PRIVACY POLICY

Effective from August 30, 2025

 

1. INTRODUCTION

1.1. This Privacy Policy (hereinafter referred to as the Policy) defines the terms and conditions and regulates the relationship between the owner of the SENS mobile app and (or) the web version of the SENS app (hereinafter referred to as the Service) specified in clause 1.8 of the Public Agreement (hereinafter referred to as the Owner) and the Service user who has accepted the public offer under the terms of the Public Agreement (hereinafter referred to as the User), which are related to the processing of information about Users, including personal data, in connection with the use of the Service.

1.2. The Policy does not apply to the processing of information about individuals, including their personal data:

1.2.1. related to labor activity, with whom the Owner has concluded and (or) terminated employment contracts;

1.2.2. related to the performance of administrative procedures;

1.2.3. related to the fulfillment of obligations under civil law contracts, including contracts of contractor work and (or) contracts for the provision of paid services, under which the Owner acts as the customer;

1.2.4. when processing cookies in the Service;

1.2.5. when considering appeals from individuals and legal entities.

1.3. This Policy is developed and applied in accordance with Federal Law No. 152-FZ of 27.07.2006 «On Personal Data»; Federal Law No. 149-FZ of 27.07.2006 «On Information, Information Technologies and Information Protection» and other legislative acts of the Russian Federation.

1.4. In accordance with the terms of the Public Agreement, the User gets access to the use of the Service by registering or authorizing through third-party services (social networks, e-mail, Apple ID, Google account, etc.). By virtue of subclause 5 of clause 1 of Article 6 of Federal Law No. 152-FZ of 27.07.2006 «On Personal Data», processing of personal data and (or) other information that does not relate to personal data of the User as a personal data subject is carried out on the basis of the conclusion and for the purposes of executing a Public Agreement to which the User is a party in accordance with clause 1.5 of the Public Agreement, except for the case established by section 6 of this Policy. The User gets access to the use of the Service based on the results of registration or authorization by performing the corresponding action provided for by the user flow of the Service (user route of the Service): by putting a check mark in the checkbox of the registration and (or) authorization form. Processing of personal data and other information that is not related to personal data of the User for the purposes of executing a Public Agreement continues, including in the case of editing the previously provided information by the User or when adding personal data on their own initiative using the Service’s tools.

In the event of a change in the initially stated purposes of processing the User's personal data, the If the initially stated purposes for processing the User’s personal data are changed, the Owner is obliged to obtain the User’s consent as a personal data subject according to the amended purposes, in the absence of other legal grounds for such processing provided by applicable law.

By using the Service, the User unconditionally and irrevocably agrees to this Privacy Policy, which they are obliged to read before starting to use the Service, without any exceptions or limitations. The terms set forth in the Policy cannot be amended by the User.

1.5. The User as a subject of personal data agrees to the Owner or Third Parties on its behalf, in cases established by this Policy, to perform the following actions with User’s data: collection, systematization, storage, modification, use, depersonalization, blocking, provision, deletion, both using automation tools and without them.

1.6. When the User logs into the Service through third-party services (social networks, email, Apple ID, Google, etc.) their personal data, as well as other information that does not relate to personal data, may be transferred by the Owner to Third Parties (services that the User used for authorization purposes), and the Service may also receive personal data from these Third Parties, as well as other information that does not relate to personal data, in order to fulfill the relevant agreements between such Third Parties and the User.

1.7. The current version of the Policy, which is a public document, is available to any User in the Service or on the Owner’s website: https://atlas-cloud.ruatlas-cloud.ru or on the Service’s page in app stores (App Store, Google Play, etc.).

The Owner has the right to amend and (or) supplement the Policy at its sole discretion unilaterally, with mandatory notification to the User about such amendments and (or) supplements via email or SMS to the User’s phone number provided during registration in the Service, no later than 10 (ten) business days before such amendments and (or) supplements take effect.

If the User disagrees with the amendments and (or) supplements to the Policy, the User (i) must delete their account independently or (ii) declare their disagreement and demand termination of personal data processing to the Owner using one of the methods specified in clauses 7.3 – 7.4 of the Policy. Upon receipt of such declaration, the Owner is obliged to terminate the processing of the User’s personal data, in the manner and under the conditions provided by this Policy and applicable law, and shall terminate (delete) the User’s account due to the impossibility of providing access to the Service’s functionality resulting from the User’s declared termination of processing of personal data and (or) other information that does not relate to personal data.

If the User continues to use the Service after the relevant amendments and (or) supplements to the Policy take effect, provided proper notification was given, the User agrees to the amendments and (or) supplements specified in the relevant notification.

The Owner also undertakes to inform the User of the current version of the Policy by publishing it in the Service, or on the Owner’s website, or on the Service’s page in app stores (App Store, Google Play, etc.), indicating the effective date of the corresponding version.

This clause does not apply to the cases specified in clause 6.7 of the Policy.

1.8. If the User has read the terms of this Policy after starting using the Service and does not agree with its terms, they must immediately stop using the Service and notify the Owner of the need to terminate processing personal data and (or) other information that does not relate to personal data in one of the ways provided for in clauses 7.3 – 7.4 of the Policy.

1.9. The rules established by this Policy regarding the User's personal data apply equally to other User information that does not relate to personal data, unless otherwise expressly established by this Policy.

1.10 If terms not specified in this Section are used in the Policy, they shall be used and interpreted in accordance with the Public Agreement. If any term is not defined in the aforementioned documents, it shall be interpreted in accordance with applicable law and the business customs established on the Internet.

 

2. GENERAL PROVISIONS

2.1. The processing of personal data by the Owner is carried out on the basis of a Public Agreement, as well as on other legal grounds provided for by applicable law.

2.2. The Owner in relation to the User’s personal data is:

2.2.1. the controller, that is, independently organizes the processing of personal data and determines the purposes of such processing, the composition of personal data to be processed, as well as actions (operations) performed with personal data (hereinafter referred to as the Controller);

2.2.2. the processor, that is, independently and directly carries out the processing of personal data (hereinafter referred to as the Processor).

2.3. The Owner has the right to transfer the powers of the Processor to a Third Party based on a civil law contract concluded with such person.

By agreeing to this Policy and using the Service, the User expresses their consent to such transfer. In this case, the Third Party to which the Processor’s powers are transferred on behalf of the Owner as the Controller is not obliged to request or obtain additional consent from the User for the processing of personal data.

In case of transfer of the Processor’s powers to Third Parties, the Owner undertakes to inform the Users about such transfer and the person acting as the Processor by making appropriate amendments to the Policy.

2.4. The Owner or Processor on its behalf processes personal data in accordance with the following principles:

2.4.1. lawfulness:

personal data is processed only on lawful grounds (with the User’s consent, by virtue of law, based on legitimate interest, on other lawful grounds) and for specific purposes, as well as for the proper provision of services for access to the Service;

2.4.2. transparency:

the Owner (including the Processor on its behalf) strives to be as clear and open as possible about how it collects, uses and transmits personal data. If the User has any questions about any provisions of the Policy, the Owner is open for communication;

2.4.3. fairness:

the Owner (including the Processor on its behalf) does not allow processing of the User’s personal data in an unreasonably harmful, discriminatory, unexpected, or misleading manner;

2.4.4. concreteness, clarity and legality of processing purposes:

the purposes of processing Users’ personal data can be found in section 3 of the Policy. The Owner (including the Processor on its behalf) does not process personal data for purposes not specified in this section;

2.4.5. data minimization:

the Owner (including the Processor on its behalf) processes data only to the extent necessary to achieve the processing purposes;

2.4.6. accuracy:

the Owner (including the Processor on its behalf) maintains the relevance of personal data;

2.4.7. storage limitation:

the Owner (including the Processor on its behalf) stores personal data for no longer than necessary for the purposes of processing;

2.4.8. integrity and confidentiality:

the Owner (including the Processor on its behalf) strives to ensure the security of Users’ data by protecting them from unauthorized or illegal processing, as well as from accidental loss, destruction or damage, through appropriate technical and organizational measures.

2.5. The Owner and (or) other Third Parties, in the cases established by this Policy, process the following categories of personal data and other information that does not relate to personal data:

2.5.1. data provided by the User:

2.5.1.1. mandatory data – data without which the User cannot gain access to the use of the Service, or the deletion, termination of processing, blocking, destruction, or depersonalization of which entitles the Owner to terminate the User’s access to the Service, in whole or in part;

2.5.1.2. optional data – data which the User independently decides to provide, the provision of which does not affect the availability of access to the Service, but the completeness and presence of which affect the efficiency, quality and scope of the functions provided by the Service regarding the selection of potential matches.

2.5.2. data collected by the Owner automatically;

2.5.3. data obtained from third-party resources:

2.5.3.1. User data associated with a third-party resource – data obtained by the Owner in case of User authorization in the Service through third-party resources (social networks, email, Apple ID, Google account, etc.);

2.5.3.2. Advertising identifier – a unique identifier that is associated with the User’s mobile phone or other device and is used by advertisers to track ads.

6.             The list of personal data and other information that does not relate to personal data included in the categories specified in clause 2.5 of the Policy is specified in Appendix 1 to this Policy.

 

3. TERMS AND PROCEDURE FOR PROCESSING PERSONAL DATA

3.1. The Owner determines the purposes of personal data processing, the categories of personal data subjects whose personal data is being processed, the list of personal data being processed, the legal grounds for personal data processing, the period of their storage, and the list of persons to whom and to what extent personal data is provided in accordance with Appendix 1 to this Policy.

3.2. The Owner may process personal data either with or without the use of automation tools and perform actions provided for in clause 1.5 of the Policy, including cross-border transfer.

3.3. In connection with the right of cross-border transfer of personal data to the territory of a foreign state with the lack of an adequate level of personal data protection, the Owner additionally informs the User about the existence of risks of such transfer:

3.3.1. lack of specific legislation regulating the processing of personal data, including requirements for compliance with such standards;

3.3.2. lack of an independent authorized state body for the protection of the rights of personal data subjects;

3.3.3. limited range of rights of personal data subjects;

3.3.4. use of improper methods of obtaining personal data, illegal processing of personal data, as a result of which personal data may become available to an unlimited number of persons.

3.4. By concluding the Public Agreement with the Owner in the manner defined in clause 1.4 of the Policy and clause 1.5 of the Public Agreement, the User expressly and unambiguously agrees and confirms their awareness of the transfer of the User’s personal data by the Owner to Third Parties, directly specified and named in this Policy, in a certain manner and volume.

If the processing of Users’ personal data involves their dissemination, the Owner specifies the specific conditions under which such action is possible.

3.5. When the User makes purchases within the Service, the Owner does not collect data on payment transactions performed by the User and does not have access to the User’s payment information. This information is collected and stored by the relevant platform used by the User (for example, the App Store on Apple devices, Google Play on Android devices, or App Gallery on Huawei devices) or by the payment operator of such platform.

The Owner can get data about payments made by the User through third-party services (if the Owner is contacted with a request from a payment operator, bank, or other third-party payment provider) for the purpose of verifying payments from the User. However, the Owner does not intentionally collect or store this data.

3.6. In-App purchases may be made by the User not only through the Service's functionality but also through stores of third-party services authorized by the Owner. The Owner recommends that Users review the privacy policies of such third-party services before making a purchase.

3.7. In certain cases, the User’s data may be collected to process a request for a refund for in-App purchases, in connection with which, by expressing their consent to the processing of personal data, the User also agrees to the processing of personal data by the payment services used by the Owner.

The User has the right to freely withdraw their consent for this purpose at any time, but in the event of such withdrawal, the Owner will not be able to properly process the User’s payment requests.

8.             The list of Third Parties with an indication of the purposes and scope of transmitted personal data of Users is specified in Appendix 2 to this Policy.

3.9. If the User demands the destruction, deletion, and (or) termination of processing of their personal data, the Owner is obliged to comply. If the User demands the blocking of personal data and the period of such blocking exceeds 365 (three hundred sixty-five) calendar days from the moment of blocking, the Owner has the right to destroy such User’s personal data and their account, respectively. If the User makes the demands specified in this clause, the Owner also has the right to depersonalize such User’s personal data for the purposes defined in clause 5.1 of this Policy.

3.10. The User’s personal data is also subject to destruction or depersonalization if the purposes of their processing are achieved or if it is no longer necessary to achieve these purposes, unless otherwise established by applicable law, within a period not exceeding 30 (thirty) calendar days.

 

4. USER RIGHTS

4.1. Users have the right to:

4.1.1. provide free access to information about themselves by uploading their personal pages in the Service using their username and password;

4.1.2. use the tools of the Service to independently determine and establish the desired level of confidentiality in relation to information about themselves (specify only mandatory information or optional information in the amount at their own discretion);

4.1.3. independently make changes and corrections to the information about themselves on the User’s personal page in the Service, provided that such changes and corrections contain up-to-date and reliable information;

4.1.4. delete information about themselves from their personal page in the Service, with the exception of mandatory information, or delete information about themselves completely, including mandatory information, by deleting their personal page in the Service;

4.1.5. require the Owner to clarify their personal data, block or destroy it if such data is incomplete, outdated, unreliable, illegally obtained or not necessary for the stated purpose of processing and if it is impossible to independently perform the actions provided for in clauses 4.1.3. and 4.1.4. of this Policy. For the purposes of exercising the right provided for in this clause of the Policy, the User must provide the Owner with the relevant documents and (or) their duly certified copies confirming the need to make appropriate changes;

4.1.6. require the Owner to stop processing their personal data and (or) delete them;

4.1.7. receive on the basis of a request the information from the Owner concerning the processing of their personal data containing:

4.1.7.1. name and location of the Owner;

confirmation of the processing of personal data by the Owner;

the list of personal data processed and the source of their receipt;

legal grounds and purposes of personal data processing;

the period for which consent to the processing of personal data is given;

name and location of the Processor, if the processing of personal data by the Owner is entrusted to a Third Party(ies);

other information required by law;

4.1.7.2. information about providing the User’s personal data to Third Parties once a calendar year for free (this clause does not apply to clause 4.1.7.1 of the Policy);

4.1.8. appeal the actions (inactions) and decisions of the Owner related to the processing of personal data, in accordance with the procedure established by applicable law, to the Federal Service for Supervision of Communications, Information Technologies and Mass Communications (https://rkn.gov.ru/contacts/).

4.2. The exercise by the User of the rights provided for in clauses 4.1.5, 4.1.7 of the Policy is carried out in the manner provided for in clauses 7.3 – 7.4 of the Policy.

4.3. The User's right provided for in clause 4.1.6 of the Policy is exercised in accordance with the procedure provided for in clauses 7.3 – 7.4 of the Policy, or if the User’s consent was provided in the form provided for in clause 1.4 of the Policy, by performing an appropriate action in the Service if such functionality is available (for example, unchecking the checkbox, offsets of the corresponding «slider» to the inactive position).

4.4. Relevant requests and appeals of the User are considered by the Owner within the time limits established by applicable law, in particular:

4.4.1. request in connection with the exercise of the right provided for in clause 4.1.5 of the Policy – the Owner makes appropriate changes, additions and (or) deletion within 7 (seven) business days from the date of receipt of information confirming that personal data is incomplete, inaccurate or irrelevant, or the Owner destroys personal data within 7 (seven) business days from the date of receipt of information confirming that personal data is illegally obtained or is not necessary for the stated purpose of processing;

4.4.2. request in connection with the exercise of the right to request the termination of personal data processing provided for in clause 4.1.6 of the Policy – the Owner terminates the processing of personal data within 10 (ten) business days from the date of receipt by the Owner of the request with the right to extend this period for 5 (five) business days, subject to sending such a User a reasoned notification with an indication of the reasons for the extension;

4.4.3. request in connection with the exercise of the right provided for in clause 4.1.7.1 of the Policy – the Owner provides relevant information within 10 (ten) business days from the date of receipt by the Owner of the request for the right to extend such period for 5 (five) business days, subject to sending such User a reasoned notification indicating the reasons for the extension.

4.5. The response to User requests and (or) appeals is sent by the Owner in the form corresponding to the form of submitting the corresponding request and (or) appeal, unless the request and (or) appeal itself explicitly states otherwise.

4.6. For the period of verification at the request of the User, when exercising the rights provided for in clauses 4.1.5 – 4.1.7 of the Policy, the Owner blocks the personal data of such User from the moment of receiving the request until the Owner makes an appropriate decision on the request.

From the moment of making a decision on the relevant request, the Owner is obliged to remove the blocking of the User’s personal data, except in cases where the subject of the request was the User’s request for such blocking for a certain or indefinite period (until the relevant User’s order is received).

4.7. The User has the right to request the termination of processing of their personal data to any person who performs such processing on the basis of and in accordance with this Policy.

4.8. The Service is intended for persons aged 18 (eighteen) years and older. The Owner does not knowingly collect personal data of persons whose age does not meet the specified threshold.

At the same time, the Owner cannot guarantee the absence of access to the Service for persons whose age does not meet the requirements of the Public Agreement and this clause, due to the inability to verify the accuracy of the data provided by the User about the date of birth and (or) age.

If the Service is used by a person whose age does not meet the requirements of the Public Agreement and this clause, the legal representative of such person (parents, guardians) may request the deletion, blocking, destruction and (or) termination of processing of such User’s personal data and prohibit the Owner from further collecting their personal data by contacting the Owner using one of the methods defined by clauses 7.3 – 7.4 of the Policy.

 

5. OWNER'S RIGHTS. LIMITATIONS

5.1. Personal data may be used by the Owner for scientific or other research purposes after mandatory depersonalization of such personal data, including, but not limited to, for:

5.1.1. preparation and publication of annual reports on its activities;

5.1.2. analytics of the Owner's activities and (or) the effectiveness of solutions used in the Service for the purposes of further improvement and updating of the Service;

5.1.3. preparation and explanation on the application of the personal data legislation;

5.1.4. preparation and implementation of publications and speeches related to the performance of the Owner’s employees’ official duties.

5.2. The Owner has the right to transfer personal data and other information that does not relate to personal data of Users to Third Parties in the following cases:

5.2.1 if the transfer of data is related to the performance by the Owner of civil law contracts and is necessary for the functioning of the Service (e.g., analytics services, payment systems, artificial intelligence services);

5.2.2. with the relevant consent of the User;

5.2.3. at the request of authorized state bodies within the framework of the applicable legislation;

5.2.4. in case of reorganization, change of ownership of the Owner or other corporate changes related to the transfer of data to the new owner.

5.3. The Owner has the right to refuse the User to exercise the rights provided for in clauses 4.1.5, 4.1.7 of the Policy, in cases where such refusal is allowed in accordance with the applicable law, with sending a reasoned refusal within the established time frame.

5.4. The Owner has the right to continue processing the User’s personal data after exercising the right provided for in clause 4.1.6. of the Policy, if there are other legal grounds for such processing.

5.6. The Owner has the right to store the User’s personal data in an depersonalized form for 5 (five) calendar years (or any other period established by applicable law) after the User stops using the Service, for the purposes specified in clause 5.1 of this Policy, as well as for the purposes of fulfilling the obligations imposed on the Owner by legislation in the field of ensuring the security of the Service and (or) its Users, including assistance in detecting and (or) solving criminal offenses.

5.7. This Policy does not apply to the actions and Internet resources and applications of Third Parties.

During the use of the Service, the User may see links to third-party internet resources and applications (e.g., in advertisements, in messages from another User, etc.). The Owner recommends that Users consider that when following links to third-party internet resources and applications, the User may share their personal data with such resources and applications. The Owner does not control such collection of personal data by third-party internet resources or applications and recommends that Users review their privacy policies in advance.

5.8. The Owner is not responsible for the actions of third parties who, as a result of using the Service, gain access to information about the User, or for the consequences of using information that, by the nature of the Service, is accessible to any User of the Service. The Owner recommends that Users responsibly approach the decision regarding the volume of information about themselves posted in the Service. By expressing their Consent to the processing of personal data, the User confirms and agrees that they understand that certain types of information transmitted by them to other Users may be copied and distributed by such Users and (or) cannot be deleted by the User themselves.

5.9. To authorize access to the Service, the User's login (email address or mobile phone number) and password are used. The User is responsible for the safekeeping of this information. The User must not transfer their own login and password to Third Parties and must take measures to ensure their confidentiality.

 

6. ADVERTISING MAILING

6.1. The legal basis for processing the User’s personal data and transferring it to Third Parties specified in clause 2 of Annex 2 to this Policy, to the extent specified in Annex 2, is the User’s consent as a personal data subject.

6.2. The processing and transmission of personal data specified in clause 6.1 of the Policy is carried out for the purpose of sending Users important notifications related to the use and (or) updating of the Service, as well as information about potentially interesting events, via email and (or) SMS mailing to the phone number provided during registration in the Service, marketing offers (for example, a unique offer to purchase a Premium Subscription) if the User has given consent to such processing and transmission (hereinafter referred to as the Advertising Mailing).

6.3. The consent provided for in clauses 6.1-6.2 of the Policy is given (expressed) by the User by performing the corresponding action provided for in the user flow of the Service (user route of the Service): by putting a check mark in the corresponding checkbox of the registration and (or) authorization form.

6.4. The User has the right to withdraw the consent given to the Advertising Mailing at any time by performing the corresponding action specified in any of the emails or SMS messages received earlier by the User as part of the Advertising Mailing: for example, by deactivating the check mark in the corresponding checkbox, by clicking on the link, etc.

6.5. If the User exercises the right provided for in clause 6.4 of this Policy, the Owner is obliged to terminate processing the User’s personal data in accordance with the general procedure and under the conditions provided for in this Policy.

6.7. The Owner has the right to amend and (or) supplement the Policy regarding the regulation of Advertising Mailing at its sole discretion unilaterally, with mandatory notification to the User about such amendments and (or) supplements via the User’s email provided during registration and (or) authorization in the Service, no later than 10 (ten) business days before such amendments and (or) supplements take effect.

The User agrees to the amendments and (or) supplements specified in the relevant notification by performing the relevant action provided for by the Service's user flow: by the User checking the corresponding box in a pop-up banner.

If the User disagrees with the amendments and (or) supplements to the Policy regarding the regulation of Advertising Mailing, the Owner is obliged to terminate the processing and transfer of the User’s personal data to the Third Parties specified in clause 2 of Appendix 2 to the Policy, in the specified volume and for the stated purposes, in the manner and under the conditions provided by this Policy.

6.8. This section does not affect the processing and (or) transfer of other personal data of the User that is not specified in this section and is carried out on the basis specified in clauses 1.4, 1.7 of the Policy.

 

7. FINAL PROVISIONS

7.1. The security of Users ' personal data is important for the Owner.

The Owner (including the Processor on his behalf) follows generally accepted industry standards to protect personal data both during transmission and storage. However, no method of transmitting information over the Internet or storing it is 100% secure. Therefore, the Owner cannot guarantee Users the absolute security of their personal data. Although no security system is completely secure, the Owner and other persons bound by relevant obligations to the Owner take all necessary measures to protect Users’ personal data from unauthorized access or disclosure. In particular, the Owner discloses the Users’ personal data only when necessary, and collects all data through secure connections and encrypts the data using software that ensures an appropriate level of confidentiality for personal data.

7.2. Access to the User's personal data is limited to employees of the Owner and other persons bound by relevant obligations to the Owner, who need it to perform their job duties.

7.3. All requests and appeals concerning the processing of personal data and other information that does not relate to personal data can be sent by the User by e-mail to the following address: [email protected] using an electronic request form containing an electronic digital signature.

7.4. A request or appeal sent by the User must contain the following information:

7.4.1. the User’s last name, first name and patronymic, as well as their contact details;

7.4.2. number of the main identity document of the User or their representative, as well as confirmation of the authority of such representative;

7.4.3. information about the date of issue of the specified document and the issuing authority;

7.4.4. the User’s date of birth;

7.4.5. address of the User’s place of registration (residence);

7.4.6. information confirming the User’s participation in the relationship with the Owner – a link to the profile;

7.4.7. personal or electronic digital signature of the User or their representative.

7.5. The Owner considers User requests (appeals) within the time period established by the relevant applicable legislation.

7.6. All correspondence received by the Owner from Users is classified as limited access information and shall not be disclosed without the User’s written consent. Personal data and other information about the User who sent a request or appeal cannot be used without the User’s special consent, except for responding to the topic of the received request or appeal or in cases expressly provided by law.

Appendix 1

to the Privacy Policy

 

Purposes, scope, legal grounds, terms of processing of personal data of Users by the Owner

 

Type of personal data processed	List of personal data processed	Category of personal data subjects whose data is being processed	Purposes of personal data processing	Terms of personal data storage	Legal basis of personal data processing
Mandatory data provided by the User (clause 2.5.1.1 of the Policy) User data associated with a third-party resource (clause 2.5.3.1 of the Policy)	first name, last name; date of birth; photo; phone number, email address; gender; geolocation (city, country)	Users	Account registration, identification and authorization in the Service account for the purpose of using its functionality, interest in maintaining account security, prevention of unauthorized use of the account	1 year from the date of the last authorization (login) to the account or performing active actions by the User – for an active account; 5 years in depersonalized form from the date of such depersonalization – for a deleted account	Concluded Public Agreement with the personal data subject
Optional data provided by the User (clause 2.5.1.1 of the Policy)   User data associated with a third-party resource (clause 2.5.3.1 of the Policy)	height; weight; having children; profession, position, occupation or work function; values, hobbies, interests; information shared by the User in text chats – information provided by the User during communication with other Users through the messaging functionality in the Service, including audio and video files; other information provided by the at their own will and (or) discretion	Users	Using the Service functionality	1 year from the date of the last authorization (login) to the account or performing active actions by the User – for an active account; 5 years in depersonalized form from the date of such depersonalization – for a deleted account	Concluded Public Agreement with the personal data subject
Data collected by the Owner automatically (clauses 2.5.2.1 – 2.5.2.2 of the Policy) User data associated with a third-party resource (clause 2.5.3.1 of the Policy)	information about the User's location (without information about the exact geolocation) at the time when the User uses the Service (IP address, country and city); technical data about the User's device (device identifier; serial number of the device; name of the Internet service provider (ISP); name of the browser and plug-ins used; operating system and its version; information about hacking the device (“jailbreak"); network information; brand and manufacturer of the device; language selected for the device; version of the Service installed on the device; installation path of the Service; downloaded software libraries; telecom operator; data about Service entries – information about the time, location and IP when the User logs into the Service; User ID – a unique number (code) automatically generated and assigned to the User account to identify it in the Service; information about behavioral actions in the Service – information about actions performed by the User in the Service, including the frequency of use of the Service, activity in it; cookies; browser history	Users and other individuals	Ensuring the functioning of the Service, improving the functionality of the Service and user experience, troubleshooting, data analytics, advertising purposes, interest in preventing fraud	1 year from the date of the last authorization (login) to the account or performing active actions by the User – for an active account; 5 years in depersonalized form from the date of such depersonalization – for a deleted account	Concluded Public Agreement with the personal data subject Lawful interest
Data provided by a person in case of sending a request and (or) appeal (clause 7.4 of the Policy)	first name, last name; phone number, e-mail address	Users and other individuals	Providing technical support when using the Service	1 year from the date of the last authorization (login) to the account or performing active actions by the User – for an active account; 5 years in depersonalized form from the date of such depersonalization – for a deleted account	Concluded Public Agreement with the personal data subject

 

Appendix 2

to the Privacy Policy

 

Purposes of processing and scope of Users' personal data transferred within the framework of the Owner's legal relations with Third Parties

 

1.                Third parties, within the framework of legal relations the subject of which is to ensure the possibility of User authorization, with which the User's personal data may be transferred (i) from the Owner in favor of such Third Parties and (or) (ii) from such Third Parties in favor of the Owner:

Name	Location	Privacy Policy	Contact information / withdrawal of consent	Scope of data transferred
V Kontakte LLC	prem. 1-N, bld. 12-14, Lit. A, Khersonskaya st., St. Petersburg, Russia, 191024	https://vk.com/privacy?ysclid=lqc1rhq5r269973004	[email protected]	All data provided by the User
Mail.ru V Kontakte LLC	-	https://id.vk.com/privacy	-	All data provided by the User
Apple Inc.	One Apple Park Way, Cupertino, CA 95014, USA	https://www.apple.com/legal/privacy/en-ww/	privacy.apple.com support.apple.com/ru-ru	All data provided by the User
Google LLC	1600 Amphitheatre Parkway, Mountain View, California 94043, USA	https://policies.google.com/privacy?hl=en	support.google.com/	All data provided by the User
Gmail.com Google LLC	-	https://policies.google.com/privacy?hl=ru	-	All data provided by the User
Game Center Apple Inc.	-	https://www.apple.com/ru/legal/privacy/data/ru/game-center/	-	All data provided by the User
Huawei Technologies Co., Ltd.	G1, HUAWEI Industrial Base, Bantian, Longgang District, Shenzhen 518129 P.R. China	https://www.huawei.com/en/privacy-policy	huawei.com/en/personal-data-request	All data provided by the User
YANDEX LLC and/or its affiliates	16 Lva Tolstogo str., Moscow, 119021, Russian Federation	https://yandex.ru/legal/confidential/index.html	feedback.yandex.ru	All data provided by the User
Outlook.com Microsoft Corporation	One Microsoft Way, Redmond, WA 98052, USA	https://www.microsoft.com/en-us/privacy	support.microsoft.com/en-US/contactus	All data provided by the User

 

2.                Third parties which services and (or) facilities are used by the Owner for Advertising Mailing:

Name	Functional purpose	Location	Privacy Policy	Contact information / withdrawal of consent	Scope of data transferred
SMS Aero LLC	SMS / e-mail aggregator	Apartment 20, 9 Naberezhnaya Irtysha Street, building 1, 644024, Omsk	https://smsaero.ru/papers/privacy/	smsaero.ru [email protected]	The User's phone number and email address
Infobip Ltd.	SMS / e-mail aggregator	5th Floor, 35-38 New Bridge Street, London, EC4V 6BW	https://www.infobip.com/policies/privacy-notice	infobip.com	The User's phone number and email address

 

3.                Other Third Parties that ensure the functioning of the Service:

Name	Functional purpose	Location	Privacy Policy	Contact information / withdrawal of consent	Scope of data transferred
JSC Selectel	Cloud storage	21 Tsvetochnaya str., lit. A, Saint Petersburg, 196006	https://files.selectel.ru/docs/ru/personal-data-processing-and-protection-policy.pdf	selectel.ru [email protected]	All data provided by the User
Deita K’yu LLC	Geolocation service	6 Turchaninov lane, bld. 2, premise I, room 9, 11, fl. 1, Moscow, 119034	https://dadata.ru/privacy/	[email protected] support.dadata.ru	All data provided by the User
YANDEX LLC and/or its affiliates	Yandex GPT – artificial intelligence service Yandex Cloud – cloud storage	16 Lva Tolstogo str., Moscow, 119021, Russian Federation	https://yandex.ru/legal/confidential/index.html	feedback.yandex.ru	All data provided by the User