Privacy Policy

Regulations

on the processing and protection of personal data in databases owned by the Law Firm “Dominion” (hereinafter — Privacy Policy)

Updated: October 15, 2025

General concepts and scope
List of personal data databases
Purpose of personal data processing
Procedure for processing personal data: obtaining consent, notifying about rights and actions regarding personal data
Location of the personal data database
Conditions for disclosure of personal data to third parties
Protection of personal data: protection methods, responsible person, employees with access, retention period
Rights of the data subject
Procedure for handling data subject requests

1. General Concepts and Scope

1.1. Definitions:

Personal Data Database — a named set of structured personal data in electronic form and/or in physical card files;
Responsible Person — the person appointed by the Owner to organize work related to personal data protection;
Owner of the Database — Law Firm “Dominion” (EDRPOU code: 36482843), 14a Sichovykh Striltsiv St., Office 73, Kyiv, 04053, Ukraine. Email for inquiries: info@dominion.ua;
Public Sources of Personal Data — directories, registries, lists, catalogs, and other systematic collections of open information published with the knowledge of the data subject. Social networks and websites are not considered public unless explicitly indicated;
Consent of the Data Subject — any documented, voluntary expression of will to allow data processing;
Anonymization — removal of information enabling identification;
Processing of Personal Data — any operation performed fully or partially in an information system and/or card file: collection, registration, accumulation, storage, adaptation, modification, use, dissemination, anonymization, destruction;
Personal Data — information about an identified or identifiable individual;
Processor — a natural or legal entity authorized by the Owner or by law to process data (e.g., hosting, CRM, or IT providers);
Data Subject — an individual whose data are processed (hereinafter — User / Client);
Third Party — any person other than the data subject, owner, processor, or the authorized state body for data protection;
Special Categories of Data — information on racial or ethnic origin, political, religious, or philosophical beliefs, union membership, health, or sexual life.

1.2. This Regulation is mandatory for all Dominion employees with access to personal data. It applies to communications via dominion.ua, email, phone, messengers, meetings, and other channels.

2. List of Personal Data Databases

Dominion maintains the following databases:

Clients (current/potential);
Contractors/Suppliers;
Job Applicants;
Website Users and Contact Form Submissions.

3. Purpose of Processing

Processing aims to provide legal services, consultations, client communication, contract management, and compliance with the Law of Ukraine “On Personal Data Protection.”
Additional purposes include compliance with tax/accounting laws, legal defense, service notifications, and — only with proper consent — marketing communications.

4. Processing Procedure and Consent

4.1. Consent may be provided:

in writing (paper or electronic with identification details/signature);
by ticking consent boxes or submitting forms on dominion.ua;
by actions clearly confirming consent (e.g., providing information during consultations).

4.2. Consent can be obtained when initiating cooperation or submitting an online request.
4.3. The data subject is informed about data inclusion, purpose, rights, and data recipients.
4.4. Dominion generally does not process special categories of data, except as legally required for legal representation with explicit consent.

5. Location of the Database

Databases are stored at Dominion’s office (14a Sichovykh Striltsiv St., Office 73, Kyiv) and/or secure servers of authorized processors within Ukraine or the EU.

6. Disclosure to Third Parties

Access to personal data is granted only under the data subject’s consent or legal obligation.
Third parties must agree to comply with the Law of Ukraine “On Personal Data Protection.”
Requests for access must include identification details, purpose, and scope of requested data.
Dominion responds within 10 business days and fulfills valid requests within 30 calendar days.

7. Data Protection

Dominion uses organizational, technical, and software measures to prevent loss, unauthorized access, alteration, or destruction of data.
The Responsible Person is appointed by internal order:
Contact: Oleksandr Pinchuk, Managing Partner, info@dominion.ua, +38 (067) 502-07-62.

The Responsible Person must:

ensure compliance with Ukrainian data protection law;
define employee access procedures;
perform internal audits;
notify management of violations within one business day.

Employees with access must maintain confidentiality even after termination.
Data are retained only as long as necessary or required by law (tax, legal, or contractual obligations).

8. Rights of the Data Subject

The data subject has the right to:

know the location, purpose, and owner of the data;
access their personal data;
receive confirmation within 30 calendar days whether data are being processed;
object to data processing by public authorities;
request correction or deletion of inaccurate or unlawfully processed data;
request protection from unauthorized use or disclosure;
file complaints with the competent data protection authority;
seek judicial remedies for violations.

9. Handling Requests

Requests for personal data may be submitted in writing or electronically to info@dominion.ua.
The request must include identification details and the scope of the requested data.
Dominion reviews requests within 10 business days and provides a response or legal justification for denial within 30 calendar days.

Contact Information

Law Firm “Dominion”
14a Sichovykh Striltsiv St., Office 73, Kyiv, 04053, Ukraine
Email: info@dominion.ua
Tel.: +38 (067) 502-07-62