Privacy policy

This Privacy Policy, hereinafter referred to as the Policy, applies to the processing of personal data that Opera AG can receive from individuals (subjects of personal data) on the basis of the Constitution of Ukraine and the Law of Ukraine "On the Protection of Personal Data", as well as the General Data Protection Regulation ( EU) (EU General Data Protection Regulation, hereinafter - GDPR) and other applicable European data protection legislation, hereinafter collectively referred to as the Legislation.


This Privacy Policy is designed to tell you:


  • what is personal data;
  • what personal data we collect from you;
  • how and why we use them;
  • to whom we share your personal data;
  • how we protect the privacy of your personal data;
  • how to contact us and who to contact if you have any questions regarding the processing of your personal data.

We process your personal data only if one of the conditions specified in Article 6 of the GDPR is met, including, but not exclusively:


  • you have consented to the processing of your personal data;
  • processing is necessary in order to provide you with services;
  • such processing is required by the laws of the countries in which you are located.

Opera AG takes the security of the personal data of our customers, potential customers and others who contact us very seriously, therefore we strive to protect the confidentiality of your personal data. We undertake to take all necessary measures to prevent misuse of your personal data that becomes known to us. We will process your personal data in strict accordance with the requirements of applicable Laws and only if there is a legal basis for such processing.


You are not required to provide us with personal data, but without certain information about you, we may not be able to provide some of our services. In the event that we control the methods of collecting your personal data and determine the purposes for which this personal data is used, the Administration is the "controller of personal data" for the purposes of the GDPR and other applicable European data protection legislation, as well as the "owner of personal data" in the understanding Of the law.


1. Terms and definitions.


Personal data - information or a set of information about an individual who is identified or can be specifically identified (User);


Special categories of personal data are so-called "sensitive" personal data that may harm the data subject at work, in an educational institution, in the living environment, or may lead to discrimination in society. For example, this is personal data that contains information about racial origin, political or religious views, trade union membership, health status, sex life, biometric or genetic data. In the terminology of Ukrainian legislation, these are such personal data, the processing of which carries a particular risk for the subjects of personal data;


A personal data subject is an individual to whom personal data relate and who can be identified by this personal data, or who has already been identified;


Site Administration (Administration, as well as hereinafter referred to as we, us, us, us) - Opera AG, address: 02156, Kiev, st. Bratislavskaya, 14 Б;


Processing of personal data - any action or set of actions, such as collection, registration, accumulation, storage, adaptation, modification, restoration, use and distribution (distribution, sale, transfer), depersonalization, destruction of personal data, including using information ( automated) systems;


Dissemination of personal data - actions to transfer information about an individual with the consent of the subject of personal data;


Use of personal data - any actions of the Administration to process this data, actions to protect them, as well as actions to grant partial or full rights to process personal data to other subjects of relations related to personal data, performed with the consent of the subjects of personal data or in accordance with the legislation of Ukraine;


Anonymization of personal data - the seizure of information that allows you to directly or indirectly identify a person;

User - a subject of personal data, any capable individual who has joined this Policy in their own interests using the Internet;


Online service - a service that belongs to the Administration and is located at https://opera.company/ a site designed to improve the qualifications and professional skills of financial specialists;

Policy - this Privacy Policy located at https://opera.company/ this page;


The controller of personal data is a natural or legal person who determines the purposes and means for the processing of personal data and is primarily responsible for their processing. The personal data controller is the “owner of personal data” in the terminology of Ukrainian legislation. Opera AG is the Controller of Personal Data for the purposes of this Policy.


A personal data processor is a natural or legal person who, on the basis of instructions (instructions, orders), the controller processes personal data for the controller. The processor of personal data is the "manager of personal data" in the terminology of Ukrainian legislation;


2. General provisions


2.1. The Policy applies to all of your personal data that may be obtained by Us in the course of your use of the online service. This Policy applies to personal data received both before and after the introduction of this Policy.


2.2. The purpose of the Policy is to bring to you the necessary information that allows you to assess what personal data and for what purposes are processed by us, the methods of their processing and security.


2.3. When using the online service, by informing the Administration of your personal data, including through third parties, you acknowledge your consent to the processing of your personal data in accordance with this Policy.

2.4. If you disagree with the terms of this Policy, you must stop using the online service.

2.5. Consent to the processing of personal data can be revoked by the subject of personal data. If the subject of personal data withdraws consent to the processing of personal data, the Administration has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified in the Legislation.


2.6. The site administration does not verify the accuracy of the personal data provided by the User, is not able to assess his legal capacity. However, the Administration proceeds from the fact that the User acts in good faith, prudently, provides reliable and sufficient personal data and makes every necessary effort to keep such data up to date, and does not violate the rights of third parties.


2.7. By agreeing to the terms of this Policy, you confirm that at the time of collecting personal data, you are notified of the persons to whom personal data is transferred, the content and purposes of collecting personal data. You confirm (guarantee) that the personal data that is transferred to us for processing is transferred with the consent of the owners of personal data and within the framework of the Legislation.


2.8. The administration, having received personal data from the User, does not undertake the obligation to inform the subjects (their representatives), whose personal data were transferred to him, about the beginning of the processing of personal data, since the obligation to carry out appropriate information when concluding an agreement with the subject of personal data and / or obtaining consent to such a transfer is borne by the User who transferred the personal data.


2.9. The processing of your personal data is carried out in accordance with the requirements of the Law. The processing of personal data of persons located in the EU or who are EU citizens is regulated, inter alia, by the EU General Data Protection Regulation 2016/679 (hereinafter - “GDPR”). Also, the legislation of other countries may establish additional requirements.


2.10. This Policy applies to all information that the Administration can receive about the User when he uses the online service, as well as in the course of the Administration's implementation of any agreements and contracts with the User.


2.11. This Policy is an internal document of the Administration.

2.12. The controller of personal data is released from liability for the consequences arising in connection with the processing of personal data by him, if he is not responsible for the event that led to the occurrence of such consequences.


You also agree that the Owner of personal data has the right to provide access and transfer your personal data to third parties without any additional messages, only if this does not change the purpose of their processing and only in cases provided for by this Privacy Policy and / or legislation of Ukraine.


No one under the age of 18 should provide personal information to us through the Online Service. We do not purposefully collect personal information from persons under the age of 18. Parents and guardians should constantly monitor the related activities of their children.


3. Composition of personal data

3.1. The administration, in order to carry out its activities and to fulfill its obligations, processes the personal data of the User provided by him on the site https://opera.company/


3.2. The User's personal data includes: last name, first name, patronymic, email address, mobile / landline phone number, country of residence, place of work, position, date of birth.


We ask you to provide only those personal data that are necessary to provide the service you have chosen, receive newsletters or respond to your special request / claim. At the same time, if you decide to provide us with additional personal data, we will also be able to process it with the required level of protection.


3.3. The administration has the right to establish requirements for the composition of personal data, which must be provided when using the online service. If certain information is not marked by the Administration as mandatory, its provision or disclosure is carried out by the User at his own discretion.


3.4. Data that is automatically transmitted to the Administration when using the online service by the User using the software installed on the device: IP address, information about the browser and the type of operating system of the device, technical characteristics of hardware and software, date and time of access to the online service.


4. Grounds and purpose of personal data processing


4.1. The grounds for processing personal data are:


1) the consent of the subject of personal data to the processing of his personal data by the Administration;

2) the conclusion and execution of a contract, one of the parties to which is the subject of personal data or which is concluded in favor of the subject of personal data, or for the implementation of measures preceding the conclusion of the contract at the request of the subject of personal data;

3) the need for the Administration to comply with the requirements provided for by the Legislation.

4.2. The purpose of processing personal data is:

⦁ implementation of the functions assigned to the Administration in accordance with the legislation of Ukraine and the GDPR;


⦁ collection, storage and processing of personal data obtained in the online service within the framework of the Law and the GDPR;


⦁ to send the User commercial (marketing) notifications containing additional information about services, current promotions and special offers related to the services provided by the Administration using the online service.


⦁ identification of the subject of personal data when using the online service;


⦁ communication with the subject of personal data, if necessary, including sending offers, information materials, messages, information and requests, advertising, as well as processing requests of the subject of personal data;


⦁ improving the quality of the online service, ease of use, developing new functionalities and improving the quality of service;


⦁ improving the professional skills and qualifications of the User;


⦁ conducting statistical and other studies based on anonymized data;


⦁ fulfillment by the Administration of contractual and other obligations to the User under transactions concluded between the Administration and the User or third parties in the interests of the User.


5. Basic principles of personal data processing

5.1. The processing of personal data by the Administration is carried out on the basis of the principles:

5.1.1. The legality of the purposes and methods of processing personal data;

5.1.2. The conscientiousness of the Administration, as the owner of personal data, is achieved by fulfilling the requirements of the legislation of Ukraine regarding the processing of personal data;


5.1.3. Achievement of specific, predetermined purposes of personal data processing;


5.1.4. Compliance of the purposes of processing personal data with the purposes predetermined and declared when collecting personal data;


5.1.5. Compliance of the list and volume of processed personal data, as well as methods of processing personal data with the stated processing purposes;


5.1.6. The reliability of personal data, their sufficiency for the purposes of processing, the inadmissibility of processing personal data that are redundant in relation to the purposes of processing personal data;


5.1.7. Ensuring, when processing personal data, the accuracy of personal data, their sufficiency, and, if necessary, relevance in relation to the purposes of processing personal data.


5.1.8. Inadmissibility of combining databases containing personal data, the processing of which is carried out for purposes incompatible with each other;


5.1.9. Storing personal data in a form that allows you to determine the subject of personal data for no longer than the purpose of their processing requires.


5.1.10. The processed personal data are subject to destruction or depersonalization upon achievement of the processing goals or in case of loss of the need to achieve these goals, unless otherwise provided by the legislation of Ukraine and the GDPR.


5.1.11. We must also consider the periods for which we may need to retain your personal data in order to comply with our legal obligations to you or to regulatory authorities.


5.1.12. We may, over time, minimize your personal data that we use, or we may even make your data anonymous so that it can no longer be associated with you personally. In this case, we will be able to use this information for statistical or other purposes without further notice to you, since such information ceases to be personal data.


5.2. The processing of personal data is carried out by the Administration for statistical or other research purposes, subject to the mandatory depersonalization of personal data.


5.3. The administration does not process personal data related to racial or ethnic origin, political, religious or ideological beliefs, membership in political parties and trade unions, convictions to criminal punishment, as well as data related to health, sex life, biometric and genetic data.


5.4. The processing of personal data is carried out in compliance with the conditions determined by the legislation of Ukraine and the GDPR.


6. Terms of processing personal data


6.1. The terms for processing personal data are determined based on the purposes of processing, but no longer than it is determined by the Legislation.


6.2. Personal data, the processing (storage) period of which has expired, must be destroyed or depersonalized, unless otherwise provided by the Law. The storage of personal data is carried out in a form that makes it possible to determine the subject of personal data, no longer than the purpose of processing personal data requires, if the storage period for personal data is not established by the Law. The processed personal data are subject to destruction or depersonalization upon achievement of the processing goals or in case of loss of the need to achieve these goals, unless otherwise provided by the Law. We must also take into account the periods for which we may need to retain your personal data in order to comply with our legal obligations to you or the regulatory authorities (in accordance with EU Regulation 261/2004).


6.3. We may, over time, minimize your personal data that we use, or we may even make your data anonymous so that it can no longer be associated with you personally. In this case, we can use this information without further informing you.


7. The circle of persons admitted to the processing of personal data by the Administration


7.1. To achieve the goals of this Policy, only those employees of the Administration who are entrusted with such a duty in accordance with their official (labor) duties are allowed to process personal data. Access of other employees can be granted only in cases provided for by the Law. The administration guarantees from its employees confidentiality and security of personal data during their processing.


7.2. The administration has the right to transfer personal data to third parties in the following cases:


- the subject of personal data has expressed his consent to such actions in writing;


- the transfer is provided for by Ukrainian or other relevant legislation within the framework of the procedure established by the legislation. At the same time, access to personal data to a third party is not provided if the specified person refuses to take on obligations to ensure compliance with the requirements of the Law or cannot provide them.


7.3. The administration has the right to entrust the processing of personal data to a third party with the consent of the subject of personal data, unless otherwise provided by the legislation of Ukraine, on the basis of an agreement concluded with a third party, the condition of which is confidentiality and non-disclosure of personal data.


7.4. Representatives of public authorities (including those of controlling, supervisory, law enforcement and other bodies) gain access to personal data processed by the Administration in the amount and manner determined by the Legislation.


8. Implementation of personal data protection


8.1. The activity of the Administration for the processing of personal data in information systems is inextricably linked with the protection of the confidentiality of the information received by the Administration, if this does not contradict the current legislation.


8.2. The personal data protection system includes organizational and (or) technical measures determined taking into account the current threats to the security of personal data and information technologies used in information systems. The administration is updating these activities with the emergence of new technologies, if necessary.


8.3. Obmen personal'nymi dannymi pri ikh obrabotke v informatsionnykh sistemakh osushchestvlyayetsya po kanalam svyazi, zashchishchennym tekhnicheskimi sredstva zashchity informatsii.


8.4. Pri obrabotke personal'nykh dannykh v informatsionnykh sistemakh Administratsiyey obespechivayutsya:



8.3. The exchange of personal data during their processing in information systems is carried out through communication channels protected by technical means of information protection.


8.4. When processing personal data in information systems, the Administration provides:


⦁ taking measures aimed at preventing unauthorized access to personal data and (or) transferring them to persons who do not have the right to access such information;


⦁ timely detection of the facts of unauthorized access to personal data;


⦁ preventing the impact on the technical means of automated processing of personal data, as a result of which their functioning may be disrupted;


⦁the possibility of immediate recovery of personal data, modified and destroyed due to unauthorized access to them;


⦁ constant monitoring of the level of protection of personal data.


8.5. With regard to personal information, confidentiality is maintained, except in cases where the technology of the online service or the settings of the software used by the User provide for an open exchange of information with other Users of the online service or with any Internet users.


8.6. The administration implements the following requirements of the legislation of Ukraine in the field of personal data:


⦁ requirements for the confidentiality of personal data;


⦁ requirements to ensure the exercise by the subject of personal data of his rights;


⦁ requirements for ensuring the accuracy of personal data, and, if necessary, relevance in relation to the purposes of processing personal data (with the adoption (ensuring the adoption) of measures to remove or clarify incomplete or inaccurate data);


⦁ requirements for the protection of personal data from unauthorized or accidental access to them, destruction, distortion, blocking, copying, provision, dissemination of personal data, as well as from other illegal actions in relation to personal data;


⦁ other requirements of the Law.


8.7. In accordance with the Law, the Administration independently determines the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations stipulated by the legislation in the field of personal data from unauthorized or illegal processing and from unintentional loss, destruction or damage.

The administration adheres to the principle of minimizing personal data. We process only the information about you that we need, or information that you, with your consent, provide more than the limits of the necessary processing. In addition, we have configured all interfaces of the Online Service and applications for providing services so that the maximum possible confidentiality is respected, the settings of which can be adjusted at your discretion. When transferring personal data to government agencies, we always use the safest and most proven ways of transferring such data.

8.8. Cookies and Other Tracking Technologies.


Cookies are small text files that are stored by websites on your computer or mobile devices the moment you start using them. Thus, the site will temporarily remember your advantages and the actions that you performed, including so that you do not need to re-enter these data. Our cookies do not by themselves identify an individual user, but only identify the computer or mobile device you are using.


Cookies and other tracking technologies in our online service may be used in a variety of ways, for example to operate the online service, analyze traffic, or for advertising purposes. We use cookies and other tracking technologies, in particular, to improve the quality and efficiency of our services.


For more information on what cookies are, how they work, how to manage them or how to delete them, go to

www.allaboutcookies.org.

We inform you that you can configure the prohibition of cookies and other tracking technologies in the settings of some Internet browsers. At the same time, you should understand that if you disable some cookies, the functionality of the online service may be limited and you will not be able to use all its advantages, and some pages may not work correctly.


9. Rights of the subject of personal data


9.1. The rights of subjects of personal data in accordance with the legislation of Ukraine:


9.1.1. Know about the sources of collection, the location of their personal data, the purpose of their processing, the location of the controller of personal data or give an appropriate order to receive this information to authorized persons, except as otherwise provided by the Law.


9.1.2. Receive information about the conditions for providing access to personal data, including information about third parties to whom his personal data is transferred.


9.1.3. Access to your personal data.


9.1.4. To receive, no later than thirty calendar days from the date of receipt of the request, except for the cases provided for by the Law, an answer about whether his personal data is being processed, and which ones.


9.1.5. Submit a reasoned request to the Administration to object to the processing of their personal data.


9.1.6. Submit a reasoned request to change or destroy your personal data if the data is processed unlawfully or is unreliable.


9.1.7. To protect their personal data from illegal processing and accidental loss, destruction, damage due to intentional concealment, failure to provide or untimely provision of them, as well as to protect against the provision of information that is inaccurate or defaming the honor, dignity and business reputation of an individual.


9.1.8. To file complaints about the processing of your personal data with the Administration, the Authorized Person of the Verkhovna Rada of Ukraine for Human Rights, or with a court.


9.1.9. Apply remedies in case of violation of legislation on the protection of personal data.


9.1.10. Introduce reservations about limiting the right to process your personal data when giving consent.


9.1.11. Withdraw consent to the processing of personal data.


9.1.12. Get acquainted with the mechanism of automatic processing of personal data.


9.1.13. To defend against an automated solution that has legal implications for it.


9.1.14. The administration has the right to entrust the processing of personal data to a third party with the consent of the subject of personal data, unless otherwise provided by the legislation of Ukraine, on the basis of an agreement concluded with a third party, the condition of which is confidentiality and non-disclosure of personal data.


9.1.15. Representatives of public authorities (including those of controlling, supervisory, law enforcement and other bodies) gain access to personal data processed by the Administration in the amount and manner determined by the legislation of Ukraine.


9.2. Other rights of personal data subjects in accordance with the GDPR:


In addition to Ukrainian legislation on the protection of personal data, the Administration is attentive to ensuring your rights established by the GDPR.


9.2.1. Right to information.


We are ready to provide data subjects with information about which of their personal data we process.


If you have a desire to find out what your personal data we process, you can make a request for this information at any time, including by contacting the Administration. You can find a list of the data that we need to provide you in Articles 13 and 14 GDPR. At the same time, when contacting, you must tell us your specific requirements so that we can legally consider your request and give an answer.


Please note that in the event that we are unable to verify your identity through the exchange of electronic messages or during your contact by phone, or in case of reasonable doubts about your identity, we may ask you to provide an identity document, including by personal attendance at the address of the location of the Administration. Only in this way will we be able to avoid disclosing your personal data to a person who may impersonate you.


We will process requests as soon as possible, but at the same time, we ask you to remember that providing a complete and legal answer regarding personal data is a complex process that can take up to a month.


9.2.2. The right to have your data rectified.


If you find that some of the personal data we process about you is incorrect or outdated, please let us know. In this case, we may ask you to PROVIDE an identity document, including by personally appearing at the location of the Administration.


If you want to correct the personal data that are processed by us, you can make the correction yourself by logging into your personal account in the online service or by contacting the Administration.


In some cases, we will NOT be able to change your personal data. In particular, such a case may be when your personal data has already been used in the process of executing the contract and / or it is contained in a tax document that was drawn up in accordance with the Tax legislation.


9.2.3. Withdrawal of consent to the processing of personal data and the right to be forgotten


If the Administration processes your personal data on the basis of consent to the processing of personal data (in particular, for the purpose of marketing / advertising mailings), further processing can be stopped at any time. It is sufficient to withdraw your consent to such processing.


You can also exercise your right to be forgotten. In the cases provided for in Article 17 of the GDPR, the Administration will destroy your personal data that it processes, with the exception of personal data that we will be obliged to keep in accordance with the requirements of the law.


Also in this case, for security reasons, the Administration may ask you to provide an identity document, including directly at the address of the location of the Administration.


10. Place of storage of personal data


The administration has a large database of personal data. We use cloud services to keep them safe.


11. Changes to privacy policy


11.1. This Policy may be changed or terminated by the Administration unilaterally without prior notice to Users, including if required by applicable law. The new version of the Policy comes into force from the moment it is posted on the online service, unless otherwise provided by the new version of the Policy. Therefore, we ask you to visit the online service

https://opera.company/ site to make sure that you have up-to-date information.

12. Who can you contact to protect your personal data


12.1. If you have any questions, comments, complaints or wishes regarding the protection and processing of personal data, you can contact E-mail: operaag.info@gmail.com or at: 02156, Kiev, st. Bratislavskaya, 14 B.


Be sure to include your first name, last name, email address, and detailed questions, comments, complaints, or requests in all correspondence.


12.2. The administrative body for the protection of personal data in Ukraine is the Office for the Protection of Personal Data of the Secretariat of the Ombudsman of the Verkhovna Rada of Ukraine for Human Rights (http://www.ombudsman.gov.ua/ru/page/zpd/). You can contact him with complaints or suggestions if you think that your rights have been violated in connection with the processing of personal data.