Who we are and what this document is about
We are I-Digital Limited Liability Company, a Russian Federation company, located at Lodeynopolskaya street, building 5, letter A, Saint-Petersburg, 197110, Russia (“I-Digital” “We”, “Us” or “Our”). You can address us via e-mail email@example.com.
What we developed this document for
The purpose of this document is to explain what kind of personal data we use, how exactly do we use it, for what reasons do we need your personal data, and what rights do you have concerning your personal data.
Here are the cornerstones on how I-Digital views data privacy:
We collect only a minimum amount of information, only what is needed for the performance of a contract or to take steps before entering into a contract or protect our legal interest;
We do not monetize your data;
be as transparent as practically possible on how we process your personal data;
collect any data only on lawful ground.
Why we collect personal data
All the personal data we process is lawfully obtained and on a legal basis. The purpose of the information we collect is so we can perform a contract, take steps before entering into a contract or protect our legal interest. Personal data can also help us to improve our products to fit the needs of our customers.
We collect personal data for specific purposes and We’ll use the collected data for the specified purpose alone. If our relationship changes, we may need more information. For example, if you fill out a form to request more information about one of our products, We’ll use your contact data to send the requested product information to you. If you then decide to become a customer, we’ll need additional information including your billing address for the purpose of providing you with the services you are interested in.
- Here’s a list of the purposes for which we’ll request or use your data:
- Sharing relevant information about our products and services;
- Creating an account that’s connected to your person and company;
- Provision of the services;
- Analyzing the usage of our products and services;
- Providing Customer Support to potential or existing customers;
- Detecting and combating fraudulent or unlawful activity;
- Training and quality improvement of Website;
- Keeping your account secure.
If You are from the European Economic Area (“EEA”), Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which We collect it.
However, We will normally collect personal data from You only where We have Your consent to do so, where We need the personal data to perform a contract with You, or where the processing is in Our legitimate interests and not overridden by Your data protection interests or fundamental rights and freedoms. In some cases, We may also have a legal obligation to collect the personal data in question.
If We ask You to provide personal data to comply with a legal requirement or to perform a contract with You, we will make this clear at the relevant time and advise You whether the provision of Your personal data is mandatory or not (as well as of the possible consequences if You do not provide Your personal data).
Similarly, if We collect and use Your personal data in reliance on Our or a third party’s legitimate interests and those interests are not already listed above, we will make clear to you at the relevant time what those legitimate interests are.
If You have questions about or need further information concerning the legal basis on which We collect and use Your personal data, please contact Us using the contact details provided in Section 11 below.
What personal data we collect
The exact type of data we collect depends on the related product or service. We never collect more data than we need and may ask for additional data at the appropriate time. Personal data We collect includes three main categories when you use our products and services:
- Customer account data (or potential customer data) – your personal data as an account holder on behalf of your company;
- End-user data – the personal data of the intended recipients of the communication services you as a customer make use of. The category end-user data consists of communication data (all data related to the communication);
Depending on our relationship the personal data may include:
Customer account and potential customer information
- Full name;
- Email address;
- Job title;
- IP address;
- Usage data of services and website.
- Traffic data;
- Location-related information;
- Phone number sender and recipient;
- Email address sender and recipient.
Website visitor data:
- IP addresses;
- Location-related information;
- Pages visited;
- Browser and device information.
We may transfer your personal data to the following third parties categories:
- any third party to whom we assign or novate any of our rights or obligations under a relevant agreement;
- any national or international regulatory, enforcement, exchange body, central or local government department and other statutory or public bodies or court where we are required to do so by applicable law or regulation at their request;
- third parties if you expressed your consent to such transfer or transfer of your Personal Data is required for your use of a certain Service or performance of a particular agreement or contract with you;
- third parties involved in the fulfillment of our obligations to perform Services (including hosting providers, etc.).
Transferring outside of the EEA
We may transfer your personal data to third-party data processors located in countries outside of the EEA. We only transfer your personal data to those third parties where we can be sure that we can protect your privacy and your rights, for example, the third party is located in a country which the EU has deemed to have adequate data protection laws in place or to a country which has not been recognized by the European Commission as providing an adequate level of personal data protection but where we have a contract in place with that third party which includes the European Commission’s standard data protection clauses.
Where We Hold Your Information
We may transfer and maintain your Data on our servers or databases of some of your personal data outside the European Economic Area (EEA).
Specifically some of our servers located in Saint-Petersburg, Russia. We must inform you that the European Commission did not make a decision that Russia provides adequate measures for personal data protection.
How we protect your personal data
We employ a variety of measures to safeguard the collection, transmission, and storage of the information we collect. These measures vary based on the sensitivity of the information that we collect, process, and store and the current state of technology. Even so, no security measure is 100% perfect. Therefore, while we strive to employ reasonable protections for your information that are appropriate to its sensitivity, we cannot guarantee the security of your information and do not assume any responsibility for the unauthorized use or access to your information under our control.
Notwithstanding the foregoing, to protect your personal data we have the physical, electronic, and procedural means of protection in accordance with international standards. We use encryption to keep your data confidential during transfer. We review, verify and update our methods for collecting, storing, and processing information, including physical security measures, to prevent unauthorized access to Our systems. We restrict access to personal data to Our employees who need this information to process it. Anyone who has such access is subject to strict contractual obligations regarding confidentiality and may be subject to disciplinary action if he does not fulfill these obligations.
Your choices about the collection and use of your information
Among others, you have the following rights in relation to your personal data:
- Right to access your personal data: at any time, you can ask us about what your personal data do we have, what do we do with them, why do we process them, who we have told about you, etc. You also can ask us to give you a copy of the personal data processing, if you like. To request access, send us an email at firstname.lastname@example.org headed “Subject Access Request”;
- Right to rectify your personal data: at any time, you can request that we update, block or delete your personal data if the data is incomplete, outdated, incorrect, unlawfully received or there is no need to proceed it anymore;
- Right to erasure: at any time, you can ask us to delete all the personal data that we have about you – it is your right to be forgotten, like if we have never met before. We will also deactivate your account. If you do so, you will no longer have access to the Applications associated with your account;
- Right to restrict the use of your personal data: for example, if you think, that your personal data is not accurate and we need time to check it, we can make a pause in processing your personal data enough to clarify, is it so or not. If you do not request deletion, then it is possible to request the reactivation of your account if it was accidentally or wrongfully deactivated. Please, note, that we cannot restore permanently deleted accounts;
- Right to object to the processing of your personal data: at any time, you can tell us to stop and we will no longer process your personal data, but we can still keep them if there is legitimate ground for that;
- Right to data portability (in certain specific circumstances): if you wish, you can ask us to download (export) all personal data that we have in the format acceptable to give it to someone else or ask us to give them your data directly;
- Right not to be subject to an automated decision: if we process your personal data automatically and we make some decisions according to it, and it affects you in any serious way, you can express your point of view and contest such a decision. But in reality, we do not do this;
- Right to lodge a complaint with a supervisory authority: you always can complain about us and about the way, we are processing your personal data.
Before we process any request, we may ask you for certain information in order to verify your identity. Where permitted by local law, we may reject requests that are unreasonable or impractical.
We will respond to your requests in a reasonable timeframe.
We may keep information that how do we think we may need to resolve any disputes, enforce our agreements with you and provide you a possibility to use our products, protect our or your legal rights, and comply with technical and legal requirements and constraints related to the security, integrity, and operation of our products.
Otherwise, we will retain information about you for as long as reasonably necessary to provide you products, create and improve our products, comply with the law, and run our business.
Changes to our policy
We may update this policy from time to time. We will notify you of material changes via a notice in Application or via any other applicable communication channels before such changes go into effect. Your continued use of our products means you accept the changes.
Как связаться с нами
Если у вас есть претензия или вопрос по поводу настоящей Политики или Вы хотите сделать запрос, касающийся ваших персональных данных, отозвать свое согласие – Вы можете в любое время связаться с нами по адресу email@example.com. Мы постараемся ответить вам в течение 30 календарных дней с момента получения запроса. Вся полученная нами от вас корреспонденция (письменные или в электронной форме) классифицируется как информация с ограниченным доступом и не может быть разглашена без вашего согласия. Персональные данные и другая информация о вас не может быть использованы без вашего согласия для каких-либо целей, кроме как для ответа на запрос, за исключением случаев, прямо предусмотренных законом.
If you have a complaint or question about this policy, if you would like to make a request concerning your personal data, withdraw your consent, you may at any time contact us at firstname.lastname@example.org. We will aim to respond to you within a maximum of 30 calendar days from receipt of the request.
All correspondence received by us from you (written or electronic inquiries) is classified as restricted-access information and may not be disclosed without your written consent. The personal data and other information about you may not be used without your consent for any purpose other than for response to the inquiry, except as expressly provided by law.