Privacy Policy — Digitelia
About this document
This Privacy Policy describes how Digitelia (“we”, “the Company”, “the Controller”) collects, uses, discloses, and protects your personal data. The policy is drafted in accordance with the Ukrainian Law “On Personal Data Protection” No. 2297-VI of June 1, 2010 (the “Law”), since Digitelia is legally registered and operated in Ukraine.
Please read this Policy carefully. By using our website (digitelia.co, digitelia.com.ua, and related domains), you confirm that you have reviewed this Policy and understand our data processing practices.
Who we are
Personal data controller:
- Full legal name: FOP Mazur Nazariy Yaroslavovych (individual entrepreneur under Ukrainian law)
- Registration code (EDRPOU/RNOKPP): 3266004391
- Registered address: 79068, Lviv Oblast, Lviv, 3A Mazepa Hetman Street, Apt. 85, Ukraine
- Email: digitelia.info@gmail.com
- Phone numbers: +380632066147, +380956605166
We are a digital marketing agency based in Lviv, Ukraine, and we also develop and sell online courses (including “Digital Marketing 3.0” and “AI Product Builder”).
Websites:
- https://digitelia.co (primary English version, also French, German, Spanish, Polish)
- https://digitelia.com.ua (primary Ukrainian version, also Russian)
What personal data we collect
Data collected via the contact form
When you fill out the contact form on our website, we collect:
- Name (required)
- Email address (required)
- Phone number (optional, with country code)
- Message (the content of your inquiry, required)
- Site locale and referral source (recorded automatically for internal routing)
We collect these fields to know how to reach you and understand your request.
Data collected via course registration forms
If you register for one of our online courses (“Digital Marketing 3.0” or “AI Product Builder”), we may collect:
- Full name
- Email address
- Phone number
- Any other information you voluntarily provide as part of registration
We do not store payment card data on Digitelia’s own servers. Payments are processed by external payment providers with their own privacy policies. Personal data submitted during course registration is passed to the payment provider you choose and processed under its terms.
Data collected automatically
Server logs and analytics: When you visit our website, the following is automatically recorded:
- Your device’s IP address
- Browser and operating system type
- Pages you viewed
- Time and date of your visit
- Referrer (where you came from)
This data is collected via web server logs (Vercel) and Vercel Web Analytics, which is designed to be cookieless.
Purposes and legal basis for processing
We process personal data for the following purposes and on the following legal grounds:
1. Responding to your contact-form inquiry
- Purpose: Providing information, answering questions, service proposals, establishing a business relationship
- Legal basis: Your explicit consent, given by filling out the form and clicking “Send message”
- Retention: Until correspondence is concluded (typically a few days); afterward, data is retained for record-keeping for the statutory period
2. Delivering and fulfilling a course order
- Purpose: Course registration, providing access to course materials, communication for training and support
- Legal basis: Performance of a contract for the provision of distance-learning services
- Retention: For the duration of the course agreement plus 1 year afterward, for reporting and archival purposes
3. Basic web analytics and site improvement
- Purpose: Understanding how users use our site, improving user experience, identifying errors
- Legal basis: The legitimate interest of FOP Mazur N.Y. in the correct functioning of the website. Vercel Web Analytics is cookieless by design, which reduces the privacy impact
- Retention: For as long as reasonably necessary to improve our services
4. Protection against abusive content and spam
- Purpose: Preventing spam, bots, and abusive access to forms
- Legal basis: Legitimate interest in website security and integrity
- Retention: Data on blocked spam requests is retained short-term for analysis
Data processors (third parties)
We disclose and transfer personal data to the following third-party processors:
1. Resend (email delivery service)
- Location: United States
- Function: Resend receives form data (name, email, phone, message) and delivers it to digitelia.info@gmail.com by email
- Legal basis: Necessary to contact you
- Policy: https://resend.com/privacy
2. Vercel (hosting & Web Analytics)
- Location: United States
- Function: Vercel hosts our websites, processes requests, logs server activity, and provides cookieless Web Analytics
- Data: IP address, browser user agent, page referrers, visit time
- Legal basis: Necessary for the website to function
- Policy: https://vercel.com/legal/privacy-policy
3. Cloudflare (CDN, Turnstile anti-bot, form backend)
- Location: United States
- Function: Cloudflare secures the website, processes forms via Cloudflare Workers, and provides the Turnstile widget for bot protection
- Data: IP address, form data (relayed via the Worker); Turnstile sets its own cookies/local data for security verification
- Legal basis: Legitimate interest in site security
- Policy: https://www.cloudflare.com/privacy/
4. Google Tag Manager (GTM), Google Analytics, and related tags
- Location: United States (Google Ireland Limited as controller for the EU/EEA; Google LLC elsewhere)
- Function: GTM loads a container of analytics and other tracking tags (including Google Analytics 4 and others). GTM and its tags may set cookies and other identifiers to track user navigation and page interactions
- Container IDs:
- GTM-MBZGQ5G (digitelia.com.ua)
- GTM-PCNFT3M2 (other domains)
- Data: IP address, cookies and identifiers, page-view data, interactions
- Important: GTM may load additional tags (advertising, remarketing, conversion tracking, etc.) depending on its configuration. Our site currently has no consent-management banner (CMP) for these tags — we plan to add one. Until then, you can manage cookies through your browser settings (see “Cookies and similar technologies” below)
- Policy: https://policies.google.com/privacy
Note on processors
We choose processors that publicly commit to privacy and security principles comparable to our own (Resend, Vercel, Cloudflare, Google). If you have questions about a specific processor’s data-handling terms, contact us at digitelia.info@gmail.com.
International data transfers
Most of our processors (Vercel, Resend, Cloudflare, Google) are located in the United States and may process personal data outside Ukraine. This means your data may be transferred to, processed in, and stored in the US and other countries outside Ukraine.
You understand and agree that:
- Data transfer occurs as a result of your own actions (filling out a form, registering for a course) and is necessary to provide our services
- Data is transferred in accordance with data-minimization principles (we transfer only what’s necessary)
- We select processors with robust security systems
If you do not agree to international transfer, please do not submit the form on our website.
Data retention periods
We retain personal data for as long as necessary to fulfill the purposes of processing, taking Ukrainian legal requirements into account:
| Data type | Retention period | Reason |
|---|---|---|
| Contact-form data | Up to 90 days after last contact; archived data retained for 3 years thereafter for dispute-resolution purposes | Record-keeping, dispute resolution |
| Course registration data | For the duration of the course agreement + 1 year afterward | Contract and tax requirements |
| Web server logs (IP, browser) | Up to 90 days | Security and debugging |
| Google Analytics / GTM data | Per Google’s own settings (typically 26 months) | Analytics and optimization |
| Cloudflare Turnstile data | Per Cloudflare’s policy | Spam protection and verification |
Your rights regarding your personal data
Under Article 8 of the Ukrainian Law “On Personal Data Protection”, you have the right to:
1. Access your personal data
You can request a copy of all personal data we hold about you, including the purposes of processing, the processors it is disclosed to, and retention periods.
How to exercise: Send a written request to digitelia.info@gmail.com with the subject “Personal Data Access Request”.
2. Correction of personal data
If your data is inaccurate, outdated, or incomplete, you can request correction.
3. Deletion of personal data
You can request deletion of your personal data if it is no longer needed for the purpose it was collected, you withdraw consent, you object to processing, or it was processed unlawfully.
Exceptions: Data may be retained if required to perform a contract, meet legal obligations (tax, accounting), or where overriding legitimate interests exist.
4. Restriction of processing
You can request that we stop processing your data if you contest its accuracy, processing is unlawful, or the data is no longer needed but you require it to defend a legal claim.
5. Object to processing
You can object to processing carried out for purposes not covered by your consent (e.g., marketing communications).
6. Withdraw consent
Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
How to exercise any of these rights: Send a request to digitelia.info@gmail.com with a clear description of what you’re asking for.
How we handle your requests
Response time: We respond within 30 calendar days of receiving your request. For complex requests, we may extend this to 60 days and will notify you of the reason.
Identity verification: To protect you from unauthorized access to your data, we may ask you to verify your identity before releasing sensitive information.
Format: We will respond in a format convenient to you, typically by email.
Cookies and similar technologies
Our site uses cookies, Google Tag Manager, Cloudflare Turnstile, and browser localStorage. See our separate Cookie Policy for full details.
There is currently no cookie-preferences banner on the site — GTM tags load automatically. You can manage cookies through your browser settings.
Data security
We take reasonable technical and organizational measures to protect your personal data:
- Encryption in transit (HTTPS/TLS): all traffic between your browser and our site is encrypted
- Access restriction: access to personal data is limited to FOP Mazur N.Y. and business-necessary personnel
- No card storage: we do not store payment card data on our own servers
No security system is completely infallible. If you suspect your data has been compromised, please contact us immediately.
Children’s data
Our website and services are not directed at persons under 16. We do not knowingly collect personal data from children below this age without parental or guardian consent. If we learn we have collected such data without consent, we will delete it promptly.
Contact for questions and complaints
If you have questions about this Policy or how we process your data:
- Email: digitelia.info@gmail.com
- Phone: +380632066147 or +380956605166
- Physical address: 79068, Lviv Oblast, Lviv, 3A Mazepa Hetman Street, Apt. 85, Ukraine
Complaints to supervisory authorities
If you believe your rights have been violated, you may lodge a complaint with the Ukrainian Parliament Commissioner for Human Rights (responsible for personal data protection oversight in Ukraine) — https://ombudsman.gov.ua/.
Changes to this Policy
We may update this Policy from time to time to reflect changes in our practices, applicable law, or technology. The current version is always published on this page with its last-updated date.
FOP Mazur Nazariy Yaroslavovych digitelia.info@gmail.com