Privacy Policy

Platform: AIQ Agency (aiq.agency)

Last revised: 1/12/2026

ФОП Мандрік С.І. (hereinafter "we", "us", "our", "Company", "AIQ Agency") respects your privacy and is committed to protecting your personal data in accordance with the Law of Ukraine "On Personal Data Protection" dated 01.06.2010 No. 2297-VI (as amended) and EU Regulation 2016/679 (GDPR).

This Privacy Policy defines the procedures for collecting, processing, storing, and protecting personal data of users of the website aiq.agency.

1. Data Controller

In accordance with the Law of Ukraine "On Personal Data Protection":

Full name: ФОП Мандрік С.І.
Tax identification number: 3289415036
Legal address: Ukraine, Kyiv, Horlivska str. 220, apt. 25
Contact email: info@aiq.agency
Website: aiq.agency

2. Categories of Personal Data Processed

2.1. Data You Provide Voluntarily

Identification data: first name, last name, patronymic
Contact data: email address, phone number
Professional data: company name, job title, industry
Account data: login email, password (stored in encrypted form)
Communication data: content of messages through contact forms
Payment information: processed exclusively through certified payment systems WayForPay and Cryptomus; we do not store bank card details

2.2. Data Collected Automatically

Technical information: IP address, browser type and version, operating system, screen resolution, timezone, interface language
Device information: device type (desktop, tablet, smartphone), touch screen availability, pixel ratio
Behavioral data: pages viewed, session duration, scroll depth, click count, first and last visit time
Marketing data: referral source, UTM tags, advertising platform identifiers (Google Ads, Facebook, Microsoft, TikTok, LinkedIn, Twitter)
Geolocation: country, city (determined based on your browser's timezone)

2.3. Data from Third Parties

Google authorization: email address, name, profile photo (with your consent)

3. Cookies and Tracking Technologies

3.1. Cookies

Category	Name	Purpose	Retention Period
Essential	next-auth.session-token	Maintaining authorized user session	Until browser close
Essential	next-auth.csrf-token	Protection against CSRF attacks	Until browser close
Essential	locale	Storing selected interface language	1 year
Functional	theme	Storing theme preference (light/dark)	1 year

3.2. Browser Web Storage

We use localStorage and sessionStorage for:

Storing user language preferences (preferred-language)
Temporary storage of UTM tags and advertising identifiers (aiq_utm_params)
Tracking user navigation on the site (aiq_page_path)
Storing engagement metrics (aiq_scroll_depth, aiq_click_count, aiq_focus_time)
Counting visits (aiq_visit_count)

3.3. Web Analytics Services

Google Analytics 4 (GA4): traffic analysis, traffic sources, and user behavior. We track: page views, content interaction (viewing/copying prompts, workflow progress), search queries, cart actions, preference changes (language, theme). IP addresses are anonymized. See Cookie Policy for details.
Google Search Console: site indexing and search query monitoring

4. Purposes of Personal Data Processing

Service provision: account registration, order processing, access to AI prompts, workflows, and automations
Contractual obligations: payment processing, transaction confirmation, subscription management
Communication: responding to inquiries, technical support, service notifications
Marketing: informing about new products, promotions, and updates (only with your consent)
Analytics: website improvement, user experience optimization
Security: fraud prevention, protection against unauthorized access
Legal compliance: tax reporting, fulfillment of government authority requests

5. Legal Basis for Data Processing

In accordance with Article 11 of the Law of Ukraine "On Personal Data Protection" and Article 6 of GDPR:

Data subject consent: account registration, newsletter subscription, cookie usage
Contract performance: provision of ordered services, payment processing
Legitimate interests: security, analytics, service improvement
Legal obligations: tax and accounting reporting

6. Transfer of Personal Data to Third Parties

We may transfer your data to the following categories of recipients:

Payment systems: WayForPay (Ukraine) - card payment processing; Cryptomus - cryptocurrency payments
Hosting providers: Render.com (USA) - website and database hosting
Analytics services: Google LLC (Analytics, Search Console)
Mail services: SendGrid for sending transactional and service messages
Government authorities: upon lawful request in accordance with current Ukrainian legislation

We do not sell or transfer your personal data to third parties for marketing purposes without your explicit consent.

7. Cross-Border Data Transfer

Your personal data may be transferred and processed outside Ukraine, including in EU countries and the USA, by our partners and service providers.

Transfer is carried out in compliance with Article 29 of the Law of Ukraine "On Personal Data Protection" and based on:

Standard contractual clauses approved by the European Commission
Supplier certification under the EU-US Data Privacy Framework
Appropriate technical and organizational protection measures

8. Personal Data Retention Periods

Account data: for the duration of the account and 30 days after deletion
Order and payment data: 7 years (in accordance with Ukrainian tax legislation requirements)
Contact form data: 2 years from the date of inquiry
Analytics data: 26 months
Cookies: from session to 1 year depending on type
Web storage data: until cleared by user or browser close

After the retention period expires, data is deleted or anonymized.

9. Rights of Personal Data Subjects

In accordance with Article 8 of the Law of Ukraine "On Personal Data Protection" and Chapter III of GDPR, you have the right to:

Right of access: receive confirmation of your data processing and a copy thereof
Right to rectification: request correction of inaccurate or incomplete data
Right to erasure: request deletion of your data ("right to be forgotten")
Right to restriction: request suspension of processing in certain cases
Right to portability: receive your data in a structured machine-readable format
Right to object: object to processing for direct marketing purposes
Right to withdraw consent: withdraw previously given consent at any time

To exercise your rights, send a request to info@aiq.agency. We will review your request within 30 calendar days.

10. Social Media Presence

AIQ Agency is represented on the following platforms:

Facebook (Meta Platforms, Inc.)
Instagram (Meta Platforms, Inc.)
LinkedIn (Microsoft Corporation)
Telegram (Telegram FZ LLC)
YouTube (Google LLC)
X (Twitter) (X Corp.)

When interacting with our pages, the privacy policies of the respective platforms apply. We recommend reviewing them separately.

11. Security Measures

To protect your personal data, we implement:

Encryption: SSL/TLS certificate for all connections (HTTPS)
Password protection: hashing using bcrypt algorithm
Two-factor authentication: additional account protection level (2FA)
Backup: regular automatic data backup
Access control: access rights separation based on least privilege principle
Monitoring: tracking suspicious activity and unauthorized access attempts
Updates: regular software and security system updates

12. Processing of Minors' Data

Our services are intended for persons who have reached 16 years of age. We do not knowingly collect personal data from children under 16 years of age. If you are a parent or guardian and believe your child has provided us with their data, please contact us for deletion.

13. Changes to the Privacy Policy

We reserve the right to make changes to this Policy. The date of the last revision is indicated at the beginning of the document.

We will notify you of significant changes affecting the processing of your data by:

Publishing an updated version on the website
Notification to your email (for registered users)

14. Related Documents

Cookie Policy - use of cookies on the platform
Terms of Use - platform usage rules
Editorial Policy - content quality standards
Disclaimer - limitation of liability

15. Contact Information and Appeals

For personal data processing inquiries, please contact:

Email: info@aiq.agency
Postal address: Ukraine, Kyiv, Horlivska str. 220, apt. 25

Document version: 1.0

Last update date: 1/12/2026

Platform: AIQ Agency (aiq.agency)

Operator: ФОП Мандрік С.І.

Email: info@aiq.agency

This Privacy Policy complies with GDPR (EU Regulation 2016/679) and Ukrainian Law "On Personal Data Protection" (No. 2297-VI).

Privacy Policy

Platform: AIQ Agency (aiq.agency)

Last revised: 1/12/2026

This Privacy Policy defines the procedures for collecting, processing, storing, and protecting personal data of users of the website aiq.agency.

1. Data Controller

In accordance with the Law of Ukraine "On Personal Data Protection":

Full name: ФОП Мандрік С.І.
Tax identification number: 3289415036
Legal address: Ukraine, Kyiv, Horlivska str. 220, apt. 25
Contact email: info@aiq.agency
Website: aiq.agency

2. Categories of Personal Data Processed

2.1. Data You Provide Voluntarily

Identification data: first name, last name, patronymic
Contact data: email address, phone number
Professional data: company name, job title, industry
Account data: login email, password (stored in encrypted form)
Communication data: content of messages through contact forms
Payment information: processed exclusively through certified payment systems WayForPay and Cryptomus; we do not store bank card details

2.2. Data Collected Automatically

Technical information: IP address, browser type and version, operating system, screen resolution, timezone, interface language
Device information: device type (desktop, tablet, smartphone), touch screen availability, pixel ratio
Behavioral data: pages viewed, session duration, scroll depth, click count, first and last visit time
Marketing data: referral source, UTM tags, advertising platform identifiers (Google Ads, Facebook, Microsoft, TikTok, LinkedIn, Twitter)
Geolocation: country, city (determined based on your browser's timezone)

2.3. Data from Third Parties

Google authorization: email address, name, profile photo (with your consent)

3. Cookies and Tracking Technologies

3.1. Cookies

Category	Name	Purpose	Retention Period
Essential	next-auth.session-token	Maintaining authorized user session	Until browser close
Essential	next-auth.csrf-token	Protection against CSRF attacks	Until browser close
Essential	locale	Storing selected interface language	1 year
Functional	theme	Storing theme preference (light/dark)	1 year

3.2. Browser Web Storage

We use localStorage and sessionStorage for:

Storing user language preferences (preferred-language)
Temporary storage of UTM tags and advertising identifiers (aiq_utm_params)
Tracking user navigation on the site (aiq_page_path)
Storing engagement metrics (aiq_scroll_depth, aiq_click_count, aiq_focus_time)
Counting visits (aiq_visit_count)

3.3. Web Analytics Services

Google Analytics 4 (GA4): traffic analysis, traffic sources, and user behavior. We track: page views, content interaction (viewing/copying prompts, workflow progress), search queries, cart actions, preference changes (language, theme). IP addresses are anonymized. See Cookie Policy for details.
Google Search Console: site indexing and search query monitoring

4. Purposes of Personal Data Processing

Service provision: account registration, order processing, access to AI prompts, workflows, and automations
Contractual obligations: payment processing, transaction confirmation, subscription management
Communication: responding to inquiries, technical support, service notifications
Marketing: informing about new products, promotions, and updates (only with your consent)
Analytics: website improvement, user experience optimization
Security: fraud prevention, protection against unauthorized access
Legal compliance: tax reporting, fulfillment of government authority requests

5. Legal Basis for Data Processing

In accordance with Article 11 of the Law of Ukraine "On Personal Data Protection" and Article 6 of GDPR:

Data subject consent: account registration, newsletter subscription, cookie usage
Contract performance: provision of ordered services, payment processing
Legitimate interests: security, analytics, service improvement
Legal obligations: tax and accounting reporting

6. Transfer of Personal Data to Third Parties

We may transfer your data to the following categories of recipients:

Payment systems: WayForPay (Ukraine) - card payment processing; Cryptomus - cryptocurrency payments
Hosting providers: Render.com (USA) - website and database hosting
Analytics services: Google LLC (Analytics, Search Console)
Mail services: SendGrid for sending transactional and service messages
Government authorities: upon lawful request in accordance with current Ukrainian legislation

We do not sell or transfer your personal data to third parties for marketing purposes without your explicit consent.

7. Cross-Border Data Transfer

Your personal data may be transferred and processed outside Ukraine, including in EU countries and the USA, by our partners and service providers.

Transfer is carried out in compliance with Article 29 of the Law of Ukraine "On Personal Data Protection" and based on:

Standard contractual clauses approved by the European Commission
Supplier certification under the EU-US Data Privacy Framework
Appropriate technical and organizational protection measures

8. Personal Data Retention Periods

Account data: for the duration of the account and 30 days after deletion
Order and payment data: 7 years (in accordance with Ukrainian tax legislation requirements)
Contact form data: 2 years from the date of inquiry
Analytics data: 26 months
Cookies: from session to 1 year depending on type
Web storage data: until cleared by user or browser close

After the retention period expires, data is deleted or anonymized.

9. Rights of Personal Data Subjects

In accordance with Article 8 of the Law of Ukraine "On Personal Data Protection" and Chapter III of GDPR, you have the right to:

Right of access: receive confirmation of your data processing and a copy thereof
Right to rectification: request correction of inaccurate or incomplete data
Right to erasure: request deletion of your data ("right to be forgotten")
Right to restriction: request suspension of processing in certain cases
Right to portability: receive your data in a structured machine-readable format
Right to object: object to processing for direct marketing purposes
Right to withdraw consent: withdraw previously given consent at any time

To exercise your rights, send a request to info@aiq.agency. We will review your request within 30 calendar days.

10. Social Media Presence

AIQ Agency is represented on the following platforms:

Facebook (Meta Platforms, Inc.)
Instagram (Meta Platforms, Inc.)
LinkedIn (Microsoft Corporation)
Telegram (Telegram FZ LLC)
YouTube (Google LLC)
X (Twitter) (X Corp.)

When interacting with our pages, the privacy policies of the respective platforms apply. We recommend reviewing them separately.

11. Security Measures

To protect your personal data, we implement:

Encryption: SSL/TLS certificate for all connections (HTTPS)
Password protection: hashing using bcrypt algorithm
Two-factor authentication: additional account protection level (2FA)
Backup: regular automatic data backup
Access control: access rights separation based on least privilege principle
Monitoring: tracking suspicious activity and unauthorized access attempts
Updates: regular software and security system updates

12. Processing of Minors' Data

13. Changes to the Privacy Policy

We reserve the right to make changes to this Policy. The date of the last revision is indicated at the beginning of the document.

We will notify you of significant changes affecting the processing of your data by:

Publishing an updated version on the website
Notification to your email (for registered users)

14. Related Documents

Cookie Policy - use of cookies on the platform
Terms of Use - platform usage rules
Editorial Policy - content quality standards
Disclaimer - limitation of liability

15. Contact Information and Appeals

For personal data processing inquiries, please contact:

Email: info@aiq.agency
Postal address: Ukraine, Kyiv, Horlivska str. 220, apt. 25

Document version: 1.0

Last update date: 1/12/2026

Platform: AIQ Agency (aiq.agency)

Operator: ФОП Мандрік С.І.

Email: info@aiq.agency

This Privacy Policy complies with GDPR (EU Regulation 2016/679) and Ukrainian Law "On Personal Data Protection" (No. 2297-VI).