Privacy Policy & Legal Information
Last updated: 28 April 2025
This Privacy Policy explains how Vitalii Honchar (“Consultant”, “we”, “us”, “our”) collects, processes and protects personal data when you visit vitaliihonchar.com (the “Site”), schedule a call, purchase a consulting package, or otherwise interact with us.
1 · Who We Are
Vitalii Honchar — contact vitaliy.gonchar.work@gmail.com
2 · What Data We Collect
| Category | Typical items | Legal basis (GDPR) |
|---|---|---|
| Identification | Name, company, job title | Art. 6 (1) (b) – contract pre‑steps |
| Contact | Email address, Calendly profile link | Art. 6 (1) (b) |
| Technical | IP address, browser UA, pages visited | Art. 6 (1) (f) legitimate interest – site security |
| Transactional | Packages purchased, invoices, payment status | Art. 6 (1) (b) / (c) – contract & legal duty |
| Project artefacts | Logs, code snippets, diagrams you deliberately share | Art. 6 (1) (b) – contract execution |
We do not knowingly collect sensitive “special category” data.
3 · How We Use Your Data
- Pre‑contract communication – arrange discovery calls, clarify requirements.
- Contract fulfilment – deliver audits, code, diagrams and advice.
- Billing & bookkeeping – issue invoices, comply with tax law.
- Security & abuse prevention – monitor logs for anomalous traffic.
- Optional marketing – send technical insights only if you opt‑in (Art. 6 (1) (a)).
We never sell or rent your personal data.
4 · Service Providers (Sub‑Processors)
We keep third‑party tools to an absolute minimum:
| Purpose | Provider | Safeguards |
|---|---|---|
| Discovery‑call scheduling | Calendly LLC (EU data centre) | SCCs + DPA |
| Email + file storage | Google Workspace (EU region) | SCCs + encryption at rest |
| Invoicing & payments | Stripe, Inc. | EU-US DPF, SCCs + DPA |
We sign Data‑Processing Agreements (DPAs) and Standard Contractual Clauses (SCCs) with each vendor.
5 · International Transfers
Data may move outside the EEA via our sub‑processors. All transfers rely on SCCs under Art. 46 GDPR and, where applicable, supplementary measures (encryption in transit & at rest).
6 · Retention Periods
| Data set | Retention |
|---|---|
| Email enquiries | 2 years after last contact |
| Project deliverables | 3 years post‑engagement (for warranty & audit) |
| Invoices & bookkeeping | 6 years (statutory duty) |
7 · Your Rights (EEA / UK residents)
- Access – obtain a copy of your data
- Rectification – correct inaccurate data
- Erasure – “right to be forgotten” where no overriding legal basis exists
- Restrict or object – to certain processing
- Data portability – receive data in a structured, commonly‑used format
Request any of the above by emailing vitaliy.gonchar.work@gmail.com. We respond within 30 days.
8 · Cookies & Tracking
The Site uses only essential first‑party cookies (session cookies for CSRF protection and language preferences). No analytics, advertising, or cross‑site tracking cookies are set.
9 · Security Measures
- TLS 1.3 enforced on all pages
- Server‑side firewalls & automatic security patches
- Encryption at rest for all project artefacts and backups
- Least‑privilege IAM for sub‑processors
10 · Changes to This Policy
We may amend this notice to reflect legal or operational updates. The “Last updated” date will change accordingly. Material changes will be announced via the Site or direct email.
11 · Questions?
Email vitaliy.gonchar.work@gmail.com and we’ll be happy to clarify.
