revision of 01.03.2020
Website is owned and maintained by Administrator. In the case of using the site about the user will be collected, processed and stored personal information, in the amount, order and conditions established by this policy.
If you have accessed this site through a third party site, that third party may also collect the user's personal information independently and separately and is not subject to the terms of this policy. In that case, the user should review the terms of use and privacy policies of the third party software and site to learn how the collected data will be used.
Definition of terms:
Personal information - any information concerning an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by identifiers such as name, identification number, location data, online identifier or by one or more factors that are determinative of the physical, physiological, genetic, mental, economic, cultural or social nature of such natural person.
Special category of personal data - race, political, religious, philosophical beliefs, genetic data, union membership, biometric data to identify a specific person, health data, sexual orientation, criminal records.
Online Identities - personal information by which users of devices, applications, tools or protocols can be identified, including IP addresses, cookie identifiers or other identifiers such as radio frequency identification tags.
Processing - means any operation or series of operations on personal data or sets of personal data, with or without the use of automated means, such as collection, registration, organization, structuring, storage, adaptation or modification, retrieval, inspection, use, disclosure through transmission, distribution or otherwise, arrangement or combination, restriction, erasure or destruction.
Profiling - means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to an individual, in particular to analyze or predict aspects relating to the data subject's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movement.
Scorecard - any structured set of personal data that is accessed according to specific criteria is centralized, decentralized or dispersed on a functional or geographic basis.
Use of pseudonyms - processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and subject to the use of technical and organizational tools to ensure that the personal data is not attributed to an identified or identifiable natural person.
Data subject - an individual who can be identified directly or indirectly, including using an identifier, such as a name, an identification number, location data, an online identifier; or using parameters that characterize a given individual from a physiological, genetic, psychological, economic, cultural or social point of view.
Controller - means a natural or legal person, public authority, agency or other body which, alone or in association with others, determines the purposes and means of personal data processing; if the purposes and means of such processing are determined by Union or Member State law, the controller or the special criteria for its designation may be provided for by Union or Member State law.
Operator - means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
Recipient - means the natural or legal person, public authority, agency or other body to which personal data is disclosed, regardless of whether it is a third party. However, public authorities that may receive personal data as part of a specific request under Union or Member State law shall not be considered recipients; the processing of such data by such public authorities shall comply with applicable data protection regulations in accordance with the purposes of processing.
Third party - means a natural or legal person, public authority, agency or body that is not a data subject, controller, operator and persons who, under the direct supervision of the controller or operator, are authorized to process personal data.
1. Types and volume of processed personal data
-
1.1 When using the site the following personal data is openly collected from users: e-mail address, age, date of birth, cell phone number, geolocation of the user.
The following personal data is collected automatically: download history, browsing history, statistical data about clicks made (as a coordinate system), downloaded media data, IP address, IMEI and basic device parameters, operating system information, operating system language, service speed, date of adding a product, user rating, user feedback, user comments, session length.
Part of the personal data received may be made available to other users as public information by targeting opening of the profile.
Personal data is collected in anonymized form and stored in encrypted form.
-
1.2 The Administrator has the right to establish requirements for the composition of anonymized user data, which are collected when using the Site.
-
1.3 If certain information is not designated as mandatory, its provision or disclosure is at the discretion of the User. At the same time, the User gives an informed consent to access to such data by the general public. Such data becomes publicly available as soon as it is provided and/or disclosed in another form.
-
1.4. Administrator does not check the authenticity of the provided data and the availability of legal grounds for its processing in accordance with this Policy, considering that the User acts in good faith, prudently and makes all necessary efforts to keep such information up to date and to obtain all necessary approvals for its use.
-
1.5. The User understands and accepts the possibility of using third-party software on the site, as a result of which such persons may receive and transmit personal data in an impersonal form.
-
1.6. Administrator is not responsible for the use of anonymized user data by third parties.
2. Processing of personal data
-
2.1 Personal information is used for the following purposes:
-
- To operate the site and the built-in services, and to provide users with information and services, including, but not limited to, download programs, chat rooms, forums, promotional messages, contests, promotions, etc;
-
- To provide users with technical support services and handle incoming user requests;
-
- For internal analysis and research to improve the operation and functionality of the site, as well as other products and services of the Administrator;
-
- Targeting promotional materials within the site;
-
- To detect and prevent fraud and abuse of the site or site features.
-
-
2.2 The Administrator shall keep a record (log) of the processing of data relating to his area of responsibility. Such log contains all information about:
-
(A) person and contact information for the controller and, if applicable, the joint controller, controller representative and data protection officer;
-
(B) processing goals;
-
(C) description of categories of data subjects and categories of personal data;
-
(D) categories of recipients to whom personal data has been or will be disclosed, including recipients in third countries or international organizations;
-
(E) If it is necessary to transfer personal data to a third country or international organization, including the identification of such third country or international organization and, in the case of acts of transfer, documentation of the corresponding guarantees;
-
(F) if possible - there are time limits for deleting different categories of data;
-
(G) if possible, a general description of the technical and organizational security measures.
-
-
2.3 In the event of a breach of personal data protection, which is not likely to result in severe consequences for the data subject, the Administrator shall, no later than within 72 hours after becoming aware of the breach of personal data protection, notify the user of such breach.
-
2.4 The administrator does not appoint and does not keep in the staff an employee for the protection of personal data, since it does not carry out activities defined by the legislation as mandatory for the involvement of such an employee.
3. Rights of the subject of personal data:
-
3.1 Right of access to information - the data subject has the right to obtain confirmation of the processing of personal data from the controller and, if so, access to personal data and information on:
-
- processing goals;
-
- categories of personal data that are processed;
-
- the recipient or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations;
-
- the existence of the right to send a request to the controller to correct or erase personal data or to restrict processing of personal data on the data subject, and to object to such processing;
-
- the existence of the right to send a request to the controller to correct or erase personal data or to restrict processing of personal data on the data subject, and to object to such processing;
-
- the right to file a complaint with the supervisory authority;
-
- if personal data is not collected from the data subject, any information regarding its source;
-
- the availability of automated judgment and decision-making, including profiling and, at least in such cases, reliable information about the logic, relevance and intended consequences of such processing for the data subject.
-
-
3.2 Right to correction - the data subject has the right to have inaccurate personal data corrected, which shall be carried out by the controller without any unreasonable delay. Considering the purposes of the processing, the data subject shall have the right to fill in incomplete personal data, including by providing an additional statement.
-
3.3 Right to erasure (deletion) - a data subject has the right to apply to the Controller for erasure (deletion) of their personal data if one of the following grounds arises:
-
- there is no longer a need for personal data for the purposes for which it was collected or otherwise processed;
-
- the data subject withdraws the consent on which the processing is based and if there is no other legal basis for further processing;
-
- the data subject objects to the development, and there is no primary legitimate reason for further processing;
-
- personal data was processed illegally;
-
- personal data must be erased in order to comply with the statutory obligation laid down in Union or Member State law applicable to the Controller;
-
- personal data was collected in connection with the offer of information society services (when processing the child's personal data).
-
-
3.4 Right to restrict processing - the data subject has the right to restrict processing by the controller in the following circumstances:
-
- the accuracy of personal data is challenged by the data subject, for a period of time that gives the controller the opportunity to verify the accuracy of personal data;
-
- the processing is illegal and the data subject opposes the erasure of the personal data and instead sends a request to restrict its use;
-
- the controller no longer needs personal data for processing purposes, but is required by the data subject to form, exercise or defend legal claims;
-
- the data subject has objected to the processing, pending verification of whether the controller's legitimate grounds override the data subject's legitimate interests.
-
-
3.5 Right to data mobility - the data subject has the right to receive his or her personal data, which he or she has provided to the controller, in a structured, commonly used format that can be easily read by a machine, and the right to transfer such data to another controller if:
-
- processing is based on consent, or on a contractual basis; and
-
- processing is automated.
-
-
3.6 Right to object - the data subject has the right to object, on grounds related to his or her specific situation, at any time, to the processing of personal data, including profiling. The controller shall no longer process the personal data, unless he or she proves that there are substantial legitimate grounds for the processing that override the interests, rights and freedoms of the data subject or to form, exercise or defend a legal claim.
4. Transfer of personal data
-
4.1 The Administrator has the right to transfer the processed data to third parties in the following cases:
-
- The user has consented to such actions, including when the user applies settings to the software used that do not restrict the provision of certain information;
-
- Engaging third parties in the processing of personal data on a contractual basis, provided that such persons comply with the requirements for the protection of personal data and comply with the recommendations and instructions of the Administrator;
-
- The transfer is necessary as part of the user's use of the functionality of the site to meet the needs of such a user;
-
- The transfer is necessary in accordance with the purposes of data processing;
-
- In connection with the transfer of the site to the possession, use or ownership of such third party;
-
- At the request of a court or other authorized state body within the procedure established by law;
-
- To protect the rights and legitimate interests of the Administrator in connection with violations committed by the User.
-
5. Cookies
-
5.1 Some of the site's services use cookies. These are small text files that a site sends to a user's device to record what the user does online. Such files can be used by site services to save preferences when using the site, to improve some aspects of the site's operation, to record the user's online activities, and to provide the user with personalized advertising and other materials. The user can disable the use of cookies in the options menu, but in this case, some functions of the site may not be available.
6. Security
-
6.1 The Administrator shall take all necessary technical and organizational and legal measures to ensure an adequate level of protection of the processed personal data from unauthorized access by third parties, as well as accidental access, destruction, distortion, blocking, copying, distribution or other unlawful actions of third parties.
-
6.2 The administrator, at the time of determining the means of processing and at the time of processing, shall take the necessary technical and organizational measures, such as the use of pseudonyms designed to effectively implement data protection principles, in particular data minimization, and the inclusion of the necessary safeguards for processing.
-
6.3 The administrator shall take appropriate technical and organizational measures to ensure that only those personal data necessary for each specific purpose of processing are processed by default. In particular, such measures shall ensure that, by default, access to personal data is not granted to an indefinite number of natural persons without the person's recourse.