PERSONAL DATA PROCESSING POLICY
1. General provisions
1.1 This document (hereinafter referred to as the Policy) defines the policy regarding the processing of personal data of Friflex Limited Liability Company (hereinafter referred to as the Operator).
1.2 The policy was developed in pursuance of the requirements of paragraph 2 of part 1 of Art. 18.1 of the Federal Law of July 27, 2006 N 152-FZ "On Personal Data" (hereinafter referred to as the Law on Personal Data) and determines the procedure for collecting, storing, transferring and other types of processing of personal data, as well as information on the implemented requirements for the protection of personal data.
1.3 The concepts contained in Art. 3 of the Personal Data Law are used in this Policy with the same meaning.ерсональных данных, используются в настоящей Политике с аналогичным значением.
1.4. The mobile application name is idDraughts.
1.5. The Operator/Developer is Friflex Limited Liability Company.
2. Composition
2.1 Information constituting personal data is any information relating to a directly or indirectly identified or identifiable natural person (subject of personal data).
2.2 All personal data processed by the Operator is confidential, strictly protected information, in accordance with the law.
3. Purposes of personal data processing
3.1 Personal data is processed by the Operator for the purpose of organizing and conducting events, loyalty programs, marketing and / or promotions, research, surveys by the Operator (including with the involvement of third parties); fulfillment of obligations under the service agreement by the Operator; provision of other services to personal data subjects; promoting the services and/or goods of the Operator and/or the Operator's partners on the market by making direct contacts with the Operator's customers using various means of communication, including, but not limited to, by phone, e-mail, mailing list, on the Internet, etc. ; for other purposes, if the actions of the Operator do not contradict the current legislation.
3.2 The Operator, in order to properly perform its duties as an Operator, processes the following personal data:
4. The procedure for collecting, storing, transferring and other types of processing of personal data
4.1 The processing of personal data is carried out by the Operator subject to obtaining the consent of the subject of personal data (hereinafter referred to as the Consent), except for the cases established by the legislation of the Russian Federation when the processing of personal data can be carried out without such Consent.
4.2 The subject of personal data decides to provide their personal data and gives Consent freely, by their own will and in their own interest.
4.3 Consent is given in any form that allows you to confirm the fact of its receipt.
4.4 When processing personal data, the operator takes or ensures that the necessary legal, organizational and technical measures are taken to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data.
4.5 The Operator, in order to achieve the purposes of processing, has the right to transfer personal data to third parties - partners of the Operator on the basis of relevant agreements and with the consent of the subjects of personal data.
5. Rights and obligations of the personal data operator
5.1 The operator of personal data has the right:
5.1.1 to defend its interests in court;
5.1.2 to provide personal data of the subjects to third parties, if this is provided for by the agreement with the subject and the current legislation (tax, law enforcement agencies, etc.);
5.1.3 to refuse to provide personal data in cases provided for by law;
5.1.4 to use the personal data of the subject without their consent in cases provided for by law.
5.1.5 to use the personal data of subjects to send them information about the products and services of the operator.
5.2 The operator of personal data is obliged:
5.2.1 to process personal data in the manner prescribed by the current legislation of the Russian Federation;
5.2.2 to consider the appeals of the subject of personal data (their legal representative) on the processing of personal data and give reasoned answers;
5.2.3 to provide the subject of personal data (their legal representative) with the opportunity of free access to their personal data;
5.2.4 to take measures to clarify, destroy the personal data of the subject of personal data in connection with their (their legal representative) treatment with legal and reasonable requirements;
5.2.5 to organize the protection of personal data in accordance with the requirements of the legislation of the Russian Federation.
6. Rights and obligations of the subject of personal data
6.1 The subject of personal data has the right:
6.1.1 to demand clarification of their personal data, its blocking or destruction if personal data is incomplete, outdated, unreliable, illegally obtained or not necessary for the stated purpose of processing, as well as take legal measures to protect their rights;
6.1.2 to require a list of their personal data processed by the Operator and the source of its receipt;
6.1.3 to receive information about the terms of processing of their personal data, including the terms of its storage;
6.1.4 to demand notification of all persons who were previously informed of their incorrect or incomplete personal data of all exceptions, corrections or additions made to it;
6.1.5 to appeal to the authorized body for the protection of the rights of subjects of personal data or in court against illegal actions or omissions in the processing of their personal data;
6.1.6 to protect their rights and legitimate interests, including damages and (or) compensation for moral damage in court.
6.2 The subject of personal data is obliged:
6.2.1 to provide the Operator with only reliable data about themself;
6.2.2 to provide documents containing personal data to the extent necessary for the purpose of processing;
6.2.3 to notify the Operator about the clarification (update, change) of their personal data.
7. Children’s privacy policy
7.1. Our application (product) respects the children’s privacy, thus, it was created taking into account the priority of children’s safety.
7.2. Our application is marked as safe for children, it has no ads and no links to external sites and applications.
7.3. Please note that you need to have a user account in the system, or register in the app to get the full version of our application. The application also has additional paid features. If you allow your child to use one of our services, please actively monitor this activity. You should also review this Personal Data Processing Policy, as by allowing your child to use our services, you agree to this Policy on their behalf. If you do not agree, please do not allow your child to use our services.
7.4. If we need to rely on consent as the logical basis for processing your data and in your country parental consent is required, we may request your parent’s consent before collecting and using this information.
8. Cookie Policy
8.1Cookies are used on the Operator's websites to improve the quality of interaction of visitors (users) with these websites, allowing the latter to "remember" visitors (users) during their first visit or during repeated visits. In some cases, cookies are used to personalize information on websites based on the location of visitors and/or their preferences when visiting websites.
8.2 The Operator uses cookies that are necessary to move visitors (users) around the site or to operate certain basic functions. Cookies are used to improve the functionality of the website, for example by storing visitor (user) settings. The Operator also uses cookies to improve the performance of its websites, in order to improve the quality of the interaction of visitors (users) with them.сайтов, чтобы улучшить качество взаимодействия посетителей (пользователей) с ними.
8.3 The Operator does not use cookies to collect information that allows it to identify visitors (users).
9. The following cookies may be used when visiting the Operator's websites:
9.1 own cookies are set by the site you are visiting and can only be read by that site;
9.2 third-party cookies are set by other organizations whose services are used by the Operator. For example, the Operator uses third-party analytics services, and the providers of these services set cookies on behalf of the Operator to tell the Operator which sections of the Operator's websites are popular and which are not. The Operator's websites may contain materials downloaded from, for example, YouTube, and such third-party websites may set their own cookies.
9.3 If a visitor does not want to receive cookies, they can set their browser to be notified each time they try to send cookies, or to reject all cookies. You can also delete existing cookies.
9.4 If a visitor wishes to restrict or block cookies placed on their device, they can do so using their browser settings as directed by the browser's Help. Instructions on how to do this in the browser of the mobile device should be given in the manual of this device.
9.5 The Operator's websites and applications may contain links to other sites and services that are beyond the control of the Operator and outside the jurisdiction of this policy. The operators of these sites and services may collect information about visitors and use it in accordance with their policies, which may differ from the policies of the Operator.
10. Rules of access to the mobile application
10.1. By installing the application on the mobile device, the user gives consent to the Operator/Developer for the collection, processing, recording, systematization, storage modification, depersonalization, deletion, modification, and use of the user’s personal data for the purpose of rendering services under contracts concluded between the user and the Operator/Developer.
10.2. The Operator/Developer does not verify the validity of personal information provided by users and does not monitor their legal capacity.
10.3. The Operator/Developer presumes that the information transmitted to them from users is reliable and keeps this information up-to-date.
10.1. After performing all the necessary actions to install the application on the main page of the application, the user is invited to register, thereby starting a user account in the system. The Operator/Developer draws your attention to the fact that, in order to access all the free features of this app, registration in the app is a mandatory step. Otherwise, users who have declined such registration, can take advantage of the limited scope of the Developer’s features in the application for users without a user account. The developer/operator also provides additional paid features in the application, which are not provided to the user without their prior consent. By agreeing to the use of such additional features, the user also agrees to the processing of personal data.
10.2.To register in the application that allows using all free functions, the user needs to specify in the authorization window their personal data, namely the valid email/email address (referred to as user’s EA/e-mail), the confirmation of which is realized by sending an electronic message, the automated system of the Operator/Developer on the user’s EA/e-mail specified in the authorization window with an individualized six-digit code, which is generated by the application for each individual registration case, without repetition.(The corresponding code is sent to the user’s EA/e-mail only if the user decides to open a user account in the application and provides the personal data required for such registration). Entering the correct code in the highlighted window in the application is confirmation of the user account/creation of the user account in the system.
10.3. The collection, processing and storage provided by the data user are carried out independently by the Operator/Developer.
10.4. Data is collected, processed and stored for as long as necessary to achieve the stated objectives of this Personal Data Processing Policy.
10.5. If you have any questions regarding the installation and operation of the application, or if you have any objections to the processing and/or storage of personal data, please send any inquiries you may have to the following e-mail address: hello@idDraughts.com. The application team will respond within one business day. A reply letter will be sent to the same e-mail address from which the request was made.
11. Terms of use of the application
11.1. The user, when using the application, confirms that they:
11.2. The Operator/Developer does not verify the validity of the information received, except where such verification is required by existing legislation and also when such verification is necessary in order to fulfill obligations to the user.
12. Types of personal and confidential user data
12.1. The types of personal and confidential user data that are available to the application and that it collects, uses and transmits, as well as information about who accesses that information. The list of such personal and confidential user data consists of a mail and a device identifier.
12.2. Operator/Developer has the right to disclose the received user data to Operator’s/Developer’s affiliates, subsidiaries and representative offices; to the Operator’s/Developer’s successors that occurred as a result of its liquidation, reorganization or bankruptcy and that have received exclusive ownership of the application (idDraughts), payment service providers or banking (financial) institutions, as well as in other cases stipulated by this Personal Data Processing Policy and current legislation.
12.3. The Operator/Developer only discloses personal data if it is certain that third parties will treat personal data with care, namely, comply with the terms of this Personal Data Processing Policy and take the same measures to protect the confidentiality of personal data as the Operator/Developer itself, and consent to such disclosure was given in advance in any acceptable form by the user and/or permitted by existing legislation.
13. The order of protection of personal data
13.1. Protecting the privacy of personal data is a paramount and important task for the Operator/Developer. The Operator/Developer adheres to all required national and international standards, rules and guidelines for the protection of personal data.
13.2. To fulfill direct obligations, the Operator/Developer:
13.2.1 uses certified security features — antivirus programs, firewalls, access control systems, etc.;
13.2.2 provides regular backup to prevent data loss due to technical failures or malicious actions;
13.2.3 limits access to confidential information, including by setting passwords to access information systems and databases;
13.2.4 encrypts data transmitted over the network to prevent unauthorized access to confidential information;
13.2.5 sets rules for access to personal data and ensures registration and recording of all actions taken with personal data;
13.2.6. establishes individual employee access passwords to the information system in accordance with their work responsibilities.
14. Developer’s rules for storage and deletion of data
14.1. Any information collected by our application is used solely to improve your experience and is not shared with third parties without your consent.
14.2. The user has the right to change or delete their personal data at any time, except where such modification or deletion may violate the rules of this Policy; or violate the legislation; such personal data is evidence in any litigation between the Operator/Developer and the user. The user needs to delete the user account in the application (idDraughts).
14.3. The Operator/Developer has the right to delete the user account at any time, as well as all personal data about the user, if the above-mentioned user has violated the terms of this Policy and/or User Agreement.
14.4. You have the right to request access, correction or deletion of your data, and you may withdraw your consent to the processing at any time. For inquiries or further information, please contact hello@idDraughts.com.
15. Final provisions
15.1. This Policy is subject to change, addition in the event of the emergence of new legislative acts and special regulatory documents on the processing and protection of personal data.
15.2. The Operator reserves the right to change and/or update the Policy at any time. The new version of the Policy comes into force from the moment it is posted on the website or in the mobile application of the Operator, unless otherwise provided by the new version of the Policy.
15.3. Control over the fulfillment of the requirements of this Policy is carried out by the person responsible for ensuring the security of the personal data of the Operator.
15.4. Risks of disclosure. Regardless of the measures taken by the Operator/Developer to protect the confidentiality of the personal data received, the user is aware that the information transmitted to them may become available to unknown third parties due to their unlawful actions, and is hereby deemed to be duly informed that any transmission of Personal Data on the Internet cannot be securely guaranteed, and therefore the User carries out such transmission at his own risk.