The main language of the below policy is Russian language and to be referenced to at ggheaven.com/ru-personal-policy
This Policy on the processing of personal data (hereinafter also referred to as the Policy) is permanently posted at ggheaven.com/privacy-policy in accordance with Part 2 of Art. 18.1 of the Federal Law No. 152-ФЗ dated 27.07.2006 “On Personal Data” (hereinafter also referred to as the Law on Personal Data).
By registering on the ggheaven.com website (hereinafter referred to as the Site) and/or by providing your personal data, you (hereinafter also referred to as the User) give full and unconditional consent to the conditions set forth in the Policy.
If you do not agree with any condition, do not register on the Site and do not provide your personal data until you fully agree.
1. GENERAL PROVISIONS
1.A. Terms used:
1.A.A. personal data – any information related directly or indirectly to a specific or identifiable individual (the subject of personal data – the User);
1.A.B. Operator – IE, which independently processes personal data in accordance with the Policy;
1.A.C. processing of personal data – any action (operation) or a set of actions (operations) performed with the use of automation tools or without the use of such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
1.A.D. provision of personal data – actions aimed at disclosing personal data to the Operator;
1.A.E. depersonalization of personal data – actions as a result of which it becomes impossible to determine the ownership of personal data to a specific subject of personal data without using additional information.
1.B. The legal basis for the processing of personal data in accordance with the Policy is an agreement concluded between the Operator and the User (hereinafter also referred to as the Agreement): either by registering on the Site (in order to conclude a mixed agreement posted at ggheaven.com/license-agreement/), or by referrals through the Site (in order to get answers to the questions the User has).
1.C. The purpose of the Policy is the safe processing of personal data, ensuring the protection of the rights and freedoms of the subject of personal data.
1.D. The rights and obligations of the Operator and the User are determined by the Law on Personal Data and are specified by the Policy.
1.E. In accordance with the Policy, personal data of users of the Site is processed.
1.F. Contacting the Operator through the feedback form on the Site or by sending an email (without registering on the Site):
The user must not provide personal data that are not relevant to those questions that he asks through the Site or by sending a message by e-mail (hereinafter also – email). The provided personal data may be necessary only when they help to identify and concretize the question that the User has, which cannot be resolved without providing such data. To answer the question, as a rule, the Operator does not need to identify the User himself. In this connection, the feedback form on the Site does not contain any fields, except for:
1. email addresses – to send a reply,
2. subject and text of the message itself.
These fields by themselves do not imply the provision of personal data by the User.
1.G. When registering, the User is asked for his email address (e-mail), which is necessary to identify the User on the Site and provide him with access to the Site (not displayed publicly), the first Name (not displayed publicly), as well as the nickname (pseudonym) displayed on Site publicly, which in their totality also do not refer to personal data, because do not allow the Operator to identify a person.
2. PURPOSES OF COLLECTING PERSONAL DATA
2.A. The Operator once again draws the User’s attention to the fact that it is not required to provide personal data through the feedback form, by email and when registering on the Site, they can be provided if really necessary after registration on the Site. However, if the User nevertheless violates this recommendation and provides personal data, then the Operator undertakes to use them solely in order to respond to the User’s request and/or fulfill the contract concluded with him.
2.B. The data collected in accordance with clause 1.G of the Policy is necessary for the Operator to identify the User in order to conclude an agreement and its proper execution. When a registered User makes payments in accordance with the concluded agreement, payments are made by third parties, the User’s payment details are not transferred to the Operator. The user agrees to the use of his payment details by such third parties, since it is necessary for the User to make a payment in order to fulfill the agreement concluded with the Operator.
2.C. The withdrawal of the data provided may also entail the immediate termination of the contract with the Operator. By virtue of Part 2 of Art. 9 of the Law on Personal Data, the Operator has the right to continue processing the personal data provided to him related to the conclusion and/or execution of the contract.
3. PROCEDURE AND TERMS OF PROCESSING OF PERSONAL DATA
3.A. The Operator undertakes not to disclose to third parties and not to distribute personal data provided by the User in accordance with the Policy, without the consent of the User.
3.B. Only the Operator has access to the provided personal data. The User agrees that the data can be transferred by the Operator to third parties only to the extent that is necessary for the Operator to fulfill the agreement concluded with the User. The transfer can be carried out using automation tools – the Operator’s program code in accordance with the agreement concluded with the User.
Cross-border data transfer is not performed, unless otherwise is expressly required for the execution of the User’s order under the agreement.
3.C. Personal data of Russian Citizens is stored on the territory of Russia on servers owned by a Russian hosting company, in accordance with Part 5 of Art. 18 of the Federal Law “On Personal Data”.
3.D. The data provided through the Site is transmitted using the secure https protocol in an encrypted form in order to minimize the negative consequences of possible interception (for example, when they are transmitted from an unsafe public Wi-Fi network).
3.E. In automatic mode, the Operator keeps records of access to the Site (logging). If the User suspects that unauthorized access has been made to his account on the Site, he undertakes to immediately notify the Operator so that he can obtain additional information about such access (including whether it was at all).
3.F. In automatic mode, a copy of the Site is created weekly, including the database. If the User believes that his data has been modified or destroyed, but he cannot restore or correct them, the User must immediately contact the Operator so that he can get the data from the archived copy.
3.G. The personal data provided by the User is stored for the period necessary for the execution of the Agreement, but not less than the period necessary for the fulfillment of the requirements of the legislation (on primary documentation, limitation of actions, etc.).
Thus, when the goals of processing personal data are achieved, as well as if the User withdraws consent to their processing, the Operator can continue processing personal data, in particular on the basis of cl. 5, 7 h. 1 tbsp. 6 of the Federal Law “On Personal Data”.
4. PROCEDURE FOR PROCESSING USERS ‘APPLICATIONS
4.A. The User has permanent access to the personal data provided by him during registration – in his profile (account) of the Site. Through the account, the User can independently change them, including updating them, using automation tools (without participation or other assistance from the Operator).
If it is necessary to obtain information about the processed personal data, the User undertakes to use his account – without contacting the Operator. The processed personal data is provided to the User in an automated manner through his account on the Site.
4.B. The information specified in Part 7 of Art. 14 of the federal law “On personal data”, the User can receive through his account on the Site and in this Policy.
4.C. If it is impossible to obtain the necessary information in an automated manner, the User sends his request by e-mail (either from the address indicated in his account, or otherwise identifies himself). The Operator sends a response to such an appeal, as a rule, within three weeks, if no preparatory actions are required.
If the response is supposed to provide the personal data of the requesting Party themselves, then those are provided by e-mail, unless otherwise indicated by the User, and the request came from the address that is registered on the Site. If the address is not registered on the Site, then the request must be sent to the Operator in paper form, either with the attachment of a notarized copy of the passport, or with a notarized signature on the request itself. This is due to the need to identify the person to whom personal data should be provided.
4.D. The User shall reimburse the Operator’s expenses related to providing answers to requests if they are sent in paper form. The Operator has the right to send a response to the User’s request in paper form by courier service with payment at the expense of the recipient.
5. OTHER PROVISIONS
5.A. The competent court for resolving disputes related to the Policy will be the court at the place of registration of the Operator, determined on the day of filing the claim.
5.B. The text of the Policy is protected by copyright (the exclusive right is reserved for the author of the text). The user and third parties are not entitled to use the text of the Policy or its protected parts in other documents, and also is not entitled to make any other use of the text of the Policy, except for the purpose of executing the Policy and only when such use of the text of the Policy or its parts is necessary.
5.C. The Operator and the User (together also – the Parties) recognize the legal force for the documents sent through the account on the Site (notifications of data changes, User applications, etc.). Such documents signed with a simple electronic signature (the Party provides access by entering a login and password) are recognized as equivalent to paper documents signed by the handwritten signature of the relevant Party. The parties undertake to keep their passwords confidential.
5.D. The parties recognize the legal force behind e-mails – documents sent by e-mail (e-mail), and recognize them as equivalent to paper documents signed with a handwritten signature, since only the Parties themselves and their authorized persons have access to the appropriate means of communication – e-mail addresses. Each Party provides access to e-mail using a password and undertakes to maintain its confidentiality.
On the part of the Operator, these are the email addresses indicated on the Site. On the part of the User, this is the e-mail address specified by him in the questionnaire of the client section or in e-mail correspondence with the Operator (in particular, when the letter, including the previous correspondence of the Parties, was sent by the User from a different e-mail address than he indicated during registration).
5.E. Electronic documents signed in accordance with clauses 5.3, 5.4 Policies, will be the proper written evidence in the lawsuit.
5.F. The current version of the Policy is posted on the Site at ggheaven.com/privacy-policy
6.Beneficiary GGHeaven PTE. LTD. Beneficiary address 68 Circular Road #02-01, 049422, Singapore Registration Number 202221248R Email: firstname.lastname@example.org Phone: +79244270063