Approved by Order No. № 16GA of 16 May 2023
issued by the CEO of OOO GreenArtDevelopment
WEBSITE PRIVACY POLICY
(in effect starting 16 May 2023)
1. GENERAL PROVISIONS
1.1. This Privacy Policy (the "Policy") has been developed by OOO GreenArtDevelopment (the "Data Controller ") in order to establish rules for collecting and processing user personal data in the Internet for the purposes of a website located at the following address: www.eylaucastle.com (the "Website"). The Policy forms an integral part of any agreements and public offers published on the Website.
By utilising the Website services, the User expresses their unconditional consent with this Policy and the terms and conditions for processing their personal data stipulated herein. Should the User disagree with the said terms and conditions, they should refrain from utilising the services.
1.2. For the purposes of the Policy, the following types of information shall qualify as the User’s personal data:
1.2.1. The personal data about the User submitted by them during the registration (creation of a user account) or when utilising the Services, including personal data of the User. The information that must be submitted for the purpose of providing the Services shall be marked as mandatory.
1.2.2. The data automatically transmitted for the Website services during their operation via the software installed on the User’s device, including the IP address, cookie files, information about the User’s browser (or other software used to access the Services), technical specifications of the hardware and software operated by the User, the date and time of access to the Services, requested page addresses and other similar information.
1.2.3. This Privacy Policy shall be applicable to the Website only. The Website neither controls nor shall be held liable for any third-party online resources to which the User may be forwarded via the links published on the Website.
2. PURPOSES FOR PROCESSING USER PERSONAL DATA
2.1. The Website shall collect and retain only the personal data which is required to provide the services or perform under agreements and contracts with the User, except when there is a statutory requirement for mandatory retention of personal data during a term established by law.
After receiving a notice from the User withdrawing their consent to personal data processing, the Website shall cease to process the User’s personal data within 10 business days after the receipt of such notice.
The notice on such withdrawal of the personal data processing consent shall be filed by sending an e-mail at info@eylaucastle.com and also by serving a written request at the following legal address: 19 Pushkinskaya ul., Lit. A, Floor 1, Office 6-n, Room No. 3, Vladimirskiy Municipal District, Inner City Area, St. Petersburg, 191 040
2.2. The Website shall process personal data of the User for the following purposes:
2.2.1. Identifying the User registered on the website.
2.2.2. Providing the User with access to custom resources on the Website.
2.2.3. Establishing feedback with the User, including notices and requests concerning the Website operation, provision of services, processing inquiries and requests from the User.
2.2.4. Identifying the User’s location in order to ensure security and prevent possible fraud.
2.2.5. Verifying the completeness and reliability of the personal data submitted by the User.
2.2.6. Creating an account for the User.
2.2.7. Sending notifications to the User of the Website.
2.2.8. Providing efficient client and technical support to the User in case of problems pertaining to the Website operation.
2.2.9. Performing advertising activities upon the User’s consent.
2.2.10. Transferring personal data and other information to third parties upon the User’s consent.
3. TERMS AND CONDITIONS FOR PROCESSING USER PERSONAL DATA
AND TRANSFERRING THEM TO THIRD PARTIES
3.1. The Website shall retain user personal data in accordance with internal regulations for certain services.
3.2. Personal data of the User shall be kept confidential, unless the User voluntarily discloses their personal data to the general public. By utilising separate services, the User agrees that a certain part of their personal data shall be become publicly available.
3.3. The Website may transfer the personal data of the User to third parties on the following conditions:
3.3.1. The User has expressed consent for such transfer.
3.3.2. The transfer is necessary for the User to utilise a certain service or to perform under a certain contract or agreement with the User.
3.3.4. The transfer is subject to the Russian or any other applicable legislation under a procedure defined by law.
3.3.5. Should the Website be sold or transferred, the acquiring party shall assume all obligations to comply with this Policy as pertaining to the personal data they receive.
3.4. The User’s personal data shall be processed for an unlimited period of time by such means as collecting, recording, systematising, gathering, storing, clarifying (updating, modifying), extracting, using, transferring (dissemination, provision, granting of access), depersonalising, blocking, deleting and destroying personal data, including, among other things, those contained in personal data systems, through any automated or manual operations. Personal data of the Users shall be processed in accordance with Federal Law No. 152-FZ of 27 July 2006 "On Personal Data".
3.5. In case of personal data loss or disclosure, the Website Administrator shall inform the User of such loss or disclosure.
3.6. The Website Administrator shall take necessary organisational and technical measures to protect the User’s personal data from unauthorised or accidental access, destruction, alteration, blocking, copying or dissemination, as well as from all other unlawful third-party actions with respect to personal data.
3.7. The Website Administrator shall, jointly with the User, take all measures necessary to prevent lossesor any other adverse implications caused by the loss or disclosure of the User’s personal data.
4. OBLIGATIONS OF THE PARTIES
4.1. The User shall:
4.1.1. Provide the personal data required to operate the Website.
4.1.2. Update and amend the submitted personal data in case of their change.
4.2. The Website Administrator shall:
4.2.1. Use the received information solely for the purposes stated in this Policy.
4.2.2. Ensure the confidential treatment of the private information, refrain from disclosing the information without the User’s preliminary written consent, refrain from selling, exchanging, publishing or disclosing in any possible way whatsoever the personal data submitted by the User, unless such actions have been prescribed in accordance with this Policy.
4.2.3. In order to ensure the security of the User’s personal data during processing, the Data Controller shall take all necessary legal, organisational and technical measures to protect the personal data from unauthorised, illegal or accidental access, destruction, alteration, blocking, copying, disclosure or dissemination, as well as against any other unlawful actions with respect to the personal data.
4.2.4. Should any invalid personal data or unlawful actions be identified, block the personal data pertaining to a respective User from the moment when such User, their legal representative or an authorised agency for protection of personal data owners file a respective inquiry or request, and maintain such personal data blocking during the period of a respective verification.
5. LIABILITY OF THE PARTIES
5.1. In case of breaching their obligations, the Website Administrator shall be held liable for the losses incurred by the User resulting from the unlawful use of personal data in accordance with the legislation of the Russian Federation.
5.2. In case of confidential information loss or disclosure, the Website Administrator shall not be held liable if such confidential information:
5.2.1. Became publicly available prior to its loss or disclosure.
5.2.2. Had been received from a third party before the Website Administrator received this information.
5.2.3. Was disclosed upon the User’s consent.
6. DISPUTE RESOLUTION
6.1. It is mandatory to file a complaint (a written proposal to resolve a dispute amicably) before filing a lawsuit in court regarding disputes which arise in the relationships between the User and Website Administrator.
6.2. The party receiving the complaint shall, within 10 calendar days after such receipt, notify the complaining party of the complaint review results.
6.3. Should the parties fail to reach an agreement, the dispute shall be referred to court in accordance with the effective legislation of the Russian Federation.
6.4. This Privacy Policy and relationships between the User and Website Administrator shall be governed in accordance with the effective legislation of the Russian Federation.
7. SUPPLEMENTARY TERMS AND CONDITIONS
7.1. The Website Administrator may amend this Privacy Policy without seeking consent of the Users.
7.2. The amended Privacy Policy shall come into force after being published on the Website, unless it is stipulated otherwise in the new version of the Policy.
7.3. Please follow this link to access the Privacy Policy that is currently in effect: www.eylaucastle.com.
© All rights reserved