SmartFOP Privacy Policy

SmartFOP is provided by ФОП Вишневський Б.В., tax ID / code 3021914770, address: м. Тернопіль, Україна.

For personal data questions, access, correction, deletion, or restriction requests, contact dilatonsoft@gmail.com.

Account data: email, password as a technical hash, user role, account status, login sessions, and security events.

Sole proprietor profile data: name, tax ID, address, phone, email, IBAN, bank, signer, business activity codes, and other details entered in the workspace.

Workspace data: objects, clients, counterparties, services, invoices, acts, files, support requests, and service notes needed for the dashboard to work.

Payment data: plan, amount, currency, order identifiers, payment status, and technical payment provider responses. SmartFOP does not store full card numbers, CVV, or full card credentials.

Technical data: IP address, user-agent, request time, errors, security logs, and other information needed to protect the service from abuse.

To create accounts, provide dashboard access, store user workspace data, and deliver SmartFOP features.

To prepare documents, manage objects, clients, services, plans, payments, support, and support history.

To activate the business profile: search sole proprietor or company registration data through OpenDataBot and verify identity through Diia.Signature.

To process payments, refunds, accounting records, contract performance, fraud prevention, technical support, and legal obligations.

For FOP lookup, the user enters the Ukrainian tax ID. SmartFOP sends this code to OpenDataBot and receives registration data from public or available registry sources: name, address, primary activity code, registration status, and other fields returned by the API.

Through Diia.Signature, the user confirms that the business profile belongs to them. SmartFOP uses data received from Diia only to match the person to the business profile and record the activation event.

These data are needed for correct invoices, acts, seller details, plan access, and protection against creating business profiles for someone else's FOP.

We process data when it is needed to conclude and perform the SmartFOP service agreement, provide support, process payments, and handle user requests.

Some data may be processed based on consent, legal obligations, or SmartFOP's legitimate interest in service security, abuse prevention, and transaction confirmation.

If a user enters data about their own clients or counterparties into SmartFOP, the user is responsible for having a lawful basis to collect and enter that data.

Data may be processed by technical providers who help us operate hosting, databases, backups, email, support, security, and payment infrastructure.

Payment data is transferred to the payment provider to process, confirm, or refund the payment.

During business profile activation, some data is transferred to OpenDataBot and Diia.Signature only within the flow selected by the user. If additional integrations are added later, they will be used only after the relevant user flow is launched.

We do not sell user personal data and do not share it with third parties for their independent marketing.

Account and workspace data is stored while the user uses SmartFOP or until account deletion, unless a longer period is needed for legal compliance, disputes, payment records, or security.

Payment and accounting records may be stored longer when needed for financial reporting, refunds, audits, or protection of SmartFOP and user rights.

After an account deletion request, SmartFOP deactivates access, deletes or anonymizes personal identifiers, and keeps technical records only where necessary or legally permitted.

Users may request access to their data, correction of inaccurate data, deletion, restriction of processing, objection to specific processing, or withdrawal of consent where processing is based on consent.

Send requests to dilatonsoft@gmail.com. To protect the account, we may ask the user to confirm identity or access to the account email.

Users may also lodge a complaint with a competent data protection authority if they believe their rights have been violated.

SmartFOP uses authentication, password hashing, access controls, event logging, anti-bot checks, backups, and separation of access to workspace data.

No system can guarantee absolute security, but we restrict access to data and keep improving technical and organizational protection measures.

SmartFOP uses technical cookies or similar identifiers for login, sessions, security, and correct dashboard operation.

If analytics or advertising cookies are added later, this policy will be updated and users will receive the required notice or choice where needed.