1. Who We Are

LLC “SCIENTIFIC-PRODUCTION ASSOCIATION ‘TIHON’” (hereinafter the “Company,” “we,” “our site”)
61001, Kharkiv, 27 Bohdana Khmelnytskoho St.

IBAN UA093515330000026006052193320 at KHARKIV BRANCH, JSC CB “PRIVATBANK”

MFO 351533

TIN 41784315

We process personal data in accordance with Regulation (EU) 2016/679 (GDPR), the Law of Ukraine “On Personal Data Protection,” and this Policy.

2. What Data We Collect and Why

CategoryExamplesLegal BasisPurpose
Comment dataname, e-mail, IP address, user-agent, comment textGDPR 6(1)(f) — legitimate interest (community interaction, anti-spam)Publication, moderation, abuse prevention
Media filesimages you uploadGDPR 6(1)(a) — consentDisplay of content on the site
Cookiestechnical (session), analytics, functionalGDPR 6(1)(f) and 6(1)(a) for optionalSite operation, statistics, personalisation
Order dataname, phone, e-mail, billing/shipping address, product list, notes, amountGDPR 6(1)(b) — contract performanceOrder processing, customer support
Account dataname, login, e-mail, role, order historyGDPR 6(1)(b)Access to dashboard, purchase history

3. Comments

When you post a comment, we store the data you provide, your IP address and user-agent string to automatically detect spam (reCAPTCHA v3, Akismet).

4. Media Files

When uploading images, ensure they do not contain EXIF geolocation data. Site visitors may download and extract such information.

5. Cookies

  • Comments: store name, e-mail and site (1 year).
  • Cookie support check: deleted when you close the browser.
  • Login cookies: 2 days (or 2 weeks if “Remember me” is selected).

Your browser lets you delete or block cookies. Refusing optional cookies will not affect core site functionality.

6. Embedded Content

Articles may include embedded content (e.g., YouTube, Instagram). Such sites may collect data, use cookies and track your interaction under their own policies.

7. Who We Share Data With

  • Hosting providers — Hosting Ukraine LLC (ukraine.com.ua); backup location — AWS (EU)
  • CRM KeepinCRM (Ukraine) — processes and stores all data entered on the checkout page
  • Analytics services with IP anonymisation (Google Search Console, Google Analytics 4, Microsoft Clarity)
  • E-mail gateways (Google Gmail)
  • Payment processors (Monopay)
  • Anti-spam systems (Akismet, Google reCAPTCHA)

Data transfers outside the EEA occur only to countries with an adequate level of protection or under Standard Contractual Clauses (SCC).

8. How Long We Keep Data

  • Comments and their metadata — indefinitely.
  • Account data — as long as the account exists.
  • Back-ups — 30 days (encrypted).
  • Analytics logs — 14 months.

9. Your Rights

  1. Access to your personal data.
  2. Rectification of inaccurate or incomplete data.
  3. Erasure (“right to be forgotten”).
  4. Restriction of processing.
  5. Objection to processing based on legitimate interest.
  6. Data portability (CSV/JSON).
  7. Withdrawal of consent at any time.
  8. Complaint to a supervisory authority (the Ukrainian DPA or any EU authority).

10. Data Security

  • HTTPS / HSTS / TLS 1.3
  • Encryption at rest (AES-256) and in transit
  • Two-factor authentication for administrators
  • Quarterly malware scans and penetration tests
  • DDoS protection (Cloudflare WAF)

11. Minors’ Data

Site content is not intended for persons under 18. We do not knowingly collect their data.

12. Policy Changes

We may update this Policy periodically. The new version is posted on this page with the effective date. For material changes, we will notify you by e-mail or pop-up message.

Last update: 03 July 2025