Privacy Policy

Last updated: 8 June 2026
Effective date: 8 June 2026

This Privacy Policy explains how personal data may be collected, used, stored, shared, and protected in connection with the business activities, websites, digital products, services, payment flows, and customer support operated or processed by:

SERGEI KONOVALOV, trading as S.K.

This Privacy Policy applies to the official business website:

https://sergeikonovalov.com/

and may also apply to international payment flows, invoices, payment links, checkout pages, customer support, digital products, online memberships, SaaS access, web design and development services, and related projects where SERGEI KONOVALOV / S.K. is the seller, service provider, technical provider, merchant of record, or international payment processor.

1. Data Controller

The data controller for the activities described in this Privacy Policy is:

SERGEI KONOVALOV, trading as S.K.
Legal form: Entrepreneur individuel / Micro-entreprise
SIREN: 989 827 043
SIRET: 989 827 043 00013
APE / Main activity code: 62.01Z — Programmation informatique
VAT status: Franchise en base de TVA
Business address: 8 Rue des Platanes, 67810 Holtzheim, France
Business email: sergeinfrance@gmail.com
Business website: https://sergeikonovalov.com/

SERGEI KONOVALOV / S.K. may act as seller, service provider, developer, technical provider, merchant of record, or international payment processor depending on the specific product, service, invoice, checkout page, payment link, or project.

2. Scope of This Privacy Policy

This Privacy Policy may apply to personal data processed in connection with:

website design and development services;
web application design and development services;
UI/UX design services;
frontend and backend development;
landing pages;
SaaS interfaces and software-related services;
technical consulting;
payment integration setup;
website maintenance;
digital product infrastructure;
online platform setup and support;
SaaS access;
paid platform access;
online memberships;
paid channel access;
digital products;
PDF files;
e-books;
recipe books;
webinars;
video materials;
online programs;
educational digital content;
digital access products;
international card payments for selected digital projects;
customer support and dispute handling.

Project-specific privacy policies may also apply to specific products, websites, or payment flows.

3. Official Projects and Websites

S.K. may provide services, sell products, operate digital projects, or process international payments through the following official websites and projects.

3.1. S.K. Web Design and Development Services

Official website:
https://sergeikonovalov.com/

S.K. may process personal data in connection with web design, web development, UI/UX design, consulting, technical services, payment setup, website maintenance, invoices, proposals, project communication, and service delivery.

3.2. Olga Ugrymova Culinary Club

Official website:
https://club.ugrymova.ru/

International payments page:
https://club.ugrymova.ru/en/international-payments

Project-specific Privacy Policy:
https://club.ugrymova.ru/en/privacy-policy

The Culinary Club may involve paid access to private educational content, recipes, culinary materials, nutrition-related content, private community access, online materials, and related digital content authored by Olga Ugrymova.

3.3. Ugrymova Digital Shop

Official shop website:
https://shop.ugrymova.ru/

International payments page:
https://shop.ugrymova.ru/international-payments

Project-specific Privacy Policy:
https://shop.ugrymova.ru/privacy-policy-international

The shop may sell digital products including PDF files, e-books, recipe books, digital guides, webinars, video materials, online programs, educational materials, nutrition-related materials, women’s health and wellness programs, weight management materials, sleep and recovery materials, and other digital content authored by Olga Ugrymova.

3.4. USPAS

Official website / platform:
https://uspas.ru/

USPAS is a digital creator platform / SaaS product that may provide access to creator channels, private content, digital memberships, paid channels, digital materials, and related online services.

3.5. Channly

Channly is a digital service / SaaS project connected with paid access, creator content, Telegram-based access flows, digital membership management, and related online services.

The applicable product page, payment page, checkout page, platform page, invoice, or project-specific privacy notice displayed before payment applies to a specific Channly purchase.

4. Personal Data We May Collect

Depending on how a customer, client, user, or visitor interacts with S.K. websites, products, services, payment pages, platforms, or support channels, we may collect or process the following categories of personal data.

4.1. Identity and Contact Data

full name;
business name;
email address;
phone number;
billing address;
country or region;
customer account details;
login information, where an account is created;
communication details provided by the customer.

4.2. Order, Payment, and Transaction Data

order number;
invoice number;
payment link reference;
product or service name;
project name;
order amount;
currency;
order status;
payment status;
payment method;
payment date;
refund status;
dispute or chargeback status;
access status;
subscription or membership status, where applicable;
billing and accounting records.

4.3. Payment Data

International card payments may be processed through Stripe or another payment provider.

We may receive limited payment-related information from payment providers, such as:

payment status;
payment amount;
currency;
transaction reference;
Stripe payment ID or receipt reference;
card brand;
last four digits of the card, where made available by Stripe;
country or risk/fraud indicators where made available by Stripe;
refund or dispute status.

We do not store full bank card numbers, CVC codes, or full payment card details.

Full card data is processed by Stripe or another payment provider according to its own privacy and security practices.

4.4. Digital Access and Delivery Data

For digital products, SaaS access, memberships, private content, or online platforms, we may process information related to:

access links;
download links;
customer account status;
platform access status;
membership status;
access period;
whether access was provided;
whether a file was downloaded, where technically tracked;
technical access requests;
access restoration requests;
product delivery support.

4.5. Project and Service Data

For web design, web development, consulting, implementation, maintenance, and related services, we may process:

project requirements;
website URLs;
technical specifications;
brand materials;
design preferences;
customer feedback;
login credentials provided for project work;
hosting, domain, CMS, payment provider, API, or integration information;
project files;
communication history;
invoice and payment records;
service delivery records.

Customers should not send unnecessary passwords, secret keys, private API keys, or confidential business data unless required for the project. If such data is shared, customers should use secure methods where possible.

4.6. Support and Communication Data

When a customer contacts support, we may process:

name;
email address;
order details;
payment details needed to identify the payment;
project details;
messages;
screenshots;
technical issue descriptions;
refund requests;
access requests;
dispute information;
other information voluntarily provided by the customer.

4.7. Technical and Usage Data

When a customer or visitor uses S.K. websites, platforms, checkout pages, payment links, or digital services, we may process technical information such as:

IP address;
browser type and version;
device type;
operating system;
language settings;
pages visited;
time and date of visit;
referral source;
approximate location based on IP address;
logs related to security, fraud prevention, errors, and website performance.

4.8. Cookies and Similar Technologies

Websites and platforms may use cookies and similar technologies for:

website functionality;
checkout operation;
customer login;
payment processing;
fraud prevention;
security;
analytics;
performance measurement;
remembering preferences;
marketing or remarketing, where enabled and legally permitted.

Where required by applicable law, non-essential cookies may be used only with the user’s consent.

5. Special Categories of Personal Data

Some digital materials connected with Olga Ugrymova may relate to nutrition, recipes, lifestyle, wellness, women’s health, weight management, sleep, recovery, and related educational topics.

We do not intentionally require customers to provide medical records, diagnoses, health data, genetic data, biometric data, or other special categories of personal data to purchase standard digital products.

Customers should not send sensitive medical information through checkout forms, project forms, comments, or support messages unless it is strictly necessary for a support request and they choose to do so voluntarily.

If a customer voluntarily provides health-related or other sensitive information in a support message, we will use it only to respond to the request, provide support, comply with legal obligations, or protect rights where necessary.

Digital educational materials are provided for informational and educational purposes only and do not constitute medical advice, diagnosis, treatment, individual nutrition consultation, or a substitute for professional medical care.

6. How We Use Personal Data

We may use personal data for the following purposes:

to operate S.K. websites and services;
to respond to inquiries;
to prepare proposals, quotes, invoices, and agreements;
to provide web design, web development, consulting, and technical services;
to manage projects and customer communication;
to process payments;
to confirm payment status;
to provide digital delivery;
to provide customer account access;
to provide SaaS, platform, membership, or private content access;
to send download links or access instructions;
to handle support requests;
to handle refund requests;
to manage disputes, chargebacks, and fraud-prevention checks;
to send transactional emails;
to comply with accounting, tax, legal, and regulatory obligations;
to protect websites, payment systems, platforms, digital materials, customers, S.K., authors, and third parties;
to prevent fraud, abuse, unauthorized sharing, and illegal activity;
to improve website performance, checkout, products, services, and digital delivery;
to analyze technical errors;
to send marketing emails only where legally permitted and, where required, with consent.

7. Legal Bases for Processing

Where the General Data Protection Regulation or similar data protection law applies, we may process personal data based on one or more of the following legal bases.

7.1. Contract Performance

We process personal data when necessary to:

provide a quote, proposal, or service;
accept and manage an order;
process payment;
provide digital delivery;
provide customer account access;
provide purchased digital materials;
provide SaaS or platform access;
deliver web design, web development, consulting, or technical services;
respond to support requests related to a purchase or service;
handle refund requests related to a purchase.

7.2. Legal Obligation

We process personal data when necessary to comply with legal obligations, including:

accounting;
tax records;
consumer protection obligations;
payment records;
fraud-prevention obligations;
legal claims;
requests from competent authorities where required by law.

7.3. Legitimate Interests

We may process personal data for legitimate interests, including:

operating and securing websites and platforms;
preventing fraud and abuse;
protecting digital content from unauthorized sharing;
improving website and service performance;
responding to customer support requests;
managing payment disputes and chargebacks;
maintaining business records;
protecting rights, property, security, customers, and third parties.

7.4. Consent

We may process personal data based on consent for:

non-essential cookies, where required;
marketing emails, where required;
optional communications;
other activities where consent is legally required.

The customer may withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.

8. Payment Processing Through Stripe

International card payments may be processed through Stripe.

When a customer pays through Stripe, Stripe may collect and process personal data, payment data, authentication data, fraud-prevention data, device data, and transaction data according to Stripe’s own terms, privacy policy, security standards, and legal obligations.

S.K. does not control all processing activities performed by Stripe.

Customers should review Stripe’s privacy information before completing payment through Stripe.

Stripe may process data for payment confirmation, authentication, fraud prevention, dispute handling, chargebacks, refunds, regulatory compliance, and payment infrastructure operation.

9. Other Payment Providers

Some payment flows may use other payment providers, banks, card networks, payment links, invoices, or checkout systems.

Russian domestic payment flows connected with Olga Ugrymova products may be processed separately through Russian payment providers, including Prodamus, Robokassa, or another payment method displayed before payment.

Where a different seller, payment provider, privacy policy, or legal document is clearly displayed before payment, that information may apply to the relevant purchase.

10. Service Providers and Third Parties

S.K. projects and services may depend on third-party services, including but not limited to:

Stripe;
banks and card networks;
hosting providers;
domain registrars;
WordPress;
WooCommerce;
Lovable;
Supabase;
Telegram;
email service providers;
analytics tools;
video hosting providers;
file storage providers;
security tools;
payment providers;
APIs;
plugins;
software libraries;
SaaS tools;
accounting and legal advisors.

These providers may process personal data only where necessary for payment processing, hosting, website operation, communication, support, digital delivery, security, analytics, accounting, legal compliance, or service delivery.

We do not sell customers’ personal data.

11. International Data Transfers

Because S.K. may use international service providers, personal data may be transferred to or processed in countries outside the customer’s country of residence, including outside the European Economic Area.

Where required by applicable law, such transfers are made using appropriate safeguards, such as adequacy decisions, standard contractual clauses, contractual commitments, technical protections, or other lawful transfer mechanisms.

Payment providers, hosting providers, analytics providers, and other third-party services may have their own international data transfer mechanisms and privacy practices.

12. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including:

project delivery;
order processing;
digital delivery;
customer account operation;
customer support;
refund handling;
payment dispute and chargeback handling;
fraud prevention;
accounting and tax records;
legal compliance;
protection of rights;
website security and technical logs.

Order, invoice, payment, accounting, and tax-related records may be retained for the period required by applicable law.

Project communication and support messages may be retained for a reasonable period to resolve issues, document decisions, prevent fraud, and protect rights.

Technical logs may be retained for a limited period unless longer retention is necessary for security, fraud prevention, legal compliance, or dispute handling.

When personal data is no longer needed, it will be deleted, anonymized, or securely retained only where legally required or justified.

13. Customer and User Rights

Depending on applicable law and the customer’s location, the customer may have the right to:

request access to personal data;
request correction of inaccurate personal data;
request deletion of personal data;
request restriction of processing;
object to processing;
request data portability;
withdraw consent where processing is based on consent;
object to direct marketing;
lodge a complaint with a competent data protection authority.

To exercise these rights, the customer may contact:

sergeinfrance@gmail.com

We may need to verify the customer’s identity before responding to a request.

Some data may need to be retained where required for legal, accounting, tax, fraud-prevention, dispute-handling, or rights-protection purposes.

14. Data Protection Authority

If the customer is located in the European Union and believes that their data protection rights have been violated, the customer may have the right to lodge a complaint with a competent supervisory authority.

In France, the competent data protection authority is the Commission Nationale de l’Informatique et des Libertés (CNIL).

We encourage customers to contact us first so that we can try to resolve the issue.

15. Marketing Communications

We may send marketing communications only where legally permitted.

Marketing emails may include information about S.K. services, new digital products, educational materials, platform updates, project news, offers, or related content.

Where consent is required, marketing emails will be sent only after consent.

The customer may unsubscribe from marketing emails at any time by using the unsubscribe link in the email or by contacting support.

Transactional emails related to orders, payment, digital delivery, customer accounts, refunds, project delivery, security, or legal notices may still be sent even if the customer unsubscribes from marketing emails.

16. Cookies and Analytics

Websites and platforms may use cookies and similar technologies to operate services and improve the customer experience.

Essential cookies may be required for:

website functionality;
shopping cart;
checkout;
customer login;
payment processing;
security;
fraud prevention;
platform operation.

Non-essential cookies may be used for:

analytics;
performance measurement;
marketing;
remarketing;
user preferences;
improving website content.

Where required by law, users may be asked to accept, reject, or manage non-essential cookies.

Users can also manage cookies through browser settings, but disabling some cookies may affect checkout, login, payment, platform access, or digital delivery functionality.

17. Security

We take reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These measures may include:

secure payment processing through payment providers;
access controls;
password-protected systems;
HTTPS encryption where available;
hosting security tools;
fraud-prevention checks;
security plugins or monitoring tools;
limited access to customer information;
backups and technical safeguards where appropriate;
use of trusted service providers where possible.

No website, payment system, email system, hosting system, SaaS platform, or internet transmission can be guaranteed to be completely secure.

Customers are responsible for keeping account credentials, email access, download links, access links, and project credentials secure.

18. Confidential Project Information

For web design, web development, consulting, SaaS, and technical services, customers may provide business information, project files, access credentials, website content, technical data, or other confidential information.

S.K. will use such information only for the purposes of providing the requested service, support, implementation, maintenance, troubleshooting, legal compliance, or rights protection.

Customers should provide only the information necessary for the project and should remove or restrict sensitive data wherever possible.

19. Children’s Data

S.K. services and payment flows are not intended for children under 18 without the consent of a parent or legal guardian.

We do not knowingly collect personal data from children for purchases or services without appropriate consent.

If a parent or legal guardian believes that a child has provided personal data without consent, they should contact us so that we can review the situation and take appropriate action.

20. Customer Responsibilities

Customers are responsible for:

providing accurate personal data;
using a valid and accessible email address;
keeping account login details secure;
not sharing access links or account credentials;
checking spam, promotions, junk, and other email folders;
contacting support if order, payment, access, or project information is incorrect;
not sending unnecessary sensitive personal data through support channels;
protecting credentials, API keys, hosting access, domain access, and payment provider access shared for project work.

21. Links to Third-Party Websites

S.K. websites, platforms, payment pages, project pages, and digital products may contain links to third-party websites, payment providers, video platforms, file platforms, social networks, SaaS tools, or other external resources.

We are not responsible for the privacy practices, content, security, or legal documents of third-party websites.

Customers should review the privacy policies of third-party websites before using them.

22. Related Legal Documents

This Privacy Policy should be read together with:

S.K. Terms and Conditions:
https://sergeikonovalov.com/terms-and-conditions

S.K. International Payments and Business Activities:
https://sergeikonovalov.com/international-payments

For Olga Ugrymova Culinary Club:

Terms:
https://club.ugrymova.ru/en/terms

International Payments:
https://club.ugrymova.ru/en/international-payments

For Ugrymova Digital Shop:

Terms and Conditions:
https://shop.ugrymova.ru/terms-and-conditions

International Payments:
https://shop.ugrymova.ru/international-payments

If there is any inconsistency between information displayed on a product page, checkout page, payment page, order confirmation, invoice, agreement, or legal document, the information clearly displayed for the specific purchase or project applies to that purchase or project.

23. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

The updated version will be published on this page with a new “Last updated” date.

The version applicable to a purchase, payment, project, or interaction is the version available at the relevant time, unless mandatory law provides otherwise.

Customers are encouraged to review this Privacy Policy periodically.

24. Contact Details

For questions about this Privacy Policy, personal data, privacy rights, international payments, Stripe payments, digital delivery, customer accounts, access issues, project data, or support requests, please contact: