CONFIDENTIALITY AND USERS PRIVACY PROTECTION POLICY OF THE TOPFACE.COM SERVICE
1. Introduction and general standings
1.1. In order to comply with the demands of the legislation of the Russian Federation, to abide to the rights of the Service Users, and to maintain its business reputation, Topface Labs Limited liability company (from here on – Administration) has created and given effect to the current confidentiality and Topface.com Users privacy protection policy (from here on – Confidentiality Policy).
1.2. The Administration asserts that providing lawfulness and fairness of processing of personal data of the Service Users, maintaining confidentiality of personal data, and safety of their processing are the most important issues that come with providing access to the Service.
1.3. The current Confidentiality Policy has been created and is executed on the basis of the legislation of the Russian Federation and local normative acts of the Administration, that serve the purpose of processing and protecting personal data of the Service Users.
1.4. The demands of the current Policy, that are represented to the Administration, must be complied with by all Administration employees.
2. Terms and definitions
2.1. Confidentiality of personal data — the demand that is mandatory for the Administration or for authorized persons that have access to personal data; it involves the demand of not allowing the data to spread out without the subject’s consent or without another legal reason.
2.2. Processing of personal data – any action (transaction) or set of actions (transactions) that are performed with personal data, including collection, recording, systematization, accumulation, storage, correction (renewal, change), extraction, usage, transfer (spreading, granting, access), depersonalization, blockage, deletion, and destruction of personal data.
2.3. Administration – Topface Labs Limited liability company, which address is: 5-H building, 52A Lenina street, Saint Petersburg, Russian Federation. Registration Number 1137847440917, TIN 7813575248.
2.4. Personal Data – any information that is directly or indirectly related to a specific or assignable individual (subject of personal data) who is, or, in the instances that are provided by the legislation of the Russian Federation and by the current document, was a Service User, and that is processed by the Administration for the purposes that are set by the current Policy.
2.5. Service User – an individual that has entered the user agreement with the Administration that concerns the access to the Service and the Service usage through topface.com website, mobile applications, social network apps, and through any other method that is provided by the User Agreement.
2.6. User Agreement – the agreement that is placed between the Administration and a User about the Service usage conditions. The conditions of the User Agreement are available on the Internet at the http://topface.com/agreement/ webpage.
2.7. Service – An internet resource that comprises a set of information and software, that provides the availability of such information on the Internet at the http://topface.com website.
3. Contents of the personal data that is processed by the Administration
3.1. The personal data that is processed by the Administration comprises the following information about the Service Users: first, middle, and last names, date of birth, city of residence, marital status, sex, email address, photo, and other information that Service Users provide voluntarily and to the extent that they define or that they make available for Processing (IP address, cookie information, Service User browser information or information about another program that gives access to the Service, time of access, address of the requested page) during the use of the Service, in case that the processing of that information is not prohibited by the legislation of the Russian Federation. The Service User can set the settings on the device that is used to access the Service in such a way that would minimize the transfer of the personal data to the Administration (for example, turn off cookies), provided the compliance with the current Confidentiality Policy.
3.2. The Administration collects and stores only the personal data that is necessary to provide the access to the Service and to rendering of services that are specified in the User Agreement.
4. Reasons of the personal data processing
4.1. The Administration processes personal data exclusively for the reasons that are stated below:
4.1.1. to rendering of services to access to the Service and to make it available for Service Users to use, including the process of identification of Service Users, rendering of informational services, advertisement targeting, enhancement of the Service and development of new services;
4.1.2. to make transactions with Service users that are not prohibited by the legislation of the Russian Federation, and to carry out actions that are targeted at and/or connected with executions of such transactions; and also
4.1.3. to advertise and to promote the products and services that the Administration submits with the means of the Service on the market;
4.1.4. To comply with the legislation of the Russian Federation.
5. The system of the personal data processing
5.1. Personal data processing is carried out in the following cases:
5.1.1. Personal data processing is carried out with the Service User’s consent to process their personal data;
5.1.2. Personal data processing is necessary for signing and execution of the agreement, in which Service User is a party.
5.1.3. Personal data processing is carried out in the instances when the Service User has permitted the access to the general public or as requested by the User;
5.1.4. In other cases that are provided by the legislation of the Russian Federation.
5.2. The Administration provides an opportunity to use the Service only if Service User voluntarily and knowledgeably gives their consent to handle and process their personal data according to the current Confidentiality Policy.
5.3. During the use of the Service, User promises to act in good conscience, where the honesty of the Service User is implied, under of the legislation of the Russian Federation. The Service Users must provide only authentic information about themselves. Service Users are responsible for authenticity, up-to-dateness, and compliance with the legislation of the Russian Federation of the provided information and for the risk of violating third parties’ rights with their actions.
5.4. The Service User agrees that the Administration may send informational, financial, system and other types of messages to the Service User’s email that was specified during registration. With that, after the registration, the Service User may set the list of information that he or she wishes to receive from the Administration by editing the respective section of the Service.
5.5. The Service User has the right to terminate the processing of their personal data by deleting their profile (account) in the Service system, thus, by ending the use of the Service.
5.6. In case of the User’s termination of the processing of the personal data, the Administration ceases the processing of the provided personal data and deletes all the data in time that does not exceed 180 (one hundred eighty) days from the date when the Administration has received the termination notification, in the order and on terms that are provided by the legislation of the Russian Federation and the User Agreement.
6. Service Users rights
6.1. Service Users have the following rights:
6.1.1. To freely access to their personal data to the limits that are provided by the legislation of the Russian Federation;
6.1.2. The right to the information about their personal data and its processing, which is given to the extent that is established by the legislation of the Russian Federation;
6.1.3. To demand the deletion and/or correction of inauthentic or incomplete personal data, and also the data that was processed with a violation of the legislation of the Russian Federation, on the condition that the Service User or their legal representative presents the facts that would confirm that the personal data that relates to the respective subject and is processed by the Administration are partial, incomplete, outdated, false, unlawfully derived, or are unnecessary for the alleged purpose of the processing;
6.1.4. To appeal in accordance with the established procedure in court all of the unlawful action and/or inaction of the parties who were authorized to process the personal data and who were responsible for protection of the personal data;
6.1.5. To exercise any other rights in relation to their personal data that are provided by the legislation of the Russian Federation.
7. Security guarantee of the personal data
7.1. The Administration takes all the legal, organizational, and technical measures that are necessary to provide security of the personal data of the Service Users in case of accidental of unauthorized access, deletion, alteration, blockage of access, and other unlawful actions in relation to the Service Users’ personal data.
7.2. To provide security of the personal data of the Service Users the Administration:
7.2.1. Passes local normative acts that are meant to plan, organize, and actualize legal, organizational, and technical measures for providing security of the Service Users’ personal data, and also fully execute the specified measures;
7.2.2. Appoints a person that is responsible for providing security of the personal data.
8. Final provisions
8.1. The current Confidentiality Policy is a public document that declares conceptual bases for the Administration to process the Service Users’ personal data.
8.2. The Administration has the right to change the current Confidentiality Policy. New version of the Confidentiality Policy becomes active after it is posted on the Internet at the http://topface.com/privacy/ webpage, if something else has not been provided by the Administration. The active version of the Confidentiality Policy is always available on the Internet at the http://topface.com/privacy/ webpage.
8.3. The current Confidentiality Policy is subject to auditing concerning its urgency and compliance with the demands of the legislation of the Russian Federation, and also, when necessary, to changes or additions, in case of changes or additions to the legislation of the Russian Federation on personal data, but, in any case, not less than one time every three years.
8.4. The Administration informs the Service Users that the current Confidentiality Policy is applicable only to the Service. The Administration does not control nor is responsible for the use of third parties’ websites that a User might go to, using the links that were posted within the Service by other Users.
8.5. The relations between the Service Users and Administration, that originate in relation with the application of the current Confidentiality Policy, are subject to the legislation of the Russian Federation.
8.6. In cases when the Administration, for the ease of introducing Users to the articles of the current Policy, provides its translation to another language, the Russian language version of the Confidentiality Policy will hold advantage, and the relations between Users and the Administration will be regulated by the Russian language version of the Confidentiality Policy.