Privacy Policy

Effective as of January 15, 2025

This Privacy Policy (hereinafter also referred to as the Policy) explains how the Public Organization "misto.cafe" (hereinafter referred to as the Organization), which is registered and legally operating under the laws of Ukraine, collects information about you (your personal data) when you visit the website (hereinafter referred to as the Website) and how this information (data) is processed.

By visiting the Site, you accept this Privacy Policy, you authorize the Organization to process information about you (personal data) in accordance with the purposes specified in this Policy.

By doing so, you confirm that you have sufficient legal capacity and capacity to provide consent to this Privacy Policy, including consent to the processing of your personal data on the terms and conditions set forth herein. The Website is not intended for underage users.

If you do not agree to the terms of this Privacy Policy, do not use the Site, do not take any actions that may indicate your consent to the terms of this Policy.

1. Basic terms

Personal data owner — a natural or legal person who determines the purpose of personal data processing, establishes the composition of this data and the procedures for its processing, unless otherwise provided by law.

Consent of the personal data subject means any voluntary expression of will of an individual to grant permission to process his or her personal data in accordance with the stated purpose of their processing.

Processing of personal data means any action or set of actions performed in whole or in part in an information (automated) system and/or in personal data files related to the collection, registration, accumulation, storage, adaptation, modification, renewal, use and dissemination (distribution, sale, transfer), depersonalization, destruction of information about an individual.

Personal data means information or a set of information about an individual who is identified or can be specifically identified.

Personal database manager means an individual or legal entity authorized by the owner of the personal database or by law to process this data.

Personal data subject — an individual in respect of whom personal data is processed in accordance with the law.

2. Rights of personal data subjects

The Organization informs you of your rights as a subject of personal data in accordance with the current legislation of Ukraine.

The subject of personal data has the right to:

Know about the sources of collection, location of their personal data, the purpose of their processing, location or place of residence (stay) of the owner or manager of personal data or give a corresponding order to obtain this information to persons authorized by them, except in cases established by law;
Receive information about the conditions for granting access to personal data, including information about third parties to whom his/her personal data is transferred;
To have access to their personal data;
Receive, no later than thirty calendar days from the date of receipt of the request, except in cases provided for by law, a response on whether his or her personal data is processed, as well as receive the content of such personal data;
To submit a reasoned request to the personal data controller with an objection to the processing of their personal data;
To submit a reasoned request to change or destroy their personal data by any owner and administrator of personal data, if this data is processed illegally or is unreliable;
To protect their personal data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision, as well as to protect against the provision of information that is inaccurate or discrediting the honor, dignity and business reputation of an individual;
Lodge complaints about the processing of their personal data with the Commissioner or the court;
Apply legal remedies in case of violation of the legislation on personal data protection;
To make reservations regarding the restriction of the right to process their personal data when giving consent;
Withdraw consent to the processing of personal data;
Know the mechanism of automatic processing of personal data;
To be protected against an automated decision that has legal consequences for him/her.

3. Collection and Other Processing of Personal Data

The personal data we collect and use depends on the actions you take on the Website.

Information is collected automatically through the Website.

Actions Taken by the User on the Website or Category of Individuals Whose Data Is Processed	Data Collected	Purpose of Processing	Legal Basis for Processing
Clicking the "Apply now" button and filling out the corresponding form.	Your last name, first name, and patronymic; Email address; Phone number; Links to your accounts (pages) on social networks (Facebook, Instagram, etc.) and profiles in messengers for communication (Telegram, Viber, etc.); Name of the organization (public organization or charitable foundation) submitting the project; Last name, first name, and patronymic of other team members*; Email address of other team members; Phone number of other team members; Other data requested in the form, if it concerns a natural person and allows for their identification or potential identification.	Determining your eligibility for participation in the misto.cafe grant program, analyzing and evaluating your grant application, contacting you, and, in the case of receiving a grant/other funding, further implementation of your project, publication, disclosure, and posting of information about you and your project on the Website, on the Organization’s social media pages, and reporting, including to third parties.	Legitimate interest; Consent given by the data subject.
Data about Co-founders	Your last name, first name, and patronymic; Email address; Phone number; Links to your accounts (pages) on social networks (Facebook, Instagram…) and profiles in messengers for communication (Telegram, Viber…); Photo; Other data provided by you, if you are identified or can be identified by them.	Placement and publication of your data on the Website and the Organization's social media pages to inform the public about the individuals who became co-founders of the project and to promote the project.	Legitimate interest; Consent provided by the data subject.
Clicking the “Book now” button and filling out the corresponding form.	Your last name, first name; Email address; Phone number; Links to your accounts (pages) on social networks (Facebook, Instagram…) and profiles in messaging apps for communication (Telegram, Viber…); Place of residence.	Determining the possibility of your event booking at misto.cafe, contacting you, and, in case of booking confirmation, facilitating the further organization of your event, publishing, disclosing, and posting information about you and your event on the Website, on the Organization’s social media pages, and promoting the project.	Legitimate interest; Consent given by the data subject.

*If you provide personal data of other individuals, including team members, you guarantee that you have obtained their consent for the processing of their personal data to the necessary extent.

When you access the Site, we automatically collect information about you, including:

Log files: We record information about the use of the Site, including the type of device used, access time.
Device information: We collect information about the device you use to access the Site, including information about the device software and hardware, etc.
Usage information: we collect information about the use of the Site, including your actions on the Site, if any.
Interest Information: We collect information about the material you are interested in related to your use of the Site.
Your geolocation: We collect information about your geolocation.

We may also receive information from other sources and combine it with the data collected through the Website.

The Organization does not process personal data regarding racial or ethnic origin, political, religious, or philosophical beliefs, membership in political parties or trade unions, criminal convictions, or data related to health, sexual life, biometric, or genetic data.

4. Cookies and Tracking Technologies

The Organization uses cookies and other similar technologies to collect and store information about how you use the Website.

Cookies serve various functions, including facilitating navigation and saving your preferences to display relevant content and enhance your overall user experience. We use cookies to:

To manage your preferences and enhance certain features on the Website, we may collect information about the date and time of your visit, browsing history, and language settings.
To maintain security measures and detect any fraudulent activities.
To analyze access to the Website, its usage, and performance. We use this information to maintain, manage, and continuously improve our services.
To send you relevant advertising messages. Cookies help us manage the ads you see and assess their effectiveness.

We use or may use cookies to identify returning users, the type of content and websites that interest the user, the duration of time spent on different parts of the Website, the specific functionalities used, the country users are browsing from, and how they interact with our content.

On our Website, we use:

Persistent cookies – these cookies are stored in your browser and used every time you visit the Website. They help remember your settings and preferences for a more convenient experience. For example, they save your login details so you don’t have to enter them again and retain language preferences for future visits.
Session cookies – these are temporary cookies that remain in your browser's archive until you leave the Website. They help analyze web traffic patterns, detect and fix issues, and ensure better navigation.
Advertising cookies – these allow us to show you relevant ads and evaluate the effectiveness of advertising campaigns by analyzing your interaction with advertisements. For example, they help us determine how many times users clicked on an ad and visited the advertiser's website.

Most browsers support cookies, but users can adjust their browser settings to reject certain cookies or delete them at any time.

When accessing the Website through a web browser, you can configure the browser to accept all cookies, reject all cookies, or notify you whenever a cookie is sent. Since browsers differ, check your browser settings for more details on modifying cookie preferences.

Please note that some services and websites require cookies to function properly. Disabling them may limit your ability to use those services or websites.

By agreeing to the use of cookies upon your first visit to the Website, in accordance with this Policy, you grant us permission to use cookies on each of your subsequent visits.

Be aware that third-party cookies may also be present on the Website.

4. Processing of personal data

The owner of your personal data is the Organization (26 Bohdana Khmelnytskoho St.).

To ensure the security of personal data, your personal data may be stored on a server outside of Ukraine, including on servers of third parties.

We may provide information about you to third parties:

Members of the Organization, its employees, contractors, consultants and other persons who need access to such information for the implementation of the Organization's project(s);
In response to a request for information, if we believe that disclosure of information meets the requirements of applicable law, including a request (ruling, etc.) of a court;
To protect the rights, property and/or safety of the Organization and/or other persons;
To third parties who wish to provide advertising of relevant content for you and have legal relations with the Organization (in this case, we provide only anonymized information).

We may entrust the processing of your personal data to third parties in accordance with the concluded agreement.

We may also provide third parties of our choice with aggregated information or anonymized information that cannot be used to identify you.

6. Purposes of personal data processing

We may process your personal data for various purposes, including:

Developing new sites and projects;
Providing, maintaining and improving the Website;
Selection of candidates for participation in the Organization's project and/or selection of members of the Organization;
Implementation of the Organization's project(s) in accordance with the purpose of its activities;
Membership in the Organization;
Sending you messages, making calls or other means of communication;
Sending you targeted, including advertising content (material) of relevant content (including ads) provided by third parties or us. At the same time, we are not responsible for the content of services or goods provided by third parties;
Providing news and information about the Website that we believe will be of interest to you.

You may withdraw your consent for processing, as defined in this Section, in the manner provided in Section 10 of this Policy.

The Website may contain links to other websites. If you follow a link to other websites, this Policy will not apply to such websites. In this regard, the Organization recommends that you review the privacy and personal data policy of each website before submitting any of your personal data.

7. Personal data retention period

Personal data is stored for no longer than necessary in accordance with the purposes of its processing.

8. Access to personal data

The procedure for access to personal data of third parties is determined by the terms of the consent of such third parties provided to the owner of personal data to process this data, or in accordance with the requirements of the law.

You have the right to receive any information about yourself from any subject of relations related to personal data, provided that you provide your surname, name and patronymic, place of residence (place of stay) and details of the document identifying the individual submitting the request, except in cases established by law.

Access to data about oneself is free of charge.

The request is reviewed within 10 business days from the date of its receipt. The request is fulfilled within 30 calendar days unless a different timeframe is provided by applicable law.

9. Security

The Organization takes reasonable measures to protect personal data from loss, theft, misuse and unauthorized access, disclosure, modification and destruction.

10. Contact

You may address any questions regarding this Privacy Policy at any time by sending an email to [email protected].

To withdraw your consent to the processing of personal data, which you have provided to the Organization in accordance with this Policy, you can contact us at any time by writing a corresponding letter to the e-mail address [email protected].

The Organization reviews the request within 10 business days and provides a response to the email address from which the request was sent.

11. Changes to the Privacy Policy

The Organization may change this Privacy Policy from time to time. If we make changes, we will notify you by updating the date at the top of this Policy. We encourage you to read the Privacy Policy whenever you access the Site to stay informed about the processing of personal data.

To obtain previous versions of the Privacy Policy, you can contact us at any time by sending an email to [email protected] with the subject line "Privacy Policy version as of _ year."