Web scraping, where precision becomes art.
DataParse Lab
A perfect data flow

Privacy policy

and personal data processing
  • Home
  • Privacy policy

Policy on the processing and protection of personal data of users of the DataParseLab.com website

General provisions and scope

DataParse Lab (the “Provider”) processes the personal data of individuals who use the services of the website https://dataparselab.com (the “Website”) and/or related services, as well as those who order data parsing services (the “Users”, “Customers”), in accordance with this Policy on the processing and protection of personal data of users of the DataParse Lab online platform (the “Policy”).

The Provider is the controller of Users’ personal data.

For the purposes of this Policy, personal data means information or a set of information relating to an individual who is identified or can be specifically identified.

The Provider’s processing of Users’ personal data includes, among other things, collection, registration, accumulation, storage, adaptation, amendment, updating, use and dissemination (including distribution, implementation and transfer), depersonalisation and destruction of personal data, including by means of information (automated) systems.

Other terms used in this Policy shall have the meanings assigned to them by the Law of Ukraine “On Personal Data Protection” dated 1 June 2010 No. 2297-VI.

By registering on the Website and starting to use the DataParse Lab services, or by placing an order for parsing services without prior registration, the User grants permission and gives clear and voluntary consent to the processing of their personal data on the terms and in the manner set out in this Policy, and also confirms that they have carefully read and fully understood this Policy.

The Website may contain links to other websites for informational purposes only. When following such links, this Policy does not apply to those websites. Therefore, the Provider recommends reviewing the privacy and personal data policies of each such website before submitting personal data by which the User may be identified.

Categories, content and sources of personal data collection

The Provider may process the following personal data of Users and service recipients:

  • first name, surname and patronymic;
  • phone number;
  • email address;
  • date of birth (at the User’s option);
  • language of communication;
  • details of registration information (for legal entities and sole proprietors: company name, registration code/tax number, registered address);
  • cookie data;
  • automatically collected data about interaction with the Website (IP address, browser type, operating system, session time, pages visited by the User);
  • information regarding technical assignments and parameters of orders for parsing services;
  • order history and communications with support.

This list of personal data is neither exhaustive nor mandatory in all cases and depends on the User’s own needs and preferences, as well as on the actions the User performs on the Website.

The Provider receives most personal data directly from Users when they provide such data while using the Website (including registration), completing surveys, communicating orally or in writing with the Website administration, or making payment for services on the Website.

The Provider does not process special categories of personal data (so-called “sensitive data”) relating to racial or ethnic origin, political, religious or philosophical beliefs, membership in political parties or trade unions, criminal convictions, as well as health data, sex life, biometric or genetic data.

Purpose, legal grounds and retention periods for personal data processing

The Provider processes Users’ personal data, in particular, for the following purposes:

  • ensuring the implementation of civil, commercial and tax relations;
  • carrying out the functions, powers and duties assigned to the Provider under the laws of Ukraine;
  • identifying the User as a user of the Website;
  • providing data parsing services to Users, processing orders and communicating regarding the status of service delivery;
  • processing payments, carrying out settlement operations, providing reporting, and maintaining accounting and management records;
  • improving service quality and analysing User activity in order to optimise the operation of the Website and related services;
  • conducting research and analytical activities;
  • protecting the legitimate interests of the controller of personal data or of a third party to whom personal data is transferred;
  • sending informational notices regarding the operation of the Website, service updates and technical maintenance, as well as, where the User has consented, marketing communications such as news, special offers and promotions by post, email or phone.

The User may opt out of informational and marketing communications at any time through the relevant settings on the Website (the User’s personal account) and/or by sending a message to the Provider’s email address with the subject line “Personal Data”.

The Provider processes Users’ personal data on the following grounds:

  • the conclusion and performance of a contract between the Provider and the User, or for taking steps prior to the conclusion of a contract;
  • the need to fulfil an obligation imposed on the Provider by law;
  • the need to protect the legitimate interests of the Provider;
  • the User’s explicit consent to the processing of their personal data as provided in this Policy, to the extent such consent is required by the applicable laws of Ukraine.

Users’ personal data may be processed only if at least one of the above grounds applies.

Retention periods for Users’ personal data.

Users’ personal data is stored no longer than necessary to achieve the processing purpose defined above, unless otherwise required by archive or records management legislation.

Location of personal data

Users’ personal data is located in Ukraine. Personal data may be transferred to other countries for the purpose of providing services (for example, when using cloud data storage services). More details about the transfer of personal data can be found in the section “Transfer of personal data to third parties”.

Access to personal data

The following persons may obtain access to Users’ personal data, and only where there is a business need:

  • the Provider’s personnel — employees of the Provider who need to work with such data in order to perform their employment and functional duties;
  • affiliated persons of the Provider, where this is appropriate and necessary to achieve the purpose established by this Policy;
  • contractors engaged to provide services to the Provider, in particular for fulfilling parsing orders, technical support of the Website, and analytics (in such cases, contractors are not authorised to use the received personal data for any purpose other than performing the assigned tasks);
  • state, regulatory and law enforcement authorities where this is required for the purpose defined above and where it is required by law, or where the Provider is obliged to comply with a legal duty or protect its legitimate interests.
Transfer of personal data to third parties

The Provider may transfer personal data to third parties, including foreign entities involved in relations concerning personal data, in particular to affiliated persons of the Provider for the purposes of personal data processing defined in this Policy. For example, data may be transferred to the Provider’s partners and contractors who provide services necessary for the conduct of business operations, including but not limited to:

  • providers of IT services and solutions (hosting, cloud services, analytics systems);
  • payment systems and banks for payment processing;
  • legal, tax or accounting advisers;
  • email and communication service providers.

At the same time, the Provider takes necessary and reasonable measures to ensure the protection of personal data being transferred, including by entering into appropriate confidentiality and data processing agreements.

Measures for the protection of personal data

The Provider takes measures to ensure the protection of Users’ personal data at all stages of processing, including through organisational and technical safeguards.

The organisational measures taken by the Provider include:

  1. Control over access to Users’ personal data by the Provider’s employees/authorised persons:
    • The Provider keeps records of employees and authorised persons who have access to Users’ personal data.
    • Employee access levels have been developed and implemented. Each employee is granted access only to the personal data necessary for the performance of their professional duties.
    • Employees who have access to personal data provide a written undertaking not to disclose such data.
  2. Record-keeping of operations related to the processing of Users’ personal data and access to such data:
    • Records are kept of the date, time and source of collection of personal data; amendments to personal data; review; transfer; date and time of deletion; the employee who performed the operation; and the purpose and legal grounds for the actions.
    • This information is stored for one year from the end of the year in which the relevant operations were carried out, unless otherwise provided by the laws of Ukraine.
  3. An action plan has been developed for cases of unauthorised access to personal data, damage to technical equipment or emergency situations.
  4. Regular training is provided for employees involved in personal data processing activities.

The technical protection measures taken by the Provider include:

  1. The use of system, software, communication and technical means that prevent loss, theft, unauthorised destruction, distortion, forgery and copying of information.
  2. Two-factor authentication is used to protect Users’ accounts and their personal data against unauthorised access, at the User’s discretion.
  3. Encryption of data transmission channels (HTTPS), regular software updates, and the use of anti-malware protection tools.

The Provider has developed and implemented internal rules governing the handling of personal data. The Provider conducts ongoing audits of its security systems.

Rights of Users as data subjects

In accordance with Article 8 of the Law of Ukraine “On Personal Data Protection”, the User has the right to:

  • know the sources of collection, the location of their personal data, the purpose of processing, and the location of the controller or processor of such data;
  • receive information about the conditions for granting access to personal data, in particular information about third parties to whom their personal data is transferred;
  • access their personal data;
  • receive, no later than thirty calendar days from the date of receipt of the request, a response as to whether their personal data is stored, and also receive the content of their personal data;
  • submit a reasoned request to the controller of personal data objecting to the processing of their personal data;
  • submit a reasoned request for amendment or destruction of their personal data if such data is processed unlawfully or is inaccurate;
  • protection of their personal data against unlawful processing and accidental loss, destruction or damage;
  • lodge complaints about the processing of their personal data with the Ukrainian Parliament Commissioner for Human Rights or with a court;
  • apply legal remedies in the event of a violation of personal data protection legislation;
  • make reservations regarding the restriction of the right to process their personal data when giving consent;
  • withdraw consent to the processing of personal data;
  • know the mechanism of automated processing of personal data;
  • protection against an automated decision that has legal consequences for them.
Procedure for handling User requests concerning access to personal data

The User has the right to obtain from the Provider any information about themselves free of charge.

The User submits a request for access (hereinafter referred to as the “Request”) to personal data to the Provider.

The Request shall specify:

  • the User’s surname, first name and patronymic, place of residence (place of stay), and details of the identification document;
  • information about the personal data to which the Request relates;
  • the list of personal data requested;
  • the purpose and/or legal grounds of the Request.

The period for reviewing the Request for the purpose of deciding whether it can be satisfied may not exceed 10 business days from the date of receipt. Within this period, the Provider informs the User whether the Request will be satisfied or whether the relevant personal data cannot be provided, stating the grounds.

The Request is satisfied within 30 calendar days from the date of receipt, unless otherwise provided by law.

Deletion of the User’s personal data

The User’s personal data may be deleted at the User’s request by taking the following actions:

  • submitting a written request asking for the deletion of personal data to the Provider’s email address with the subject line “Personal Data”;
  • deleting the User’s data through the personal account on the Website.

In addition to the cases described above, the User’s personal data is also subject to deletion in the event of:

  • issuance of a relevant order by the Commissioner or officials designated by the Commissioner;
  • entry into force of a court decision on the deletion or destruction of personal data.

If the User independently deletes personal data from the personal account, such personal data is automatically deleted from the Provider’s information systems.

The User’s personal data is destroyed in a manner that excludes the possibility of restoring such data or identifying the User.

Users may also delete their account. Deletion of an account at the User’s initiative is carried out in accordance with the Website’s Public Agreement (offer) and constitutes grounds for termination of the processing and storage of such personal data by the Provider.

If there is no activity in the User’s account for a period exceeding 3 (three) years, the Provider reserves the right to delete the User’s account, including all personal data stored in the account.

Withdrawal of consent to personal data processing

The User may withdraw consent to the processing of personal data at any time by sending a request to the Provider’s email address with the subject line “Personal Data”.

The withdrawal of the User’s consent to the processing of their personal data does not affect the processing carried out prior to such withdrawal and does not prevent the processing of personal data on other lawful grounds (for example, for the performance of a contract or compliance with legal requirements).

Personal data of third parties specified by the User

If the User provides personal data of third parties (for example, contact details of a representative, technical specialist, etc.) for the purposes of communication regarding the provision of services, the User confirms that they have obtained the relevant consent of such third party to the processing of their personal data in accordance with this Policy and the applicable laws of Ukraine.

Amendments to the Policy

The Provider may update this Policy from time to time on a unilateral basis. Users will be informed of any material additions or changes by publication of a new version on the Website.

If the User does not agree with any such material additions or changes that may be introduced in the future, the User must not use the Website and/or the Provider’s services.

A new version of the Policy enters into force from the moment it is published on the Website, unless otherwise provided by the new version of the Policy. The current version of the Policy is always available at: https://dataparselab.com/en/privacy