Lemvark
Start Learning

GDPR Privacy Policy

Last updated: April 10, 2025

This Privacy Policy describes how Lemvark ("we", "us", or "our") collects, uses, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). By accessing or using our services available at lemvark.com, you acknowledge that you have read and understood this policy.

1. Data Controller

Lemvark acts as the data controller for personal data collected through this website and related services. If you have any questions or concerns regarding your personal data, you may contact us at:

  • Email: help@lemvark.com
  • Phone: +380962430680
  • Address: Myronosytska St, 56, Kharkiv, Kharkiv Oblast, Ukraine, 61144

2. Definitions

For the purposes of this policy, the following terms apply:

  • Personal Data — any information relating to an identified or identifiable natural person.
  • Data Subject — any individual whose personal data is processed by us.
  • Processing — any operation performed on personal data, including collection, storage, use, transfer, or deletion.
  • Consent — freely given, specific, informed, and unambiguous indication of the data subject's agreement to processing.
  • Third Party — any entity other than the data subject and the data controller.
  • Data Breach — a security incident leading to accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data.

3. Personal Data We Collect

3.1 Data You Provide Directly

  • Full name and contact details (email address, phone number)
  • Account registration information including username and password
  • Billing and payment information
  • Communications sent to us via contact forms, email, or support channels
  • Profile information and preferences

3.2 Data Collected Automatically

  • IP address and approximate geographic location
  • Browser type, version, and operating system
  • Device identifiers and hardware configuration
  • Pages visited, time spent, and navigation patterns
  • Referral URLs and search terms used to reach our site
  • Cookie data and similar tracking technologies

3.3 Data From Third Parties

  • Information received from authentication providers if you use social login
  • Analytics and advertising data from integrated third-party services
  • Payment verification data from payment processors

4. Legal Bases for Processing

We process personal data only where a valid legal basis exists under Article 6 of the GDPR:

Legal Basis Description Examples
Consent (Art. 6(1)(a)) You have given clear consent for a specific purpose Marketing emails, optional cookies
Contract (Art. 6(1)(b)) Processing is necessary to fulfill a contract with you Account creation, service delivery
Legal Obligation (Art. 6(1)(c)) Processing is required to comply with applicable law Tax records, legal disclosures
Legitimate Interests (Art. 6(1)(f)) Processing serves our legitimate interests, not overridden by your rights Fraud prevention, security monitoring

5. Purposes of Processing

We use collected personal data for the following purposes:

  • To create, manage, and maintain your user account
  • To deliver and improve our educational services and content
  • To process payments and manage billing
  • To respond to your inquiries and provide customer support
  • To send service-related notifications and updates
  • To send marketing communications where you have consented
  • To analyze usage patterns and optimize website performance
  • To detect, prevent, and respond to fraud or security threats
  • To comply with applicable legal and regulatory obligations
  • To enforce our terms of service and other agreements

6. Cookies and Tracking Technologies

6.1 Types of Cookies Used

  • Strictly Necessary Cookies — essential for the website to function and cannot be disabled.
  • Performance Cookies — collect anonymized data about how visitors use the site to help us improve it.
  • Functional Cookies — remember your preferences and personalization settings.
  • Targeting Cookies — used to deliver relevant advertising and track campaign effectiveness.

6.2 Managing Cookies

You may control cookie preferences through your browser settings or our cookie consent tool. Disabling certain cookies may affect the functionality of our services. For more information, refer to your browser's help documentation.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable law. Retention periods vary depending on data type:

  • Account data is retained for the duration of your account and up to 3 years after closure
  • Transaction and billing records are retained for a minimum of 7 years for legal and accounting compliance
  • Communication records are retained for up to 2 years from the date of last interaction
  • Log and analytics data is retained for up to 12 months in identifiable form
  • Cookie data is retained per the specific cookie expiry periods disclosed in our cookie settings

Upon expiry of the applicable retention period, data is securely deleted or anonymized in a manner that prevents re-identification.

8. Data Sharing and Transfers

8.1 Recipients of Personal Data

We do not sell your personal data. We may share data with the following categories of recipients:

  • Service Providers — third-party vendors who process data on our behalf under contractual obligations (e.g., hosting, analytics, payment processing)
  • Professional Advisors — lawyers, auditors, and accountants bound by confidentiality obligations
  • Authorities — public bodies or law enforcement agencies when required by law
  • Business Transfers — in connection with a merger, acquisition, or sale of assets

8.2 International Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or we rely on adequacy decisions where applicable. You may request a copy of applicable transfer safeguards by contacting us.

9. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

  • Right of Access (Art. 15) — You may request a copy of the personal data we hold about you.
  • Right to Rectification (Art. 16) — You may request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17) — You may request deletion of your data where processing is no longer justified.
  • Right to Restrict Processing (Art. 18) — You may request that we limit how we use your data in certain circumstances.
  • Right to Data Portability (Art. 20) — You may request your data in a structured, machine-readable format.
  • Right to Object (Art. 21) — You may object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent (Art. 7(3)) — Where processing is based on consent, you may withdraw it at any time without affecting prior lawful processing.
  • Right to Lodge a Complaint — You have the right to file a complaint with a supervisory authority in your country of residence.

To exercise any of these rights, please contact us at help@lemvark.com. We will respond within 30 days of receiving your request. We may require identity verification before processing your request.

10. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, destruction, or alteration. These measures include:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Access controls and role-based permissions limiting data access to authorized personnel
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and information security
  • Incident response procedures for handling data breaches

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay where required by law.

11. Automated Decision-Making and Profiling

We may use automated processing to personalize content and learning recommendations based on your usage behavior. This does not constitute solely automated decision-making that produces significant legal effects on you as defined under Article 22 of the GDPR. You have the right to request human review of any automated decisions that materially affect you.

12. Children's Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal data from individuals under 16 without verifiable parental or guardian consent. If you believe we have inadvertently collected data from a minor, please contact us immediately at help@lemvark.com and we will take steps to delete such data promptly.

13. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties and encourage you to review their privacy policies before providing any personal data. This policy applies solely to data collected through our own services.

14. Changes to This Policy

We reserve the right to update this Privacy Policy at any time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through a prominent notice on our website. Your continued use of our services after any changes constitutes your acceptance of the revised policy. We encourage you to review this policy periodically.

15. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact us using the details below:

  • Company: Lemvark
  • Website: lemvark.com
  • Email: help@lemvark.com
  • Phone: +380962430680
  • Address: Myronosytska St, 56, Kharkiv, Kharkiv Oblast, Ukraine, 61144

This policy is effective as of April 10, 2025 and supersedes all previous versions.