Privacy Policy
Last updated: 19 January, 2026
LLC “Ramose” (ERDPOU 41425207), a company registered in Ukraine, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose and protect your information when you use eRisk-Control (the “Service”) — a web application that provides AI-assisted risk assessments for workplaces, types of work and occupations.
By using the Service, you agree to the practices described in this Policy. If you are a resident of the EU, this Policy is intended to ensure compliance with the General Data Protection Regulation (GDPR).
LLC “Ramose” acts as the data controller in relation to the processing of personal data under this Privacy Policy.
1. Information We Collect
We collect the following information:
Personal Information
When you create an account (via email or Google OAuth), we collect:
- full name
- email address
- profile photo
- optionally, phone number
User Content
Text information you provide about:
- occupations
- types of work
- workplaces (e.g., titles and descriptions)
as well as messages sent through the AI chat feature to generate risk assessments.
Technical Data
We may collect technical information necessary for the operation and security of the Service, including:
- IP address
- browser/device type
- login date and time
- security and error logs (log data)
We do not use cookies or similar tracking technologies for marketing or advertising purposes. However, if you log in using Google OAuth, Google may use cookies or other tracking mechanisms governed by Google’s Privacy Policy. Google may process data as an independent controller in accordance with its own Privacy Policy.
2. How We Use Your Information
We use your information for the following purposes, with the legal bases required under the GDPR:
- to provide and operate the Service, including generating and delivering AI-assisted risk assessments
- to authenticate your account and manage your profile
- to respond to your requests and provide customer support
- to comply with legal obligations, including Ukrainian and European data protection laws
We do not use your information for marketing or analytics purposes.
The Service does not perform automated decision-making that produces legal effects or similarly significantly affects the user within the meaning of Article 22 GDPR. AI is used solely to generate informational materials and recommendations.
3. Sharing of Your Information
We may share your information with:
Third-party AI service provider
We share your User Content with a third-party AI service provider to generate risk assessments. This provider is located outside the EU and uses Standard Contractual Clauses (SCCs) to ensure GDPR compliance.
The list of such providers may change. Up-to-date information may be provided upon request.
Legal authorities
Where required by law or necessary to protect our rights, safety or property.
Business transfers
In connection with a merger, acquisition or sale of assets.
4. Data Retention
We retain your information for as long as your account remains active or as long as necessary to provide the Service. After account deletion, we may retain certain information for legal purposes (e.g., to comply with Ukrainian or EU legal requirements), but only for the minimum period necessary.
Security and event logs may be retained for a limited period necessary to:
- prevent fraud
- ensure stable operation of the Service
- investigate incidents
5. Your GDPR Rights
If you are a resident of the EU, you have the following rights under the GDPR:
- Access — request a copy of your personal data
- Rectification — correct inaccurate or incomplete data
- Erasure — request deletion of your data, subject to legal retention obligations
- Restriction — request restriction of processing in certain cases
- Data portability — receive your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
- Withdrawal of consent — withdraw consent at any time, without affecting prior processing
To exercise these rights, contact us at esosh.info@gmail.com.
We will respond within one month, with the possibility to extend up to three months for complex requests.
You may also lodge a complaint with:
- the competent data protection authority in your EU country of residence; or
- the Ukrainian Parliament Commissioner for Human Rights (for Ukraine).
6. Data Security
We implement reasonable security measures in accordance with GDPR standards, including:
- access restrictions
- role-based access control
- encryption in transit (TLS)
- regular updates
However, no method of transmission over the Internet is completely secure, and we cannot guarantee absolute security.
7. International Data Transfers
Your information is primarily processed in Ukraine. If it is transferred to our third-party AI service provider, it will be transferred outside the EU.
We ensure GDPR compliance through Standard Contractual Clauses, which provide appropriate safeguards for your data.
8. Children’s Privacy
The Service is intended for users aged 18 and older and is not directed to children. We do not knowingly collect personal information from individuals under 18.
If you believe we have collected such information, please contact us at esosh.info@gmail.com.
9. Data Protection Officer
As our data processing is not large-scale, we are not required to appoint a Data Protection Officer (DPO) under the GDPR.
You may contact our privacy team at esosh.info@gmail.com with any questions regarding data protection.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email to the address associated with your account at least 30 days before the changes take effect, as required by the GDPR.
Your continued use of the Service after such changes constitutes your acceptance of the updated Policy.
11. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your GDPR rights, please contact us at:
LLC “Ramose”
Kyiv, 02081, P.O. Box 23
Email: esosh.info@gmail.com