PRIVACY & COOKIE POLICY

Photon Digital
Last updated: February 25, 2026

1. Introduction

This Privacy and Cookie Policy explains how Photon Digital (“we”, “us”, “our”) collects, uses, stores, and protects personal data from visitors to http://photon-digital.com and clients of our digital agency services.

We process personal data in accordance with:

  • General Data Protection Regulation (GDPR, EU) 2016/679
  • ePrivacy Directive
  • Applicable data protection laws

By using our website or contacting us, you acknowledge and accept this Privacy Policy.

2. Data Controller

Photon Digital
Beresteyskyi Ave., 91
Kyiv, 03115, Ukraine
Email: privacy@photon-digital.com

We act as the data controller for personal data collected via our website and services.

3. Categories of Data Subjects

We process personal data of the following individuals:

  • Website visitors
  • Prospective clients
  • Clients
  • Business partners

4. Personal Data We Collect

4.1. Data You Provide Directly

  • Full name
  • Email address
  • Phone number
  • Company details
  • Project information
  • Any information submitted via forms or email

4.2. Data Collected Automatically

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent
  • Referring website
  • Cookie identifiers
  • Advertising and analytics interaction data

4.3. Data from Third Parties

  • Google Analytics (aggregated reports)
  • Google Ads (remarketing, conversions)

We do not intentionally process sensitive personal data.

5. Legal Bases for Processing (GDPR Art. 6)

  • Consent (Art. 6(1)(a)) — for marketing emails, personalized advertising, and non-essential cookies
  • Performance of contract (Art. 6(1)(b)) — to provide services and respond to inquiries
  • Legitimate interests (Art. 6(1)(f)) — for analytics, site optimization, security, fraud prevention
  • Legal obligation (Art. 6(1)(c)) — for tax or regulatory compliance

Failure to provide necessary data may prevent us from providing services.

6. Purposes of Data Processing

We use personal data to:

  • Respond to your inquiries
  • Provide digital agency services
  • Analyze website traffic and user behavior
  • Run advertising campaigns (Google Ads)
  • Improve website content and user experience
  • Ensure security and prevent fraud

7. Third-Party Services and Integrations

We use trusted third-party services, including:

  • Google Analytics
  • Google Ads
  • Google Consent Mode v2
  • Hosting providers
  • Payment processors (if applicable)

Google may act as a data processor on our behalf or as an independent controller under its own privacy policy.

8. International Data Transfers

Personal data may be processed outside the European Economic Area, including Ukraine and the United States.

Where required, we rely on:

  • Standard Contractual Clauses (SCCs)
  • EU-U.S. Data Privacy Framework (DPF), if applicable
  • Other lawful safeguards under GDPR

You may request details of safeguards used.

9. Data Retention

  • Contact data — up to 5 years after last interaction
  • Analytics data (Google Analytics) — up to 26 months
  • Additional retention — as required by law

10. Your GDPR Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent

Complaints can be submitted to your local EEA supervisory authority. Requests are typically processed within one month.

11. Data Security

We implement appropriate technical and organizational measures, including:

  • Encryption
  • Access controls
  • Regular audits

No system can guarantee 100% security.

12. Children’s Privacy

Our website and services are not directed at individuals under 16 years of age.

13. Cookies

13.1. What Are Cookies

Cookies are small text files stored on your device when visiting our website.

We use cookies in compliance with GDPR and the ePrivacy Directive.

13.2. Types of Cookies

  • Essential — required for site functionality and security (legitimate interest)
  • Analytics — Google Analytics, IP anonymized (consent required)
  • Advertising — Google Ads, remarketing, personalization (consent required)

13.3. Google Consent Mode v2

Non-essential cookies and tracking signals are activated only after consent:

  • analytics_storage
  • ad_storage
  • ad_user_data
  • ad_personalization

13.4. Example Cookies

Cookie Name Provider Purpose Retention
_ga Google Analytics 24 months
ga* Google Session analytics 24 months
_gcl_au Google Conversion tracking 90 days

13.5. Managing Cookies

You may withdraw or modify consent at any time via the cookie banner or your browser settings.

11.6. More Information

We hope this Policy has clarified your legal relationship with us regarding the processing of your personal data.

If you still have questions, please email us at privacy@photon-digital.com.

This Privacy and Cookie Policy has been prepared based on the General Data Protection Regulation (2016/679) and multiple other legislations.