Privacy Policy
LLC “Enzym Company” website
Date of update: 01.09.2025
Limited liability company “Enzym Company” (“LLC “Enzym Company” or “we”) warmly welcomes users (“User” or “you”) of our website accessible at the following URL: enzymgroup.com (“Website”).
This Privacy Policy (“Policy”) outlines how we collect, use, and otherwise process your personal data through the Website and during your interactions with us.
Content
Purpose of personal data processing. 2
Lawful bases for personal data processing. 3
You complete communication forms on the Website. 3
You complete the newsletter form.. 4
You apply for a job vacancies. 4
Recipients of personal data. 4
Protection of personal data. 5
Data transfer outside the European Economic Area. 5
Disabling cookies on the Website. 7
Data controller
We are data controllers. This means that we determine the purposes and means of processing personal data. More information about us:
| Legal entity's full name | Limited liability company “Enzym Company” |
| Registry code | 00383320 |
| Legal address | Ukraine, 79014, Lviv Region, Lviv, Lychakivska Street, Building 232 |
| Contact information | [email protected] – for data protection inquiries |
| Web form on the website – for general inquiries |
Users
We classify Users into categories of data subjects based on their interaction with us:
| Category of data subject | Description of data subject categories |
| Visitor | data subjects who use the Website without contacting us with inquiries through Website forms |
| Potential Partner | data subjects who contact us with commercial or partnership inquiries through Website communication forms |
| Requester | data subjects who contact us without commercial or partnership inquiries through Website communication forms |
| Newsletter Subscriber | data subjects who subscribe to our newsletter |
| Candidates | data subjects who apply for our job vacancies |
We do not knowingly process the personal data of natural persons who are younger than 18 years old. If you believe that we may have inadvertently collected personal data from a natural person under 18, please immediately contact us. We will promptly take steps to delete such information from our records.
Personal data
We may collect and use the following personal data depending on the type of interaction with us:
| Category of personal data | Description of the category |
| Data Collected from Cookies | detailed information is available in the “Cookies on the Website” section / Cookie Policy. |
| Communication Data | full name, email address, contact phone number, country, job title, commercial interest, theme of the inquiry, content of the inquiry, information from the email profile |
| Marketing Data | email address, phone number |
| Candidate Data | detailed information is available in our Privacy Policy for Job Candidates |
Purpose of personal data processing
We collect, use, and otherwise process your personal data for the following purposes:
● to ensure the security of the Website and enhance the user experience (detailed information available in the “Cookies on the Website” section / Cookie Policy;
● to communicate with you regarding submitted commercial or partnership inquiries through our communication forms;
● to send emails for marketing purposes;
● to evaluate your job candidate profile for employment purposes.
Lawful bases for personal data processing
We rely on the following lawful bases for processing your data:
● Performance of a Contract: the processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract (for example, to contact you after submission of the inquiry through communication forms);
● Legitimate Interests: the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (for example, processing your data for the development of our services, except where your rights and freedoms override such interests);
● Consent: the processing is necessary for specific purposes that require your freely given, specific, informed, and unambiguous consent (for example, the processing for direct marketing purposes or usage of the cookies);
● Legal Obligation: the processing is necessary for compliance with a legal obligation to which the controller is subject (for example, employment or tax legislation, or to comply with a lawful request from a governmental or local authority).
Processing operations
You browse the Website
| Category of data subject | Category of personal data | Purpose of processing | Lawful bases of processing |
| Visitors | Data Collected from Cookies | To ensure the security of the Website and enhance the user experience | Performance of the contract – for necessary cookies Consent – for other cookies |
Detailed information about types of cookies and their purposes is available in the “Cookies on the Website” section / Cookie Policy.
You complete communication forms on the Website
| Categories of data subjects | Categories of personal data | Purpose of processing | Lawful bases of processing |
| Potential Partner | Communication Data | To communicate with you regarding submitted commercial or partnership inquiries through our communication forms | Performance of a Contract |
| Requester | Communication Data | To communicate with you regarding submitted other than commercial or partnership inquiries through our communication forms | Performance of a Contract |
You complete the newsletter form
| Categories of data subjects | Categories of personal data | Purpose of processing | Lawful bases of processing |
| Newsletter Subscribers | Marketing Data | To send emails for marketing purposes | Consent |
You apply for a job vacancies
| Categories of data subjects | Categories of personal data | Purpose of processing | Lawful bases of processing |
| Candidates | Candidate Data | To evaluate your job candidate profile for recruitment or employment purposes | As prescribed in the Privacy Policy for Job Candidates. |
Detailed information about the data processing of Candidates is available in the Privacy Policy for Job Candidates.
Recipients of personal data
We may share your personal data to the extent necessary for the operation of the Website and the provision of our services to the following parties:
● Employees: We may share data with our employees to ensure the proper fulfilment of our obligations under contracts with you;
● Service Providers: We may share data with contractors, vendors, and advisors solely to the extent related to our business and operations;
● Communication Tools: We use electronic communication tools to communicate with you and our employees (e.g., Google, Slack);
● Government Authorities, Local Authorities, Courts, or Law Enforcement Agencies: We may share your data with courts, law enforcement agencies, and other governmental authorities upon receiving a lawful request, order, or other enforceable decision from them.
Protection of personal data
We implement the necessary organisational, physical, and technical measures to ensure the protection of your data against accidental loss or destruction, and unlawful processing, including unlawful destruction or access to personal data. These measures include the following:
1) Physical Measures
● Physical perimeter security;
● Air conditioning in server rooms;
● Control of physical access to premises;
● Video surveillance;
● Fire and smoke detection systems;
● Fire extinguishers in server rooms;
● Uninterruptible Power Supply (UPS).
2) Organisational Measures
● Password policy;
● Assignment of user rights;
● Creation of user profiles;
● Assignment of user profiles to IT systems.
3) Technical Measures
● Assignment of passwords;
● Authentication via username/password;
● Two-factor authentication;
● Use of VPN technology;
● Use of antivirus software;
● Use of hardware firewalls;
● Installation of dedicated lines or VPN tunnels.
Data transfer outside the European Economic Area
If we transfer your personal data to recipients located outside the European Economic Area, we will ensure that appropriate safeguards are in place to protect your personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation.
If we transfer your data to countries that have not been deemed to provide an adequate level of data protection by the European Commission, we will rely on legally recognized transfer mechanisms, such as the Standard Contractual Clauses (SCC), to ensure your data is treated securely and in accordance with this Policy.
Data subject rights
You, as data subjects, have the following rights under GDPR:
● Right to be Informed: You have the right to receive clear and transparent information about the collection and use of your personal data;
● Right of Access: You have the right to request access to your personal data held by us;
● Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal data concerning you;
● Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data under certain conditions, such as when the data is no longer necessary for the purposes for which it was collected;
● Right to Restrict Processing: You have the right to request the limitation of processing your personal data under certain circumstances, such as when the accuracy of the data is contested;
● Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another data controller without hindrance;
● Right to Object: You have the right to object to the processing of your personal data for certain purposes including direct marketing and profiling;
● Rights Related to Automated Decision-Making and Profiling: You have the right not to be subject to decisions based solely on automated processing, including profiling, which significantly affects you;
● Right to Withdraw Consent: You have the right to withdraw your consent at any time, where data processing activities were based on your consent;
● Right to Complain to a Supervisory Authority: You have the right to lodge a complaint with a supervisory authority.
We will respond to your request regarding personal data within one month of receipt. If a request is complex or numerous, we may extend the response time by an additional two months and will inform you within the initial one-month period. In cases of manifestly unfounded or excessive requests, we reserve the right to refuse the request and will provide a justification for the refusal.
Cookies
Information about cookies
Cookies are small text files stored on your device (computer, tablet, smartphone) when you visit the Website. They help us create a secure environment for navigating the Website, provide you with an enhanced user experience, and improve the Website’s functionality.
Cookies on the Website
We use the following cookies on the Website:
| Cookie name | Category of cookie | Purpose of use | Lawful bases of processing |
| SULUSESSID | Necessary | Maintain the user's session state, allowing users to stay logged in and securely navigate between pages. A necessary technical cookie that stores the current user's session ID. It is used to support the website's functionality: logging into an account, navigation, and preserving language or other preferences during the session. | Performance of the contract |
| _ga | Analytical | Used by Google Analytics to distinguish unique users and gather website usage statistics for performance insights | Consent |
| _fbp | Marketing | Used by Facebook to deliver a series of advertisement products and measure ad performance | Consent |
| lang_pref | Preference | To remember the user’s preferred language so the website can display content in the selected language automatically | Consent |
_hjSession
| Analytical
| A Hotjar cookie that ensures the integrity of data from the current user session (e.g., moving between pages without losing recorded actions). This allows for more accurate analysis of behavior within a single session. | Consent |
_hjSessionUser
| Analytical
| Hotjar stores a unique identifier for each user to associate multiple sessions of the same individual. This helps observe behavior changes over time. | Consent |
monolytics-client-id
| Analytical
| A client identifier that allows the Monolytics analytics system to track user actions such as visited pages, session duration, and events. The data is used for internal analysis and content optimization. | Consent |
Disabling cookies on the Website
If you wish to disable cookies, you can do so independently through your browser settings. Detailed instructions on how to achieve this are available at the following browser links:
● Safari;
● Opera.
Policy updates
Our Policy and the legal relationships related to the protection and processing of personal data are governed by the General Data Protection Regulation, other applicable laws, and best practices in the field of privacy.
We will make necessary amendments to the Policy and publish its updated version on the Website in the event of changes to the current applicable legislation.
In the case of significant changes that may affect your privacy and the protection of personal data, we will post information about the Policy updates on the Website and, if necessary, obtain your consent.
