Top.Mail.Ru
? ?

Privacy Policy

Updated: July 13 2023, 17:28 MSK
Location: https://www.livejournal.com/legal/privacy-en.bml?r=1207

Privacy Policy defines the Operator’s policy regarding the processing of Users’ Data when they use the Service and contains information about the requirements for the protection of Users’ personal data.


  1. DEFINITIONS

    1. Operator — a legal entity providing the Service to Users: Limited Liability Company «SIM» (primary state registration number 5167746322497; address: 117105, Moscow, Varshavskoe sh., d. 9, str. 1, pom. D room 5).
    2. Service — the LiveJournal service, which provides Users with the opportunity to blog, post, comment and use other functionality offered by the Operator.
    3. User — a natural person who accesses the Service via the Internet.
    4. Data — personal data of the User, as well as other user information.

  2. THE SCOPE OF PRIVACY POLICY

    1. By accessing the Service, the User agrees to the terms of data processing by the Operator described in this Policy. If the User does not agree with such conditions, the use of the Service shall be terminated.
    2. The Policy may be changed by the Operator. The amended Policy is posted on the Service. By using the Service after the Policy has been changed, the User agrees to the changed conditions of Data processing.

  3. PURPOSE AND CONDITIONS OF THE PROCESSING

    1. The Operator processes Data for the purpose of providing the Service, including:
      • providing certain functionality of the Service (including personalization of content and other materials);
      • receipt of messages by the User;
      • promotion of the Service, products and/or services of the Operator and its partners;
      • reception of the Users’ appeals and provision of answers to these appeals;
      • conducting statistical and other studies of the use of the Service;
      • fulfillment of obligations imposed on the Operator by the legislation;
      • improving the quality and usability of the Service, increasing its efficiency and supporting its operation.
    2. For the purpose specified in clause 3.1. The following processing conditions are applicable for the purpose specified in clause 3.1 of the Policy:
      1. The list of processed Data: surname, first name, patronymic; gender; date of birth; e-mail address; information collected through metric programs; userpic; information about the user device; cookies, user ID, resource usage data; login and password; network address; third-party service account.
      2. The Operator does not process biometric and special categories of personal data of Users. The personal data processed by the Operator refers to other categories of personal data.
      3. Methods of Data processing: collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (provision, access), depersonalization, blocking, deletion and destruction.
      4. Data processing and storage period: until the purpose of processing is achieved, until consent expires or until consent is withdrawn (unless there are other grounds for processing such Data), whichever comes first.
    3. The Operator undertakes to ensure recording, systematization, accumulation, storage, clarification (update, change), and extraction of Users’ personal data using databases located in the territory of the Russian Federation.
    4. By agreeing to the terms of Data processing set forth in this Policy, the User agrees to the transfer of Data for the purpose specified in clause 3.1 of the Policy to the Operator’s partners (including RA Index 20 LLC) and their subsequent processing by the said persons.
    5. To fulfill the User Agreement it is necessary to process the User’s personal data on behalf of the Operator: «BRI» Ltd. to receive requests from Users and provide answers to these requests, hosting provider «RIH» Ltd.

  4. BASIS FOR DATA PROCESSING

    1. The legal basis for processing of Data by the Operator are, inter alia:
      • User’s consent;
      • execution, as well as conclusion of the User Agreement of the Service or other agreements with the User;
      • exercise of rights and legitimate interests of the Operator or third parties, if the rights and freedoms of the User are not violated;
      • the necessity of processing for realization of creative activity, provided that in this case the rights and legitimate interests of the User are not violated;
      • processing for statistical or other research purposes, subject to mandatory anonymization of Data;
      • the necessity of processing to achieve the purposes provided for by law, as well as fulfillment of the obligations imposed on the Operator by law.

  5. TERMS OF USE OF COOKIES

    1. Within the framework of the purpose specified in clause 3.1 of the Policy, the Operator uses cookies (small fragments of data on past visits). By agreeing to the terms of Data processing set out in this Policy, the User also agrees to the processing of cookies for the above purpose. The User can view the expiration date of cookies and prohibit their storage in the settings of their browser.
    2. Data and other information may be processed with metric programs, including Rambler/top-100, Yandex.Metrica, Google Analytics, Mediascope, Firebase, AppMetrica.

  6. DESTRUCTION PROCEDURE

    1. The User Data processed by the Operator for the purpose specified in clause 3.1 of the Policy shall be subject to a uniform procedure of their destruction in accordance with the legislation of the Russian Federation and local regulatory acts of the Operator. A unified procedure of their destruction in accordance with the legislation of the Russian Federation and local regulatory acts of the Operator shall apply to the User Data processed by the Operator for the purpose specified in clause 3.1 of the Policy.
    2. Data shall be destroyed by the Operator, in particular if the purpose of processing has been achieved or if the User has withdrawn consent to its processing (and there are no other grounds for processing such Data), or if the fact of its unauthorized processing has been revealed.
    3. If the purpose of Data processing is achieved, the Operator shall stop processing and destroy them within a period not exceeding 30 days from the date of achievement of the purpose of processing. If the User revokes his/her consent to the processing of his/her Data, the Operator shall stop processing the Data and, if the preservation of the Data is no longer required for the purpose of processing, shall destroy it within a period not exceeding 30 days from the date of receipt of the said revocation.
    4. In case of detection of unlawful processing of personal data carried out by the Operator, the Operator shall, within a period not exceeding 3 working days from the date of such detection, stop such processing. If it is impossible to ensure the legality of such processing, the Operator shall destroy such Data within a period not exceeding 10 business days from the date of detection of unlawful processing. At the same time, the Operator shall notify the User of the elimination of the violations committed or of the destruction of the Data.

  7. INFORMATION ON THE IMPLEMENTED PROTECTION REQUIREMENTS

    1. The Operator undertakes to ensure confidentiality of Users’ personal data.
    2. The Operator ensures the security of Users’ personal data by implementing legal, organizational and technical measures.
      1. Legal measures taken by the Operator include:
        • issuance by the Operator of documents defining the Operator’s policy with regard to personal data processing, local acts on personal data processing, as well as local acts establishing procedures aimed at preventing and detecting violations of the Russian legislation and eliminating the consequences of such violations.
      2. Organizational measures taken by the Operator include:
        • ensuring unrestricted access to the Policy, to the information on the implemented requirements to personal data protection;
        • internal control and (or) audit of compliance of personal data processing with the Federal Law dated 27.07.2006 N 152-FZ «On Personal Data» (the Law) and regulations adopted in accordance therewith, requirements to personal data protection, Operator’s policy on personal data processing, local acts of the Operator;
        • assessment of the harm that may be caused to personal data subjects in case of violation of the Law, the correlation between the said harm and the measures taken by the Operator aimed at ensuring the fulfillment of the obligations stipulated by the Law;
        • familiarization of the Operator’s employees directly involved in personal data processing with the provisions of the Russian legislation on personal data, including requirements to personal data protection, documents defining the Operator’s policy on personal data processing, local acts on personal data processing, and (or) training of these employees;
        • appointment of a person responsible for the organization of personal data processing;
        • appointment of a person responsible for ensuring personal data security in personal data information systems (PDIS);
        • approval by the Operator’s head of the document defining the list of persons whose access to personal data processed in the PDIS is necessary for the performance of their official (labor) duties;
        • ensuring the safety of personal data carriers;
        • accounting of machine-readable personal data carriers;
        • identification of threats to the security of personal data when processed in an PDIS;
        • organization of a controlled area within which stationary technical means processing information and means of information protection, as well as means of ensuring operation, are permanently placed;
        • organization of a security regime for the premises where the PDIS is located, preventing uncontrolled entry or stay in these premises by persons who have no right of access to these premises.
      3. Technical measures taken by the Operator include:
        • use of information protection means that have undergone the procedure for assessing compliance with the requirements of the Russian legislation in the field of information security, when the use of such means is necessary to neutralize actual threats;
        • assessment of the effectiveness of the measures taken to ensure personal data security prior to putting into operation of the PDIS;
        • establishing rules of access to personal data processed in the PDIS, as well as ensuring registration and record keeping of all actions performed with personal data in PDIS;
        • detecting facts of unauthorized access to personal data and taking measures, including measures to detect, prevent and eliminate the consequences of computer attacks on the PDIS and to respond to computer incidents in them;
        • recovery of personal data modified or destroyed due to unauthorized access to them;
        • control over the measures taken to ensure personal data security and the level of protection of the PDIS.

  8. MISCELLANEOUS

    1. The User is responsible for the lawfulness, relevance and reliability of the data of the User and other persons, which the User provides to the Operator.
    2. The Operator considers requests related to the Policy, including requests from Users regarding the use of their Data at the following address: 117105, Russia, Moscow, Varshavskoe shosse, d. 9, str. 1.
    3. This Policy is drawn up in the Russian language. The English version is a translation and is provided solely for the convenience of familiarization with the text of the Policy. In case of any discrepancy between the Russian language text and its translation, the Russian language text of the Policy shall prevail.