Privacy Policy

This Privacy Policy (hereinafter - the "Policy") explains how DitWork, as the operator and administrator of the website https://ditwork.com and its related pages, interfaces, user accounts, communication tools, profile features, technical systems, registration and activation mechanisms, analytics tools, newsletter functions, and associated digital services (collectively, the "Platform", the "Site", or the "Service"), collects, records, stores, structures, uses, discloses, transfers, protects, and otherwise processes personal data and related technical information concerning visitors, registered users, clients, freelancers, contractors, subscribers, and other persons interacting with the Platform (collectively, the "User", "you", or "your").

By visiting, browsing, registering on, logging into, activating, publishing on, communicating through, subscribing through, or otherwise using the Platform, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, you should discontinue use of the Platform. Where applicable law requires consent for particular processing activities, cookies, analytics tools, newsletter subscriptions, or advertising-related uses, such activities will be based on consent only to the extent required by applicable law.

This Policy is intended to provide transparent information about the categories of information we collect, the purposes for which we use such information, the grounds on which such use may be based, the periods for which information may be retained, the circumstances in which information may be disclosed, the technical and organizational measures we may use to protect information, and the rights and choices that may be available to you under applicable law.

1. General provisions

1.1. This Policy applies to personal data and related technical information collected through the Platform, including during registration, sign-in, account activation, profile editing, support interactions, publication of content, internal communication, newsletter subscription, analytics processing, and the use of cookies, local storage, session storage, and similar technologies.
1.2. This Policy should be read together with the Platform's Public Offer / Terms of Service and any additional notices, banners, settings, or rules published on the Platform.
1.3. If a provision of this Policy conflicts with mandatory applicable law, such mandatory law shall prevail only to the minimum extent required, and the remaining provisions of this Policy shall remain in effect.
1.4. This Policy does not automatically apply to third-party websites, external payment pages, social networks, third-party analytics dashboards, external messaging services, Google services, Telegram services, or other third-party resources that may have their own privacy documents.

2. Who we are and how to contact us

2.1. DitWork operates an online technology platform intended to enable account registration, authentication, activation, profile management, user interaction, content publication, internal communication, support processes, newsletters, analytics, and related digital functionality.
2.2. For the purposes of this Policy, "we", "us", and "our" refer to DitWork, the persons authorized to administer and support the Platform, and, where applicable, service providers acting strictly on our instructions and only to the extent reasonably necessary to support the hosting, delivery, functionality, security, maintenance, communications, analytics, authentication, or improvement of the Platform.
2.3. If you have questions regarding this Policy or the way information is processed, you may contact us through the support page available at: https://ditwork.com/en/support

3. Categories of information we collect

3.1. We may collect information directly from you when you register, log in, activate your account, edit your profile, contact support, communicate through the Platform, subscribe to emails, publish content, or otherwise use the Service.
3.2. The categories of information we may collect include, without limitation:
3.2.1. mandatory account registration data, such as your login or username, password, and email address. Login/username, password, and email address are mandatory for the creation and use of a registered account;
3.2.2. profile and account data, such as your name, display name, location, contact details, telephone number, date of birth, profile photo, time zone, account preferences, and similar profile elements if you provide or activate them;
3.2.3. security-related and activation-related data, such as two-factor authentication settings, activation status, confirmation state, account protection settings, account status, and technical authentication records;
3.2.4. information relating to Telegram-based account activation, including the fact of Telegram-based activation, the Telegram-linked confirmation event, and the phone number made available through the activation flow where such number is requested and provided for account activation or enhanced account functionality;
3.2.5. information received from third-party authentication providers when you choose to use such functionality, including Google and Telegram authentication-related data, identifiers, email address, display name, confirmation status, and basic profile or account linkage information made available to us through such providers according to their technical and permission model;
3.2.6. communications and support materials, such as messages, notices, complaints, reports, requests, user-to-user messages sent through the Platform's internal communication tools, related attachments, moderation materials, information relating to complaints and reviews, and any files or information voluntarily submitted to us through support or platform communication channels, including records generated when such communications are reviewed in connection with suspicious activity, complaints, security matters, enforcement of Platform rules, or dispute handling;
3.2.7. technical access data and usage-related metadata, such as IP address, approximate location or country inferred from technical data, timestamps, request metadata, browser type, browser version, operating system, device-related technical characteristics, language settings, referrer data, and similar diagnostic or access-related information;
3.2.8. information stored or accessed through cookies, local storage, session storage, cache mechanisms, security tokens, authentication state, interface settings, language preferences, technical preferences, and similar technologies used for security, continuity, functionality, analytics, performance, and service improvement;
3.2.9. information relating to newsletters and email communications, such as subscription status, email delivery status, opening indicators where implemented, click indicators where implemented, unsubscribe events, bounce status, suppression status, and similar mailing-related technical metadata, as well as limited information relating to requests, statuses, and payment metadata for optional paid Platform features, including, where implemented, the paid early lifting of an account restriction;
3.2.10. analytics-related information concerning interaction with the Platform, such as page views, session continuity, general user flow, feature interaction, performance events, interface interactions, aggregate navigation patterns, and similar metrics, subject to the technical implementation used and applicable law.
3.3. We do not intentionally request more data than is reasonably necessary for the operation, security, support, activation, maintenance, analytics, communication, and improvement of the Platform.

4. Mandatory and optional information

4.1. Certain information is mandatory in order to create and maintain a registered account and provide essential Platform functionality. At the time of writing, mandatory registration information includes login/username, password, and email address.
4.2. Certain additional steps may be required in order to unlock all Platform functionality, including activation of the account through Telegram-based confirmation or another activation flow implemented by the Platform from time to time.
4.3. If a full-feature account requires Telegram-based activation, and such activation flow requires submission or confirmation of a phone number through Telegram, you acknowledge that such number and the related activation event may be processed for security, verification, anti-abuse, account integrity, and access-control purposes.
4.4. If you do not provide mandatory information or do not complete required activation or security steps, we may be unable to register your account, authenticate you, protect your account, communicate with you regarding account matters, or provide requested Platform functionality.
4.5. Other profile and account information may be optional, conditionally optional, or required only for specific features, verification processes, support handling, profile completeness, or account categories.

5. Google and Telegram authentication / account linking

5.1. The Platform may allow you to register, sign in, activate, or link your account using third-party authentication providers, including Google and Telegram.
5.2. If you choose to use such authentication features, we may receive certain account-related data from the relevant provider, such as identifiers, email address, display name, confirmation status, and other basic profile or linkage information made available under that provider's technical permissions and your choices.
5.3. Use of third-party authentication is voluntary unless the Platform explicitly requires a particular activation mechanism for access to certain features.
5.4. We do not control the privacy practices of Google, Telegram, or other third-party authentication providers. Your use of such services is also subject to their own privacy documents, technical policies, and account settings.
5.5. Where Telegram-based activation is required to unlock all Platform functionality, we may use information received through the activation flow, including the linked account status and phone number where applicable, solely for activation, verification, anti-abuse, security, access-control, and related operational purposes.

6. Cookies, local storage, session storage, and analytics

6.1. We use cookies, local storage, session storage, and similar technologies to support the operation of the Platform, including user authentication, session continuity, security, account state preservation, user interface preferences, technical diagnostics, performance improvement, analytics, and protection against abuse or unauthorized access.
6.2. Some of these technologies may be strictly necessary for the Platform to function properly or for requested services to be provided. Other technologies may be used for convenience, analytics, preference storage, performance monitoring, fraud prevention, user flow analysis, service optimization, or future advertising-related or segmentation-related purposes, subject to applicable law and operational implementation.
6.3. Local storage or similar client-side storage technologies may be used to preserve authentication-related state, form state, interface settings, language preferences, technical preferences, performance-related values, continuity data, and other information that improves responsiveness, continuity, and usability of the Platform.
6.4. We may use analytics tools to understand aggregate or pseudonymous usage patterns, monitor the performance of the Platform, improve user experience, troubleshoot issues, assess interface behavior, optimize load and speed, and generally improve the operation of the Service.
6.5. Depending on the applicable law and the user's jurisdiction, certain analytics tools, non-essential cookies, or similar storage/access technologies may require prior consent before being used.
6.6. You may be able to control certain cookies or storage technologies through your browser settings, device settings, or consent tools that we may provide. However, disabling some technologies may impair the functionality, speed, security, continuity, availability, or convenience of parts of the Platform.

7. Purposes for which we use information

7.1. We may process information for one or more of the following purposes:
7.1.1. to create, maintain, secure, and administer user accounts;
7.1.2. to authenticate users and manage sign-in, sign-out, password, activation, and account protection functions;
7.1.3. to verify activation steps, including Telegram-based activation where used by the Platform;
7.1.4. to provide and operate requested Platform functionality;
7.1.5. to display and manage profile information, settings, and related account features;
7.1.6. to communicate with users regarding account activity, service operation, support matters, moderation matters, security notices, newsletters, updates, and operational information;
7.1.7. to detect, investigate, prevent, mitigate, or respond to fraud, abuse, unauthorized access, suspicious behavior, spam, technical misuse, or violations of Platform rules, including by analyzing complaints, moderation materials, user-to-user messages, and related attachments where we have reason to believe such review is reasonably necessary for security, anti-abuse, dispute handling, user protection, enforcement of Platform rules, or protection of our legal position;
7.1.8. to monitor, maintain, optimize, troubleshoot, improve, and develop the Platform, its performance, reliability, interface, speed, usability, and technical architecture;
7.1.9. to carry out analytics, performance monitoring, aggregate usage analysis, general audience understanding, and service optimization, subject to applicable law;
7.1.10. to manage newsletters, email distributions, announcements, account-related notices, related communication preferences, and the handling of requests and payment statuses for optional paid Platform features where such features are offered to the user;
7.1.11. to comply with legal obligations, preserve records, respond to lawful requests, enforce Platform rules, protect legitimate interests, or defend rights;
7.1.12. where implemented in the future, to carry out broad advertising-related segmentation, ad relevance optimization, audience categorization, or communication optimization using technical indicators such as browser type or approximate country, provided that any such processing is conducted in accordance with applicable law and any required notices or consents are obtained where necessary.
7.2. We do not use personal data for purposes materially incompatible with the purposes described in this Policy unless we are legally permitted to do so and, where required, we provide additional notice or obtain consent.

8. Legal grounds for processing

8.1. Depending on the circumstances, our processing may be based on one or more of the following grounds: performance of a contract or steps requested prior to entering into a contractual relationship; compliance with legal obligations; our legitimate interests in operating, securing, improving, and administering the Platform; and, where required by applicable law, your consent.
8.2. We may rely on legitimate interests for security, anti-abuse measures, technical continuity, account protection, internal administration, analytics, service optimization, enforcement of Platform rules, and protection of our legal position, except where such interests are overridden by rights or interests protected by applicable law.
8.3. Where consent is required for a specific activity, you may withdraw that consent for future processing at any time, subject to legal and technical limitations. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
8.4. Where processing is necessary for security, fraud prevention, account integrity, abuse mitigation, legal compliance, or core Platform operation, such processing may continue to the extent permitted by applicable law even if you reject optional cookies or withdraw consent for unrelated processing activities.

9. Email newsletters and service communications

9.1. We may send transactional emails, security emails, activation emails, service notifications, support replies, account-related communications, policy updates, newsletters, and informational mailings.
9.2. Some communications are strictly necessary for the operation, security, or administration of your account and may be sent regardless of marketing preferences where permitted by applicable law.
9.3. Other communications, including newsletters or promotional informational mailings, may be sent on the basis of consent, subscription, prior relationship, soft opt-in, or another lawful basis recognized by applicable law, depending on your jurisdiction and the nature of the message.
9.4. Where required, you will be able to unsubscribe from non-essential marketing or newsletter communications, subject to technical and legal limitations.
9.5. We may process information relating to newsletter subscription status, delivery status, unsubscribe status, bounce handling, suppression lists, and related communication metrics as reasonably necessary to manage lawful email communications.

10. Browser data, country data, and future advertising-related segmentation

10.1. We may use technical data such as browser type, browser version, device-related metadata, and approximate country or region inferred from technical signals for performance optimization, compatibility support, localization, analytics, abuse mitigation, security analysis, and service administration.
10.2. If in the future we implement advertising-related or audience-segmentation functionality using browser type, approximate country, broad technical profile, or similar non-direct identifiers, such information may be used to improve relevance, measure broad campaign categories, optimize service communication, detect fraud, or manage advertising-related segmentation, subject to this Policy, any supplementary notices we publish, and all applicable legal requirements, including consent where necessary.
10.3. We do not state in this Policy that we sell personal data to unrelated third parties for independent advertising brokerage or unrelated third-party marketing purposes.

11. Disclosure of information and service providers

11.1. We do not sell, rent, trade, or voluntarily disclose your personal data to unrelated third parties for their own independent marketing purposes.
11.2. However, limited processing or disclosure may be reasonably necessary for the technical operation, delivery, security, analytics, email communication, authentication, hosting, support, or lawful protection of the Platform.
11.3. Accordingly, information may be processed by or disclosed to limited categories of service providers acting on our behalf, such as hosting providers, infrastructure providers, security providers, analytics providers, email delivery providers, anti-abuse providers, authentication providers, or similar technical providers, strictly to the extent reasonably necessary for the operation, maintenance, security, analytics, communications, or improvement of the Platform.
11.4. We may also disclose information where reasonably necessary to investigate fraud, abuse, account compromise, unauthorized access, security incidents, violations of our Terms, or other harmful or unlawful activity.
11.5. We may disclose information where such disclosure is required by applicable law, court order, lawful request of a competent authority, or where reasonably necessary to protect our rights, users, systems, legitimate interests, or legal position.
11.6. If the ownership, control, or structure of the Platform changes as part of a merger, acquisition, restructuring, financing, sale of assets, or similar transaction, relevant information may be disclosed to the extent reasonably necessary for evaluation or completion of such transaction, subject to appropriate confidentiality and legal safeguards where applicable.

12. Hosting and international data processing

12.1. At the time of writing, the Platform's main database or core hosting infrastructure is hosted in Germany.
12.2. Technical data, backups, logs, infrastructure records, or service-provider processing may nevertheless involve systems, networks, or subprocessors located in other jurisdictions depending on the technical architecture and third-party providers used.
12.3. By using the Platform, you understand that information may be processed in more than one jurisdiction, subject to applicable law and the technical or operational structure of the Service.
12.4. Where applicable law requires additional safeguards for cross-border transfers of personal data, we will rely on such safeguards to the extent required and reasonably applicable to the relevant processing operations.

13. Data retention

13.1. We retain personal data and related information only for as long as reasonably necessary for the purposes described in this Policy, including account administration, activation, service continuity, support, analytics, fraud prevention, dispute handling, moderation, review of suspicious communications, handling of requests for optional paid Platform features, legal compliance, security analysis, record preservation, and enforcement of our Terms.
13.2. Different categories of information may be retained for different periods depending on their nature, the purpose of processing, technical necessity, security risk, applicable law, the existence of a dispute, the existence of an investigation, or backup requirements.
13.3. Even after account deletion, some information may be retained for a reasonable period where necessary for backup systems, legal compliance, fraud prevention, abuse detection, security review, evidence preservation, support records, moderation materials, results of suspicious communication reviews, records relating to account restrictions and requests to review or lift them early, suppression lists, unsubscribe compliance, enforcement of rights, or resolution of disputes.
13.4. Where information is no longer reasonably needed, we may delete, anonymize, aggregate, or otherwise de-identify it, subject to technical feasibility, legal obligations, and legitimate preservation needs.

14. Security of information

14.1. We may use reasonable technical, administrative, and organizational measures intended to protect personal data and related information against unauthorized access, unlawful or accidental destruction, loss, alteration, disclosure, misuse, or other unauthorized processing.
14.2. Such measures may include access controls, authentication mechanisms, internal permission limitations, technical monitoring, abuse detection, session protection, logging, verification procedures, review processes, and other security practices that we consider appropriate in light of the nature of the Platform and the information processed.
14.3. However, no website, platform, database, hosting environment, communication channel, storage system, analytics system, email system, authentication integration, or method of transmission over the internet can be guaranteed to be absolutely secure, invulnerable, uninterrupted, or immune from unauthorized access, cyberattacks, malware, abuse, human error, infrastructure failure, external compromise, or other security incidents.
14.4. Accordingly, to the maximum extent permitted by applicable law, we do not provide any warranty or guarantee of absolute security, absolute integrity, absolute confidentiality, absolute availability, or absolute invulnerability of any information, system, transmission, database, or storage environment associated with the Platform.
14.5. You acknowledge and agree that you provide information and use the Platform at your own risk, and that, while we may apply reasonable measures designed to protect information, we shall not be liable for indirect, incidental, consequential, exemplary, punitive, or similar damages arising from unauthorized access, disclosure, loss, corruption, exfiltration, interception, breach, cyberattack, hosting incident, third-party provider compromise, or other security incident, except to the extent that such limitation is prohibited by mandatory applicable law.
14.6. Nothing in this Policy shall be interpreted as an admission that any particular security measure is infallible, adequate in all circumstances, or legally sufficient in every jurisdiction or factual scenario.
14.7. You are also responsible for protecting your credentials, using secure devices and networks, maintaining the confidentiality of your password and authentication means, and promptly informing us of any suspected compromise or unauthorized activity.

15. User responsibilities and accuracy of information

15.1. You are responsible for providing accurate, current, lawful, and complete information where such information is required for your use of the Platform.
15.2. You must not provide information that is false, misleading, unlawfully obtained, or infringing on the rights of another person.
15.3. You are responsible for maintaining the confidentiality of your password, login credentials, connected third-party authentication tools, Telegram activation access, email access, and other account-protection mechanisms.
15.4. If you believe that your account, credentials, device, mailbox, Telegram activation path, or other related information has been compromised, you must notify us as soon as reasonably possible through the support channel.
15.5. We may use information relating to account activity, technical access patterns, login attempts, activation attempts, and other security signals to investigate suspected abuse, compromise, or violations of Platform rules.

16. Your rights

16.1. Depending on your jurisdiction and the applicable law, you may have the right to request access to personal data concerning you, request correction of inaccurate data, request deletion of certain data, request restriction of certain processing, object to certain processing, request portability of data, withdraw consent where consent is the legal basis, unsubscribe from non-essential marketing communications, or lodge a complaint with a competent supervisory authority.
16.2. These rights are not absolute and may be subject to conditions, limitations, exceptions, identity verification requirements, technical feasibility, legal obligations, legitimate interests, record-preservation duties, security needs, fraud-prevention needs, or dispute-related requirements.
16.3. To exercise a request relating to your data, you may contact us through the support page. We may request information reasonably necessary to verify your identity and the scope of your request before taking action.
16.4. We will review requests in accordance with applicable law, operational feasibility, security requirements, and our legitimate need to preserve certain information for compliance, fraud prevention, security, suppression lists, email unsubscribe handling, evidence, or enforcement.

17. Minors and age restrictions

17.1. The Platform is not intended for minors and is not designed to be used by persons who are below the age legally required to create an account, use the Service, or enter into the type of arrangements made available through the Platform.
17.2. We do not knowingly provide the Platform to minors and do not knowingly seek to collect personal data from minors where such collection would be unlawful or would require parental or guardian authorization that has not been obtained.
17.3. If we become aware that an account has been created or used contrary to this age restriction, we may suspend, restrict, review, or delete the relevant account and associated data, subject to applicable law and legitimate record-preservation needs.
17.4. If you believe that information has been submitted to us in violation of this section, you may contact us so that we can review the matter.

18. Automated tools, profiling, and broad segmentation

18.1. The Platform may use automated tools or rule-based systems for account security, anti-abuse screening, spam filtering, suspicious activity detection, session protection, interface adaptation, analytics, service optimization, and similar operational purposes. In appropriate cases, such tools, as well as authorized representatives of the Administration, may also be used to identify and review suspicious internal communications, related attachments, complaints, signs of fraud, spam, evasion of restrictions, or other violations of Platform rules to the extent reasonably necessary for those purposes.
18.2. At the time of this Policy, any future use of browser type, approximate country, or similar technical indicators for advertising-related segmentation, relevance optimization, or broad categorization would be limited to the extent described in this Policy and implemented in accordance with applicable law, including additional notice or consent where required.
18.3. We do not represent in this Policy that we engage in the sale of behavioral profiles or the unrestricted monetization of personal data through unrelated third-party data brokerage.

19. Changes to this Policy

19.1. We may amend, supplement, restate, or replace this Policy at any time to reflect legal, operational, technical, analytics-related, security-related, authentication-related, newsletter-related, or business changes, changes in the Platform's functionality, or changes in applicable law.
19.2. The updated version of this Policy becomes effective from the time it is published on the Platform unless a different effective date is expressly stated.
19.3. Where required by applicable law, we may provide additional notice, request renewed consent, or implement updated user controls before certain changes take effect.
19.4. We encourage you to review this Policy periodically.

20. Contact information

20.1. If you have questions, comments, or requests regarding this Privacy Policy or the processing of information on the Platform, please contact us through the support page available at: https://ditwork.com/en/support
20.2. The current version of this Privacy Policy is published at: https://ditwork.com/en/pp