Privacy policy

Publication date: 20.08.2025
Last updated: 20.08.2025

1. General Provisions

1.1. This privacy policy (hereinafter — "Policy") applies to all information, including personal data as defined by applicable law (hereinafter — "Personal Information"), which LLC DONUT TECHNOLOGIES (ID 406527815) (hereinafter — "Company", "we", "our" or "us") may receive about you in the process of:

  • using our services (website mydonut.app and its subdomains)
  • any interaction with us through all communication channels (hereinafter collectively — "Services")

1.2. The protection of your Personal Information and your privacy is extremely important to us. Therefore, when you use our Services, we protect and process your Personal Information in strict accordance with applicable law.

1.3. In this Policy, we transparently inform you about:

  • how and what information we collect
  • how we use and protect it
  • to whom we may transfer it
  • what your rights are regarding your Personal Information

1.4. By using our Services, you agree to the terms of this Policy and consent to the processing of your Personal Information in accordance with it. If you do not agree with the Policy, please do not use our Services.

1.5. This Policy is an integral part of the User Agreement and other Company documents governing the use of Services.

1.6. We may update the Policy as our Services evolve. When making significant changes, we will notify you through the Services interface or by email. Continued use of the Services after changes to the Policy means acceptance of all changes.

2. What Information We Collect

Personal Information collected during the operation of the Websites and/or provision of Services may vary depending on whether you use your account to access the Websites and/or Services. The Company does not verify the Personal Information you provide, except in cases provided for in the user agreement or terms of use of individual services, and cannot judge its accuracy. Nevertheless, the Company assumes that you provide accurate and sufficient Personal Information and update it in a timely manner.

2.1. Information you provide to us:

  • Registration data (name, email, phone)
  • Payment information (when using paid services)
  • Messenger account data
  • Content you create and upload for your websites
  • Information you include in correspondence with our support service
  • Information from scanned documents (if required for verification)

2.2. Information collected automatically when using the service:

  • IP address and device data
  • Browser and operating system information
  • Geolocation data
  • Service navigation information
  • Feature usage statistics
  • Messenger interaction data
  • Technical logs and analytics
  • Cookies and similar tracking technologies

2.3. Information from other sources:

  • Data from messenger integration partners
  • Information from payment systems
  • Data from analytics services
  • Information from security and fraud prevention services
  • Data from social networks (when logging in through social networks)

2.4. Information about users of your websites: We may also receive and process information about visitors to the websites you create, including:

  • Contact information
  • Visit information
  • Content interaction data
  • Technical usage information

This information is processed exclusively to ensure the operation of your websites and in accordance with your privacy settings.

3. How We Use Your Information

3.1. Main purposes of use:

  • Providing access to our Services and managing them
  • Creating and maintaining your account
  • Processing your payments
  • Providing technical support
  • Sending important notifications and messages
  • Responding to your requests and inquiries
  • Improving and personalizing our Services
  • Ensuring the security of your data

3.2. Marketing purposes:

  • Sending news and updates about our Services
  • Informing about new features and capabilities
  • Conducting research and analytics
  • Improving user experience
  • Targeting and displaying relevant information

3.3. Legal grounds:

  • Performance of a contract with you
  • Your consent to data processing
  • Legitimate interests of our Company
  • Compliance with legal requirements

3.4. We process your information only when:

  • It is necessary for the performance of a contract or to take steps to enter into a contract with you
  • It is necessary for compliance with our legal obligations
  • We have a legitimate interest in processing your data that does not override your rights
  • You have given consent to such processing

3.5. Processing period:

We process your information only for the period necessary to achieve the processing purposes, unless otherwise provided by legal requirements.

4. Information of Users-of-our-Users

4.1. General provisions

The Company may collect, store, and process certain information of visitors and users of our Users' websites (hereinafter — "Information of Users-of-our-Users") exclusively on behalf of our Users and in accordance with their instructions.

4.2. Roles and responsibilities

  • The Company acts as a "Processor" of such information, acting on behalf of our Users
  • Users who create and manage their websites through our service are considered "Controllers" of such information
  • Users are fully responsible for compliance with all laws and regulations that may apply to the collection and control of Information of Users-of-our-Users
  • Users can configure their own policies using our Service tools (form signatures, information pages, etc.)

4.3. Company obligations

We process Information of Users-of-our-Users:

  • Strictly in accordance with our Users' instructions
  • In accordance with mandatory data protection requirements
  • Using appropriate technical and organizational security measures

4.4. User obligations

Users are responsible for:

  • Security and confidentiality of Information of Users-of-our-Users
  • Obtaining all necessary consents and permissions
  • Providing necessary rights to data subjects
  • Sending all necessary notifications

4.5. Rights of Users-of-our-Users

If you are a visitor, user, or customer of a website created through our service:

  • All requests regarding your personal data should be directed to the website owner
  • The Company does not have direct relationships with Users-of-our-Users
  • Upon receiving a request from a website owner to delete data, we will respond within 30 days

4.5 Cookie requirements vary. The default text in our Service is a sample and may not meet all legal requirements in each specific case. The Company cannot provide legal advice, including on the content of consent text for your privacy policy or cookie policy.

5. How We Protect Your Information

5.1. Protecting your data is our priority. We take all necessary organizational and technical measures to protect your Personal Information from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other unlawful actions by third parties.

5.2. Technical protection measures:

  • Data encryption when transmitted over the secure HTTPS protocol
  • Use of SSL/TLS certificates for secure data transmission
  • Application of antivirus protection for servers and systems
  • Use of firewalls
  • Regular data backup
  • Intrusion detection and prevention systems
  • Monitoring and auditing of security systems
  • Protection against DDoS attacks

5.3. Organizational protection measures:

  • Strict control of data access
  • Providing access to data only to those employees who need it to perform their duties
  • Regular training of personnel on personal data handling rules
  • Documented procedures for responding to security incidents
  • Regular auditing of data processing procedures

5.4. In the event of an incident related to Personal Information, we:

  • Initiate an internal investigation of the incident
  • Notify affected users and competent authorities
  • Take measures to address the consequences of the incident
  • Make necessary changes to systems and processes to prevent recurring incidents

5.5. Data storage is carried out on secure servers without the use of removable storage media that could be transported outside the protected perimeter.

6. Data Transfer to Third Parties

The Company may transfer Personal Information to third parties to achieve the purposes specified in this Policy. The Company takes available measures to maintain the level of protection of Personal Information during its transfer in accordance with this section.

6.1. We may transfer your Personal Information to the following categories of recipients:

  • Payment service providers for payment processing
  • Analytics services for analyzing the use of our Services
  • Messenger support services to ensure integration
  • Technical service providers to ensure the operation of Services
  • Integration partners to expand functionality
  • Authorized bodies as required by law

6.2. Guarantees for data transfer:

  • Transfer of only the necessary minimum of data
  • Conclusion of confidentiality agreements
  • Control over data processing
  • Compliance with personal data legislation
  • Ensuring security during data transfer

6.3. Grounds for data transfer:

  • Your consent to transfer
  • Necessity for providing services
  • Legal requirements
  • Protection of our legitimate interests
  • Performance of a contract with you

6.4. In case of sale or reorganization of the company:

We may transfer your data to the new business owner while maintaining all confidentiality guarantees provided by this Policy.

The User's personal data may be processed and stored outside Georgia. In such cases, the Company ensures compliance with the requirements of Georgian legislation on the protection of personal data and takes the necessary measures to ensure an adequate level of their security.

Data transfer is possible only:

  • to countries that ensure an adequate level of personal data protection
  • based on the User's consent
  • or in other cases expressly provided for by applicable law

6.6. Depending on the user's region, payment processing may be carried out by different payment systems in accordance with their privacy and data processing policies.

7. Where We Store Your Information

7.1. We process data about individuals worldwide and may store, process, and transfer your Personal Information in different countries. In doing so, we:

  • Conduct thorough reviews of privacy laws in these countries
  • Implement strict security measures to protect your data
  • Ensure compliance with international data protection standards

7.2. When transferring data to other countries, we guarantee:

  • Use of appropriate data transfer mechanisms (e.g., Standard Contractual Clauses)
  • Ensuring an adequate level of personal data protection
  • Compliance with applicable data protection legislation

7.3. Our partners and service providers who may gain access to your information are bound by contractual obligations to:

  • Protect your data
  • Maintain confidentiality
  • Ensure security according to industry standards
  • Comply with applicable data protection legislation

7.4. For users from the European Union, United Kingdom, and Switzerland:

  • We provide a level of protection recognized as adequate by the European Commission
  • We use appropriate Standard Contractual Clauses when transferring data
  • We take additional measures to comply with European data protection laws

7.5. Depending on the user's region, data may be stored and processed on servers located in different jurisdictions.

8. Your Rights Regarding Personal Data

8.1. Your basic rights:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Delete your data ("right to be forgotten")
  • Restrict the processing of your data
  • Transfer data to other services
  • Object to certain types of processing
  • Withdraw consent to data processing
  • Appeal actions or inaction regarding your data

8.2. How to exercise your rights:

  • Through your personal account in our service (for most operations)
  • By sending a request to email: [email protected]
  • Through customer support

8.3. Request processing timeframes:

  • We review all requests within 10 business days
  • If necessary, the period may be extended by another 5 business days
  • We will notify you additionally about the extension of the period
  • The response is provided in the same form in which the request was received

8.4. Limitations:

  • We may request additional information to confirm your identity
  • In some cases, we may refuse to fulfill a request on legal grounds
  • Withdrawal of consent does not affect the lawfulness of data processing prior to withdrawal
  • Some data may be retained in accordance with legal requirements

8.5. The user has the right to withdraw consent to the processing of personal data at any time by contacting us using the contacts specified in this policy.

9. Cookies and Other Tracking Technologies

9.1. What cookies are and why we use them

Cookies are small text files placed on your device when you visit our Services. They help us make our Services more convenient and secure, as well as analyze their use to improve performance.

The following types of cookies are used on our Services:

  • Strictly necessary cookies: needed for the operation of Services and providing you with requested services. For example, they help with authorization and saving your settings.
  • Analytical cookies: help us understand how you use our Services, which sections are most popular, how users navigate the site. This helps us improve the performance of Services.
  • Functional cookies: remember your settings and preferences (e.g., language or region) for more convenient use of Services.
  • Advertising cookies: help display relevant advertising and analyze the effectiveness of advertising campaigns.

9.2. Managing cookies

When you first visit our Services, we will request your consent to use cookies. You can change your settings at any time in one of the following ways:

  • Through your browser settings (usually found in the "Settings" or "Options" section)
  • By deleting existing cookies
  • Using special browser add-ons and plugins

Please note that disabling certain types of cookies may limit access to some features of our Services.

9.3. Other tracking technologies

In addition to cookies, we may also use:

  • Web beacons (pixel tags)
  • Browser local storage
  • Tracking technologies in messengers
  • Other similar technologies

These technologies are used for:

  • Analyzing the use of our Services
  • Improving functionality
  • Ensuring security
  • Personalizing content

10. Changes to the Privacy Policy

10.1. We may make changes to this Privacy Policy in accordance with changes in legislation, as well as in connection with changes in the operation of our Services or the emergence of new functionalities.

10.2. In case of significant changes to this Policy, we will notify you in one of the following ways:

  • By posting a notice on our website
  • By sending an email to the address specified in your account
  • By displaying a notification in the Services interface
  • By other means allowing you to become aware of the changes

10.3. Changes take effect no earlier than 30 (thirty) days from the moment of their publication. If you continue to use our Services after the publication of changes to the Policy, this means that you accept these changes.

10.4. If you disagree with the changes made, you should stop using our Services and delete your account.

10.5. Applicable law

10.5.1. This Policy and the relationship between you and us arising in connection with the application of the Privacy Policy are governed by the legislation of the Georgia.

10.5.2. In the event of any disputes or disagreements related to compliance with this Policy, you and we will make every effort to resolve them through negotiations. If disputes cannot be resolved through negotiations, they shall be resolved in accordance with the procedure established by current legislation.

10.6. Archived versions of this Policy are available upon request.

11. Age Restrictions

11.1. Our Services are not intended for persons under 18 years of age (hereinafter — "Children"). We take all measures available to us to determine the age of persons intending to use our Services.

11.2. We do not intentionally collect or store information about persons under 18 years of age. If we learn that we have received personal information about a child under 18 years of age without confirmation of parental (legal representatives) consent, we will take measures to delete such information from our databases.

11.3. If you are a parent or legal representative and have learned that your child, despite the measures we have taken, has provided us with their personal information, please contact us in any convenient way specified in the "Contacts" section of this Policy.

12. How Long We Store Your Information

12.1. We store your Personal Information only as long as necessary for the purposes described in this Privacy Policy. When determining the storage period, we consider:

  • The volume and nature of the collected information
  • The sensitivity of personal data
  • The potential risk of harm from unauthorized use or disclosure
  • The purposes for which we process your Personal Information
  • Applicable legal requirements

12.2. We store your Personal Information throughout the entire period of your use of our Services, as well as for a reasonable period after the termination of use for:

  • Fulfilling our legal obligations
  • Resolving possible disputes
  • Preventing fraud and abuse
  • Protecting our legitimate interests
  • Ensuring the fulfillment of our agreements

12.3. After the storage period expires, we delete or anonymize your Personal Information in such a way that it cannot be restored or reused.

12.4. You can delete your account at any time. In this case:

  • Most of the information will be deleted immediately
  • Some data may be stored longer if required by law
  • Some information may be retained in anonymized form for analytical purposes

13. Contacts and Feedback

13.1. All suggestions, questions, requests, and other inquiries regarding this Policy and the processing of your personal data can be sent to:

  • By email: [email protected]
  • Through the feedback form on our website
  • Through customer support in messengers

13.2. We review all inquiries related to personal data processing and provide responses within the following timeframes:

  • Within 10 business days from the receipt of the inquiry
  • If necessary, the period may be extended by another 5 business days with mandatory notification to you about this
  • The response is provided in the same form in which the inquiry was received

13.3. When contacting us to exercise your rights regarding personal data, we may ask you to:

  • Confirm your identity
  • Provide additional information for identification
  • Clarify the nature of the request or complaint

Have questions or suggestions?

Write to us. A manager will contact you soon

We use cookies to operate the site