This Policy establishes the Operator’s obligations to non-disclose and ensure a regime for protecting the confidentiality of personal data that the subject of personal data provides to the Operator, establishes procedures aimed at preventing and identifying violations of the legislation of the Russian Federation, eliminating the consequences of such violations related to the processing of personal data.
The purpose of this Policy is to ensure the protection of the rights and freedoms of man and citizen when processing his personal data, including the protection of the rights to privacy, personal and family secrets.
The Policy applies to relationships in the field of personal data processing that arose with the Operator both before and after the approval of this Policy.
The policy is valid indefinitely after approval until it is replaced by a new version. The new Policy comes into force from the moment it is posted in the Application, unless otherwise provided by the new edition of the Policy.
All suggestions or questions regarding this Policy should be sent to the email address (e-mail): hello@evernow.be.
The current Policy is posted in the Evernow Application.
This Policy applies only to the Evernow Application. The Operator is not responsible for third party sites and software that the User can access via links available in the Application.
The Operator does not verify the accuracy of the information provided by Application Users and does not exercise control over their legal capacity. However, it is assumed that the User provides reliable and sufficient information up to date.
In the event of any contradictions between this Policy and other documents posted in the Evernow Application, with regard to the processing of personal data of Application users, this Policy will prevail.
1) personal data - any information relating to a directly or indirectly identified or identifiable individual (subject of personal data);
2) operator - a state body, municipal body, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations) ) performed with personal data;
3) subject of personal data - an individual who is directly or indirectly identified or determined using personal data (Application User).
4) confidentiality of personal data - operators and other persons who have access to personal data are obliged not to disclose to third parties or distribute personal data without the consent of the subject of personal data, unless otherwise provided by federal law.
5) processing of personal data - any action (operation) or set of actions (operations) performed using automation tools or without the use of such means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
6) automated processing of personal data - processing of personal data using computer technology;
7) dissemination of personal data - actions aimed at disclosing personal data to an indefinite number of persons;
8) provision of personal data - actions aimed at disclosing personal data to a certain person or a certain circle of persons;
9) blocking of personal data - temporary cessation of processing of personal data (except for cases where processing is necessary to clarify personal data);
10) destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which material media of personal data are destroyed;
11) depersonalization of personal data - actions as a result of which it becomes impossible to determine the ownership of personal data to a specific subject of personal data without the use of additional information;
12) information system of personal data - a set of personal data contained in databases and information technologies and technical means that ensure their processing;
13) cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity.
· Constitution of the Russian Federation
· Civil Code of the Russian Federation
· Federal Law of December 19, 2005 N 160-FZ “On ratification of the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data”
· Federal Law of July 27, 2006 N 149-FZ “On information, information technologies and information protection”
· Federal Law N 2300-1 of 02/07/1992 “On the protection of consumer rights”
· Other federal laws and normative legal acts adopted on their basis regulating relations related to the processing of personal data.
1. last name, first name, patronymic of the Application user;
2. Contact phone number of the Application user;
3. email address of the Application user;
Personal data permitted for processing under this Policy may also include additional information provided by Users at the request of the Operator in order for the Operator to fulfill its obligations to Users arising from the license agreement. The Operator has the right, in particular, to request from the User a copy of an identity document or other document containing the User’s first name, surname, photograph, as well as other additional data that, at the Operator’s discretion, will be necessary and sufficient to identify such User and will allow exclude abuse and violation of the rights of third parties.
In addition, when visiting the Application, information sent by the user's browser when visiting the Application is automatically saved. This information includes the page request, IP address, browser type and language, as well as the date and time the page was accessed, pixel tags, and web beacons. This information is used solely for analysis and maintenance of high-quality technical operation of the Application and is automatically deleted after 30 days. When the User visits the Application, the Application sends one or more cookies to the User's mobile device.
Cookies are small text files that are usually stored on the buyer's computer until the end of the session, i.e. until the end of work in the browser, but in some cases beyond it. Cookies are used:
— to simplify the use of the Application by the User;
— for analysis for advertising purposes.
The Application uses third party services to track traffic statistics, obtain information on conversions for advertising campaigns, and others. With the help of these services and tools, the Application does not collect data about specific users, but only uses general statistical data about traffic and the effectiveness of the Application and the effectiveness of advertising campaigns.
Disabling cookies may result in the inability to access parts of the Application that require authorization.
Any other personal information not specified above is subject to secure storage and non-distribution, except as required by law.
When registering in the Application, the user fills out an electronic form in which he indicates personal data.
By registering in the Evernow Application, the subject of personal data agrees to create an account to use the Application and receive information about service updates, special offers, pricing information, newsletters and other information on behalf of the Operator.
By registering in the Evernow Application, the personal data subject confirms that he has read this Policy and his consent is specific, informed and conscious.
By registering in the Evernow Application, the subject of personal data expresses his consent to receive information about product/service updates, special offers, pricing information, newsletters and other information on behalf of the Operator.
The subject of personal data has the right to refuse to receive the above information by sending a corresponding electronic message in any form to the email address: hello@evernow.be.
When concluding, executing and terminating civil contracts provided for by current legislation, when conducting marketing research, the subject of personal data, by providing personal data to the Operator, expresses his consent to the processing of his personal data by the Operator.
If the Application User provides the Operator with personal data of third parties, the User is responsible for informing the third party about the use of such data and for obtaining appropriate consent.
The processing of personal data is carried out on a legal and fair basis.
The processing of personal data is limited to the achievement of specific, pre-defined and legitimate purposes.
Processing of personal data that is incompatible with the purposes of collecting personal data is not permitted.
It is not allowed to combine databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other.
The content and volume of personal data processed correspond to the stated purposes of processing.
When processing personal data, the accuracy of personal data, their sufficiency, and, where necessary, relevance in relation to the purposes of processing personal data are ensured.
Personal data is stored in a form that makes it possible to identify the subject of personal data, no longer than required for the purposes of processing personal data.
The processed personal data is destroyed or anonymized upon achievement of the purposes of processing or in the event of the loss of the need to achieve these purposes.
In accordance with the principles of processing personal data, the Operator has determined the following purposes for processing personal data:
· ensuring the protection of the rights and freedoms of man and citizen when processing his personal data, including the protection of the rights to privacy, personal and family secrets;
· conclusion, execution and termination of civil contracts with individuals, legal entities, individual entrepreneurs and other persons in cases provided for by current legislation;
· carrying out business activities;
· Conducting marketing research and providing services.
· establishing feedback with counterparties;
· sending notifications and requests regarding the use of the Application and the purchase of services, the provision of services, processing requests and applications from users, concluding a license agreement;
· identification of the Application User to provide the opportunity to use the functionality of the Application;
· creating an account to make purchases;
· providing effective customer and technical support in case of problems related to the use of the site;
· providing the User with information about updates, special offers, pricing information, newsletters and other information on behalf of the Operator.
· promotion of the Operator's goods, works, and services on the market by making direct contacts with potential consumers using communication means.
· non-automated processing of personal data;
· automated processing of personal data with or without transmission of received information via information and telecommunication networks;
· mixed processing of personal data.
Personal data of the Application User may be transferred to authorized government bodies of the Russian Federation only on the grounds and in the manner established by the legislation of the Russian Federation.
The Operator takes the necessary organizational and technical measures to protect the personal information of the Application User from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other unlawful actions of third parties.
The processing and storage of personal data is carried out no longer than required by the purposes of processing personal data, unless there are legal grounds for further processing, for example, if federal law or an agreement with the subject of personal data does not establish an appropriate storage period. Processed personal data is subject to destruction or depersonalization when the following conditions occur:
· provision by the subject of personal data or his legal representative of confirmation that the personal data was illegally obtained or is not necessary for the stated purpose of processing - within 7 days;
· impossibility of ensuring the legality of the processing of personal data - within 10 days;
· withdrawal by the subject of personal data of consent to the processing of personal data, if the storage of personal data is no longer required for the purposes of processing personal data - within 10 days;
· withdrawal by the subject of personal data of consent to the use of personal data for contacts with potential consumers when promoting goods and services - within 2 days;
· termination by an individual of activities as an individual entrepreneur.
· provide personal data of subjects to third parties, if provided for by current legislation (tax, law enforcement agencies, etc.);
· refuse to provide personal data in cases provided for by law;
· use the subject’s personal data without his consent in cases provided for by law.
The personal data operator undertakes:
· use the information received solely for the purposes specified in this Policy;
· ensure that personal data is kept secret, not disclosed without the prior written permission of the buyer, and also not sell, exchange, publish, or disclose in other possible ways the transferred personal data of the buyer, except as provided by law; take precautions to protect the confidentiality of the buyer's personal data in accordance with the procedure generally used to protect such information in existing business transactions; provide the buyer with information regarding the processing of personal data relating to him;
· block, clarify or destroy personal data relating to the relevant subject of personal data from the moment of application or request of the subject of personal data or his legal representative or an authorized body for the protection of the rights of personal data subjects for the period of verification, if the personal data is incomplete , outdated, inaccurate, unlawfully obtained or not necessary for the stated purpose of processing.
· demand clarification of your personal data, their blocking or destruction if the personal data is incomplete, outdated, unreliable, illegally obtained or not necessary for the stated purpose of processing, as well as take measures provided by law to protect your rights;
· demand a list of your personal data processed by the Operator and the source of their receipt;
· receive information about the terms of processing of your personal data, including the periods of their storage;
· receive information about the name or full name and address of the person processing personal data on behalf of the Operator;
· require notification of all persons who were previously provided with incorrect or incomplete personal data about all exceptions, corrections or additions made to them;
· appeal to the authorized body for the protection of the rights of personal data subjects or in court against unlawful actions or inactions during the processing of his personal data;
· withdraw your consent to the processing of personal data by sending a notification to the email address hello@evernow.be;
· identify your representatives to protect your personal data;
· to protect their rights and legitimate interests, including compensation for losses and (or) compensation for moral damage in court.
10. Measures to ensure the security of personal data
The operator takes the necessary legal, organizational and technical measures to ensure the security of personal data to protect it from unauthorized (including accidental) access, destruction, modification, blocking of access and other unauthorized actions. Such measures, in particular, include:
· appointment of employees responsible for organizing the processing and ensuring the security of personal data;
· publication of local regulations on the processing of personal data, familiarization of employees with them;
· ensuring the physical security of premises and processing facilities, access to the Application;
· restriction and delimitation of access of employees and other persons to personal data and processing means, monitoring of actions with personal data;
· identification of threats to the security of personal data during their processing, formation of threat models based on them;
· use of security tools (anti-virus tools, means of protection against unauthorized access), including those that have passed the conformity assessment procedure in the prescribed manner;
· accounting and storage of information media, excluding their theft, substitution, unauthorized copying and destruction;
· backup information for recovery;
· carrying out internal control over compliance with the established procedure, checking the effectiveness of measures taken, responding to incidents.
