Boryviter School Logo

Privacy Policy

Last updated: 30 May 2026.

This Privacy Policy (the “Policy”) sets out how we process and protect the personal data of individuals who use the boryviter.org.ua website (the “Website”) and submit applications to take part in the training programmes of Boryviter Military School.

1. Data Controller

The controller of personal data is the non-governmental organisation “Boryviter Military School” (the “Organisation”, “we”). Contact details for enquiries are provided in Section 13.

2. What Personal Data We Process

Depending on how you interact with the Website, we may process the following categories of personal data:

  • identification and contact details that you provide in the application form: full name, email address and telephone number;
  • data obtained when verifying your identity through the Diia service (see Section 5);
  • technical data collected automatically when you visit the Website: IP address, device and browser type, cookie and analytics data (see Section 7).

3. Purposes of Processing

We process personal data for the following purposes:

  • handling applications to take part in training programmes and communicating in relation to them;
  • verifying (confirming the identity of) applicants, including through the Diia service;
  • organising and delivering training;
  • ensuring the security of the Website and preventing misuse;
  • complying with the applicable legislation of Ukraine.

4. Legal Grounds for Processing

Personal data is processed on the grounds set out in Article 11 of the Law of Ukraine “On Personal Data Protection”, in particular:

  • the consent of the data subject, which you give when submitting an application;
  • the necessity to perform a transaction (a contract for the provision of educational services) to which you are, or intend to become, a party;
  • compliance with the Organisation’s obligations provided for by law;
  • the legitimate interest of the Organisation in ensuring the security of the Website.

5. Identity Verification via Diia

To confirm the identity of applicants, we may use the Diia electronic identification service, in particular the Diia.Signature tool.

During verification, the Organisation receives from the Diia service personal data that you provide solely of your own free will at the moment of identification (in particular, full name, date of birth and the details of your identity document). The data is transmitted in a secure (encrypted) form.

This data is processed for the purpose of confirming the applicant’s identity and concluding and performing a contract for the provision of educational services. Documents signed using Diia.Signature have the same legal force as documents signed by hand.

6. Consent and Its Withdrawal

By submitting an application or completing verification, you give the Organisation your consent to process your personal data in accordance with this Policy. You may withdraw your consent at any time by contacting us using the details in Section 13. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.

7. Cookies, Analytics and Advertising

The Website uses cookies and web analytics services (in particular Google Analytics) to ensure the operation of the Website, analyse its traffic and assess the effectiveness of advertising campaigns (in particular Google Ads). For this purpose, anonymised technical data and referral parameters may be processed. You can restrict the use of cookies in your browser settings.

8. Retention Periods

Personal data is retained for as long as necessary to achieve the purposes of its processing, but no longer than provided for by law. Applicants’ data is retained for the period of reviewing the application and providing educational services, after which it is destroyed or anonymised.

9. Transfer of Personal Data to Third Parties

We do not sell personal data. Data may be transferred to third parties only with your consent or at the request of authorised public authorities in the cases provided for by the legislation of Ukraine. Certain data may be processed by providers of technical services (hosting, analytics) acting on our behalf and obliged to ensure its protection.

10. Rights of the Data Subject

In accordance with Article 8 of the Law of Ukraine “On Personal Data Protection”, you have the right to:

  • know the sources from which your personal data is collected, its location and the purpose of its processing;
  • receive information about the conditions for granting access to your personal data and the persons to whom it is transferred;
  • access your personal data;
  • receive a response as to whether your data is being processed, no later than thirty calendar days from the date of the request;
  • request the amendment or destruction of your personal data if it is processed unlawfully or is inaccurate;
  • withdraw your consent to the processing of personal data;
  • lodge a complaint regarding the processing of personal data with the Ukrainian Parliament Commissioner for Human Rights or with a court.

11. Protection of Personal Data

The Organisation takes legal, organisational and technical measures to protect personal data against unlawful access, loss, destruction or disclosure. Data obtained during verification via Diia is transmitted and stored in a secure (encrypted) form.

12. Changes to This Policy

We may update this Policy. The current version is always available on this page, together with the date of the latest revision.

13. Contact

For any matters relating to the processing of personal data, please contact us:

Registered address (per public registries, not the physical address): 01054, Ukraine, Kyiv, vul. Bohdana Khmelnytskoho, 59b/1

Email: privacy@boryviter.org.ua