This Policy governs relations related to the processing of personal data of users of the Evernow Application, obtained during the conclusion, execution and termination of civil law contracts in cases provided for by applicable law; when carrying out entrepreneurial activities and conducting marketing research. The processing of personal data is carried out by the Operator - IP Bratchikov Alexander Viktorovich (TIN 594400903887 OGRNIP 319595800092771 dated July 31, 2019, address: 614094, Perm Territory, Perm, Milchakova St., 28, apt. 9, hereinafter referred to as " Operator").

This Policy establishes the Operator's obligations for non-disclosure and ensuring the regime for protecting the confidentiality of personal data that the subject of personal data provides to the Operator, establishes procedures aimed at preventing and detecting violations of the legislation of the Russian Federation, eliminating the consequences of such violations related to the processing of personal data.
The purpose of this Policy is to ensure the protection of the rights and freedoms of a person and citizen in the processing of his personal data, including the protection of the rights to privacy, personal and family secrets.
The Policy applies to relations in the field of personal data processing that the Operator has both before and after the approval of this Policy.

The policy is valid indefinitely after approval until it is replaced by a new version. The new Policy comes into force from the moment it is posted in the Application, unless otherwise provided by the new version of the Policy.
All suggestions or questions regarding this Policy should be sent to the e-mail address (e-mail): hello@evernow.be.

The current Policy is posted on the Evernow Application.
This Policy applies only to the Evernow Application. The Operator is not responsible for the websites and software of third parties, to which the User can follow the links available in the Application.
The Operator does not verify the accuracy of the information provided by the Users of the Application and does not exercise control over their legal capacity. However, it proceeds from the fact that the User provides reliable and sufficient information up to date.

In the event of any conflict between this Policy and other documents posted on the Evernow Application, this Policy shall prevail with regard to the processing of personal data of the users of the Application.

1) personal data - any information relating directly or indirectly to a specific or identifiable natural person (subject of personal data);

2) operator - a state body, municipal body, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations ) committed with personal data;

3) subject of personal data - an individual who is directly or indirectly identified or determined using personal data (Application User).

4) confidentiality of personal data - operators and other persons who have gained access to personal data are obliged not to disclose to third parties and not to distribute personal data without the consent of the subject of personal data, unless otherwise provided by federal law.

5) processing of personal data - any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;

6) automated processing of personal data - processing of personal data with the help of computer technology;

7) dissemination of personal data - actions aimed at disclosing personal data to an indefinite circle of persons;

8) provision of personal data - actions aimed at disclosing personal data to a certain person or a certain circle of persons;

9) blocking of personal data - temporary suspension of the processing of personal data (except when processing is necessary to clarify personal data);

10) destruction of personal data - actions as a result of which it becomes impossible to restore the content of personal data in the information system of personal data and (or) as a result of which material carriers of personal data are destroyed;

11) depersonalization of personal data - actions as a result of which it becomes impossible to determine the ownership of personal data by a specific subject of personal data without the use of additional information;

12) personal data information system - a set of personal data contained in databases and information technologies and technical means that ensure their processing;

13) cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity.

The policy in the field of personal data processing is determined in accordance with the following regulatory legal acts of the Russian Federation:

The Constitution of the Russian Federation
The Civil Code of the Russian Federation
Federal Law No. 160-FZ of December 19, 2005 "On Ratification of the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data"
Federal Law of July 27, 2006 N 149-FZ "On Information, Information Technologies and Information Protection"
Federal Law N 2300-1 dated February 7, 1992 "On Protection of Consumer Rights"
· Other federal laws and normative legal acts adopted on their basis, regulating relations related to the processing of personal data.

Personal data authorized for processing under this Policy includes the following information:

1. last name, first name, patronymic of the user of the Application;

2. contact phone number of the user of the Application;

3. email address (e-mail) of the user of the Application;

Personal data permitted for processing under this Policy may also include additionally provided by Users at the request of the Operator in order to fulfill the Operator's obligations to Users arising from the license agreement. The Operator has the right, in particular, to request from the User a copy of an identity document or other document containing the name, surname, photograph of the User, as well as other additional data that, at the discretion of the Operator, will be necessary and sufficient to identify such a User and will allow exclude abuse and violation of the rights of third parties.

In addition, when visiting the Application, the information sent by the user's browser when he visits the Application is automatically saved. This information includes the page request, IP address, browser type and language, as well as the date and time the page was called, pixel tags, web beacons. This information is used solely to analyze and maintain the quality technical work of the Application and is automatically deleted after 30 days. When a user visits the Application, the Application sends one or more cookies to the User's mobile device.

Cookies are small text files that are usually stored on the customer's computer until the end of the session, i.e. until the end of work in the browser, but in some cases beyond it. Cookies are used:
— to simplify the use of the Application by the User;
- for analysis for advertising purposes.

The Application uses third-party services to track traffic statistics, obtain information about conversions for advertising campaigns, and others. Through these services and tools, the Application does not collect data about specific users, but only uses general statistics about the traffic and performance of the Application and the effectiveness of advertising campaigns.

Disabling cookies may result in the inability to access parts of the Application that require authorization.
Any other personal information not specified above is subject to secure storage and non-distribution, except as required by law.

When registering in the Application, the User fills out an electronic form in which he indicates personal data.
By registering in the Evernow Application, the subject of personal data agrees to create an account to use the Application and receive information about service updates, special offers, pricing information, newsletters and other information on behalf of the Operator.

By registering in the Evernow Application, the subject of personal data confirms that he has read this Policy and his consent is specific, informed and conscious.

By registering in the Evernow Application, the subject of personal data expresses his consent to receive information about product/service updates, special offers, pricing information, newsletters and other information on behalf of the Operator.

The subject of personal data has the right to refuse to receive the above information by sending a corresponding electronic message in any form to the email address: hello@evernow.be.
When concluding, executing and terminating civil law contracts provided for by applicable law, when conducting marketing research, the subject of personal data, by providing personal data to the Operator, expresses his consent to the processing of his personal data by the Operator.

If the Application User provides the Operator with personal data of third parties, then the User is responsible for informing the third party about the use of such data and for obtaining the appropriate consent.

The processing of personal data is carried out on a legal and fair basis.

The processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes.

It is not allowed to process personal data that is incompatible with the purposes of collecting personal data.

It is not allowed to combine databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other.

The content and scope of the processed personal data correspond to the stated purposes of processing.

When processing personal data, the accuracy of personal data, their sufficiency, and, if necessary, their relevance in relation to the purposes of processing personal data, are ensured.

The storage of personal data is carried out in a form that allows to determine the subject of personal data, no longer than required by the purposes of processing personal data.

The processed personal data is destroyed or depersonalized upon reaching the goals of processing or in case of loss of the need to achieve these goals.

In accordance with the principles of personal data processing, the Operator defines the following purposes for processing personal data:

Ensuring the protection of the rights and freedoms of a person and a citizen in the processing of his personal data, including the protection of the rights to privacy, personal and family secrets;

conclusion, execution and termination of civil law contracts with individuals, legal entities, individual entrepreneurs and other persons in cases stipulated by the current legislation;

implementation of entrepreneurial activity;

· Carrying out marketing research and providing services.
Establishing feedback with contractors;

sending notifications, requests regarding the use of the Application and the purchase of services, the provision of services, processing requests and applications from users, concluding a license agreement;

Identification of the User of the Application to enable the use of the functionality of the Application;
creating an account for making purchases;

providing effective customer and technical support in case of problems related to the use of the site;
providing the User with information about updates, special offers, pricing information, newsletters and other information on behalf of the Operator.

· promotion of goods, works, services of the Operator on the market by making direct contacts with a potential consumer using means of communication.

The processing of personal data by the Operator is carried out in the following ways:
non-automated processing of personal data;

automated processing of personal data with or without transmission of the received information via information and telecommunication networks;

mixed processing of personal data.

The personal data of the Application User may be transferred to the authorized state authorities of the Russian Federation only on the grounds and in the manner established by the legislation of the Russian Federation.

The Operator takes the necessary organizational and technical measures to protect the personal information of the Application User from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties.

Processing and storage of personal data is carried out no longer than required by the purposes of processing personal data, if there are no legal grounds for further processing, for example, if the federal law or the agreement with the subject of personal data does not establish an appropriate storage period. The processed personal data is subject to destruction or depersonalization upon the occurrence of the following conditions:
provision by the subject of personal data or his legal representative of confirmation that personal data are illegally obtained or are not necessary for the stated purpose of processing - within 7 days;

the impossibility of ensuring the legality of the processing of personal data - within 10 days;

withdrawal by the subject of personal data of consent to the processing of personal data, if the storage of personal data is no longer required for the purposes of processing personal data - within 10 days;

withdrawal by the subject of personal data of consent to the use of personal data for contacts with potential consumers when promoting goods and services - within 2 days;

termination by an individual of activity as an individual entrepreneur.

The operator of personal data has the right:

provide personal data of subjects to third parties, if this is provided for by applicable law (tax, law enforcement agencies, etc.);

Refuse to provide personal data in cases provided for by law;

use the personal data of the subject without his consent in cases provided for by law.

The personal data operator undertakes:

use the information received solely for the purposes specified in this Policy;

ensure the storage of personal data in secret, not to disclose without the prior written permission of the buyer, and also not to sell, exchange, publish, or disclose in other possible ways the transferred personal data of the buyer, except as otherwise provided by law; take precautions to protect the confidentiality of the buyer's personal data in accordance with the procedure usually used to protect this kind of information in existing business transactions;

provide the buyer with information regarding the processing of personal data relating to him;

block, clarify or destroy personal data relating to the relevant subject of personal data, from the moment of application or request of the subject of personal data or his legal representative or authorized body for the protection of the rights of subjects of personal data for the period of verification, if the personal data is incomplete , outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing.

The subject of personal data has the right:

· demand clarification of their personal data, their blocking or destruction if personal data is incomplete, outdated, unreliable, illegally obtained or not necessary for the stated purpose of processing, as well as take legal measures to protect their rights;

demand a list of their personal data processed by the Operator and the source of their receipt;

receive information about the terms of processing of their personal data, including the terms of their storage;

receive information about the name or full name and address of the person who processes personal data on behalf of the Operator;

Require notification of all persons who were previously informed of incorrect or incomplete personal data of all exceptions, corrections or additions made to them;

appeal to the authorized body for the protection of the rights of subjects of personal data or in court against illegal actions or omissions in the processing of his personal data;

withdraw your consent to the processing of personal data by sending a notification to the email address hello@evernow.be;

determine their representatives to protect their personal data;

· to protect their rights and legitimate interests, including compensation for losses and (or) compensation for moral damage in court.

The Operator takes the necessary legal, organizational and technical measures to ensure the security of personal data to protect them from unauthorized (including accidental) access, destruction, modification, blocking access and other unauthorized actions. These measures include, in particular:

appointment of employees responsible for organizing the processing and ensuring the security of personal data;

publication of local acts on the processing of personal data, familiarization of employees with them;

ensuring the physical security of premises and processing facilities, access to the Application;

Restriction and delimitation of access of employees and other persons to personal data and means of processing, monitoring of actions with personal data;

determination of threats to the security of personal data during their processing, the formation of threat models on their basis;

Use of security tools (anti-virus tools, means of protection against unauthorized access), including those that have passed the conformity assessment procedure in the prescribed manner;

accounting and storage of information carriers, excluding their theft, substitution, unauthorized copying and destruction;

backing up information for recovery;

Implementation of internal control over compliance with the established procedure, verification of the effectiveness of the measures taken, response to incidents.

Persons guilty of violating the provisions of the legislation of the Russian Federation in the field of personal data when processing personal data are held liable in the manner prescribed by federal laws.