Privacy Policy
Last modified on April 1, 2025.
1. Introduction
1.1. Contractual Framework
This Privacy Policy (“Policy”) constitutes a legally binding agreement between IE Oleksii Smychkov, conducting business under the trade name Sunetix (“Sunetix,” “We,” “Us” or “Our”), and You (“User,” “Client” or “Data Subject”), defined as any individual or entity accessing, purchasing, or otherwise interacting with the websites, services, or digital platforms operated by Sunetix. These include, but are not limited to, sunetix.host, sunetix.org, and all associated subdomains (collectively, the “Services”).
1.2. Acceptance of Terms
By accessing or using the Services, You expressly acknowledge, accept, and agree to comply with the terms set forth in this Policy. This Policy governs the collection, processing, storage, and disclosure of both personal and non-personal data, including metadata, technical logs, and usage analytics. Continued use of the Services constitutes Your unconditional acceptance of this Policy. If You do not agree with any of its provisions, Your sole recourse is to immediately cease using the Services.
1.3. Incorporation of Policies
This Policy is an integral part of, and operates in conjunction with, Sunetix’s Terms of Service, Acceptable Use Policy, Service Level Agreement (“SLA”), and any other governing agreements. It supplements, but does not supersede, rights and obligations established under applicable data protection laws, including the General Data Protection Regulation (“GDPR”) for Users within the EU, EEA, and the UK, as well as the California Consumer Privacy Act (“CCPA”) for California residents.
1.4. Legal Compliance
Sunetix is committed to adherence to globally recognized privacy standards and regulatory frameworks. This Policy reflects Our dedication to transparency, accountability, and the lawful processing of personal data. It also outlines Your rights, including the ability to access, rectify, restrict, or request the deletion of Your personal information, subject to statutory limitations.
1.5. Modifications
Sunetix reserves the right to amend, update, or replace this Policy at its sole discretion. Material changes will be communicated through email notifications, account alerts, or prominent website notices at least 30 days before taking effect. Non-material modifications, such as clarifications or grammatical adjustments, may be implemented immediately without prior notice. Continued use of the Services following any modification constitutes binding acceptance of the revised Policy.
2. Data We Collect
2.1. Categories of Personal Data
Sunetix collects and processes personal data strictly necessary for the provision, maintenance, and enhancement of the Services. This includes identity and contact details, such as full name, email address, physical address, and telephone number, as well as government-issued identification when required for regulatory compliance. Account and billing information, including usernames, passwords, payment method details, transaction history, and invoice records, is also processed.
Technical and usage data, such as IP addresses, device identifiers, browser types, operating systems, timestamps, and metadata associated with interactions with the Services, are collected to ensure service functionality and security. Communications, including support tickets, chat transcripts, email correspondence, and feedback, are retained for quality assurance and dispute resolution. Data obtained through third-party integrations, such as domain registrars and payment gateways, is processed in accordance with the privacy policies of the respective providers.
2.2. Legal Basis for Collection
Sunetix processes personal data in accordance with applicable legal frameworks. Processing is necessary for the performance of contractual obligations, including account management, payment processing, and technical support. Legitimate interests justify data collection for service optimization, fraud prevention, and marketing activities, provided such processing does not override fundamental privacy rights. Legal obligations require data retention for compliance with regulatory mandates, such as tax reporting and fraud investigations. Where consent is necessary, such as for marketing communications or personalized advertising, explicit opt-in is obtained.
2.3. Automated Data Collection Technologies
To enhance user experience and service reliability, Sunetix employs cookies, web beacons, and similar tracking technologies. These mechanisms authenticate sessions, prevent unauthorized access, analyze traffic patterns, and optimize system performance. They also facilitate targeted advertising and resource monitoring to maintain infrastructure stability. Users retain control over cookie preferences and may adjust settings through browser configurations or Sunetix’s consent management tools. However, disabling certain cookies may impair the functionality of the Services.
2.4. Data from Minors
Sunetix does not knowingly collect or process personal data from individuals under 18 years of age. In the event such data is inadvertently obtained, it will be promptly deleted upon discovery. Parents or legal guardians may request removal of a minor’s data by contacting Sunetix through the designated support channel.
2.5. Sensitive Data
Sunetix does not actively collect or request sensitive personal data, including information related to racial or ethnic origin, religious beliefs, health status, or biometric identifiers. If such data is voluntarily disclosed, for instance, in support communications, it will be handled with heightened confidentiality and deleted upon request where legally permissible.
2.6. Data Accuracy and Updates
Users are solely responsible for ensuring the accuracy and completeness of the data provided to Sunetix. Account information may be updated through the Client Portal or by submitting a request via the support system. Failure to maintain up-to-date and accurate information may result in service disruptions or termination.
2.7. Non-Personal Data
Sunetix may process anonymized and aggregated data for statistical analysis, infrastructure improvement, and business intelligence purposes. Such data, stripped of personally identifiable elements, cannot be linked to an individual and does not fall within the scope of privacy rights requests.
3. How We Use Your Data
3.1. Service Delivery and Account Management
Sunetix processes personal data to fulfill contractual obligations outlined in the Terms of Service. This includes account creation, payment processing, invoice issuance, technical support, and resolution of service-related issues. Automated system alerts, such as renewal reminders and security notifications, are also generated to ensure uninterrupted access to the Services. Processing is legally justified under the contractual necessity provision of Article 6(1)(b) GDPR.
3.2. Security and Fraud Prevention
To protect the integrity of Sunetix’s infrastructure and users, data is utilized for monitoring login attempts, detecting unauthorized access, investigating suspicious activities, enforcing security protocols, and complying with anti-money laundering (AML) and know-your-customer (KYC) regulations. Processing is conducted under legitimate interests pursuant to Article 6(1)(f) GDPR and legal obligations under Article 6(1)(c) GDPR.
3.3. Service Optimization and Analytics
Aggregated and anonymized data is analyzed to enhance server performance, allocate resources efficiently, identify usage trends, test infrastructure upgrades, and support business decision-making. This processing is based on Sunetix’s legitimate interests as permitted by Article 6(1)(f) GDPR.
3.4. Marketing and Communication
User contact details may be used for promotional communications, newsletters, product updates, and personalized advertising based on browsing behavior. Surveys and testimonial requests may also be conducted to improve user experience. Users retain the right to opt out of marketing communications at any time through the unsubscribe link in emails or within the Client Portal. Processing relies on consent under Article 6(1)(a) GDPR or legitimate interests under Article 6(1)(f) GDPR.
3.5. Legal and Regulatory Compliance
Sunetix processes data in compliance with statutory obligations, including responding to subpoenas, court orders, and regulatory inquiries. Data retention is required for financial recordkeeping, tax audits, and enforcement of the Acceptable Use Policy in abuse investigations. Processing is legally mandated under Article 6(1)(c) GDPR.
3.6. Third-Party Integrations
Personal data is shared with trusted service providers essential for operations, including payment processors, domain registrars, and infrastructure partners. These entities are contractually bound to process data strictly within the scope of service provisioning. Processing is justified under contractual necessity pursuant to Article 6(1)(b) GDPR and legitimate interests under Article 6(1)(f) GDPR.
3.7. Automated Decision-Making
Sunetix employs automated algorithms to identify high-risk transactions for manual review, trigger resource throttling during server overloads, and personalize dashboard recommendations based on usage patterns. Users may request human intervention or contest automated decisions by contacting support@sunetix.org. Processing is based on legitimate interests under Article 6(1)(f) GDPR and, where applicable, consent under Article 22(2)(c) GDPR.
3.8. Data Retention Justification
Retention periods are determined by contractual obligations, statutory requirements, and operational needs. Billing records are retained for seven years to comply with tax laws, while server logs are stored for diagnostic purposes for three days. Specific retention policies are detailed in Section 7 (“Data Retention and Deletion”).
4. Data Sharing
4.1. Third-Party Service Providers
Personal data is shared with external entities integral to Sunetix’s service infrastructure. Payment processors, including Stripe and PayPal, facilitate transactions, while ICANN-accredited registrars manage domain registrations. Infrastructure partners, such as data centers and CDN providers, ensure service reliability. Support platforms, including ticketing systems and analytics providers, assist in customer service and performance monitoring. Third parties operate under strict data processing agreements (DPAs), prohibiting unauthorized use or retention beyond service requirements. Processing is justified under contractual necessity pursuant to Article 6(1)(b) GDPR and legitimate interests under Article 6(1)(f) GDPR.
4.2. Legal and Regulatory Disclosures
Personal data may be disclosed in response to lawful requests from government authorities, law enforcement, fraud prevention agencies, and intellectual property rights holders. This includes compliance with subpoenas, tax audits, and digital rights enforcement actions. Processing is legally required under Article 6(1)(c) GDPR and supported by legitimate interests under Article 6(1)(f) GDPR.
4.3. Business Transfers
In the event of mergers, acquisitions, or asset sales, personal data may be transferred to successors or affiliates. Any recipient of such data must uphold the commitments set forth in this Policy or provide equivalent protections. Processing is based on legitimate interests pursuant to Article 6(1)(f) GDPR.
4.4. Marketing and Advertising Partners
Aggregated, non-personal data may be shared with advertising networks and affiliate programs to facilitate targeted marketing campaigns. Personal data used for advertising purposes requires explicit opt-in consent via Sunetix’s cookie management tool. Processing is based on user consent under Article 6(1)(a) GDPR.
4.5. User-Directed Sharing
Data may be disclosed at the user’s request in scenarios such as domain ownership transfers or social media integrations. Any voluntary sharing of personal data through public testimonials or third-party services is subject to user consent under Article 6(1)(a) GDPR.
4.6. International Data Transfers
Personal data may be transferred to jurisdictions outside the EU, EEA, or UK where adequacy decisions are not in place. Sunetix ensures compliance with cross-border transfer regulations through Standard Contractual Clauses (SCCs), International Data Transfer Agreements (IDTAs), or Binding Corporate Rules (BCRs), depending on the recipient’s location. Processing is legally justified under Article 46(2)(c) GDPR.
4.7. Publicly Available Information
Certain user data, such as domain WHOIS records, may be published as mandated by ICANN policies. Users may request redaction or privacy protection services where applicable. Processing is conducted under legal obligations pursuant to Article 6(1)(c) GDPR.
4.8. No Sale of Personal Data
Sunetix does not sell, rent, or trade personal data for monetary or commercial gain, in compliance with the requirements of GDPR and CCPA.
5. Security Measures
5.1. Technical Safeguards
Sunetix employs industry-standard technical measures to protect Your data against unauthorized access, loss, or alteration. Data in transit is secured using TLS 1.2+ encryption protocols, while sensitive data stored at rest, such as passwords and payment details, is encrypted using AES-256. To restrict access, we apply role-based permissions, ensuring that only authorized personnel can access data on a need-to-know basis. Administrative accounts are protected by multi-factor authentication (MFA). Our network security is reinforced with firewalls, intrusion detection and prevention systems (IDS/IPS), and DDoS mitigation tools that monitor and block malicious traffic. We conduct regular audits, including biannual penetration testing and vulnerability scans, to identify and address potential risks. These actions are legally justified under legitimate interests (Article 6(1)(f) GDPR) and legal obligations (Article 32 of the GDPR).
5.2. Organizational Protocols
Sunetix enforces strict internal policies to ensure data security. Employees receive annual cybersecurity training covering areas such as phishing prevention, incident reporting, and GDPR compliance. We adhere to data minimization practices by defining retention periods that limit the storage of data to the minimum necessary for operational or legal purposes. Furthermore, third-party vendors undergo thorough due diligence and are bound by contractual agreements to meet Sunetix’s security standards.
5.3. Incident Response
In the event of a suspected data breach, Sunetix follows a well-defined protocol. The first step is containment, which involves isolating affected systems to prevent further escalation. A forensic investigation is then conducted to determine the breach’s scope and root cause. Both regulatory authorities and affected users are notified within 72 hours, as required by GDPR or CCPA. Remediation follows, where corrective actions such as patching vulnerabilities and updating policies are implemented to prevent future incidents. This process is supported by legal obligations under Article 33 of the GDPR and the legitimate interests outlined in Article 6(1)(f) GDPR.
5.4. User Responsibilities
While Sunetix ensures its infrastructure is secure, users also have a responsibility to protect their data. You are required to use strong, unique passwords and enable MFA for your account. It is also important to regularly update third-party software, such as content management systems and plugins, to reduce vulnerabilities. Credentials and sensitive data should never be shared via unsecured channels, such as public forums. Failure to comply with these security measures may result in the loss of liability protections, as outlined in Section 8 (“Liability and Warranties”).
5.5. Backup and Redundancy
Sunetix implements automated daily backups of critical data, which are stored across geographically dispersed locations. Redundant systems and failover protocols are in place to ensure service continuity in the event of outages. However, users are advised to maintain independent backups of their content, including websites and databases, as Sunetix is not responsible for retaining or recovering user-generated content. This practice is supported by contractual necessity, as per Article 6(1)(b) GDPR.
5.6. Limitations
Although Sunetix takes extensive precautions to secure its systems, no platform is entirely immune to breaches. Sunetix disclaims liability for any losses that arise due to user negligence, such as compromised credentials or unpatched software. We also disclaim liability for losses resulting from third-party attacks, including advanced persistent threats (APTs) or zero-day exploits, and from force majeure events like natural disasters or infrastructure failures outside of Sunetix’s control. This section establishes key links to other parts of the policy, including breach notifications (Section 7.8, “Breach Notification”), user rights (Section 6, “Your Privacy Rights”), and third-party risks (Section 4, “Data Sharing”).
6. Cookies and Tracking
6.1. Technologies Employed
Sunetix uses various tracking technologies, such as cookies, web beacons, and pixels, to improve functionality, analyze trends, and personalize Your experience. These technologies collect session data, including login status, shopping cart contents, and user preferences, as well as analytics data, such as page views, referral sources, and interaction metrics. Advertising IDs are used to personalize campaigns. The use of these technologies is based on Your consent (Article 6(1)(a) GDPR) or Sunetix’s legitimate interests (Article 6(1)(f) GDPR).
6.2. Cookie Categories
There are several types of cookies used on our platform. Essential cookies are required for core services, such as authentication and payment processing. Disabling these cookies could impair functionality. Performance cookies, which collect anonymized usage data, help us optimize infrastructure. Marketing cookies track browsing behavior for personalized advertisements, and these require explicit consent.
6.3. Consent Management
When you first visit Sunetix’s platform, you will be presented with a cookie consent banner. This banner allows you to accept or reject non-essential cookies, customize preferences by category (e.g., analytics or advertising), and withdraw consent at any time through the Client Portal or your browser settings. This process adheres to the consent requirements specified in Article 4(11) GDPR.
6.4. Third-Party Trackers
Third-party services integrated into Sunetix’s platform, such as payment gateways like PayPal, may set their own cookies for purposes like fraud detection. Social media plugins, such as the Facebook “Like” button, and analytics providers like Hotjar, which are used for heatmaps and session recordings, may also set cookies. Sunetix does not control these third-party tracking practices, and we recommend reviewing their respective privacy policies directly.
6.5. Do Not Track (DNT)
Sunetix does not respond to Do Not Track (DNT) signals sent by browsers due to the lack of standardized guidelines across the industry. You can manage your tracking preferences through Sunetix’s consent tools or by using third-party opt-out platforms like YourAdChoices.
6.6. Retention Periods
Session cookies are set to expire when the browser is closed. Persistent cookies remain for up to 24 months or until consent is revoked. Log data, which is anonymized for analytics purposes, is retained for a period of 12 months.
7. Your Rights
7.1. Right to Access
You have the right to request a copy of the personal data Sunetix holds about you. This includes details on the categories of data collected, the purposes for which it is processed, and the third parties with whom it is shared. Requests are processed within 30 days, subject to verification of identity. In cases of complex inquiries, this period may be extended by an additional 30 days, with prior notification. This right is protected under GDPR (Article 15) and CCPA (Section 1798.100).
7.2. Right to Rectification
You may correct inaccurate, outdated, or incomplete data through the Client Portal or by submitting a support ticket. Sunetix will notify relevant third parties, such as payment processors, of material corrections. However, factual disputes, such as those related to payment history, require documented evidence for revision. This right is granted under GDPR (Article 16) and CCPA (Section 1798.105).
7.3. Right to Erasure (“Right to Be Forgotten”)
You may request the deletion of your personal data, except where retention is required for compliance with legal obligations, such as tax records, for the exercise or defense of legal claims, or for public interest archiving, such as domain registration records maintained under ICANN policy. Deletion requests must be submitted to support@sunetix.org. Backups and logs may retain anonymized data fragments. This right is supported by GDPR (Article 17) and CCPA (Section 1798.105).
7.4. Right to Restrict Processing
You may limit the processing of your data if you contest its accuracy (until verified), if processing is unlawful but you oppose deletion, or if Sunetix no longer requires the data but you need it for legal claims. While restricted, the data will be stored but not further processed. This right is protected under GDPR (Article 18).
7.5. Right to Data Portability
You may request a structured, machine-readable copy of your data, such as in JSON or CSV format, for transfer to another provider. This applies only to data processed by automated means under consent or contractual necessity. Data inferred or derived by Sunetix, including analytics and fraud scores, is excluded. This right is outlined in GDPR (Article 20).
7.6. Right to Object
You may object to data processing based on legitimate interests, such as for marketing or research purposes. Sunetix will cease processing unless overriding grounds, such as legal defense or public safety, apply. Objections to direct marketing are processed immediately and without exception. This right is supported by GDPR (Article 21) and CCPA (Section 1798.120).
7.7. Rights Regarding Automated Decisions
You may request a human review of decisions made solely by automated systems, such as fraud risk assessments. Upon request, Sunetix will disclose the logic and significance of automated processes. This right is established in GDPR (Article 22) and CCPA (Section 1798.185).
7.8. Right to Withdraw Consent
You may revoke consent for non-essential processing, such as marketing communications and cookies, through the Client Portal or cookie settings. Withdrawal does not affect the lawfulness of prior processing. This right is recognized under GDPR (Article 7(3)).
7.9. Right to Non-Discrimination (CCPA)
Sunetix will not deny services, impose additional fees, or degrade service quality in response to the exercise of CCPA rights. However, pricing variations may apply where data differences impact service costs, such as tiered hosting plans. This right is guaranteed under CCPA (Section 1798.125).
7.10. Exercising Your Rights
To submit a request, you must contact support@sunetix.org or use the Client Portal. Identity verification may require a government-issued ID or account-specific details. If a request is denied, you may appeal the decision by contacting Sunetix’s Data Protection Officer (DPO) at legal@sunetix.org.
7.11. Third-Party Requests
Authorized agents, such as legal representatives, must provide proof of authorization, such as a power of attorney, and verify your identity before submitting requests on your behalf.
8. International Data Transfers
8.1. Scope and Necessity
Sunetix operates on a global scale, requiring the transfer of personal data across borders to maintain service continuity. Data may be transferred to and processed in jurisdictions where data protection laws may differ from those in your location. These transfers occur to facilitate server operations through international data centers, support third-party integrations such as payment processors and domain registrars, and enable customer support services across time zones. Such transfers are legally justified under contractual necessity (Article 6(1)(b) GDPR) and legitimate interests (Article 6(1)(f) GDPR).
8.2. Legal Safeguards for Transfers
Sunetix ensures compliance with international data protection standards by employing multiple safeguards. Standard Contractual Clauses (SCCs) are applied to transfers from the EU/EEA to non-adequate countries, ensuring GDPR-equivalent protections. The International Data Transfer Agreement (IDTA) governs transfers from the UK to jurisdictions outside the UK. For transfers to the United States, Sunetix partners with vendors that self-certify under the EU-U.S. Data Privacy Framework, as recognized by the European Commission. Intra-group data transfers within Sunetix’s corporate structure are governed by Binding Corporate Rules (BCRs). Additionally, supplementary measures such as encryption, pseudonymization, and contractual audits mitigate risks identified in the Schrems II ruling.
8.3. Regions and Partners
Sunetix transfers data to multiple regions based on operational requirements. Processing for EU, EEA, and UK users primarily occurs within these jurisdictions unless otherwise specified. Certain services require transfers to the United States, such as those involving payment processors like Stripe and cloud infrastructure providers. Technical support and development functions are partially managed in Ukraine under strict confidentiality agreements. Domain registration data may be transferred to registrars in various jurisdictions in accordance with ICANN policies.
8.4. User Rights and Objections
You may request information on the specific mechanisms used for transferring your data, object to transfers based on legitimate interests by contacting dpo@sunetix.org, or withdraw consent for non-essential transfers, such as marketing analytics, subject to potential service limitations. Objections may not be honored where transfers are essential for contractual performance, such as domain registrations.
8.5. Dynamic Compliance
Sunetix continuously monitors regulatory developments, including adequacy decisions and changes to international data transfer frameworks. Transfer mechanisms are updated accordingly, and material changes to our approach are communicated via email or account notifications.
8.6. Third-Party Accountability
Sunetix requires that all third-party partners receiving international data transfers comply with strict contractual obligations. These obligations include adherence to Sunetix’s Data Processing Agreements (DPAs), notification of any legal requests for data disclosure, and implementation of security measures equivalent to those outlined in Section 5 (“Security Measures”).
9. Third-Party Links
9.1. Scope and Purpose
Sunetix’s Services may contain links to external websites, platforms, or resources operated by third parties, such as payment gateways, domain registrars, and social media pages. These links are provided for convenience, informational purposes, or to enable service integrations. Sunetix does not endorse, control, or assume responsibility for the content, privacy practices, or security measures of third-party sites. The legal basis for such processing is Legitimate Interests (Article 6(1)(f) GDPR) and Contractual Necessity (Article 6(1)(b) GDPR).
9.2. Risks and User Responsibility
Sunetix disclaims liability for any damages, data breaches, or legal violations resulting from interactions with third-party links. Users are solely responsible for reviewing the privacy policies, terms of service, and security practices of any external website before sharing personal or financial data. Certain third-party content, such as social media widgets and embedded maps, may automatically collect user information, including IP addresses, browser details, and cookies, even without direct interaction.
9.3. Common Third-Party Integrations
Sunetix’s Services may involve third-party integrations for various functionalities. Payment processors, such as PayPal and Stripe, facilitate financial transactions. Social media links direct users to Sunetix’s official profiles on platforms like Facebook and Twitter/X. Analytics and marketing tools, including Google Analytics and Hotjar, track user behavior across sites. Domain-related services, such as ICANN-mandated WHOIS directories and SSL certificate authorities, require data sharing for compliance.
9.4. User Controls
Users may mitigate third-party tracking risks by employing browser extensions, such as ad-blockers or script blockers. Platforms like YourAdChoices provide opt-out tools for managing cross-site tracking. Cookie preferences can be adjusted through Sunetix’s consent manager or browser settings.
9.5. Children’s Privacy
Third-party sites linked from Sunetix’s Services may enforce age restrictions or collect data from minors. Sunetix does not monitor or verify third-party compliance with regulations such as COPPA (Children’s Online Privacy Protection Act).
10. Children’s Privacy
10.1. Age Restriction
Sunetix’s Services are not intended for individuals under 18 years of age. Personal data from minors is not knowingly collected, processed, or stored. Users under 18 are prohibited from using the Services unless parental consent is obtained in accordance with applicable laws. The legal basis for this restriction is Legal Obligation (Article 8 GDPR) and compliance with COPPA for U.S. users.
10.2. Parental Controls and Responsibilities
Sunetix relies on user-provided information during account creation to verify age. Parents or legal guardians may request the deletion of data inadvertently collected from minors by contacting support@sunetix.org and providing proof of guardianship, such as a birth certificate or court order. Parents and guardians are responsible for supervising minors’ online activities and ensuring compliance with this Privacy Policy.
10.3. Data Retention and Deletion
If Sunetix identifies that a minor’s data has been processed without valid parental consent, the associated account will be suspended immediately. All personal data will be deleted within 14 business days unless legal obligations, such as fraud investigations, require retention. If verifiable, parents or guardians will be notified of such actions via email.
10.4. Third-Party Risks
External platforms linked to Sunetix’s Services, such as social media and payment gateways, may enforce independent age policies. Sunetix disclaims responsibility for their compliance with child privacy laws. The legal basis for this disclaimer is Legitimate Interests (Article 6(1)(f) GDPR).
10.5. No Sale of Minor Data
Sunetix does not sell, trade, or monetize the personal data of minors, as defined under CCPA and GDPR.
11. Updates and Contact
11.1. Policy Revisions
Sunetix reserves the right to modify, amend, or replace this Privacy Policy at any time in response to changes in legal requirements, operational practices, or service offerings. Material revisions, such as expanded data-sharing practices or new third-party partnerships, will be communicated to users at least 30 days prior to the effective date through email notifications, website announcements on sunetix.org and the Client Portal, and in-account alerts displayed during login or service configuration. Non-material changes, including grammatical corrections and formatting adjustments, take immediate effect without prior notice. The legal basis for policy updates is Legitimate Interests (Article 6(1)(f) GDPR) and Legal Obligation (Article 13(3) GDPR).
11.2. Acceptance of Revisions
Continued use of the Services after the effective date of any revision constitutes binding acceptance of the updated Policy. Users who disagree with the changes must discontinue use of the Services and submit an account deletion request under Section 7.3 (“Right to Erasure”).
11.3. Contact Information
For privacy-related inquiries, requests, or complaints, users may contact Sunetix via email at support@sunetix.org for general inquiries or legal@sunetix.org for Data Protection Officer matters. Requests can also be submitted through the Client Portal’s ticketing system for tracking and audit purposes. Written correspondence may be sent to IE Oleksii Smychkov, 19A Chokolivsky Blvd., Kyiv 03186, Ukraine.
Sunetix acknowledges privacy-related requests within 48 hours and resolves them within 30 days unless complexity or regulatory requirements necessitate an extension.
11.4. Regulatory Authority Escalation
If Sunetix’s response is unsatisfactory, users may escalate complaints to their local Data Protection Authority. EU, EEA, and UK users may contact entities such as Ireland’s Data Protection Commission (DPC) or the UK’s Information Commissioner’s Office (ICO). U.S. users may file complaints with the Federal Trade Commission (FTC) or their state attorney general. Users in other jurisdictions may contact their country’s supervisory authority.
11.5. Dispute Resolution
Sunetix cooperates with regulatory investigations and provides necessary documentation to resolve disputes. Legal summons and formal inquiries should be directed to legal@sunetix.org.