Limited liability company STORIFY (hereinafter referred to as Data Controller) takes all necessary measures for the protection of personal data in accordance with the international standards and legislation of the Russian Federation and, where applicable, the General Data Protection Regulations of the European Union (hereinafter referred to as the GPDR).
1.1. In the context of this Policy, the User's personal data includes:
1.1.1. Any personal information provided by the User during Registration (creation of identifiers) or use of the Services including the User's personal data. The information required for the provision of the services is specifically indicated. Any other information is provided by the User at its discretion.
In general, all data relates to identified or identifiable natural persons directly or indirectly.
1.1.2. Data automatically communicated to the Services of the Website and the Platform during the process of their use using the software installed on the User's device including the IP address, cookies, any information from the User's browser (or any other program with which access to the Services and exercised), the technical characteristics of the device and software used by the User, the date and time of access to the services, the addresses of the pages requested and other similar information.
1.2. Personal data is provided by Users of the Website and the Platform voluntarily and may be modified (amended, supplemented, deleted) if they so wish.
1.3. Depending on the place of residence of each User, the applicable legislation may differ.
Thus, within the framework of this Policy, only Users whose location is in the European Union will be subject to the GPDR.
1.4. The User's Registration on the Website or the Platform implies his absolute agreement with this Policy as well as the conditions for the processing of personal data provided for in this Policy. In case of disagreement with these conditions, the User must refrain from registering on the Website and/or the Platform. 2. DATA COLLECTION
2.1. The Data Controller collects information directly provided by Users, including information on accounts or profiles.
2.2 In addition to the information provided by Users, the Data Controller may collect information on the use of the Services by means of software on a User's device and other means.
2.3. The Data Controller may receive information on Users from public or private sources in accordance with the law.
2.4. The Data Controller may receive limited information about Users from third party partners, including:
• financial service providers and fraud protection services that process procurement transactions, including fraud risk assessment;
• other online service providers;
• security service providers;
• Government and national security agencies, including IP address and information on suspected illegal or fraudulent activities and security risk assessment;
• other third parties authorized by notifications or options provided to Users.
2.5. The personal data collected are the following:
• when creating the User's account, first and last name, e-mail address;
• when the User connects to the Website and/or the Platform, they record, in particular, surname, first name, connection data, usage data, location data;
• in the context of payment for the Services, financial data relating to the User's bank account or credit card;
• cookies are used in connection with the use of the Website. 3. PURPOSES OF PROCESSING USERS' PERSONAL DATA
3.1. The Website and the Platform collect and store personal information exclusively necessary for access to its Services or for the execution of agreements concluded with the User (including Terms and Conditions) except in cases where the legislation provides for an obligation to retain personal data for a period specified by law.
In addition, the use of personal data is also used to:
• improve the use of the Website and the Platform;
• prevent and detect fraud, malware (malicious software) and manage security incidents.
3.2. The User's personal data are processed in the following cases:
3.2.1. Identification of the User within the framework of Terms and Conditions and service agreement.
3.2.2. User's access to Website resources.
3.2.3. Any interaction with the User including the sending of notices, requests related to the use of the Website, the execution of services, the processing of requests and complaints from the User.
3.2.4. The location of the User for security reasons and the prevention of fraud.
3.2.5. Verification of the authenticity and integrity of the personal data provided by the User.
3.2.6. The creation of the User's identifiers if he has given his consent.
3.2.7. The sending of service messages to the User (for example, in case of password regeneration or access to the User ID).
3.2.8. Providing effective customer and technical support in solving problems related to the use of the Website or the Platform.
3.2.9. Advertising activities approved by the User.
3.2.10. Statistical research based on anonymized data. 4. CONDITIONS FOR THE PROCESSING OF USERS' PERSONAL DATA AND TRANSMISSION TO THIRD PARTIES
4.1. Users' personal data are confidential. They are not accessible to other Users.
4.2.1. Transfer under the law of the Russian Federation or any other law applicable in legal proceedings.
4.2.2. In case of sale of the Website and/or the Platform, all obligations arising from the present Policy with regard to the personal data will apply to the purchaser. More generally, if the Website and/or Platform are involved in a merger, acquisition, asset transfer or bankruptcy proceeding, it may be required to assign or share all or part of their assets, including personal data. In this case, the Users would be informed before the personal data are transferred to a third party.
4.3. The processing of the User's personal data is carried out without time limit in compliance with the law, including processing carried out with or without automated means. The processing of personal data of Users of Russian nationality is carried out in accordance with the Federal Law of 27.07.2006 N 152-FZ "On Personal Data".
With regard to Users whose place of location is within a Member State of the European Union, the processing of personal data will be subject to the regulations then applicable, in particular the GPDR.
4.4 In case of loss or disclosure of personal data, the Data Controller informs the User about the loss or disclosure of personal data.
4.5. The Data Controller and the User shall take all necessary measures to prevent any loss or damage related to the disclosure of personal data by the User. 5. ALTERATION OR DELETION OF INFORMATION BY USERS
5.1. The User may at any time modify (update, supplement) his data or part of his data by using the Service's information modification function in the User's personal account.
5.2. The User may also delete the information provided during registration by sending a request for deletion to the Controller via email by sending a message to firstname.lastname@example.org.
The removal of identifiers makes any use of the Service impossible.
5.3. The User may exercise his right of access, to know the personal data concerning him, by writing to the following e-mail address: email@example.com. In this case, before implementing this right, the Website and/or the Platform may request proof of the User's identity in order to verify its accuracy.
5.4. The Data Controller reserves the right to make any modification to this article relating to the protection of personal data at any time. If a modification is made to this article, the Controller undertakes to publish the new version of the Policy on his Website and on the Platform. The Data Controller will also inform the Users of the modification by electronic message, at least fifteen (15) days before the effective date. If the User does not agree with the terms of the new wording of this article of protection of personal data, he has the option of deleting his account. 6. OBLIGATIONS OF THE PARTIES
6.1. The User undertakes to:
6.1.1. Provide information about personal data necessary to use the Website and the Platform.
6.1.2. Update and complete information on personal data in case of changes.
6.2. The Controller undertakes to:
6.2.3. Take precautionary measures to guarantee the confidentiality of the User's personal data in accordance with the customs used for the protection of such information.
6.2.4. Ensure the blocking of personal data related to a specific User when the latter or his legal representative so requests or in case of inspection by the service responsible for the protection of rights related to personal data in case of detection of false personal data or illegal activities.
6.2.5. Take all organizational, technical, software and physical measures necessary and sufficient to protect the User's personal data against any illegal or accidental access, deletion, alteration, blocking, copying, distribution and any illegal action by third parties. It should be noted that the Internet is not a completely secure environment and the Data Controller cannot guarantee the security of the transmission or storage of information on the Internet. 7. LIABILITY
7.1. In case of non-compliance with its obligations, the Data Controller shall be liable for the damage suffered by the User as a result of the illegal use of his personal data in accordance with the legislation of the Russian Federation.
7.2. In the event of loss or disclosure of confidential information, the Controller shall not be considered liable if such confidential information:
7.2.1. Became public before the loss or disclosure of that information.
7.2.2. Has been provided to third parties prior to its receipt by the Controller.
7.2.3. Was disclosed with the User's consent. 8. COOKIES, WEB BEACONS AND SIMILAR TECHNOLOGIES
8.1. No information collected by the controller through cookies can be used to identify users.
8.2. Cookies may only be used by the Data Controller to monitor use of the Service, to collect non-personal information about Users, to record your preferences and other information on the user's computer for the convenience of members, and to display content on subsequent visits to service Users.
8.3. The information received by the Data Controller through cookies may also be used for statistical research to change the Website according to Users' preferences.
8.4. The user can change the settings for receiving cookies in his browser settings or disable them completely, however, in this case, some functions of the service may not function properly.
8.5. The Data Controller and certain third-party developers may use technologies called Web beacons that transmit information from the user's device to the server. Web beacons can be embedded in interactive content, video and email messages, and can allow the server to read information of a certain type with a user of a device to know when he has viewed a certain content or a particular email message, determine the date and time a web beacon is displayed and also the IP address of the device. The Data Controller and certain third-party developers use web beacons to analyze the use of the service and (in conjunction with cookies) to provide content and advertising that is most relevant to the User.
9.1. The Data Controller shall pay the utmost attention to the protection of information (personal data) of minors as well as to the protection of children's rights and shall do everything possible to ensure the confidentiality of such information.
9.2. Children under the age of 18 should not register on the Website or the Platform and use it without permission and/or participation of their parents or guardians. They should not provide information about themselves. 10. DISPUTE RESOLUTION
10.1. In the event of a dispute between the User of the Website and the Data Controller, each party must attempt to settle the dispute amicably (written proposal on dispute resolution) before any legal action.
10.2. The claim recipient has 30 (thirty) calendar days from receipt of this claim to inform the author in writing of the results of the investigation of his claim.
10.3 If the dispute cannot be settled amicably, the dispute shall be settled before the competent court in accordance with the law of the Russian Federation.
11.3.1. by sending a written request to the address of the Data Controller: 127083, 20 b. 1 V. Maslovka Ul., premises I, office 4, Moscow;
11.3.2. by sending an electronic message to the e-mail address of the Controller: firstname.lastname@example.org