Privacy Policy

1. General Provisions

1.1. The Rights Holder (OKSANA MUKHA, LLC) has developed and adopted the terms of this Privacy Policy (hereinafter referred to as the Policy) regarding the website https://oksana-mukha.com, being aware of the responsibility towards its users for protecting their personal data, respecting the fundamental right to personal data protection, and understanding the civil liability imposed on the Rights Holder according to data protection laws and other legislative acts aimed at protecting personal data; respecting the European General Data Protection Regulation (hereinafter – GDPR), Regulation EU No. 2016/679, which defines personal data as any information relating to an identified or identifiable natural person.

1.2. The term "Personal Data" means any information relating to a natural person who is identified or can be identified ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by identifiers such as name, identification number, location data, images of the person in photographs (photographic works) or otherwise, or by one or more factors that are specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

2. Consent to the Processing of Personal Data

2.1. By accepting the Terms and Conditions (https://oksana.mukha.com/ua/terms-and-conditions) of using the website https://oksana-mukha.com and the terms of this Privacy Policy, the User gives their consent under personal data protection laws and the GDPR Regulation to the Rights Holder (OKSANA MUKHA, LLC) for the processing of his/her personal data and confirms that, by giving such consent, he/she acts voluntarily and in their own interest. The consent applies to the following information that may be provided by the User to the Rights Holder: first name, last name, patronymic, date of birth, gender, images of the person in photographs (photographic works), device data, email address (or other contact details), IP address; internet browser settings and preferences; other information provided by the User.

2.2. By accepting the terms of this Privacy Policy, the User gives the Rights Holder (OKSANA MUKHA, LLC) consent to use the photographs / photographic works provided by the User, which depict the User or another person(s). The Rights Holder (OKSANA MUKHA, LLC) has the right to use these photographs / photographic works on the website https://oksana-mukha.com, as well as on other websites (including, but not limited to, accounts and web pages owned by the Rights Holder), in social networks owned by the Rights Holder or affiliated entities, on video hosting platforms, on other web resources where the Rights Holder has the right to post such content, and in any other way (including, but not limited to, offline methods).

3. Purpose of Collecting, Processing, and Storing Personal Data

3.1. The consent to process personal data (including photographs / photographic works) is given by the User to fulfill the terms of this Policy for carrying out any actions regarding personal data, including, but not limited to: collection, systematization, accumulation, storage, adaptation, clarification (updating, modification), use, distribution (including by sale or transfer), cross-border transfer, anonymization, blocking, destruction, as well as any other actions with personal data in accordance with applicable law.

3.2. The use of photographs / photographic works provided by the User is carried out by the Rights Holder for the general purpose of promoting OKSANA MUKHA, LLC and its products, as well as for other purposes depending on the web resources on which the content is published by the Rights Holder.

3.3. Processing of personal data (including photographs / photographic works) is carried out by the Rights Holder using automation tools. The Rights Holder is not limited in applying methods of processing personal data.

4. Availability of Data to Third Parties

4.1. Personal data (including photographs / photographic works) provided by the User will be accessible to the employees of the Rights Holder. The Rights Holder does not sell or disclose users’ personal data (including photographs / photographic works) to third parties, except as provided by this Policy or law, including GDPR. In particular, the Rights Holder may use third-party services to process the User's personal data. Such processing is carried out for various purposes, such as providing primary and additional services to the user, sending informational materials, etc. Independent service providers are required to maintain confidentiality and may not use the User's personal data (including photographs / photographic works) for other purposes. The Rights Holder may also transfer the User's personal data to law enforcement, judicial, tax, fiscal, and other competent authorities to the extent required by applicable law, GDPR, or if necessary to prevent, detect, or stop criminal activities and fraud, as well as to protect the rights of the Rights Holder, the User, or third parties.

4.2. The Rights Holder ensures the proper security of the User's personal data, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage, using appropriate technical and organizational measures.

5. Duration of the Policy

5.1. This Policy is effective indefinitely and applies to all Users from the moment they start receiving services on the website.

5.2. The User's consent to the processing of personal data remains valid for the entire duration of this Policy, during the period the User receives services according to the Terms and Conditions of using services on https://oksana-mukha.com and after receiving such services. By agreeing to the terms of this Policy, the User acknowledges that the scope of the Rights Holder's rights as a data controller under data protection laws and GDPR is known and understood.

6. Application of Personal Data Protection Laws and GDPR Regulation (Regulation EU No. 2016/679)

6.1. This Privacy Policy is developed in accordance with the requirements of Ukrainian legislation on personal data protection and the GDPR Regulation / Regulation EU No. 2016/679 regarding the processing and transfer of personal data used for the effective operation of the website https://oksana-mukha.com and provided through it, taking into account the key principles of GDPR. In cases where the relationship between the parties is not regulated by this Policy, the provisions of Ukrainian personal data protection laws and/or GDPR apply.

7. Types of Personal Data that May Be Collected, Stored, and Used:

7.1. Information about the User's computer and other devices, including IP address, geographic location, browser type and version, and operating system;

7.2. Information about visits and use of the website, including referral sources, duration of visits, page views, and navigation paths;

7.3. Information entered by the User when submitting data to receive services on the website: first name, gender, date of birth, email, phone number, and other information that may be required by the Rights Holder to start providing services;

7.4. Information generated during the use of the website, including when, how often, and under what conditions the User uses the website;

7.5. Information regarding all services of the website used by the User, as well as transaction information (if any transactions are made by the User through the website), including payment data;

7.6. Images of the User contained in photographs / photographic works provided by the User, as well as the photographs / photographic works themselves provided by the User;

7.7. Any other personal data that the User provides to the Rights Holder when using the website;

The above information may be provided by the User through the website https://oksana-mukha.com, other web resources of the Rights Holder or its affiliates, via electronic communication methods (email, messengers, etc.), or in person (offline).

8. Use of Personal Data (including photographs / photographic works)

- 8.1. The use of personal data (including photographs / photographic works) provided by the User to the Rights Holder through the website is carried out for the purpose of:

- Website administration;

- promotion of OKSANA MUKHA, LLC, its products, and brands;

- personalization of services provided to Users;

- providing Users access to services available when using the website;

- sending information to Users about payments for using paid website services;

- sending marketing commercial messages to Users;

- sending electronic informational messages to Users if the User has subscribed (the User may unsubscribe at any time);

- sending marketing communications to Users related to the website or third-party businesses that, in the Rights Holder’s opinion, may interest the User;

- providing third parties (specialists engaged by the Rights Holder to provide services to the User) with information provided by the User to deliver services on the website;

- handling requests and complaints submitted by the User regarding the website’s operation;

- ensuring website security and preventing fraud;

- protection of the rights of the Rights Holder and the User.

8.2. The User may stop using the website services at any time and request the deletion of their personal data (including photographs / photographic works provided by the User). Revocation of consent by the User does not affect the lawfulness of personal data processing based on the User’s consent prior to its withdrawal.

8.3. The User is granted the following rights:

the right to receive information from the Rights Holder regarding the collection, processing, and storage of his/her personal data;

the right to access their personal data;

the right to request correction of inaccurate or outdated personal data;

the right to request deletion of personal data (“right to be forgotten”), provided there are no legal grounds for further processing in cases specified by law or this Policy;

the right to withdraw consent for personal data processing at any time.

Exercise of these rights does not affect the lawfulness of personal data processing carried out before the withdrawal of consent.

9. International Data Transfer

9.1. Information collected by the Rights Holder may be stored, processed, and transferred between any countries, including European Economic Area (EEA) countries, and those where the Rights Holder operates, to enable the use of information in accordance with this Policy.

9.2. Information collected by the Rights Holder may be transferred to countries that provide an adequate level of personal data protection, equivalent to that in the European Economic Area (EEA) and the USA. The USA, EEA member states, and countries that have signed the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data are recognized as providing an adequate level of personal data protection.

9.3. The User hereby gives informed consent to the transfer and processing of the User’s personal data by the Rights Holder according to the purpose of using this data as specified in this Policy.

10. Retention of Personal Data

10.1. The Rights Holder is obliged to comply with legal obligations regarding the retention and deletion of personal data.

10.2. Personal data processed by the Rights Holder for any purposes предусмотрені by this Policy may be retained even after services have been provided to the User on the website.

10.3. User data must be deleted immediately upon the User’s request sent via electronic message to the website administrator.

10.4. Notwithstanding the provisions of this section regarding the deletion of personal data, the Rights Holder shall retain certain information containing personal data:

10.4.1. to the extent that the Rights Holder is required to do so in accordance with personal data protection laws and the GDPR Regulation;

10.4.2. if the Rights Holder believes that such information may be relevant to any ongoing or future judicial proceedings or criminal investigations;

10.4.3. for the establishment, exercise, or defense of the Rights Holder’s legal rights (including providing other information to prevent fraud and reduce financial risk).

11. Security of the User’s Personal Data

11.1. The Rights Holder shall take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of the User’s personal data.

11.2. The Rights Holder shall store all User personal data on secure (password-protected and firewall-protected) servers of the Rights Holder.

11.3. All electronic financial transactions conducted through the website will be protected by encryption technology or other appropriate means.

11.4. The User acknowledges that data transmission over the Internet is inherently insecure, and the Rights Holder cannot guarantee the security of data transmitted via the Internet.

11.5. The User is responsible for maintaining the confidentiality of passwords used to access the website and perform financial transactions.

12. Final Provisions

12.1. Right to Amend this Policy. The User agrees with the Rights Holder’s right, at its sole discretion, to modify, add to, or remove provisions of this Policy in whole or in part at any time, whether present or future. Such changes must comply with personal data protection legislation and the GDPR Regulation. Continued use of the website services after notification of any such changes, additions, or removals indicates the User’s acknowledgment and acceptance of such changes as binding. The Rights Holder may cancel any order placed by a User from a blocked IP address or an IP address included in a so-called “blacklist” at any time.

12.2. Compensation for Damages. In the event that the Rights Holder or the User causes damage to the other due to improper fulfillment of this Policy, such damages, including moral damage and damage to business reputation, shall be compensated in accordance with applicable law.

12.3. Geographic Restrictions. Certain countries’ laws or technical restrictions applicable in the country where the User is located may impose limitations on access to the services provided on the website. The Rights Holder shall not be liable for such restrictions.

13. Cookies and Analytical Technologies

13.1. Use of Cookies. Upon obtaining consent for the processing of personal data, the Rights Holder may use cookies to facilitate the provision of informational and other services in accordance with applicable Ukrainian legislation, the GDPR Regulation, and Directive (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code.

13.2. The website https://oksana-mukha.com may use cookies and similar technologies to ensure proper website operation, improve user experience, analyze traffic, and assess the effectiveness of marketing campaigns. Cookies may store technical information, including IP address, browser type, language, device settings, pages visited by the User, and duration of visits. The User has the right to manage cookie usage by adjusting browser settings or disabling certain types of cookies. Restricting cookie usage may affect website functionality. Third-party analytical and marketing services (including web analytics services) are used in accordance with their own privacy policies.

14. Use of the Website by Minors

14.1. The website https://oksana-mukha.com is not intended for persons under the age of 18. The Rights Holder does not knowingly collect personal data from individuals under 18 years of age. If the Rights Holder becomes aware that personal data of a minor has been provided without parental or legal guardian consent, such data will be deleted immediately.

15. Contact Details for Personal Data Inquiries

15.1. To exercise their rights, submit requests or complaints, or obtain additional information regarding the processing of personal data, the User may contact the Rights Holder via email at: legal@oksana-mukha.com. The Rights Holder reserves the right to request additional information to verify the User’s identity in order to protect his/her personal data.