Privacy Policy

1. Who We Are

Made in Ukraine (NGO “МЕЙД-ІН-ЮКРЕЙН”, EDRPOU 45573827) operates the website made-in-ukraine.org, an independent media platform dedicated to Ukrainian manufacturing, trade intelligence, and sector analysis.

2. Information We Collect

Account information: When you create an account or sign in via Google — whether as a reader or as an editorial staff member — we collect your name, email address, and profile picture (if provided by Google), for authentication and account management.

Reading activity: If you sign in as a reader, we keep a record of the articles you view so we can show your reading history and suggest relevant content. You can ask us to delete this at any time.

Analytics data: We use Google Analytics and Google Tag Manager to collect anonymized usage data such as pages visited, time on site, and device type. This data helps us improve the platform. No personally identifiable information is shared with third-party analytics providers.

Newsletter subscriptions: If you subscribe to our newsletter, we collect your email address. You can unsubscribe at any time using the link in every email.

Contact forms: When you submit a contact or event inquiry form, we collect the information you provide (name, email, message) to respond to your request.

3. How We Use Your Information

We use the collected information to provide and maintain our platform, authenticate admin users, send newsletters you have subscribed to, respond to your inquiries, analyze platform usage to improve our content and services, and comply with legal obligations.

Legal bases (GDPR Art. 6): we process account and reading-activity data to provide the service you ask for (performance of a contract); we send the newsletter and set analytics cookies on the basis of your consent, which you can withdraw at any time; we rely on our legitimate interests to operate, secure and improve the platform, to respond to inquiries, and for limited business-to-business editorial outreach (you may object at any time); and we process data where necessary to comply with a legal obligation.

4. Third-Party Services

We use the following third-party services that may process your data: Google OAuth (authentication), Google Analytics (anonymized site analytics), LinkedIn API (social media posting on behalf of admin users), and Anthropic Claude API (AI-assisted content generation, admin use only). We do not sell or share your personal data with third parties for advertising purposes.

5. Data Storage, Security & International Transfers

Your data is stored on secure servers hosted within the European Union. Passwords are encrypted using industry-standard bcrypt hashing. OAuth tokens are stored securely and used only for their intended purpose. We implement reasonable technical and organizational measures to protect your information from unauthorized access, alteration, or destruction.

International transfers: although our servers are in the European Union, some of our service providers (Google, the LinkedIn API and the Anthropic Claude API) are based in the United States. Where personal data is transferred outside the EU/EEA, we rely on the European Commission’s Standard Contractual Clauses together with additional safeguards such as encryption in transit and at rest and access controls. You can request a copy of these safeguards using the contact details below.

6. Cookies

We use strictly necessary cookies to run the site (for example session management); these do not require consent. We also use analytics cookies — Google Analytics, Google Tag Manager and Microsoft Clarity — but only with your prior consent. On your first visit a cookie banner asks you to accept or decline analytics, and no analytics or tag-manager script loads until you accept. You can change or withdraw your choice at any time via the “Cookie settings” link in the footer (withdrawing is as easy as giving consent), and you can also block cookies in your browser. Disabling strictly necessary cookies may affect your ability to sign in.

7. Your Rights

Under applicable privacy laws (including GDPR), you have the right to access your personal data, request correction of inaccurate data, request deletion of your data, object to processing, data portability, and withdraw consent at any time. To exercise these rights, contact us at [email protected].

You also have the right to lodge a complaint with a data-protection supervisory authority — in the EU, your local authority; in the UK, the Information Commissioner’s Office (ICO); and in Ukraine, the Ukrainian Parliament Commissioner for Human Rights (Ombudsman).

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy. Account data is retained while your account is active. You may request deletion of your account and associated data at any time.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the date above.

10. Contact Us

If you have any questions about this privacy policy, contact us at [email protected] or visit our contact page.