PRIVACY POLICY

Last update: 16.07.2024.

GENERAL INFORMATION

This Privacy Policy describes how Generect, Inc. (hereinafter referred to as “Team”, “We”, “Our”, or “Us”) uses your personal data, and provides information about your rights concerning personal data (hereinafter, the “Privacy Policy”). This Policy applies when you visit Our website, available at https://generect.com/privacy, when you contact Us, or when you visit Our social media profiles, such as LinkedIn and Facebook. Hereinafter, website and social media visitors are collectively referred to as “User(s)”.

Who We Are

Generect, Inc. is the owner and operator of the website: https://generect.com/ (hereinafter, the “Website”).

We act as the Controller of User(s)’ personal data in the following cases:

  • When We provide services, such as Our SaaS product “Generate tool” and other custom service packages, as described in the Terms of Use (collectively, the “Services”);
  • When contacting potential User(s) interested in Our Services;
  • When User(s) interact with our Website.

We are the personal data controller according to the EU General Data Protection Regulation (GDPR) 2016/679 and other applicable European data protection legislation, as well as the Ukrainian Law “On Personal Data Protection” No. 2297-VI (dated 01.06.2010).

Important Notice

We are required by data protection legislation to notify User(s) of the information provided in this Privacy Policy. This Policy does not imply the conclusion of any contractual or cooperative agreement between Us and the User(s).

For more information, see the section titled “Grounds for Collection of Personal Data”.

Third-Party Websites

Our Website may contain links to third-party websites that are not operated by Us. If a User clicks on a third-party link, they will be redirected to the third-party's website. We strongly encourage User(s) to review the privacy policies of these websites. We do not control and are not responsible for the content, privacy policies, or practices of third-party websites or services located outside of Our Website.

Definitions

Terms such as “controller”, “processor”, “third-party”, “personal data breach”, and “processing” follow the definitions provided in Article 4 of the GDPR.

The term “User” refers to all persons affected by data processing, including business partners, customers, potential customers, suppliers, and other visitors to Our Website. The terms used in this Policy, such as “User(s)”, are to be understood as gender-neutral.

GROUNDS FOR COLLECTION OF PERSONAL DATA

Any process of User(s) personal data is performed only in accordance with this Privacy Policy, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJEU No L 119 of 4 May 2016) (hereinafter - the “General Data Protection Regulation” and the “GDPR”), the UK Data Protection Act of 2018 (hereinafter - the “UK DPA”), and other regulatory acts.

We process personal data of User(s) only in compliance with the relevant data protection regulations. This means that Users’ data will only be processed if we have a legal permit. That is, especially if the data processing for the provision of Our Services is required or required by law, the consent of the user exists, as well as Our legitimate interests (i.e., interest in the analysis, optimisation and economic Operation and security of Our Services offer within the meaning of Art. 6 (1) lit. GDPR).

Please note that (1) the legal basis for the consent is Art. 6 para. 1 lit. a. and Art. 7 GDPR; (2) the legal basis for processing for the purpose of fulfilling our services and implementing contractual measures is Art. 6 para. 1 lit. b. GDPR; (3) the legal basis for processing for the purpose of fulfilling our legal obligations is Art. 6 para. 1 lit. c. GDPR; (4) the legal basis for the processing to safeguard our legitimate interests is Art. 6 para. 1 lit. f. GDPR.

If any of the Users is a resident of the United States, the User(s) has rights under the following state-specific law, which We are committed to comply with (the name of the document refers to the state): (i.) the California Consumer Privacy Act of 2018 (hereinafter - the “CCPA”), (ii.) the Colorado Consumer Privacy Act (hereinafter - the “CPA”), (iii.) the Connecticut Data Privacy Act of 2023 (hereinafter - the “CTDPA”), (iv.) the Delaware Personal Data Privacy Act (hereinafter - the “DPDPA”), (v.) the Florida Digital Bill of Rights (hereinafter - the “FDBR”), (vi.) the Biometric Information Privacy Act (hereinafter - the “BIPA”), (vii.) the Consumer Data Protection Act (hereinafter - the “CDPA”), (viii.) the Iowa Consumer Data Protection Act (hereinafter - the “ICDPA”), (ix.) the Montana Consumer Data Privacy Act (hereinafter - the “MCDPA”), (x.) the Oregon Consumer Privacy Act (hereinafter - the “OCPA”), (xi.) the Nevada Privacy of Information (hereinafter - the “Senate Bill 220” or the “SB 220”), (xii.) the Utah Consumer Privacy Act (hereinafter - the “UTCPA”), (xiii.) the Tennessee Information Protection Act (hereinafter - the “TIPA”), (xiv.) the Texas Data Privacy and Security Act (hereinafter - the “TDPSA”), (xv.) the Virginia Consumer Data Protection Act (hereinafter - the “VCDPA”), etc.

HOW AND WHAT PERSONAL INFORMATION WE COLLECT ABOUT THE USER(S)

The User(s) directly provide Us with most of the personal data we collect. We collect and process the following personal data:

  • Personal data**: We do not collect personal data such as last name, first name, date of birth, passport number and series, individual tax number, address of actual location, personal email address, mobile phone number, company data (such as name, legal address, tax number, email address, etc.) and your position in the company, curriculum vitae (in the case of employment), etc., when the User(s) visits our Website, unless the User(s) intentionally provide them through the contact forms for communication with us (for more details, see the “Contact Us” section) and/or when the User has provided personal consent through a pop-up questionnaire (by clicking the “Accept” button) on Our Website and/or in the process of registration (when choosing a customized service plan for the User's own needs, more details in the “Terms of Use”), and hereby give full consent to the collection and processing of the User's personal data. We will use this personal data to respond to such User's request and subsequently send the User several promotional or informational emails regarding Our Services. If the User(s) do not wish to receive such emails, an unsubscribe option will be provided in the email or, if the User(s) wishes, may send an email with a request to [email protected]. Sometimes, we also collect and process personal data that is public knowledge about a certain User(s) during a personal research process of the User(s) on the social network.
  • **We in no way collect the User's personal data, such as bank data/requirements that the User uses when the User makes payments for Our Services on the Website using the “Privat24” Internet banking web application and/or the “LiqPay” payment system web application and/or the “Stripe” payment system web application, etc. (for more details, see the “APPLICABLE TERMS” section). You should visit their website and familiarize Yourself with the legal basis for this, as we are not responsible for the processing and transfer of Your personal data by such companies.
  • Non-personally identifiable information (such as the type of browser, referring website, date, and time of each User request, and other log data). Our purpose in collecting such information is to better understand how our Website is used and to maintain its proper functionality and usefulness for each User(s).

COOKIE FILES

When the User uses Our Website, browses Our Services, and uses the available systems (in particular, to create contact requests sent via the contact form), so-called “cookies”*** are created when the User browses these web pages.

***These are text files of small size that are stored in the User's device, through which the User browses the websites. They are commonly used to ensure the operation of websites and other services provided over the Internet, and to improve and develop these websites, which is done by reading the contents of these files.

We collect information contained in “cookies”, such as the date of the User's connection to the Website or the IP-address of the device from which the User connects to the Website, which is data that shows how the User(s) use Our Websites. This information is used for administrative and statistical purposes and aimed at improving Our Website and enhancing User's user experience. In addition, this automatically processed data may be used to analyse the behaviour of the content User(s) on Our Website (e.g., time spent on the Website) or to personalise the content of the Website's web pages, in particular by providing online advertising.

The User(s) are not obliged to accept cookies (the User(s) may agree to the use of cookies by clicking the appropriate button on our Website or by making the appropriate settings in your Web browser), but this may result in Our Website not functioning fully properly.

We use “Persistent Cookies” that are designed to store data over a long period of time and are activated each time the User visits Our Website that created that particular cookie. Each persistent Cookie is created with an expiry date that can be anywhere from a few days to several years in the future. When the Cookie expires, it is automatically deleted. Moreover, Persistent Cookies allow Our Website to “remember the User”.

First and Third Party Cookies on Our Website:

  • Cookies placed on your device include “first party Cookies”, which are Cookies that are placed by Us or by third party service providers acting on Our behalf. If such Cookies are managed by third parties, We only allow the third parties to use the Cookies for Our purposes as described in this Cookie Policy and not for their own purposes.
  • The Cookies placed on your device may also include “third party Cookies”, which are Cookies placed there by third parties. These Cookies may include third-party advertisers who display advertisements on Our Website and/or social media providers, etc. They may also include third parties who provide video content embedded on Our Website (e.g., YouTube, etc.). We have no control over the settings of these third-party cookies, so we encourage you to check the third-party websites to learn more about their use of cookies and how to manage them.

We also use social media buttons and/or plugins on the Website that allow you to connect with Our social network. In order for them to work, they set Cookies on Our Website that can be used to improve your profile on their website or to supplement the data they store for various purposes specified in their respective privacy policies and cookies policies.

PROTECTION AND USE OF PERSONAL DATA OF THE USER(S)

We use appropriate methods of personal data collection, storage and processing, as well as security measures to protect against unauthorised access, alteration, disclosure, or destruction of personal data of the User(s) and data stored on Our Website. We do not share personal data of the User(s) with third parties, except for Our affiliates, Our employees and/or subcontractors and recruitment service providers for Us, which have agreed in written consent not to collect, store, process and transfer the personal data of Our User(s) to other third parties without Our prior written permission. We may enter into agreements with each User(s) with whom we cooperate in various business areas that define the protection of our confidential information, which includes the personal data of the User(s).

We use User(s) personal data to (1) respond effectively to User(s) inquiries, (2) improve the quality of service to User(s), (3) facilitate the use of our Site, (4) fulfill Our risk management and fraud prevention obligations to protect User(s) and Us from misuse of Our Services, (5) inform User(s) about changes and new features of Our Services; (6) share with our marketing and advertising partners to further improve Our marketing strategies, (7) comply with local, national and international laws and regulations to be able to provide Our Services to the User(s). We may also use User(s)' personal data to send newsletters, marketing or promotional materials and other information about our Services and our business.

We may be required to disclose all or any part of the User(s) personal data if required to do so by law or at the request of a governmental or regulatory organization/authority, or if We believe in good faith that such disclosure is necessary to (1) comply with legal or regulatory requirements or to conform to legal process; (2) to prevent crime; (3) to prevent any terrorist activity or threat to national security; (4) to protect and defend the property rights of “Generect, Inc.”; (5) to protect the safety or welfare of the User(s), Our employees and/or subcontractors, or any other persons.

STORAGE OF OUR USER(S) PERSONAL DATA

We securely store your data in Our internal Customer Relationship Management system (hereinafter - the “CRM”), that includes Gmail (from Google Mail).

The data retention period that we receive from the User(s) is calculated for each moment of cooperation individually in compliance with all relevant regulations, which are confirmed by this Privacy Policy (3 months and up). Retention periods from other recipients are set by them in their privacy policies.

In case the User(s) requests that We do not store personal data by sending Us a request to [email protected], We will take all reasonable measures to delete all personal data about such User(s). However, with the explicit consent of the User, we may retain a streamlined version of their profile, including their email address, for future purposes, enabling us to keep the User informed about our recruitment campaigns or marketing offers.

In addition to the above, We assure Our Users that Our SaaS product “Generate tool” provides Services in real time, i.e., We do not know the result of the request before the User has submitted a request through the SaaS product “Generate tool” to search for it. We store all the results of the potential customers that have been found using Our SaaS product “Generate tool” in Our databases (i.e. in CRM) so that the User can continue to use the results of the request at any time while lawful using Our Services. In fact, the list of potential customers for each individual User is available for viewing and exporting in the personal account of such User of SaaS product “Generate tool”.

CHILDREN'S PRIVACY

Our Website and Services are not directed to anyone under the age of 18 (hereinafter - the “Children”). We do not knowingly collect personal data from anyone under the age of 18. In case the User(s) is a parent or guardian and knows that your children have provided Us with the personal data, please contact us (see “Contact Us” section). If We become aware that We have collected personal data from children without parental consent, We take steps to delete this personal data from Our servers.

YOUR RIGHTS (INCLUDING CHAPTER III, ARTICLES 15 – 21 OF THE GDPR , AND OTHER REGULATORY ACTS)

The User(s) has (have) the following rights in connection with the processing of personal data by Us (the exercise of each of the following rights is carried out at the request of the User(s)):

  • Submit a request to Us for access to the personal data of the User(s) (generally known as a “data subject access request”). This will allow the User(s) to obtain a copy of the personal data We hold about such User(s) and to verify that We are processing it lawfully.
  • Request correction of the personal data We store about the User(s). This will allow the User(s) to correct any incomplete or inaccurate information that We store about the User(s).
  • Request for deletion of personal information of the User(s). This allows the User(s) to ask Us to delete personal information if there are no compelling reasons for its further processing. The User(s) also have the right to ask Us to delete personal information if the User(s) have exercised their right to object to processing.
  • Object to the processing of the User(s) personal data when We rely on a legitimate interest (or the interest of a third party) and there is something specific to the situation that makes the User(s) object to the processing on this basis. The User(s) also have the right to object if We process personal data for direct marketing purposes, for example, in our recruitment campaigns.
  • Request to restrict the processing of personal data of the User(s). This allows the User(s) to request Us to pause the processing of personal data, for example, if the User(s) wants Us to check its accuracy or the reason for processing.
  • Submit a request to Us to transfer the User's personal data to another party.

The User(s) does not need to pay for access to personal data (or for exercising any other rights). However, We may charge a reasonable fee if the User(s)' request for access is manifestly unfounded or excessive, and in such circumstances We may refuse to grant the request.

We may need to request certain information from the User(s) to help Us verify the identity of the User(s) and to ensure that such User(s) have the right to access the information (or to exercise any other rights of the User(s)). This is another appropriate security measure to ensure that personal data is not disclosed to any person who is not entitled to receive it.

In the event that the User(s) wish to review, verify, correct or request deletion of personal data, object to the processing of personal data or request that We transfer a copy of personal data to another party, please contact Us at [email protected] in writing.

TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

The User's personal data is transferred to third countries if the Services provided by Us will also be provided in the territory of a third country. The personal data of the User(s) may also be transferred to entities that provide tax, legal, and audit advice to Us if they operate in or outside the territory of a third country. In each of the above cases, We protect the processing of the User's personal data, in particular, by entering into confidentiality agreements and processing personal data in a manner that complies with the provisions of generally applicable EU and UK data protection laws, as well as on terms designed to ensure the security of the processing of the User's personal data. We do not transfer personal data of the User(s) to international organizations. We also do not transfer personal data of the User(s) to third countries, if such transfer is impossible or prohibited by generally accepted legislation.

  • Any transfer of personal data to the United States of America and other countries outside the European Union (hereinafter - the “EU”) and the European Economic Area (hereinafter - the “EEA”) will be carried out on the basis of Standard Contractual Clauses (hereinafter - the “Standard Contractual Clauses” or the “SCC”) together with a Transfer Impact Assessment (hereinafter - the “TIA”) in accordance with Art. 46(2)(c) GDPR and with the consent of the User(s), e.g., if the User consents to the use of cookies, this will also be consent to the possible transfer of the User's personal data to the United States of America in accordance with Art. 49(1)(a) GDPR in connection with Art. 6(1)(a) GDPR.
  • Any transfer of personal data to the EU and/or the EEA is carried out on the basis of a Data Protection Agreement (hereinafter referred to as “Data Protection Agreement” and/or the “DPA”), if necessary, together with a TIA, in accordance with Art. 28 GDPR, Art. 32 GDPR, etc., and with the consent of the User(s) (e.g., based on Art. 6(1)(a) GDPR).

APPLICABLE TERMS

Services on the Website: We use User(s) personal data to provide and improve our Services provided on Our Website. By using the Services, the User(s) agree to grant Us full rights to collect, process and use such User's personal data in accordance with this Privacy Policy.

Other recipients of the User's personal data:

  • Google Analytics (Google LLС) is a web analysis service provided by Google Inc. Google utilizes the data collected to track and examine user behavior, to prepare reports, and share insights with other Google services. Google may use the data collected to contextualize and personalize the advertisements launched via Google’s advertising network. The service is subject to Google’s Privacy Policy (available at the link).
  • Google Tag Manager (Google LLС) is a web service designed to optimize the Google Analytics management process. The service is provided by Google Inc. and is subject to Google’s Privacy Policy (available at the link).
  • Facebook Ads conversion tracking (Facebook, Inc.) Facebook Ads conversion tracking is an analytics service that binds data gathered from the Facebook advertising network with actions performed on our website. The service is provided by Facebook, Inc. and is subject to Facebook’s Privacy Policy (available at the link).
  • Google AdWords Tools (Google AdWords Conversion Tracking/ Dynamic Remarketing / User List / DoubleClick) (Google LLС) Google AdWords conversion tracking and other Google Ads services are analytic instruments, connect data from the Google AdWords advertising network with actions taken on our website. The services are provided by Google Inc. and are subject to Google’s Privacy Policy (available at the link).
  • Google AdWords (Google LLC) DoubleClick (Google Inc.) / DoubleClick Bid Manager / Google DoubleClick Google AdWords and Double Click are advertising services that enable efficient interaction with potential customers by suggesting relevant advertisements across Google Search, as well as Google’s partner networks. The services are provided by Google Inc. and are subject to Google’s Privacy Policy (available at the link).
  • Facebook Audience Network (Facebook, Inc.) is an advertising service that helps to monitor and evaluate the efficiency of advertising campaigns launched via Facebook. The service is provided by Facebook, Inc., and is subject to Facebook’s Privacy Policy (available at the link).
  • LinkedIn Marketing Solutions / LinkedIn Ads (LinkedIn Corporation) LinkedIn Ads allows for tracking the efficiency of advertising campaigns launched via LinkedIn. The service is provided by LinkedIn Corporation and is subject to LinkedIn’s Privacy Policy (available at the link).
  • X Advertising / X Conversion Tracking (X Corp.) The X Ads network allows for tracking the efficiency of advertising campaigns launched via X. The service is provided by X Corp. and is subject to X’s Privacy Policy (available at the link).
  • Instantly Website Visitors (Instantly, Inc.) is a marketing tool that provides website owners with real-time data on visitor activity, enabling enhanced engagement and conversion strategies. The service is subject to Instantly’s Privacy Policy (available at the link).
  • Hotjar (Hotjar Limited) is an analytical tool that allows website owners and digital marketers to gain deep insights into user behavior on their site. The service is subject to Hotjar’s Privacy Policy (available at the link).
  • Hetzner (Hetzner Online GmbH) is a web hosting service provider that offers dedicated servers, virtual private servers, and managed hosting solutions to businesses and individuals. The service is subject to Hetzner's Privacy Policy (available at the link).

In addition, We may hire third-party companies and individual entrepreneurs to facilitate the operation of our Services, to provide Services on Our behalf, or to assist Us in the analysis of how Our Services and/or Our Website are used (collectively, “Service Providers”). Such third parties have access to the Personal Data of the User(s) only to perform the tasks provided directly by Us and are obliged not to disclose or use them for any other purpose. Such cooperation with third parties must be documented by the necessary documents (including the Master Service Agreement, Non-Disclosure Agreement, etc.).

UPDATES TO THIS PRIVACY POLICY

We have the right to periodically change, update and supplement the Privacy Policy to ensure the security of Personal Data, notify You of changes in the use of Personal Data and comply with the requirements of GDPR, CCPA legislation, etc.

In the event of significant changes regarding personal data, We notify Users of such changes by posting news on the Website before the changes become effective and update the “Last update” at the top of our Privacy Policy and/or by means of an e-mail newsletter. We recommend that You periodically review the Privacy Policy to obtain information about how We use Your personal data.

In case You have opted out of emails in which We inform You of changes in legal documentation, You are still responsible for familiarizing Yourself with them.

After making changes to the Privacy Policy, We have the right to request the Users' re-consent to the updated Privacy Policy. Changes to the current Privacy Policy shall become effective 30 (thirty) calendar days from the date of publication of the new, amended version of the Privacy Policy.

Our electronic or otherwise stored copies of the Privacy Policy shall be deemed to be the true, complete, valid and enforceable version of this Privacy Policy in effect at the time of Your interaction with Our Website.

By continuing to interact with Our Website, You confirm Your acceptance of the changes made to this Privacy Policy.

CONTACT US

In the event that the User(s) has any questions about Our Privacy Policy, the data We hold about the User(s), or the User(s) would like to exercise one of the data protection rights, please contact Us by sending an email to [email protected].