PRIVACY POLICY

1. General Provisions

1.1. This Privacy Policy (hereinafter - "Policy") governs the collection, storage, processing, use, protection, transfer, and deletion of User's personal data when using the Gardix mobile application, website https://gardix.systems, connecting equipment, using services, and contacting support.

1.2. The Policy is developed in accordance with Ukrainian legislation ("On Personal Data Protection"), EU Regulation (GDPR), ePrivacy Directive, as well as Google Play, App Store standards and security technology market requirements.

1.3. By using Gardix, installing the app, creating an account, connecting equipment, contacting support, or using any service features, the User agrees to this Policy.

2. Personal Data Controller

2.1. The controller (manager) of User's personal data is:
LLC "GARDIX"
EDRPOU: 45229992
Legal address: 02099, Ukraine, Kyiv, Zroshuvalna str., building 6, office 25
Email: support@gardix.systems
Website: https://gardix.systems

3. What Data We Collect

3.1. We may collect the following categories of personal and technical data (depending on functionality and settings):

• Identification information: first name, last name, nickname, email, phone number, country/city, language, date of birth (if needed);
• Vehicle data: make, model, VIN, license plate, year, vehicle parameters, photos, color, statuses;
• Device identifiers: serial number, IMEI, MAC address, equipment model, software version, event logs, connection history, settings;
• Technical information: device type (smartphone, tablet), OS, app version, IP address, log files, cookies, login history, action data, routes, signals, usage time;
• Payment transaction data: amount, date, payment system, currency, payment status (Gardix does not store full bank card details, CVV, passwords);
• Communication data: support inquiries, correspondence history, screenshots, call recordings, documents;
• Behavioral data: website pages, app behavior, session duration, navigation history, analytics, settings;
• Location data (geolocation): with User consent and within the selected plan.

3.2. Gardix does not collect special categories of data (health, biometrics, political or religious views, etc.).

3.3. Data collection occurs automatically (through app, websites, API, log files, cookies) or when consciously provided by the User (registration, equipment connection, form filling, support contact, service payment).

4. Purpose and Legal Basis for Data Processing

4.1. We process User's personal data for the following purposes:

• Providing access to Gardix service, equipment connection and maintenance, authorization, identification, account creation and support;
• Fulfilling User Agreement, plans, paid subscriptions, invoicing, payments, settlements;
• Informing about new features, changes, technical updates, security, support, service or legal notifications;
• Sending push notifications, email/SMS mailings, notifications about equipment or app events (with consent);
• Providing personalized experience, improving functionality, adapting service to user needs, testing, developing new products;
• Internal analytics, marketing, statistics, market research, fraud prevention;
• Compliance with legal requirements, responding to government requests, handling inquiries, accounting, reporting.

4.2. Legal basis for processing:

• User consent (Art. 2 and Art. 6 of the Law of Ukraine "On Personal Data Protection");
• Necessity to fulfill End User Agreement, provide services;
• Compliance with legal obligations, protection of Gardix rights and interests;
• Legitimate interest (security, protection, service optimization).

5. Cookies, Analytics, Automated Processing

5.1. Gardix uses cookies, pixels, scripts, analytical services (Google Analytics, Facebook Pixel, Firebase, Amplitude, others) for the purpose of:

• Ensuring correct operation of the app/website;
• Analyzing behavior, segmentation, traffic, visitor numbers, feature popularity;
• Implementing personalization, targeted advertising, marketing campaigns.

5.2. Users can change cookie settings in browser, app or on Gardix website, however this may affect the functionality of certain features.

5.3. Gardix does not perform automated decision-making that has legal consequences for the User (e.g., scoring, profiling for service denial) without separate consent.

6. How and With Whom We Share Data

6.1. Gardix may transfer personal data to third parties only in the following cases:

• Official partners, service centers, payment systems, cloud providers, if necessary for service operation (e.g., payment processing, technical support, integration with other devices, equipment maintenance);
• Government authorities, courts, police - in cases directly provided by law or based on a decision of a competent authority;
• Marketing agencies, research companies - in depersonalized (anonymized) form for analytics, research, statistics;
• In case of Gardix merger, acquisition, reorganization - to the successor in compliance with this Policy requirements.

6.2. Gardix guarantees that all third parties to whom data may be transferred are obliged to ensure their confidentiality and protection at a level not lower than provided by this Policy and legislation.

6.3. Gardix does not sell, lease or exchange User personal data.

7. International Data Transfer

7.1. Personal data may be transferred and stored on servers outside Ukraine or the European Union, if necessary for service operation, technical support, analytics, backup storage.

7.2. In case of international transfer, Gardix complies with GDPR requirements, enters into agreements with entities that guarantee an adequate level of protection (standard contractual clauses, Privacy Shield, other legal mechanisms).

8. How We Protect Your Data

8.1. Gardix implements organizational and technical protection measures:

• Data encryption during transmission (SSL/TLS) and storage;
• Access control, authorization, two-factor authentication, event logs;
• Server protection, regular backups, multi-level security;
• Vulnerability analysis, security audit, software updates, employee training;
• Restricting data access only to those employees/partners for whom it is necessary to perform their duties.

8.2. Gardix is not responsible for actions of third parties, hackers, viruses, if the User violated security rules, shared passwords, allowed unauthorized access to device or account.

9. Your Rights

9.1. The User has the right to:

• Receive information about personal data processing, demand access to it, correction, update, processing restriction, deletion ("right to be forgotten");
• Withdraw consent to processing at any time (with consequences defined in this Policy);
• File a complaint with Gardix support, to the Ombudsman, National Agency for Personal Data Protection or other competent authority;
• Demand transfer of their data to another operator ("right to portability");
• Learn about security breaches that may affect User rights and freedoms.

9.2. Gardix considers all User requests, inquiries, complaints within the timeframe defined by legislation and internal procedures (usually up to 30 days).

10. How Long We Store Your Data

10.1. Personal data is stored only as long as necessary to achieve processing purposes, fulfill User Agreement, comply with legal obligations, resolve disputes.

10.2. As a rule, data is stored during the account lifetime, and after account deletion - no more than 5 years (unless otherwise provided by law, for example, for accounting/tax reporting).

10.3. Data may be deleted or depersonalized upon written User request, or automatically after the storage period expires.

11. Policy Changes

11.1. Gardix has the right to change, update, supplement this Policy at any time. The updated version is published on the website and in the mobile app.

11.2. The User is obliged to independently monitor updates. Continued use of the service after changes means agreement with the new Policy version.

12. Contact for Inquiries and Complaints

12.1. For all questions related to personal data, privacy policy, rights, complaints, requests for deletion/change/processing restriction, please contact:

Email: support@gardix.systems
Online form: https://gardix.systems/
Legal address: 02099, Ukraine, Kyiv, Zroshuvalna str., building 6, office 25