Skip to main content

Privacy Policy

Effective date: June 25, 2026
Last updated: June 25, 2026

1. Introduction

This Privacy Policy explains how Individual Entrepreneur Yurii Viktorovych Molchanov (Фізична особа-підприємець Молчанов Юрій Вікторович), registered under the laws of Ukraine and operating the Pritset service (“Pritset,” “we,” “us,” or “our”), collects, uses, processes, discloses, and protects personal data.

This Privacy Policy applies to:

  • the Pritset website at pritset.com;
  • Pritset’s applications and related subdomains;
  • Pritset’s application programming interface (“API”);
  • Pritset’s document-generation and webhook services;
  • account registration, billing, support, and other communications with Pritset.

Together, these are referred to as the “Services.”

Pritset can be contacted regarding privacy matters at:

Email: [email protected]
Country of establishment: Ukraine

2. Pritset’s role

Pritset may process personal data as either a data controller or a data processor, depending on the circumstances.

2.1 Pritset as a controller

Pritset acts as a controller when it determines why and how personal data is processed. This generally includes processing connected with:

  • account registration and administration;
  • authentication and account security;
  • billing and payment records;
  • customer support;
  • service usage records;
  • technical and security logs;
  • website analytics;
  • marketing communications;
  • compliance with legal obligations.

2.2 Pritset as a processor

Pritset generally acts as a processor when customers submit templates, API payloads, files, or other content for processing through the Services.

The customer determines why that content is processed and is generally the controller of personal data contained in it. Pritset processes that data on the customer’s instructions for the purpose of providing the Services.

Individuals whose personal data has been submitted to Pritset by a customer should normally contact that customer regarding their privacy rights.

3. Information we collect

The information Pritset collects depends on how an individual or customer uses the Services.

3.1 Account information

When an account is created or used, Pritset may process:

  • name;
  • email address;
  • organisation or company information;
  • account identifier;
  • account status;
  • authentication information;
  • multi-factor authentication status;
  • account permissions;
  • login and security history;
  • account preferences.

Passwords are not intended to be stored in readable form.

3.2 Authentication and API information

When a customer accesses or integrates with the Services, Pritset may process:

  • API keys and access tokens;
  • application identifiers;
  • template identifiers;
  • session identifiers;
  • login timestamps;
  • failed authentication attempts;
  • associated IP addresses;
  • API request and response metadata.

Customers are responsible for keeping their credentials, API keys, access tokens, and secrets secure.

3.3 Customer Content

“Customer Content” means information submitted by customers through the Services, including:

  • DOCX templates;
  • information contained in DOCX templates;
  • JSON and form-data payloads;
  • template variables;
  • text submitted for document generation;
  • other files submitted for processing;
  • generated document content;
  • webhook addresses and delivery information.

Customer Content may contain personal data relating to a customer’s employees, users, applicants, clients, suppliers, or other individuals.

Pritset does not determine what information customers include in Customer Content. Customers are responsible for ensuring that they have a lawful basis and all necessary rights or permissions to submit and process that information.

3.4 Technical and usage information

Pritset may automatically process:

  • IP address;
  • browser and device information;
  • operating system;
  • date and time of access;
  • pages or features used;
  • API endpoints called;
  • request and response identifiers;
  • response status;
  • processing duration;
  • error and diagnostic information;
  • document-generation statistics;
  • webhook delivery status;
  • credit and usage information;
  • security events.

Technical information may be connected to an account, API request, or other identifier and may therefore constitute personal data.

3.5 Payment information

Payments are processed through Monobank or another payment provider displayed during checkout.

Pritset may receive:

  • payment amount and currency;
  • transaction identifier;
  • payment date;
  • payment status;
  • account or order identifier;
  • information necessary to credit the customer’s Pritset account.

Pritset does not receive or store complete payment-card numbers, card security codes, or online banking credentials.

The payment provider processes payment information under its own terms and privacy policy.

3.6 Communications

When an individual contacts Pritset, we may process:

  • name;
  • email address;
  • organisation;
  • message content;
  • attachments;
  • technical information supplied in a support request;
  • correspondence history;
  • access tokens, secrets, API keys generated by Pritset
  • product feedback.

Communications may be processed through third-party email hosting and delivery providers acting on Pritset’s behalf.

3.7 Website analytics

Pritset uses Google Analytics to understand how visitors interact with the website.

Google Analytics may process information such as:

  • pages visited;
  • approximate location derived from IP address;
  • browser and device information;
  • referral source;
  • interaction events;
  • session information;
  • cookie or similar identifiers.

Google may process analytics information in accordance with its own privacy documentation and contractual terms.

Visitors may restrict cookies through their browser settings and may use controls made available by Google. Where legally required, Pritset will request consent before using non-essential analytics cookies.

Pritset does not intentionally send the content of DOCX templates, API payloads, or generated documents to Google Analytics.

4. How we use information

Pritset may process personal data for the following purposes.

4.1 Providing the Services

We process information to:

  • create and manage accounts;
  • authenticate users and API requests;
  • store and manage DOCX templates;
  • process API payloads;
  • generate documents;
  • deliver processing results;
  • send webhooks;
  • calculate usage and credits;
  • process payments;
  • provide customer support.

This processing may be necessary to perform a contract with the customer or to take requested steps before entering into a contract.

4.2 Operating and improving Pritset

We may process information to:

  • maintain service availability;
  • diagnose technical errors;
  • measure performance;
  • improve reliability and usability;
  • understand how the website and Services are used;
  • develop and test features;
  • plan infrastructure capacity.

Where applicable, this processing is based on Pritset’s legitimate interest in operating and improving the Services.

Pritset does not use Customer Content for advertising or to train unrelated machine-learning systems.

4.3 Security and abuse prevention

We may process information to:

  • prevent unauthorised access;
  • identify suspicious activity;
  • protect accounts and infrastructure;
  • detect fraud or misuse;
  • enforce usage limits;
  • investigate security incidents;
  • enforce our Terms of Service.

This processing is based on our legitimate interest in protecting Pritset, its customers, and the Services.

We may process information to:

  • confirm transactions;
  • update customer credit balances;
  • maintain accounting records;
  • comply with tax and legal requirements;
  • respond to lawful government requests;
  • establish, exercise, or defend legal claims;
  • resolve disputes.

The applicable legal basis may be performance of a contract, compliance with a legal obligation, or Pritset’s legitimate interests.

4.5 Communications and marketing

We may use contact information to:

  • respond to support requests;
  • send security and service notifications;
  • provide billing information;
  • announce material service changes;
  • send product updates and marketing communications where permitted.

Recipients may unsubscribe from marketing communications at any time. Unsubscribing from marketing does not prevent Pritset from sending necessary security, account, billing, or service messages.

5. Customer Content processing

5.1 Stored DOCX templates

DOCX templates uploaded to a Pritset account are retained until:

  • the customer deletes the template; or
  • the customer asks Pritset to delete the account and the account is disabled.

Customers should not use the template storage service as their only copy of a template.

Pritset currently does not maintain backup copies of customer DOCX templates. Customers are responsible for maintaining their own backup copies.

5.2 API payloads

JSON, form-data, and other request content submitted for document generation is held only for the time necessary to process the request.

Pritset does not intentionally retain the content of API payloads after processing has been completed.

5.3 Generated documents

Generated PDF documents and other processing results are not intentionally stored by Pritset after they have been generated and returned or delivered to the customer.

Temporary copies may exist in memory or temporary processing locations while a request is being completed. These copies are removed or overwritten as part of normal processing.

5.4 Webhooks

When customers configure a webhook, Pritset sends request information to the destination selected by the customer.

Customers are responsible for:

  • securing their webhook endpoints;
  • ensuring that the destination is authorised to receive the information;
  • using secure HTTPS endpoints;
  • controlling access to received webhook information.

Pritset is not responsible for the privacy practices of webhook destinations selected by customers.

6. Logs and retention

Pritset uses short-lived, rolling in-memory logs for operation, troubleshooting, and security.

Older log entries are automatically overwritten when the operational memory limit is reached. In-memory logs are also lost when the applicable service restarts.

Pritset does not currently maintain persistent backup copies of these operational logs.

Logs may contain:

  • timestamps;
  • IP addresses;
  • request identifiers;
  • endpoint information;
  • response status;
  • error details;
  • processing durations;
  • security events.

Pritset does not intentionally place complete DOCX templates, complete API payloads, or generated document contents into operational logs.

Other information is retained as follows:

  • account information is retained while the account remains active;
  • stored DOCX templates are retained until deleted by the customer or until the account is disabled following a deletion request;
  • transaction and accounting information may be retained for the period required by applicable law;
  • support communications may be retained for as long as reasonably necessary to address the request, maintain business records, prevent abuse, or resolve disputes;
  • marketing suppression information may be retained to ensure that an unsubscribed recipient is not added to marketing communications again.

When information is no longer required, Pritset deletes, anonymises, or otherwise removes it from active use, subject to applicable legal obligations.

7. Disclosure of information

Pritset does not sell personal data.

We may disclose personal data to the following categories of recipients.

7.1 Service providers

Pritset may use providers that support:

  • payment processing;
  • email hosting and delivery;
  • website analytics;
  • domain name services;
  • content delivery;
  • network security;
  • technical monitoring;
  • professional accounting or legal services.

These providers receive only the information reasonably necessary to provide their services.

7.2 Monobank

Transaction information may be exchanged with Monobank for payment initiation, confirmation, refunds, fraud prevention, and payment-related support.

Monobank independently processes payment-card and banking information under its own legal obligations and privacy terms.

7.3 Google Analytics

Website usage information may be disclosed to Google through Google Analytics as described in this Privacy Policy.

Customer Content submitted through the Pritset API is not intentionally disclosed to Google Analytics.

Pritset may disclose information where reasonably necessary to:

  • comply with applicable law;
  • respond to a legally binding request;
  • comply with a court order;
  • investigate fraud or security incidents;
  • protect Pritset’s rights or property;
  • protect customers or other individuals;
  • establish, exercise, or defend legal claims.

7.5 Business transfer

If Pritset or its relevant business assets are sold, reorganised, transferred, or merged, information may be disclosed to potential or actual purchasers and their advisers, subject to applicable law and appropriate confidentiality requirements.

7.6 At the customer’s direction

Pritset may disclose or transmit information where the customer configures the Services to do so, including through webhooks, downloads, or third-party integrations.

8. International processing

Pritset’s primary service infrastructure is located in Ukraine and is operated on infrastructure controlled by Pritset.

Some third-party service providers, including analytics and communications providers, may process information in other countries.

Where applicable law requires safeguards for an international transfer, Pritset will take reasonable steps to use an appropriate legal mechanism or contractual protection.

Customers requiring specific contractual international-transfer terms should contact [email protected] before submitting regulated personal data.

9. Security

Pritset uses reasonable technical and organisational measures intended to protect information against:

  • unauthorised access;
  • accidental loss;
  • unlawful disclosure;
  • destruction;
  • alteration;
  • misuse.

Security measures may include:

  • account authentication;
  • access controls;
  • encrypted network transmission;
  • API credentials;
  • service monitoring;
  • short-lived operational logs;
  • security updates;
  • incident-response procedures.

No online service or transmission method can be guaranteed to be completely secure.

Customers are responsible for:

  • securing their accounts and email addresses;
  • protecting passwords and API keys;
  • limiting access to authorised persons;
  • maintaining their own template copies;
  • securing webhook destinations;
  • promptly notifying Pritset of suspected unauthorised access.

Security concerns may be sent to [email protected].

10. Personal data incidents

If Pritset becomes aware of a personal data incident affecting information for which Pritset acts as controller, Pritset will investigate and provide legally required notifications.

Where Pritset processes Customer Content on behalf of a customer, Pritset will notify and assist the relevant customer as required by applicable law and any applicable Data Processing Agreement.

11. Privacy rights

Depending on applicable law, individuals may have the right to:

  • request information about the processing of their personal data;
  • access their personal data;
  • correct inaccurate or incomplete personal data;
  • request deletion of personal data;
  • request restriction of processing;
  • object to certain processing;
  • object to direct marketing;
  • receive eligible personal data in a portable format;
  • withdraw consent where processing is based on consent;
  • submit a complaint to a competent authority.

These rights may be subject to legal limitations and exceptions.

Requests can be submitted to:

[email protected]

Pritset may request information reasonably necessary to verify the requester’s identity and authority.

Privacy requests are generally processed without charge. Pritset may charge a reasonable administrative fee or refuse to act where a request is manifestly unfounded, excessive, or repetitive and applicable law permits it.

12. Requests involving Customer Content

When an individual’s data was submitted through Pritset by a customer, the individual should normally contact that customer.

Pritset may not know the identity or context of individuals whose information appears in templates, payloads, or generated documents.

Where reasonably possible, Pritset will assist the relevant customer with a legally valid request concerning Customer Content.

13. Account deletion

Customers cannot currently delete their accounts automatically through the dashboard.

An account deletion request can be submitted to:

[email protected]

When the request is verified and the account is disabled:

  • stored DOCX templates associated with the account are deleted;
  • API access may be revoked;
  • account access is disabled;
  • information that Pritset must retain for legal, accounting, fraud-prevention, or dispute-resolution purposes may continue to be retained.

14. Sensitive personal data

Customer Content may include sensitive or special categories of personal data selected by the customer.

Pritset does not intentionally inspect, classify, or use Customer Content for purposes unrelated to providing the Services.

Customers submitting sensitive personal data are responsible for:

  • determining that the processing is lawful;
  • obtaining required permissions or consent;
  • providing required notices;
  • applying appropriate security safeguards;
  • complying with sector-specific laws;
  • determining whether Pritset is appropriate for the intended processing.

The fact that API payloads and generated results are not persistently stored does not remove the customer’s legal responsibilities concerning their processing.

Customers should contact Pritset before using the Services for information subject to specialised regulatory, contractual, or security requirements.

15. Children

Pritset is intended for businesses, organisations, developers, and adult professional users. It is not directed to children.

A person must be at least 18 years old, or the applicable legal age of majority, to independently create a Pritset account.

Customers that submit children’s personal data through the Services are responsible for ensuring that the processing is lawful and appropriately protected.

16. Automated processing

Pritset automatically performs operations such as document generation, format conversion, usage calculation, and webhook delivery.

Pritset does not use account information to make solely automated decisions that produce legal or similarly significant effects for individuals.

Customers are responsible for any decisions they make using documents generated through Pritset.

The Services may contain links to or interact with independent third-party services.

Pritset is not responsible for the privacy or security practices of third parties selected or accessed by customers. Customers should review the privacy and security terms of connected services and webhook destinations.

18. Changes to this Privacy Policy

Pritset may update this Privacy Policy to reflect changes to:

  • the Services;
  • data-processing practices;
  • service providers;
  • legal requirements;
  • security or operational procedures.

The revised policy will be published with an updated effective date.

Where a change materially affects customer rights or the processing of personal data, Pritset may provide additional notice through email, the Pritset website, or the customer account.

19. Complaints

Individuals may contact Pritset first regarding a privacy concern:

[email protected]

Individuals may also have the right to complain to an appropriate data-protection authority.

In Ukraine, complaints concerning personal data protection may be submitted to the Ukrainian Parliament Commissioner for Human Rights where applicable.

20. Contact

Data controller

Individual Entrepreneur Yurii Viktorovych Molchanov
Фізична особа-підприємець Молчанов Юрій Вікторович
Operating the Pritset service
Ukraine

Email: [email protected]