This Privacy Policy (hereinafter – “Policy”) defines the procedure for collecting, storing, processing, using, and protecting personal data (hereinafter – “Platform”) during the use of the website https://99tools.tech and its related services.
ATTENTION! By using the Platform and providing your personal data, the User unconditionally and explicitly agrees to the terms of this Privacy Policy. If the User does not agree with the terms of this Policy, they should immediately stop using the Platform.
1.1. This Policy has been developed in accordance with the requirements of the Law of Ukraine "On Personal Data Protection", and also taking into account the provisions of the General Data Protection Regulation (Regulation (EU) 2016/679) (hereinafter – GDPR) of the European Union for Users from EU countries.
1.2. The purpose of this Policy is to ensure adequate protection of User information, including their personal data, from unauthorized access, unlawful use, and disclosure.
1.3. The Platform is the data controller in relation to the personal data of Users collected through the Platform.
2.1. The Platform adheres to the following principles of personal data processing: a) Lawfulness, fairness, and transparency: Data is processed lawfully, fairly, and in a transparent manner in relation to the data subject. b) Purpose limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes. c) Data minimization: Data is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed. d) Accuracy: Data is accurate and, where necessary, kept up to date. e) Storage limitation: Data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. f) Integrity and confidentiality: Data is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
3.1. The Platform processes Users' personal data based on the following legal grounds: a) User Consent: Processing is carried out based on the explicit and informed consent of the User (Article 6(1)(a) GDPR). The User gives consent by checking the appropriate checkbox during registration or when using the services. b) Performance of a Contract: Processing is necessary for the performance of a contract to which the User is party (Public Offer and User Agreement), or in order to take steps at the request of the User prior to entering into such a contract (Article 6(1)(b) GDPR). c) Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by the Platform or by a third party (Article 6(1)(f) GDPR), except where such interests are overridden by the fundamental rights and freedoms of the User. Such legitimate interests include: improving and optimizing services, preventing fraud, ensuring Platform security, and analytics. d) Compliance with Legal Obligation: Processing is necessary for compliance with a legal obligation to which the Platform is subject (Article 6(1)(c) GDPR).
4.1. The Platform collects the following categories of Users' personal data: a) Data provided by the User during registration and when using the Personal Account: * User Name: For identification and personalization of interaction. * Email Address: For registration, access recovery, sending notifications, and communication. * Balance Top-up Information: Only data on the top-up amount and transaction date (without storing full payment data). * Content Download History: For tracking credit usage and providing transaction history. b) Data collected automatically when using the Platform: * User's IP Address: For security, analytics, and geolocation (determining the country for applying relevant legal norms). * Browser type and operating system: For compatibility optimization and improving user experience. * Date and time of access to the Platform: For analytics and logging actions. * Pages viewed and actions on the Platform: For analyzing user behavior, improving content and functionality. * Use of cookies: For authentication, saving preferences, and analytics (see Section 7).
4.2. The Platform does not collect or store full payment data of Users (e.g., bank card numbers, CVC/CVV codes). All financial transactions are processed by third-party, certified payment systems that comply with payment card data security requirements (PCI DSS).
5.1. Users' personal data is collected and processed by the Platform for the following purposes: a) Service Provision: Providing the User with access to Platform services, the ability to create Catalogs and download Content in accordance with the Public Offer and User Agreement. b) Identification and Authentication: Managing the User's account and ensuring secure access to the Personal Account. c) User Interaction: Sending system notifications, responding to technical support requests, informing about changes in Platform operation, important updates, and (with User consent) about marketing promotions and special offers. d) Platform Improvement: Analyzing user activity, collecting statistics to optimize functionality, enhance usability, develop new services, and fix errors. e) Security and Fraud Prevention: Protecting the Platform and Users from unauthorized access, suspicious activity, and potentially illegal actions. f) Statistical and Analytical Research: Collecting anonymized and aggregated data for internal reports and analyzing trends in service usage.
6.1. Personal data processing is carried out on the Platform's servers located in [specify the country where the servers are located, e.g., Germany, Finland]. The Platform guarantees that the server location complies with GDPR requirements for EU Users.
6.2. The Platform undertakes to take all necessary and sufficient legal, organizational, and technical measures to protect Users' personal data from unauthorized or accidental access, destruction, alteration, blocking, disclosure, dissemination, and other unlawful actions by third parties. Such measures include: data encryption, access control to systems, and regular security audits.
6.3. Personal data is stored for the period necessary to achieve the purposes of its processing, but no longer than stipulated by the legislation of Ukraine and applicable international norms. Criteria for determining the storage period include: the duration of the User's use of the Platform, the existence of legal obligations to store data (e.g., for tax purposes), and the need to resolve disputes.
6.4. Access to Users' personal data is granted only to authorized Platform employees who require it to perform their job duties and who are obliged to maintain confidentiality.
7.1. The Platform uses cookies and other similar technologies (e.g., pixel tags) to improve User interaction, analytics, content personalization, and advertising.
7.2. Cookies are small text files stored on the User's device. They allow the Platform to "remember" the User during repeat visits, save preferences, and analyze website behavior.
7.3. We use both session cookies (deleted after closing the browser) and persistent cookies (remain on the device until expiration or deleted by the User). a) Necessary cookies: Ensure basic Platform functionality (e.g., login). b) Analytical/performance cookies: Collect information about Platform usage to improve it. c) Functional cookies: Remember User choices (e.g., language, region). d) Marketing/advertising cookies: Used to provide relevant advertising based on User interests.
7.4. The User can manage the use of cookies through their browser settings. Most browsers allow blocking all cookies, or notifying about their sending, or deleting them. However, this may lead to limited Platform functionality.
7.5. Upon the first visit to the Platform, the User will be prompted to give consent to the use of cookies via a special banner or pop-up window, with the option to customize preferences.
8.1. The User, as a data subject, has the following rights regarding their data, where applicable according to law: a) Right of access (Article 15 GDPR): The User has the right to obtain confirmation as to whether or not personal data concerning them are being processed, and, where that is the case, access to the personal data and information about their processing. b) Right to rectification (Article 16 GDPR): The User has the right to obtain from the Platform without undue delay the rectification of inaccurate personal data concerning them. c) Right to erasure ("right to be forgotten") (Article 17 GDPR): The User has the right to obtain the erasure of personal data concerning them without undue delay under certain conditions (e.g., if the data are no longer necessary for the purposes for which they were collected or the User withdraws consent). d) Right to restriction of processing (Article 18 GDPR): The User has the right to obtain from the Platform restriction of processing under certain conditions (e.g., if the accuracy of the personal data is contested, or the processing is unlawful). e) Right to data portability (Article 20 GDPR): The User has the right to receive the personal data concerning them, which they have provided to the Platform, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from the Platform. f) Right to object (Article 21 GDPR): The User has the right to object, on grounds relating to their particular situation, to processing of personal data concerning them which is based on the legitimate interests of the Platform, including profiling, and to processing for direct marketing purposes. g) Right to withdraw consent (Article 7(3) GDPR): The User has the right to withdraw their consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
8.2. To exercise their rights, the User can send a request to the Platform's support service at: support@99tools.tech. The Platform will review the request within 30 calendar days and provide a response.
8.3. If the User believes that their data protection rights have been violated, they have the right to lodge a complaint with the relevant supervisory authority for personal data protection in their country or country of residence.
9.1. The Platform reserves the right to unilaterally make changes to this Privacy Policy.
9.2. Users will be notified of such changes by publishing a new version of the Policy on the Platform 3 calendar days before the changes come into effect.
9.3. Continued use of the Platform by the User after the changes come into effect signifies their full and unconditional agreement with the new version of the Policy.
Platform Contact Information (Data Controller): Email for privacy inquiries: support@99tools.tech