Privacy policy

Last updated: 02nd June 2023)


The company “EUROPEAN PROTEIN UKRAINE” LLC, incorporated under the laws of Ukraine (Identification number of the legal entity: 40242605) at the following address: 23, Akademik Tupoliev street, Kyiv, Ukraine (hereafter referred to as “Company”, “we”, “us” and “our”), complies with all relevant data protection laws and strives to maintain robust data protection for users of our website (from now on referred to as “Website”).
This document presents the Company’s Privacy Policy (from now on referred to as the “Policy”, “Privacy Policy”) regarding the nature, purpose, processing methods (collection, use, storage, distribution, deletion, etc.) and features of protecting the Personal Data collected by us (from now on referred to as “Personal Data” or “Data”). In addition, in this document, you can find information about your rights and how to contact us if you have any questions about processing information about you.

This Policy includes the following sections:



This Policy applies to those individuals whose Personal Data is processed or may be processed by us in the future as a data controller, including, but not limited to, if such persons use our Website; contact us with inquiries; follow a hyperlink (link) to this Policy; attend our events, accompanied by the collection of Personal Data.
Our services are mainly intended for use in Ukraine and EU countries. At the same time, we understand that our services may be of interest to users around the world. That is why the Company makes its Website available practically worldwide.
We do our best to protect all Personal Data received from our customers and Websites users and comply with all local data protection laws to the extent they apply to us.
We will never sell your Data to third parties.
Your Data will not be used for automated decision-making, including profiling.
As a rule, we do not collect Personal Data when you visit our Website, except for the lawful operation of cookies and similar technologies or when you prove us consent to process Data in some instances. The provision of Data through the Website is voluntary. We do not require you to register or provide Data to browse the Website. However, failure to provide specific Data may lead to the fact that the Company cannot provide you with the desired service you want to order through the Website.
We inform you that the Company is a Data Controller for the purposes of the General Data Protection Regulation (EU GDPR) and any other applicable data protection law when we control Data collection methods and determine the purposes for which such Data will be used.
This Policy does not apply when the Company acts as a Data Processor or in any other similar role when acting on behalf of a third party. In this case, we process the Personal Data on the instructions and behalf of a third party. Accordingly, a third party’s privacy policy/statement shall apply.
We will process your Data only if at least one of the following legal grounds for such processing exists, including:

Please note that our Website may contain hyperlinks (links) to external resources or third-party websites (Twitter, Youtube, LinkedIn, Facebook). If you use such a hyperlink (link), first of all, carefully read the terms of processing and security of your Data. We are not responsible for data processing by the respective third-party resources and websites.
You can always delete or change your Data and exercise your other rights under applicable law and this Policy.
This Policy may be updated from time to time, including as required by applicable law. The Company will notify you of any changes to the Policy, either by sending notices by email if you provide us with your email address, and we will have the right to send you notifications or by posting notices on the changes on our Website. We suggest you review this Policy for any changes from time to time.


Depending on how you interact with us, how you use the Website, the Personal Data we collect and process may include the following:

Some Personal Data may be obtained by the Company from publicly available sources, for example, when such information is (a) available to the public and usually posted on the Internet; (b) lawfully made available to the general public, such as social media, etc.
In addition, we may process other Data if you voluntarily provide it to the Company; for example, when you send us a request.
Since we may change the services we offer, the data we ask for specific processes may vary accordingly.
Please note that our Website and services do not address anyone under the age of 18. We consider a user/customer as a child if they are under 18 unless their country has a different age limit (in some countries, it is under 16). Accordingly, we do not knowingly collect or process information about children. If you become aware of cases of use of the Website by children or that we receive Data from children, please inform us immediately. If we become aware that Company has collected Personal Data from anyone under 18 without verification of parental consent, we take steps to remove that information.


The Company may obtain your Data in a variety of ways and from various sources, including, but not limited to:

We may collect information based on analyzing the actions taken while using the Website through cookies and similar technologies.
When the Company receives any Personal Data from third parties (not from data subjects directly), such third parties are responsible for their compliance with the relevant data protection laws.


We will process your Data solely for the purposes provided for by the applicable law.
We process Personal Data for the following purposes with such legal basis (data may be processed on several legal bases):

Where we rely on legitimate interests as the legal basis for processing your Personal Data, we will balance those interests with your interests, fundamental rights, and freedoms, as required by applicable law and best industry practice.
In any case, we will gladly help clarify the specific legal basis for processing your Data.


The Company may provide you with marketing and event information in several ways, such as email, telephone, text messages, direct mailing, and online (when using the Website).
It is mandatory for us to comply with both your marketing preferences and the requirements of applicable data protection laws. We process your Data to send marketing materials where we have your express consent or where there is a legitimate interest in direct marketing.
The information contained in direct marketing must not conflict with your interests. For example, from time to time, we may send you marketing materials about products and services that you may be interested in based on your interest in our Website.
You can opt out of marketing even if you have previously given us consent. You can also object to receiving direct marketing.
If you decide to opt out of marketing or object to receiving direct marketing from us, you can contact us at any time.
In particular, marketing emails received from the Company will contain a specific button or prominent link that will allow you to unsubscribe from receiving such communications in the future.
You may withdraw your consent by contacting Company using the contact form.
Also, you can write a request to our Data Protection Specialist, whose contacts are indicated in this Policy.


Following the standard practice that complies with the requirements of applicable data protection laws, your Data may be transferred to third parties outside the Company in such cases:

Sometimes, we may need to transfer your Data to third parties. In particular, we may share your Data, including but not limited to the contact and technical data, with third parties, such as service providers who perform various functions necessary for the operation of our Website.
Depending on services provided for the processing of Data necessary for our operation, based on our instructions, under this Policy and data protection laws, we may transfer information to the following third parties:

Our partners (suppliers of various services) are prohibited from processing Personal Data that we transfer for them for a specific purpose, for any purposes other than those specified by us as Data Controller. Also, we conclude contracts with such partners, demanding that they provide the same level of protection and security of your Data that is required of us per the applicable law. We limit the use of your Data following any consent provided by you (if consent is the basis for Data processing).
In the event of a merger, reorganisation or a similar corporate event or the sale of the Сompany or part of the Сompany’s assets, the information collected by us, including Personal Data, can be transferred to another company/organisation (subject to merge or acquisition). Undoubtedly, all such Data transfers will be carried out under the applicable data protection legislation and our confidentiality obligations, as specified in this Policy.
Our Website may contain hyperlinks (links) to other third-party websites that do not belong to the Company and are not controlled by the Company. The Company provides this content only for convenience, and including some links does not mean we approve this linked website. Remember that we are not responsible for using Personal Data by these websites and for their privacy policy. The Company recommends being careful when you leave our Website and reading the Privacy policy of each third-party website that collects and then processes your Data.


The Company is an international company that collaborates with various companies worldwide to promote and/or provide users access to the Website and our services. Accordingly, your Data can be processed outside your country of residence, including countries that may not provide the same level of protection of your Data as your country.
In particular, the Personal Data we process are stored in our local environment of the Company’s servers.
When we transmit Personal Data to recipients in other countries outside Ukraine, we take measures to comply with the relevant legal and technological requirements, as described in this Policy and under the applicable legislation on data protection, including by the provisions of Articles 44-50 of General Data Protection Regulation (EU GDPR).
When transferring your Data to third countries that do not apply to the “adequacy decision” of the European Commission, the Company uses Standard Contractual Clauses, mandatory corporate rules, and special agreements on data transfer and processing. In addition, we will require all data recipients to ensure the proper level of protection and security of your Data that is required by the applicable data protection legislation.
In some cases, Company may need your explicit consent to the International Data Transfer.


We save your Data during the time necessary to achieve the goals for which we have collected it, in particular, to satisfy any legal requirements, accounting or reporting, and to ensure the performance of contracts.
To determine the corresponding retention period for Personal Data, in addition to processing objectives, we also consider the volume, nature, and category of Data, as the potential risk of harm from unauthorised use or disclosure of Data, as well as the relevant requirements of the applicable legislation.
As a rule, we keep basic information about Website users for five (5) years.
Please note that the regulations of some countries may impose additional requirements, so the Data retention period may vary. In particular, if the legislation of a country where a user of our Website contains limitation period provisions that determine the period during which you can file a claim against us, we need the appropriate evidence of legal relations with you. So we can process your Data during this period.
We also need to consider the periods for which we may need to keep your Data to comply with our legal obligations to you or regulatory authorities.
Eventually, we can minimise the Data that we process or make it anonymous (for research or statistical purposes) so that they are no longer connected with you. If the Data was anonymised, we could use this information indefinitely since it no longer contains Personal data.
Suppose we process Data with your consent to processing (mainly for marketing). In that case, you have the right to withdraw consent at any time or send us a request for Data deletion or temporary termination of Data processing.


The Company is very serious about the security of Personal data. To ensure the secure storage of your Data, we implemented many technical and administrative tools that protect Data from any unauthorised or illegal processing, as well as any losses, destruction, or damage. We regularly test our security measures to ensure they remain efficient and effective.
First, we use the usual scanning for malicious programs. Our antivirus protection product is one of the best on the market.
When transferring Personal Data outside the Company, we use encryption. We usually use different technical measures for information protection that we collect on the Internet or transmit to third parties, including encryption, firewalls, and password protection.
The Data you provided will be safely stored on our servers, inaccessible to the public.
The Company adheres to the principle of minimising data. We process information related to our users/customers that we very need to perform certain functions and for the specific goals defined in this Policy. Your Data is available only for a limited number of employees who need access to corresponding data to fulfil their functional duties. We constantly train the employees on our Policies, regulating data privacy and security issues.
We do our best to protect the Data, but you need to know that no method of data transmission via the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. If the Company learns about the violation of the security system, we will inform you if we shall do this under the applicable legislation so that you can take appropriate security measures.


Cookie files are small text files placed on your device, for example, a computer or mobile device you visit on websites. Our Website, for a certain period, can remember your preferences and actions so that you do not have to configure them again. Our cookie files usually do not identify a specific user, but only recognise the device used.
Cookie files and other tracking technologies on our Website can be used in different ways, for example, for the proper operation of the Website itself, tracking the traffic, or advertising. In particular, we use cookies and other tracking technologies to improve the quality and efficiency of our services and for security purposes.
To learn more about what cookies are, how they work, and how to manage or delete them, visit the website
The list of cookies and other tracking technologies used by the Company on the Website and detailed information about cookie files is available in a separate Cookie Policy.


Please note that when you contact us, you must complete the identification process and describe your specific requirements so that we can process your request and give a lawful response. If we cannot identify you via messages or requests or have reasonable suspicions about your identity, we may ask you to provide proof of identity. Only in this way can we avoid disclosing your Personal Data to someone who may impersonate you, i.e. the identification process is carried out in your interests. Any additional information collected for verification purposes will only be used to verify identity.
We process requests as quickly as possible, but at the same time, we ask you to remember that providing a complete and lawful response to Personal Data is a complex process that can take up to a month or even longer. We will let you know if we need more time to prepare a response.

Rights of Data Subjects under the GDPR

Please be advised that when you contact us, you have to go through the identification process and submit your specific requirements, so that we can process your request and provide a response on legitimate grounds. The list of data that we must provide to you is contained in Article 13 and Article 14 of the GDPR.
According to the data protection legislation of the European Union, your rights regarding your Personal Data include the following:

All of these rights are always available to everyone. There are individual exceptions where some of these rights do not apply to the Data we process. Please get in touch with us if you want to exercise the rights above.
A Do Not Track (DNT) request is a setting any user can trigger from their device. The purpose is to allow consumers to limit or prevent the collection of their personal data.
There is no law requiring websites to respect a DNT setting.
Because we do not track our Website users over time and across third-party websites, we do not respond to browser do-not-track signals.
At the same time, even if we follow the DNT, we cannot control the DNT handling of third parties interacting with the Website, such as Google Analytics, AdWords, and others.


If you have any questions or want to complain about this Policy or our use of your Personal Data, don’t hesitate to contact us.
We have appointed a Data Protection Specialist who is the contact person for any questions or comments regarding protecting and processing your Data.
You can contact us by: