1. General Provisions
This personal data processing policy is prepared in accordance with the Law of Ukraine dated 13.02.2022 No. 2297-VI "On Personal Data Protection" and establishes the procedure for processing personal data and the measures taken to ensure its security.
1.1. The Operator regards the protection of human and civil rights and freedoms — particularly the right to privacy, and personal and family confidentiality — as a top priority in conducting its activities.
1.2. This Policy on the processing of personal data (hereinafter referred to as the “Policy”) applies to all information that the Operator may collect about visitors to the website https://sugardept.net.

2. Key Terms Used in This Policy
2.1. Automated processing of personal data — processing using computer-based technologies.
2.2. Blocking of personal data — temporary suspension of processing (except where processing is necessary to clarify the data).
2.3. Website — a collection of graphic and informational content, software, and databases available online at https://sugardept.net.
2.4. Personal data information system — a set of personal data contained in databases and processed using IT and technical means.
2.5. Anonymization of personal data — actions that make it impossible to identify a user without additional information.
2.6. Personal data processing — any action or set of actions with personal data, whether automated or not, including collection, recording, systematization, storage, updating, retrieval, usage, transfer, anonymization, blocking, deletion, or destruction.
2.7. Operator — a government agency, municipality, legal or natural person that processes personal data independently or jointly with others and defines the purposes and methods of processing.
2.8. Personal data — any information directly or indirectly related to a specific or identifiable user of https://sugardept.net.
2.9. User — any individual visiting the website https://sugardept.net.
2.10. Provision of personal data — actions directed at disclosing personal data to a specific person or group.
2.11. Distribution of personal data — actions aimed at sharing personal data with an undefined number of recipients, including making data publicly available.
2.12. Cross-border transfer of personal data — sending personal data to a foreign country, authority, person, or legal entity.
2.13. Destruction of personal data — any actions that result in the permanent deletion of data, making recovery impossible.

3. Types of Personal Data Processed by the Operator
3.1. Full name (first, middle, last)
3.2. Phone number
3.3. Email address
3.4. The website also collects anonymized data (including cookies) via web analytics services (e.g., Yandex.Metrica, Google Analytics, etc.).
3.5. The above-listed data is collectively referred to as Personal Data in this Policy.

4. Purpose of Personal Data Processing
4.1. The purpose of processing the User’s personal data is to establish, fulfill, or terminate civil law agreements; to provide access to services, information, or materials available on https://sugardept.net; and to manage order details.
4.2. Sugar Dept. may also send Users updates about new products, services, special offers, and events. Users can unsubscribe from such communications at any time by emailing privacy@sugardept.net with the subject line “Unsubscribe from updates and special offers.”
4.3. Anonymized data obtained through analytics services is used to analyze User activity and improve website functionality and content.

5. Legal Grounds for Personal Data Processing
5.1. Sugar Dept. processes personal data only when Users voluntarily fill out forms on the website https://sugardept.net. By providing this data, the User agrees to the terms outlined in this Policy.
5.2. Sugar Dept. processes anonymized User data when permitted by browser settings (e.g., cookies and JavaScript).

6. Procedure for Collecting, Storing, Transferring, and Processing Personal Data
Personal data security is maintained through legal, organizational, and technical measures required by data protection laws.
6.1. Sugar Dept. ensures the protection of personal data and takes all reasonable steps to prevent unauthorized access.
6.2. Personal data is not disclosed to third parties except where required by law.
6.3. If the User’s personal data is incorrect, it can be updated by sending a request to privacy@sugardept.net with the subject “Update of Personal Data.”
6.4. Personal data will be processed for an indefinite period unless the User withdraws their consent by emailing privacy@sugardept.net with the subject “Withdrawal of Consent to Personal Data Processing.”

7. Cross-Border Transfer of Personal Data
7.1. Prior to transferring personal data to another country, Sugar Dept. ensures that the receiving country provides adequate protection of the rights of data subjects.
7.2. If such protection is not guaranteed, the transfer can only occur with written User consent or when necessary for contract fulfillment.

8. Final Provisions8.1. Users may contact Sugar Dept. with any questions about personal data processing by emailing privacy@sugardept.net.
8.2. Any changes to this Policy will be posted in this document. The Policy remains in effect until it is replaced by a new version.
8.3. The current version of the Policy is available online at: https://sugardept.net/privacy