Privacy Policy

Last updated: January 27, 2026

This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. If You do not agree with this Policy, please do not use Our Service.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

• Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to JS KOLIBRI, Ukraine.
• Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
• Country refers to: Ukraine.
• Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
• Personal Data is any information that relates to an identified or identifiable individual (e.g., name, email address).
• Service refers to the Website.
• Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service, or to assist the Company in analyzing how the Service is used.
• Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
• Website refers to JS KOLIBRI, accessible from https://js.kolibri.one.
• You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

• Email address
• First name and last name
• Phone number
• Address, State, Province, ZIP/Postal code, City
• Sensitive Personal Information (SPI), if required for the Service and with explicit consent (e.g., health data, financial account number for processing)

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of Our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. In line with the GDPR, we require Your **active consent (opt-in)** for the use of any non-essential cookies or tracking technologies. **Your cookie preferences are managed by our Consent Management Platform (CMP), provided by Cookiebot.**

Legal Basis for Processing (For EU/EEA Users - GDPR)

Under the General Data Protection Regulation (GDPR), we process Your Personal Data only when we have a valid legal basis. Our legal bases include:

• Contract Performance: The processing is necessary for the performance of a contract to which You are party (e.g., providing the services You requested).
• Legitimate Interest: The processing is necessary for Our legitimate interests (e.g., preventing fraud, ensuring network security, product improvement), provided these interests do not override Your fundamental rights and freedoms.
• Legal Obligation: The processing is necessary for compliance with a legal obligation (e.g., tax, accounting requirements).
• Vital Interests: The processing is necessary to protect the vital interests of the data subject or of another natural person.
• Consent: We have obtained Your unambiguous consent for processing for one or more specific purposes (e.g., for non-essential marketing communications). You have the right to withdraw this consent at any time.

Use of Your Personal Data

The Company may use Personal Data for the following purposes (including the legal basis for EU/EEA users):

• To provide and maintain our Service: (Legal Basis: Contract Performance)
• To manage Your Account: To manage Your registration as a user of the Service. (Legal Basis: Contract Performance)
• To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication regarding updates or informational communications related to the functionalities. (Legal Basis: Contract Performance or Legitimate Interest)
• To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about, unless You have opted not to receive such information. (Legal Basis: Consent or Legitimate Interest)
• To manage Your requests: To attend to and manage Your requests to Us. (Legal Basis: Legitimate Interest)
• For evaluation and improvement: We may use Your information to evaluate or conduct analysis to improve Our Service, products, services, marketing, and Your experience. (Legal Basis: Legitimate Interest)

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain Your data to comply with applicable laws).

Transfer of Your Personal Data (International Data Transfer)

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. This means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

Safeguards for International Transfers

For cross-border data transfers, especially to countries not deemed to provide an adequate level of data protection by the European Commission, the Company implements appropriate safeguards:

• For EU/EEA Users (GDPR): We utilize the European Commission's **Standard Contractual Clauses (SCCs)** or rely on an adequacy decision (e.g., the EU-US Data Privacy Framework), where applicable, as a data protection mechanism. We also conduct **Transfer Impact Assessments (TIA)** to ensure the protection of the data against foreign government access.
• For PRC Users (PIPL): For transfers of personal information outside of mainland China, we ensure compliance with the Personal Information Protection Law (PIPL) by obtaining separate consent and securing one of the three statutory mechanisms: passing a security assessment, certification by a specialized body, or entering into standard contracts (SCCs) approved by the Chinese authorities.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law Enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other Legal Requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

• Comply with a legal obligation
• Protect and defend the rights or property of the Company
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of Users of the Service or the public
• Protect against legal liability

Your Data Protection Rights (GDPR, CCPA/CPRA, PIPL)

Depending on Your location, You may be entitled to the following rights:

• Right to Access (Right to Know): You have the right to request copies of Your Personal Data. For California residents, this right extends to data collected beyond the 12-month period preceding the request (back to January 1, 2022), upon request.
• Right to Rectification: You have the right to request that we correct any information You believe is inaccurate or complete information You believe is incomplete.
• Right to Erasure (Right to Be Forgotten): You have the right to request that we erase Your Personal Data, under certain conditions.
• Right to Restriction of Processing: You have the right to request that we restrict the processing of Your Personal Data, under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of Your Personal Data, particularly when processing is based on legitimate interests.
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to You, under certain conditions.
• Right to Non-Discrimination: We will not discriminate against You for exercising any of Your privacy rights.
• Right to Object to Automated Decision Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You (as per GDPR and the EU AI Act).

To exercise any of these rights, please contact Us using the details provided in the "Contact Us" section. You can also withdraw Your cookie consent at any time via the Cookiebot consent banner/dialog.

Specific Provisions for USA Residents (CCPA/CPRA)

This section applies only to residents of the State of California, United States, and supplements the information contained elsewhere in this Policy.

• Right to Opt-Out of Sale or Sharing: California residents have the right to opt-out of the "sale" or "sharing" (which includes cross-context behavioral advertising) of their personal information. We commit to recognizing and respecting universal opt-out preference signals, such as the Global Privacy Control (GPC).
• Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of Your Sensitive Personal Information (SPI) to only what is necessary to perform the Services or provide the goods reasonably expected.

Your Right to Opt-Out of Sale or Sharing

You may exercise this right by clicking the button below, which will open the dedicated consent management panel:

DO NOT SELL OR SHARE MY PERSONAL INFORMATION

Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security. The Company implements appropriate technical and organizational measures to ensure a high level of security.

Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

• By email: bioluch@gmail.com
• Data Protection Officer (DPO): For GDPR-related inquiries, please specify this in the subject line.