Privacy Policy

The Privacy Policy outlined below has been developed by JUSTSPEAK LTD, registration number: HE 461589 (hereinafter referred to as the “Owner” and/or the “Company”), and is addressed to an indefinite number of individuals, Users of the Website https://justschool.me/en and/or the Mobile Application on the Internet. It defines the procedure for receiving, collecting, accumulating, storing, processing, using, securing, and disclosing personal data (hereinafter referred to as "Data") through the Website and/or the Mobile Application and/or related services and tools.

If you do not agree with the terms of this Privacy Policy or other documents posted by the Owner on the Website, please refrain from using the Website and/or the Mobile Application.

  1. Terms and Definitions

    Website – a set of information, texts, graphical design elements, images, photos, video materials, and other results of intellectual activity, as well as software contained in an information system that ensures the availability of such information at a network address (domain) on the Internet. The address of the Website on the Internet is https://justschool.me/en.
    Mobile Application – a computer program in the form of a mobile application for iOS and Android devices named “JustSchool - English online,” which is provided by the Company to the User (Data Subject) for temporary use (for the duration of this Agreement) as a tool to access the Company’s services according to its functional purpose for end consumers.
    Platform – a technological platform in the form of an interconnected set of computer programs and electronic data in the form of numbers, letters, symbols, images, and their combinations (including graphical information, video information, etc.), intended for automated monitoring, provision, and/or receipt of services, collection, processing, distribution, storage, and presentation of data regarding Orders made on it by Users and service offers posted by the Company, as well as for providing evaluations, etc. The Platform is the result of computer programming and is considered software.
    User – any individual who visits the Website and/or Mobile Application regardless of the purpose.
    The Parties – refer to the Company and/or the Owner and the User.
    The Legislation of Ukraine refers to the system of laws and other regulatory acts adopted by the Verkhovna Rada of Ukraine and higher executive bodies—resolutions of the Verkhovna Rada, decrees of the President of Ukraine, resolutions, and decrees of the Cabinet of Ministers of Ukraine, as well as norms of international legal acts, treaties, agreements, conventions, and protocols, the binding nature of which has been approved by the Verkhovna Rada of Ukraine.
    Personal Data refers to information or a set of information about an identified or identifiable individual, any information that directly or indirectly relates to a specific User. This may include: name, surname, patronymic (if available), information about the individual's occupation, marital status, education, email address, phone number, region of residence, home address or temporary location, information about the User's actions on the Website and/or in the Mobile Application, IP address, device data (computer, browser type, mobile device operating system) used by the User, messages (information contained in correspondence between Users and the Company), and other communication-related information. This may be provided by the User voluntarily in the registration form and/or when filling out their Account on the Website and/or in the Mobile Application, during surveys (by filling out a questionnaire or other means), when writing messages or reviews, or information obtained through verbal communication between the User and the Company. It also includes information provided during payment processing and/or the use of any service provided by the Company, which may include one or more cookie records or anonymous identifiers.
    Cookies are files created by websites that the User visits. They simplify browsing by storing information related to website navigation. Through cookies, you can stay logged into your accounts on websites, save your Website and/or Mobile Application preferences, and display relevant content.
    The Personal Data Database refers to a named set of organized personal data in electronic form and/or in the form of personal data filing systems.
    The Personal Data Controller is a natural or legal person who, by law or with the consent of the data subject, is authorized to process these data, determines the purpose of processing personal data in this database, and establishes the scope of these data and the procedures for their processing unless otherwise specified by law.
    The Responsible Person is the individual appointed to organize work related to the protection of personal data during their processing in accordance with the law.
    The Data Subject's Consent is the voluntary expression of will by an individual (upon being informed) to allow the processing of their personal data in accordance with the specified purpose of such processing. It may be given in writing or in a manner that allows the conclusion that consent has been granted.
    The Processing of Personal Data includes any action or set of actions carried out fully or partially in an information (automated) system and/or in personal data filing systems, involving the collection, registration, accumulation, storage, adaptation, modification, updating, use, and dissemination (distribution, realization, transfer), anonymization, and destruction of data concerning an individual.
    Anonymization of Personal Data refers to the removal of information that allows the identification of an individual.
    The Personal Data Processor is a natural or legal person authorized by the personal data controller or by law to process personal data. A person who is instructed by the personal data controller and/or processor to carry out technical work with the personal data database without access to the content of personal data is not considered a processor.
    The Data Subject is the individual whose personal data are processed in accordance with the law.
    A Third Party is any person other than the data subject, personal data controller, or processor, and the authorized state body responsible for personal data protection, to whom personal data are transferred by the controller or processor in accordance with the law.
  2. General Provisions
    1. This Policy is mandatory for the responsible person and employees of the Company who directly process and/or have access to personal data in connection with the performance of their official duties.
    2. Data processing refers to any actions with the Data, including but not limited to: access, provision, dissemination, collection, systematization, storage, accumulation, recording, transmission, blocking, deletion, clarification, updating and/or modification, anonymization, and other methods of using the Data by the Company.
    3. The Data Controller is JUSTSPEAK LTD.
    4. By registering on the Website and/or in the Mobile Application, the User enters their personal data and/or provides this Data in another way, and/or by performing any actions within the Website and/or using any part of the Website and/or Mobile Application, by giving consent — activating the "continue" ("register") button and/or activating (pressing) the "place order" button through the Website and/or Mobile Application form (checkbox), and/or independently entering the Data, expresses their consent to the provisions of this Policy and grants JUSTSPEAK LTD, as well as third parties who provide services to JUSTSPEAK LTD, including but not limited to, processing payments, providing financial services, permission to process their personal data.
    5. Users can provide Data independently by placing such data on the Website and/or in the Mobile Application or by communicating via telephone channels and/or the Company’s email and/or postal address, by filling out questionnaires (filling out a form or in another way), or Data can be provided from other sources (in accordance with this Policy), for example, from User reviews (ratings, comments, confirmation of information) or other information from third parties provided during the submission of claims, complaints, and/or during dispute resolution, and/or information from publicly available sources on the Internet.
    6. The Company does not process data related to racial, ethnic origin, national affiliation, political views, religious, philosophical, or other beliefs, membership in political parties and trade unions, public organizations, or data related to health or sexual life (special categories of data). Information characterizing the physiological characteristics of Users is also not processed.
    7. The User is not entitled to use the Website and/or Mobile Application if they do not agree with the terms of this Policy.
    8. The User acknowledges that in case of negligent handling of the security and protection of their Data and authorization data (password, login), third parties may gain unauthorized access to the User’s account and Data. The Company is not responsible for any losses caused by such access.
    9. The terms of processing and storing the Data are determined based on the purposes of Data processing, as well as the terms specified in the documents/contracts concluded with the Users in accordance with the requirements of the current legislation of Ukraine.
  3. List of Personal Data Databases
    1. The Rights Holder is the owner of the following personal data databases: the customer personal data database.
  4. Purpose of Personal Data Processing
    1. The collection and processing of personal data are carried out in accordance with Articles 6 and 7 of the Law of Ukraine "On Personal Data Protection."
    2. The purpose of personal data processing is to ensure the realization of civil-law relations, commercial and tax relations, the provision/receipt and performance of settlements for purchased services and goods in accordance with the Tax Code of Ukraine, the Law of Ukraine "On Accounting and Financial Reporting in Ukraine," the maintenance of accounting and management records, and other obligations imposed by law on the personal data controller, to protect the legitimate interests of the personal data controller or third parties to whom the personal data is transferred.
    3. The purpose of personal data processing is the identification of the User as a client of the Website and/or Mobile Application, for communication with the User, including for providing services, delivering/selling goods, processing payments, shipping, performing financial transactions, providing reporting, improving service quality, analyzing User activity, managing traffic on the Website and/or Mobile Application, analyzing and forecasting User preferences and interests; to ensure Users comply with the terms of the User Agreement, the Information Posting Rules on the Website and/or Mobile Application, and the Review Posting Rules.
    4. The purpose of personal data processing includes the creation and implementation of bonus programs, loyalty programs, sending notifications via email, SMS, notifications in the Mobile Application, notifications in the web browser, including for the purpose of sending commercial offers, improving service quality, creating ratings, analyzing activity, keyword searches, sending informational and marketing communications (news, promotions, advertising campaigns, information about promotions, promo codes, and discounts, personalized recommendations, personalized discounts and offers), containing information about services and/or goods, and advertising and commercial offers for such services and/or goods.
    5. The Company may exchange Data with affiliated persons (companies operating under joint ownership), who may process and use the Data for the purposes outlined in this section.
  5. Procedure for Personal Data Processing. Consent and Notification of Rights
    1. The processing of personal data, carried out to fulfill the purpose of processing outlined in Section 4 of this Regulation, is based on Article 11 of the Law of Ukraine "On Personal Data Protection."
    2. The processing of personal data is performed based on the consent of the personal data subject or to fulfill the offers accepted by the personal data subject.
    3. The consent of the personal data subject must be a voluntary expression of the individual's will regarding granting permission for the processing of their personal data in accordance with the formulated purpose of processing. The personal data subject's consent can be provided in the following forms:
      A paper document with details that allow for identifying both the document and the individual;
      An electronic document containing mandatory details that allow for identifying both the document and the individual. The voluntary will of the individual to grant permission for personal data processing should, if possible, be certified by the personal data subject's electronic signature;
      A checkmark on the electronic page of the document or in an electronic file processed in the information system based on documented software and technical solutions, including via the Website and/or Mobile Application form (checkbox), or by activating (clicking) the "Accept" button.
    4. The notification of the personal data subject about the inclusion of their personal data in the personal data database, about the rights defined by the Law of Ukraine "On Personal Data Protection," the purpose of data collection, and the persons to whom their personal data are transferred, is carried out during the establishment of civil-law relations in accordance with current legislation.
  6. Additional Data That May Be Collected
    1. The Company may also collect the following Data:
      User account information, such as login credentials, password, phone number, email address, and other necessary Data to provide support for Users on the Website and/or Mobile App, including during interactions with the Website and/or Mobile App's support service.
      Information provided by Users when entering into service/sale agreements through the acceptance of public offers posted on the Website and/or Mobile App.
      Information required for communications between Users and the Company on the Website and/or Mobile App, including for the purpose of completing and confirming transactions, sending and receiving messages, posting reviews and comments, making payments, fulfilling User requests, and obtaining feedback from Users as necessary. This may include information provided by Users in response to their service experience, such as feedback, comments, customer support inquiries, complaints, claims, or other forms of contact.
      Data about devices used by Users, including information about Websites they visit and/or their mobile data (in cases where Users use Mobile Apps), such as IP address, date and time of Website and/or Mobile App usage, information about the software and browser used, operating system of the mobile device, device performance data, and unique device identifiers.
      Information about User activity on the Website and/or Mobile App (consumer behavior related to services and goods purchased on the Website and/or Mobile App).
      Information provided or posted by Users as part of their participation in the Company’s bonus programs, promotions, or special offers.
      Information collected from Users through surveys or other means as communicated to the Company.
      Information lawfully obtained by the Company from partners and/or third parties.
      Cookies.
  7. Protection of Personal Data: Security Measures, Responsible Personnel, Database Owners’ Employees, and Data Retention Period
    1. The personal data database is equipped with system and software-technical tools, as well as communication means, that prevent data loss, theft, unauthorized destruction, alteration, falsification, copying, and meet national and international standards.
    2. The Responsible Person organizes activities related to the protection of personal data during its processing, in compliance with the law. This role is assigned by an order from the Data Controller. The duties of the Responsible Person regarding the organization of personal data protection are outlined in this policy and the official order.
    3. The Responsible Person is required to:
      Be knowledgeable of Ukrainian legislation on personal data protection;
      Develop access procedures for employee data in accordance with their professional, official, or work responsibilities;
      Ensure that employees of the Data Controller comply with Ukrainian personal data protection laws and internal regulations governing the Data Controller’s data processing and protection activities;
      Adhere to and monitor compliance by other employees with data protection laws and internal documents governing data processing and protection;
      Immediately report any violations of data protection laws or internal policies to the Data Controller, but no later than one business day after detecting the violation;
      Maintain records that confirm the consent of data subjects for processing their personal data (regardless of the form of consent) and notify the subjects of their rights.
    4. To fulfill their responsibilities, the Responsible Person is authorized to:
      Obtain necessary documents, including orders and other directives issued by the Data Controller related to data processing;
      Make copies of received documents, including files, and records stored in local and standalone computer systems;
      Participate in discussions regarding their duties in organizing data protection work;
      Suggest improvements and enhancements to working methods and submit comments and suggestions to rectify identified deficiencies in data processing;
      Sign and endorse documents within their competence.
    5. Employees who directly process or have access to personal data as part of their official duties must comply with Ukrainian data protection laws and the Data Controller’s internal regulations. Any breach of the Ukrainian Law “On Personal Data Protection” may result in accountability as prescribed by Ukrainian law.
    6. Personal data should not be retained longer than necessary for the purposes for which it is stored.
    7. To determine the appropriate retention period, the Company assesses the nature and category of personal data, its intended purpose, and whether these purposes can be achieved through alternative means. Typically, the processing period for personal data does not exceed 2,555 days from the submission date of tax reports for the period in which the transaction occurred, in accordance with the Tax Code of Ukraine’s requirements for document retention related to tax accrual and payment.
    8. Personal data must be deleted or destroyed from databases in cases mandated by Ukrainian or international law.
    9. Personal data is retained no longer than necessary based on its intended processing purpose.
    10. The Company will make updates to personal data upon your request if the data is inaccurate, incorrect, or outdated.
  8. Rights of the Personal Data Subject
    1. The personal data subject has the right to:
      Know the location of the personal data database containing their personal information, its purpose, name, and the location and/or residence of the owner or manager of this database, or authorize an appointed representative to obtain this information, except in cases specified by law;
      Obtain information about the conditions under which access to personal data is granted, including information on third parties to whom their personal data is disclosed in the relevant database;
      Access their personal data contained in the relevant database;
      Receive a response within 30 (thirty) calendar days from the date of request submission, except in cases provided by law, regarding whether their personal data is stored in the relevant database, as well as the content of their stored personal data;
      Present a substantiated request for the modification or destruction of their personal data by any database owner or manager if such data is processed unlawfully or inaccurately;
      Present a substantiated objection against the processing of their personal data by state authorities or local government bodies in the exercise of their powers as provided by law;
      Protect their personal data from unlawful processing and accidental loss, destruction, or damage;
      Contact state authorities, local government bodies, or other entities responsible for protecting personal data rights with questions regarding the protection of their personal data rights. They may pursue all available legal remedies in case of a violation of data protection laws.
  9. Procedure for Processing Requests from Personal Data Subjects
    1. The personal data subject has the right to obtain any information about themselves from any party involved in personal data relations, without specifying the purpose of the request, except in cases established by law.
    2. Access to personal data by the subject regarding their information is provided free of charge.
    3. To obtain any personal data about themselves, the personal data subject submits an access request (hereinafter referred to as "request") to the personal data database owner.
    4. The request must include:
      The subject's surname, first name, and patronymic, place of residence/stay, and details of an identity document;
      Other information that enables the identification of the personal data subject;
      The list of personal data requested;
      Information about the personal data database to which the request pertains, or information about the owner or manager of this database.
    5. The time for reviewing the request for fulfillment cannot exceed 10 (ten) business days from the date of receipt. Within this period, the personal data database owner informs the subject whether the request will be fulfilled or if the personal data cannot be provided, citing the legal basis for refusal.
    6. The request is fulfilled within 30 (thirty) calendar days from the date of receipt unless otherwise provided by law.
  10. Disclosure of Personal Data to Third Parties
    1. Access to personal data by third parties is determined by this policy’s terms and the consent provided by the personal data subject to the data controller for data processing. This is to fulfill obligations to the subject or comply with legal requirements.
    2. Access to personal data will not be granted to a third party if they refuse to comply with the obligations under the Ukrainian Law "On Personal Data Protection" or cannot ensure such compliance.
    3. A party interested in obtaining any personal data must submit an access request (hereinafter referred to as "request") to the personal data database owner.
    4. The request must include:
      The applicant's full name, residence address, and identity document details (for individuals); or the legal entity’s name, registration code, address, and the representative’s name and position (for legal entities);
      Confirmation that the request aligns with the legal entity’s authority (for legal entities);
      The full name and other identifying details of the individual concerned;
      The list of requested personal data;
      Information about the relevant personal data database or its owner or controller;
      The purpose of the request.
    5. The time to review the request for its fulfillment cannot exceed 10 (ten) business days from the receipt date. Within this period, the database owner informs the applicant whether the request will be fulfilled or if the data cannot be provided, specifying the legal grounds for refusal.
    6. The request is fulfilled within 30 (thirty) calendar days from the receipt date unless otherwise stipulated by law.
    7. Access to third-party personal data may be delayed if the necessary data cannot be provided within 30 (thirty) calendar days. In such cases, the total time for resolving the request issues cannot exceed 45 (forty-five) calendar days.
    8. Notice of delay is sent to the third party that submitted the request, providing guidance on how to appeal this decision.
    9. The delay notice includes:
      The responsible officer's full name;
      The date the notice was sent;
      The reason for the delay;
      The timeframe within which the request will be fulfilled.
    10. Access to personal data may be denied if prohibited by law.
    11. The refusal notice includes:
      The full name of the responsible officer denying access;
      The reason for the refusal.
    12. Decisions to delay or deny access to personal data can be appealed to the authorized state body for personal data protection, other governmental authorities, or local self-governance bodies responsible for personal data protection, or to the courts.
    13. The Company reserves the right, following Ukrainian legislation, to exchange data with government authorities for the purposes of fraud prevention, dispute resolution, investigation of circumstances that could lead to legal violations, and addressing claims or complaints from third parties about unlawful actions by website and/or mobile application users.
  11. Data Modification/Deletion or Withdrawal of Consent
    1. Users can modify/delete their personal information, unsubscribe from notifications, or withdraw their consent for personal data processing at any time through their Account or by sending a request to support@justschool.me.
    2. Upon receiving such a request, the User’s personal data processing will cease, and their data will be deleted unless such processing is required by applicable Ukrainian law.
    3. Certain features of the Website and/or Mobile App that require User information may be unavailable once data is modified or deleted.
  12. Other Terms
    1. The Company reserves the right to modify this Policy at any time. In such cases, the updated version will be posted on the appropriate webpage. If a User disagrees with the changes, they are obliged to immediately stop using the Website and/or Mobile App.
    2. The Company is not liable for any harm or loss incurred by the User or third parties due to misinterpretation or misunderstanding of this Policy's terms.
    3. If any provision of this Policy, or any part thereof, is found to conflict with Ukrainian law or deemed invalid, it will not affect other provisions, which will remain fully valid. Any invalid provision will be adjusted by the Company as necessary to ensure its enforceability and validity.






Revision dated October 26, 2024.