• State, local, and other regulatory, administrative, or law enforcement agencies, as well as courts: We may disclose your personal data to such third parties if (1) we believe disclosure is reasonably necessary to comply with a law or other regulatory act, or for litigation; (2) we receive a court order, an administrative decision or a government request (e.g. a search warrant, subpoena, court order, data breach notification, etc.), (3) to protect the security or integrity of the Website, (4) to protect the Company; and our clients from harm or illegal activity.
• Other types of third parties: we may disclose your data (1) to respond to emergencies that we believe in good faith require us to disclose information to help prevent the death or serious injury of any person, or (2) we receive your request to share data with a specific third party.
We may transfer your personal data to third countries or territories whose privacy (privacy) laws may differ from the applicable laws of your country of residence. Some recipients of personal data may be located in Ukraine, and some in the countries of the European Economic Area. Please note that the Company transfers your personal data outside Ukraine only when necessary and for the purposes set out in this Policy, provided that your rights and freedoms as a data subject are properly protected. In such cases, we ensure compliance with the provisions of Art. 29 of the law. In addition, we will require all data recipients to ensure an adequate level of protection and security of personal data.
You should know that we never sell your data to third parties. In the event of a merger, reorganization or similar corporate event or sale of the Company or part of the Company's assets, the information collected by us, including personal data, may be transferred to another company (subject to merger or acquisition). Undoubtedly, all such data transfers will be carried out in accordance with applicable law and our obligations as set out in this Policy.

On the Website you can find content and links to websites and services of other companies or organizations. We do not control these websites. Each such third party is solely responsible for compliance with the laws, rules and regulations applicable to its business. These websites and services may have their own privacy policies. We encourage you to review the relevant policies posted on such third-party website.

We guarantee you the exercise of the rights to the protection of your personal data and other rights provided for in Art. 8 of the law. In particular, as a subject of personal data, you have the following rights:
1) to know about the sources of collection, the location of their personal data, the purpose of their processing, the location or place of residence (stay) of the owner or controller of the personal data or give the appropriate order to obtain this information to authorized persons, except as provided for by law;
2) to receive information about the conditions for providing access to personal data, in particular information about third parties to whom personal data is transferred;
3) access to your personal data;
4) receive no later than thirty calendar days from the date of receipt of the request, except as provided by law, an answer as to whether your personal data is processed, as well as to receive the content of such personal data;
5) make a reasoned request to the holder of the personal data objecting to the processing of his personal data;
6) make a reasoned request for the modification or destruction of their personal data by any owner and controller of personal data, if such data is processed illegally or is inaccurate;
7) to protect your personal data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, non-disclosure or untimely provision, as well as to protect against the provision of information that is inaccurate or dishonors the honor, dignity and business reputation of an individual;
8) to submit complaints about the processing of your personal data to the Commissioner of the Verkhovna Rada of Ukraine for human rights or to the court;
9) apply remedies in case of violation of the legislation on the protection of personal data;
10) to make a reservation regarding the restriction of the right to process their personal data when giving consent;
11) withdraw consent to the processing of personal data;
12) know the mechanism of automatic processing of personal data;
13) to protect against an automated decision that has legal consequences for you.
Please note that when you contact us, you need to go through an identification process and submit your specific requirements so that we can process your request and provide a response on legal grounds. If we cannot identify you through messages or have reasonable suspicions about your identity, we may ask you to provide proof of identity. Only in this way can we avoid disclosing your data to a person who may impersonate you, that is, the identification process is carried out in your interests. Any additional information collected for verification purposes will only be used to verify the identity.
We process requests as quickly as possible, but remember that providing a complete and legitimate response is a complex process that can take up to a month or even more. We will let you know if we need more time to prepare a response.
Please note that in accordance with Art. 15 By law, personal data are subject to deletion or destruction in the case of:
• expiration of the data retention period determined by the consent of the personal data subject to the processing of this data or by law;
• termination of legal relations between the subject of personal data and the owner or controller, unless otherwise provided by law;
• issuance of the relevant order of the Commissioner or the officials designated by him of the Secretariat of the Commissioner;
• the entry into force of a court decision on the deletion or destruction of personal data.

If you have questions about the processing of your personal data or have comments about this Policy, or you wish to exercise your right under Art. 8 of the Law, you can send us the corresponding request.
You can contact the CEO by sending an email to the following address: bestpracticeseducation@gmail.com.