All systems operational Kyiv, UA · Mon–Fri 09:00–18:00 EET
+380 44 235 88 10 info@codeforgetful.com

Legal

Privacy Policy

Last updated: 1 January 2026

This Privacy Policy explains how Code Forgetful LLC ("Code Forgetful", "we", "us", "our") collects, uses and protects your personal data when you visit our website at codeforgetful.com or communicate with us. We are the data controller for the personal data described in this policy.

1. Who We Are

Code Forgetful LLC is registered in Ukraine and operates from 7 Baseina Street, Office 14, Kyiv 01004, Ukraine. For any privacy-related matter you may contact us at privacy@codeforgetful.com or by post at the address above.

2. What Personal Data We Collect

We collect the following categories of personal data:

  • Contact form data: when you complete our contact form we collect your full name, email address, company name (optional), subject and message content.
  • Communication records: if you contact us by email or phone we may retain records of that communication to respond to you and for quality purposes.
  • Technical and usage data: we automatically collect your IP address, browser type and version, device type, operating system, referring URL, pages visited on our site and approximate geographic location (country/city level) derived from your IP address.
  • Cookie data: where you consent, we place analytics cookies that measure how visitors use the site. See Section 6 for details.

We do not collect or process special categories of personal data (such as health, biometric or genetic data) through this website.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

  • Responding to enquiries: to review your project brief, answer your questions and follow up on your contact form submission.
  • Providing services: where you become a client, to fulfil our contractual obligations including project delivery, billing and support.
  • Improving our website: to understand which pages are most useful, identify technical errors and improve the user experience.
  • Security and fraud prevention: to monitor for and respond to potential security threats and abusive use of our website.
  • Legal compliance: to meet our obligations under Ukrainian law and applicable regulations.

We will not use your personal data for automated decision-making that produces legal or similarly significant effects on you without your explicit consent.

4. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent (Article 6(1)(a) GDPR): when you submit our contact form or accept non-essential cookies. You may withdraw consent at any time — see Section 9.
  • Contract performance (Article 6(1)(b) GDPR): to deliver services you have engaged us to provide and to manage the client relationship.
  • Legitimate interests (Article 6(1)(f) GDPR): to operate and improve our website, maintain site security and manage routine business administration. We have assessed that our interests do not override your rights and freedoms.
  • Legal obligation (Article 6(1)(c) GDPR): to comply with applicable Ukrainian laws, tax and accounting requirements.

5. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected:

  • Contact form enquiries — up to 24 months from the date of contact, or longer if it results in an ongoing client relationship.
  • Client project data — for the duration of the engagement and for up to 5 years thereafter in line with Ukrainian accounting and contractual requirements.
  • Technical/server logs — up to 90 days, unless a longer period is required for security investigation.
  • Analytics cookie data — up to 14 months from collection (standard analytics retention period).

When personal data is no longer needed we delete it securely or anonymise it so it can no longer be linked to you.

6. Cookies

Our website uses the following categories of cookies:

  • Strictly necessary cookies: required for the site to function (for example, remembering your cookie consent preference). These are placed without requiring your consent under the ePrivacy rules.
  • Analytics cookies: placed only with your consent, these help us measure page visits, traffic sources and user behaviour in aggregate form so we can improve the site. We do not use data from these cookies to identify individuals.

You can accept or decline non-essential cookies through the banner shown on your first visit. You can also clear or block cookies at any time through your browser settings; note that blocking all cookies may affect site functionality. Your preference is stored in your browser's localStorage and expires after 12 months.

7. Sharing Your Data

We do not sell, rent or trade your personal data. We may share it in the following limited circumstances:

  • Service providers: we use trusted third-party providers for web hosting and infrastructure (currently hosting in the European Union and Ukraine), email delivery and analytics. These providers process data on our behalf under written data processing agreements and are not permitted to use it for their own purposes.
  • Legal requirements: we may disclose personal data if required to do so by Ukrainian law, court order or legitimate request from a competent authority, and only to the extent required.
  • Business transfer: in the event of a merger, acquisition or sale of our business, personal data may be transferred to the new owner, subject to appropriate confidentiality protections.

8. International Data Transfers

Our primary operations and data storage are based in Ukraine. Where we use service providers that process data in the European Economic Area (EEA) or in countries with an EU adequacy decision, such transfers are covered by those protections. For transfers to other countries we put appropriate safeguards in place, including Standard Contractual Clauses approved by the European Commission.

9. Your Rights

Depending on your location and the legal basis for processing, you may have the following rights regarding your personal data. See our GDPR & Data Protection page for a full description of each right and how to exercise it:

  • Right to access your data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

To exercise any of these rights, contact us at privacy@codeforgetful.com. We will respond within 30 days and may ask for reasonable proof of identity.

10. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction or alteration. These measures include encrypted data transmission (HTTPS), restricted access controls and regular security reviews. No method of transmission over the internet is completely secure; if you believe your data has been compromised, please contact us immediately.

11. Links to Third-Party Sites

Our website may contain links to third-party websites. This Privacy Policy applies only to our own site. We are not responsible for the privacy practices of external sites and encourage you to review their policies before providing any personal data.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or service offerings. The revised version will be published on this page with an updated "Last updated" date. For material changes we will display a prominent notice on the website or contact you directly where appropriate.

13. Contact & Complaints

For any questions about this Privacy Policy or to exercise your rights, contact our data protection contact at privacy@codeforgetful.com or write to Code Forgetful LLC, 7 Baseina Street, Office 14, Kyiv 01004, Ukraine.

If you are located in the EU and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority. In Ukraine, privacy oversight is provided by the Ukrainian Parliament Commissioner for Human Rights (Ombudsperson).