Privacy and Cookie Policy
Individual Entrepreneur Ksenia Nazarenko (Company, Us, Us) respects and values your (User, You) privacy and does everything possible to ensure the security of your Personal Data (see definition below).
In this Privacy and Cookie Processing Policy (Policy) We provide information about the limits of the Personal Data we collect, explain the reasons for their collection, how they are used, and identify third parties to whom your data is transmitted. We also disclose what cookies are, how the Company can use such files, and what settings you have to configure the use of these files obtained as part of your interaction with the online interfaces used and managed by the Company on the Site.
This Policy is part of the User Agreement. Please read this Policy carefully and contact us if you have any questions.
In compliance with the requirements of Part 2 of Article 18.1 of Federal Law No. 152, this Policy is published in free access on the information and telecommunication network Internet on the Company's Website.
1. Terms and definitions
1.1. Website – a website at https://нейролаб.com , which is managed by the Company.
1.2. Personal data is any information related to an identified or identifiable person that persons provide to Us when filling out an application for Partner status on the Site, information that the Site automatically collects about Users, information that Users provide to us in order to conclude a Paid Service Agreement and provide feedback, as well as information about Users which We receive from third parties .
1.3. Personal data processing is any action (operation) or set of actions (operations) performed with or without the use of automation tools with Personal Data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Personal Data.
1.4. Confidentiality of personal data is a mandatory requirement for the Operator or other person who has access to Personal Data to prevent their dissemination without the consent of the Personal Data subject or other legitimate reason.
1.5. A cookie is a small text file placed by a Website on your computer or device when, for example, you visit certain sections of the Website and/or when you use certain functions of the Website, the rules of storage and processing of which are regulated by the Cookie Policy.
1.6. Operator (of personal data), Company, We, Us – Individual Entrepreneur Ksenia Nazarenko, OGRNIP 319508100326970, TIN: 503125754933, address: 123376, Moscow, Krasnaya Presnya str., 28, floor 3 room/room/office II/2/1.
1.7. User, You are an individual who has visited or uses the Site in any way (regardless of the Partner status), which may include: the sole executive body of a legal entity, an individual entrepreneur, an individual who is a payer of professional income tax (self–employed), or an individual who is not a citizen or a tax resident of the Russian Federation.
1.8. GDPR is the EU General Data Protection Regulation 2016/679 of the European Parliament and of the European Council of April 27, 2016 on the protection of individuals with regard to the processing of their Personal Data and on the free movement of such data, repealing Directive 95/46/EC as amended, amended and supplemented, applied periodically and incorporated into the national legislation of the countries– participants.
1.9. The terms used in the text of this document, which are not defined in this section, are understood in the meaning given to them by the Agreement and its annexes.
2. Development grounds, goals, Policy principles
2.1. The basis of the development. The Policy has been developed in compliance with the requirements of laws and regulations defining the cases and specifics of processing personal data of a Personal data Subject, including Federal Law No. 152-FZ, GDPR.
2.2. Purposes. The Policy pursues the following objectives: (1) ensuring the protection of human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family secrets, (2) excluding unauthorized actions (unlawful or accidental access) by any third parties to your Personal Data, as well as the destruction of, modification, blocking, copying and dissemination of personal data, (3) ensuring the legal and regulatory regime of confidentiality and control of your Personal Data, (4) protection of the constitutional rights of citizens to personal privacy, confidentiality of information constituting Personal Data, and prevention of a possible threat to your security.
Thus, the main purpose of the Policy is to provide you with a complete and transparent understanding of: the legal basis for the collection and processing of your Personal Data; the categories of Personal Data that we may collect about you; what happens to the Personal Data that we collect; where we process your Personal Data; how much we store your Personal Data; to whom we may share your Personal Data; and explain your rights as a Personal Data subject.
2.3. Principles. We pursue the following principles of Personal Data Processing: (1) the processing of Personal Data must be carried out on a lawful and fair basis, (2) the processing of personal data must be limited to achieving specific, predetermined and legitimate goals; processing of Personal Data incompatible with the purposes of personal data collection is not allowed, (3) the content and scope of personal data processed the data must correspond to the stated purposes of processing; the Personal Data being processed should not be redundant in relation to the stated purposes of their processing, (4) when Processing personal data, the accuracy of Personal Data, their sufficiency and relevance in relation to the purposes of Personal Data Processing should be ensured, (5) Personal Data should be stored no longer than the purposes of Personal Data Processing require, unless a different retention period for personal data (or the procedure for determining it) is provided for by the Policy.
2.4. If you do not agree with the fact of providing us with your information, or using this information in other ways in accordance with this Policy and the Agreement, you should not become a User of the Site and Use the Site in any way.
3. The subject and grounds of Personal data Processing
3.1. The subject of the Policy. The provisions of this Policy apply to the relationship between Us and You related to the Processing of personal data within the framework of the relationship that arises between Us regarding the use of the Site, resulting from your acceptance of the terms of the User Agreement.
3.2. Grounds for processing. The basis for Processing your personal data is always your consent. Without agreeing to the terms of this Policy, we will not be able to fully enforce our obligations under the agreements concluded with you (including, but not limited to, the User Agreement).
4. Acceptance of the terms of the Policy
4.1. In this section, you can learn about actions that indicate your consent to the Processing of your personal data (hereinafter referred to as "Consent to the processing of personal data").
4.2. The content of the Consent to the processing of personal data. By providing Consent to the processing of personal data, you confirm that you have fully read and agree to the User Agreement, its appendices, the Personal Data Processing Policy and Cookies, and provide specific, substantive, informed, conscious and unambiguous consent to the processing of your personal data.
4.3. Please note that Consent to the processing of personal Data means that you, among other things, express your consent to the Automated, as well as without the use of Automation tools, Processing of your Personal Data, on the terms specified in the Policy, as well as in Consent to the processing of personal data.
4.4. Getting the "Partner" status. If you fill out an application for Partner status on the Website, you will agree to the terms of this Policy by performing the following specific action:
Installing the ☑ icon next to the column:
"I agree to the terms of the User Agreement, the Offer to conclude a contract for the purchase and sale of goods remotely, the Privacy Policy and the processing of Cookies and their applications"
4.5. Familiarization with the content of the Website. If you are just browsing the Site, you are considered to be giving Us Consent to the processing of personal data, to the extent specified in this Policy (technical data, Cookies (unless another consent procedure regarding the processing of Cookies is implemented on the Platform).
4.6. The information you provide. If you provide Us with your Personal Data yourself (for example, write to us by e-mail), then you are considered to have given Consent to the processing of Personal Data at the time of such provision of your Personal Data (for example, when We received an e-mail from you). We store such Personal Data until we respond to you, as well as for some time to save the history of correspondence in order to facilitate further communication with you, but no longer than 1 (One) month.
4.7. Making an outgoing call. By making a call to the Operator and continuing the conversation with the Operator's employee, you consent to the processing of personal data.
4.8. Messaging via messenger. If you send a message to Us via messenger, including using the relevant functionality of the Site, then your Consent to the processing of personal data is considered provided at the time of sending the first message to Our address.
4.8. Storing consent information. Please note that We may store data about your actions (by means of a system for logging your actions, or an equivalent) confirming your Consent to personal data, as indicated in this section of the Policy, for a period of 3 (Three) years after your expression of consent to the Policy, unless otherwise provided by law or this Policy.
5. How are policy changes implemented?
5.1. This Policy may be changed at any time at the discretion of the Company. Please check this Policy regularly for any changes you have made. In case of significant changes to the Policy, we have the right to additionally notify you of such a change. In turn, the Company undertakes to immediately post a new version of the Policy after making changes to it on the Website.
5.2. In case of your disagreement with any changes to the Policy, you must immediately stop using the Site.
6. Who is the person responsible for data processing and who can I contact if I have any questions?
6.1. If you have any questions, including the identification of the person responsible for data processing, please send your question to our email address: privacy@нейролаб.com . Please note that the specified email address is specifically allocated exclusively for processing requests related to personal data. This measure is necessary so that we can respond to you as soon as possible. Please do not send messages to the specified email address that are not related to your personal data.
7. What sources and types of data do we use?
7.1. We process Personal Data that we receive from you as part of an ongoing relationship.
8. What types of personal data do we collect and for what purpose?
8.1. In this Section, we describe step by step what data we collect. The Policy also contains a short table describing all types of personal data that we collect, the relevant storage periods and the grounds for processing.
8.2. During your use of the Website, We may collect the following types of Personal Data:
In this Privacy and Cookie Processing Policy (Policy) We provide information about the limits of the Personal Data we collect, explain the reasons for their collection, how they are used, and identify third parties to whom your data is transmitted. We also disclose what cookies are, how the Company can use such files, and what settings you have to configure the use of these files obtained as part of your interaction with the online interfaces used and managed by the Company on the Site.
This Policy is part of the User Agreement. Please read this Policy carefully and contact us if you have any questions.
In compliance with the requirements of Part 2 of Article 18.1 of Federal Law No. 152, this Policy is published in free access on the information and telecommunication network Internet on the Company's Website.
1. Terms and definitions
1.1. Website – a website at https://нейролаб.com , which is managed by the Company.
1.2. Personal data is any information related to an identified or identifiable person that persons provide to Us when filling out an application for Partner status on the Site, information that the Site automatically collects about Users, information that Users provide to us in order to conclude a Paid Service Agreement and provide feedback, as well as information about Users which We receive from third parties .
1.3. Personal data processing is any action (operation) or set of actions (operations) performed with or without the use of automation tools with Personal Data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Personal Data.
1.4. Confidentiality of personal data is a mandatory requirement for the Operator or other person who has access to Personal Data to prevent their dissemination without the consent of the Personal Data subject or other legitimate reason.
1.5. A cookie is a small text file placed by a Website on your computer or device when, for example, you visit certain sections of the Website and/or when you use certain functions of the Website, the rules of storage and processing of which are regulated by the Cookie Policy.
1.6. Operator (of personal data), Company, We, Us – Individual Entrepreneur Ksenia Nazarenko, OGRNIP 319508100326970, TIN: 503125754933, address: 123376, Moscow, Krasnaya Presnya str., 28, floor 3 room/room/office II/2/1.
1.7. User, You are an individual who has visited or uses the Site in any way (regardless of the Partner status), which may include: the sole executive body of a legal entity, an individual entrepreneur, an individual who is a payer of professional income tax (self–employed), or an individual who is not a citizen or a tax resident of the Russian Federation.
1.8. GDPR is the EU General Data Protection Regulation 2016/679 of the European Parliament and of the European Council of April 27, 2016 on the protection of individuals with regard to the processing of their Personal Data and on the free movement of such data, repealing Directive 95/46/EC as amended, amended and supplemented, applied periodically and incorporated into the national legislation of the countries– participants.
1.9. The terms used in the text of this document, which are not defined in this section, are understood in the meaning given to them by the Agreement and its annexes.
2. Development grounds, goals, Policy principles
2.1. The basis of the development. The Policy has been developed in compliance with the requirements of laws and regulations defining the cases and specifics of processing personal data of a Personal data Subject, including Federal Law No. 152-FZ, GDPR.
2.2. Purposes. The Policy pursues the following objectives: (1) ensuring the protection of human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family secrets, (2) excluding unauthorized actions (unlawful or accidental access) by any third parties to your Personal Data, as well as the destruction of, modification, blocking, copying and dissemination of personal data, (3) ensuring the legal and regulatory regime of confidentiality and control of your Personal Data, (4) protection of the constitutional rights of citizens to personal privacy, confidentiality of information constituting Personal Data, and prevention of a possible threat to your security.
Thus, the main purpose of the Policy is to provide you with a complete and transparent understanding of: the legal basis for the collection and processing of your Personal Data; the categories of Personal Data that we may collect about you; what happens to the Personal Data that we collect; where we process your Personal Data; how much we store your Personal Data; to whom we may share your Personal Data; and explain your rights as a Personal Data subject.
2.3. Principles. We pursue the following principles of Personal Data Processing: (1) the processing of Personal Data must be carried out on a lawful and fair basis, (2) the processing of personal data must be limited to achieving specific, predetermined and legitimate goals; processing of Personal Data incompatible with the purposes of personal data collection is not allowed, (3) the content and scope of personal data processed the data must correspond to the stated purposes of processing; the Personal Data being processed should not be redundant in relation to the stated purposes of their processing, (4) when Processing personal data, the accuracy of Personal Data, their sufficiency and relevance in relation to the purposes of Personal Data Processing should be ensured, (5) Personal Data should be stored no longer than the purposes of Personal Data Processing require, unless a different retention period for personal data (or the procedure for determining it) is provided for by the Policy.
2.4. If you do not agree with the fact of providing us with your information, or using this information in other ways in accordance with this Policy and the Agreement, you should not become a User of the Site and Use the Site in any way.
3. The subject and grounds of Personal data Processing
3.1. The subject of the Policy. The provisions of this Policy apply to the relationship between Us and You related to the Processing of personal data within the framework of the relationship that arises between Us regarding the use of the Site, resulting from your acceptance of the terms of the User Agreement.
3.2. Grounds for processing. The basis for Processing your personal data is always your consent. Without agreeing to the terms of this Policy, we will not be able to fully enforce our obligations under the agreements concluded with you (including, but not limited to, the User Agreement).
4. Acceptance of the terms of the Policy
4.1. In this section, you can learn about actions that indicate your consent to the Processing of your personal data (hereinafter referred to as "Consent to the processing of personal data").
4.2. The content of the Consent to the processing of personal data. By providing Consent to the processing of personal data, you confirm that you have fully read and agree to the User Agreement, its appendices, the Personal Data Processing Policy and Cookies, and provide specific, substantive, informed, conscious and unambiguous consent to the processing of your personal data.
4.3. Please note that Consent to the processing of personal Data means that you, among other things, express your consent to the Automated, as well as without the use of Automation tools, Processing of your Personal Data, on the terms specified in the Policy, as well as in Consent to the processing of personal data.
4.4. Getting the "Partner" status. If you fill out an application for Partner status on the Website, you will agree to the terms of this Policy by performing the following specific action:
Installing the ☑ icon next to the column:
"I agree to the terms of the User Agreement, the Offer to conclude a contract for the purchase and sale of goods remotely, the Privacy Policy and the processing of Cookies and their applications"
4.5. Familiarization with the content of the Website. If you are just browsing the Site, you are considered to be giving Us Consent to the processing of personal data, to the extent specified in this Policy (technical data, Cookies (unless another consent procedure regarding the processing of Cookies is implemented on the Platform).
4.6. The information you provide. If you provide Us with your Personal Data yourself (for example, write to us by e-mail), then you are considered to have given Consent to the processing of Personal Data at the time of such provision of your Personal Data (for example, when We received an e-mail from you). We store such Personal Data until we respond to you, as well as for some time to save the history of correspondence in order to facilitate further communication with you, but no longer than 1 (One) month.
4.7. Making an outgoing call. By making a call to the Operator and continuing the conversation with the Operator's employee, you consent to the processing of personal data.
4.8. Messaging via messenger. If you send a message to Us via messenger, including using the relevant functionality of the Site, then your Consent to the processing of personal data is considered provided at the time of sending the first message to Our address.
4.8. Storing consent information. Please note that We may store data about your actions (by means of a system for logging your actions, or an equivalent) confirming your Consent to personal data, as indicated in this section of the Policy, for a period of 3 (Three) years after your expression of consent to the Policy, unless otherwise provided by law or this Policy.
5. How are policy changes implemented?
5.1. This Policy may be changed at any time at the discretion of the Company. Please check this Policy regularly for any changes you have made. In case of significant changes to the Policy, we have the right to additionally notify you of such a change. In turn, the Company undertakes to immediately post a new version of the Policy after making changes to it on the Website.
5.2. In case of your disagreement with any changes to the Policy, you must immediately stop using the Site.
6. Who is the person responsible for data processing and who can I contact if I have any questions?
6.1. If you have any questions, including the identification of the person responsible for data processing, please send your question to our email address: privacy@нейролаб.com . Please note that the specified email address is specifically allocated exclusively for processing requests related to personal data. This measure is necessary so that we can respond to you as soon as possible. Please do not send messages to the specified email address that are not related to your personal data.
7. What sources and types of data do we use?
7.1. We process Personal Data that we receive from you as part of an ongoing relationship.
8. What types of personal data do we collect and for what purpose?
8.1. In this Section, we describe step by step what data we collect. The Policy also contains a short table describing all types of personal data that we collect, the relevant storage periods and the grounds for processing.
8.2. During your use of the Website, We may collect the following types of Personal Data:
8.3. Please note that We may store your Personal Data for a longer period if required by applicable laws and regulations.
8.4. Please note that if you provide us with Personal Data of third parties using the available functionality of the Site, or in any other way, including, but not limited to, by sending an email to our email address, you hereby unconditionally and unconditionally guarantee that you have received all necessary consents from such persons (including consent to the transfer of personal data), permits and other documents necessary to implement the provisions of this Policy in full, issued by them in the form and in accordance with their personal applicable law (hereinafter referred to as the Consent of third parties), and if you act as the operator of such persons' personal data, you also guarantee that you ensure the transfer and protection of their personal data to an extent not less than provided for in this Policy. In this case, the Consent of third parties must be executed by them in writing, the original of which must be provided by you within 7 (Seven) calendar days from the date of sending the relevant request from the Company. Providing Personal Data to third parties without complying with this warranty is unacceptable, and you fully assume all responsibility for violating this warranty.
8.5. If you object to the use and processing of your Personal Data for any of the purposes mentioned above, please contact us. Your decision to provide your Personal Data to the Company is voluntary, however, unless you provide any (including additional) Personal data and information, the Company may not be able to perform actions regarding the fulfillment of its obligations, ensuring the normal functioning of the Site and Services (for example, creating an Account, using the Services).
9. How do we collect your personal data?
9.1. We may collect Users' Personal Data in various ways:
8.4. Please note that if you provide us with Personal Data of third parties using the available functionality of the Site, or in any other way, including, but not limited to, by sending an email to our email address, you hereby unconditionally and unconditionally guarantee that you have received all necessary consents from such persons (including consent to the transfer of personal data), permits and other documents necessary to implement the provisions of this Policy in full, issued by them in the form and in accordance with their personal applicable law (hereinafter referred to as the Consent of third parties), and if you act as the operator of such persons' personal data, you also guarantee that you ensure the transfer and protection of their personal data to an extent not less than provided for in this Policy. In this case, the Consent of third parties must be executed by them in writing, the original of which must be provided by you within 7 (Seven) calendar days from the date of sending the relevant request from the Company. Providing Personal Data to third parties without complying with this warranty is unacceptable, and you fully assume all responsibility for violating this warranty.
8.5. If you object to the use and processing of your Personal Data for any of the purposes mentioned above, please contact us. Your decision to provide your Personal Data to the Company is voluntary, however, unless you provide any (including additional) Personal data and information, the Company may not be able to perform actions regarding the fulfillment of its obligations, ensuring the normal functioning of the Site and Services (for example, creating an Account, using the Services).
9. How do we collect your personal data?
9.1. We may collect Users' Personal Data in various ways:
10. Use of services and payment data
10.1. In some cases, the Company may charge a fee for using the Services. Payment can be made on condition that you provide your bank card details/ other payment details / place and date of birth, current account number and bank card to the payment service or bank that we have engaged. Please note that we do not collect or store this data – it is processed exclusively by the bank or the payment service, and in accordance with their rules. Thus, the Company does not collect User payment data, all payment transactions are performed by the Company's counterparties – specialized companies that have the right to carry out electronic payment transactions and have the appropriate technical support to ensure the maintenance of security standards for such transactions.
10.2. Please pay special attention to the fact that all payment transactions on the Website are governed by the Rules for Making Payments, and when banks and other persons are involved in ensuring payment transactions, they are governed by the relevant rules of such banks and other persons, links to which are posted on the Website in the relevant section. By making a payment transaction, you guarantee that you have read all the documentation governing the payment transaction and agree to it in full.
11. Rights of the Personal data Subject
11.1. Receiving information. You have the right to receive information about Us, about Our location, about the availability of your Personal Data with Us, as well as to get acquainted with such Personal Data.
11.2. Clarification. You have the right to request that We clarify your Personal Data, block it, or destroy it if the Personal Data is incomplete, outdated, unreliable, illegally obtained, or is not necessary for the stated purpose of processing, as well as to take legal measures to protect your rights.
11.3. The form of provision. Information about the availability of Personal Data will be provided to you in an accessible form, and it will not contain Personal Data related to other Subjects of Personal Data.
11.4. The content of the response. In requesting access to Personal Data, you have the right to request information from Us regarding the Processing of Your Personal Data, including: (1) confirmation of the processing of Personal Data, as well as the purpose of such processing, (2) methods of processing Personal Data, (3) the name and location of the Operator, information about persons who have access to Personal Data or who may be granted such access, (4) the list of Personal Data being processed and the source of their receipt, (5) the timing of Personal Data processing, (6) information about the legal consequences that the Processing of Personal Data may entail for the Personal Data Subject.
11.5. Withdrawal of consent. You have the right to revoke your consent to the processing of Personal Data, restrict the methods and forms of Personal Data processing, and prohibit the dissemination of Personal Data without your consent.
11.6. The right to appeal. You have the right to appeal Our actions or omissions to the authorized body for the protection of the rights of Personal data Subjects or in court.
11.7. The right to protection. You have the right to defend your rights and legitimate interests, including damages and compensation for moral damage in court.
The order of access. You (or your legal representative) can access your Personal Data by contacting us personally or by sending a written request. In this case, the request must contain the number of the main document certifying your identity or your legal representative, information about the date of issue of the specified document and the issuing authority, and a handwritten signature. The request can be sent electronically. We are obliged to respond to your request within 30 (Thirty) days from the date of its receipt, which, taking into account the complexity and number of requests, can be extended up to 60 (Sixty) days.
12. Rights of the Personal Data Subject (GDPR)
If you are a citizen of a member State of the European Economic Area or the United Kingdom (or legally provide us with such person's Personal Data), you are also granted the following rights. You can use them by sending an appropriate email to Our Contact Information.
12.1. The right to be informed (Articles 12-14 of the Regulations). You have the right to receive information about the collection and use of your Personal Data, in particular about the purposes of processing this Personal Data, the duration of storage and to whom it will be transferred. This information must be provided at the time we collect your Personal Data. If we receive Personal Data from other sources, we will inform you about it within a reasonable time after receiving the data and no later than one month, unless you already have such information and if it does not require disproportionate efforts to provide it. Information should be concise, transparent, understandable, easily accessible, and expressed in clear and understandable language, which is why we try to explain our data processing policy in detail. We will inform you about any new use of your Personal Data before processing it.
12.2. The right of access (art. 15 of the Regulations). You have the right to receive confirmation from the Operator whether Personal Data concerning You is being processed and, if necessary, access to personal Data and the following information: purposes of processing; categories of relevant Personal Data; recipients or categories of recipients to whom Personal Data has been or will be disclosed, in particular recipients from third countries or international organizations. organizations; if possible, the stipulated period during which Personal Data will be stored, or, if this is not possible, the criteria used to determine such a period; the right to require the Operator to correct or delete Personal Data or restrict the processing of Personal Data in relation to the data subject or to object to such processing; the right to file a complaint with the supervisory authority; the existence of an automated decision-making process, including the profiling referred to in articles 22(1) and (4) of the Regulation, and, at least in these cases, meaningful information about the underlying algorithm, as well as the significance and intended consequences of such processing for the data subject. If Personal Data is transferred to a third country or an international organization, you have the right to receive information about the guarantees available related to such transfer. Upon request, the Operator also provides a copy of the Personal Data being processed. For all additional copies requested by the Personal Data subject, the Operator may charge a reasonable fee based on administrative costs. If you make a request by electronic means, and unless otherwise required, the information must be provided in a generally accepted electronic form.
12.3. The right to correction (art. 16 of the Regulations). You have the right to correct incorrect or inaccurate information regarding Personal Data upon a request for correction made orally or in writing. The Operator has one calendar month to respond to the request of the Personal Data subject.
12.4. The right to erasure ("the right to be forgotten") (art.17 of the Regulations). The Regulation grants individuals the right to delete personal data. You can make a deletion request by contacting Us. We will have one month to respond to your request. Please note that this right is not absolute and applies only in certain circumstances provided for in article 17 of the Rules of Procedure.
12.5. The right to restriction of processing (art. 18 of the Regulations). You have the right to request the restriction or termination of the processing of your Personal Data. If processing has been restricted, such Personal Data, with the exception of storage, is processed only with the consent of the data subject, or to justify, execute or defend legal claims, or to protect the rights of another natural or legal person, or to protect the public interest of the union or a member State. Please note that this right is not absolute and applies only in certain circumstances provided for in article 18 of the Rules of Procedure.
12.6. The right to data portability (art. 20 of the Regulations). The right to data portability allows you to receive and reuse your Personal Data for your own purposes within the framework of various services. It allows you to easily move, copy, or transfer Personal Data from one IT environment to another in a secure and reliable way without affecting the usability of Personal Data. Please note that you have the right to transfer Personal Data directly from one Operator to another, in cases where this is technically possible.
12.7. The right to object (art. 21 of the Rules). You have the right to object at any time to the processing of your personal data on grounds relevant to your specific situation. We will not further process your Personal Data, except in cases where we have sufficient legitimate grounds for processing that are more significant than the interests, rights and freedoms of the data subject or for establishing, exercising or defending legitimate claims. If your Personal Data is being processed for direct marketing purposes, you have the right to object to the processing of Personal Data about You for the purposes of said marketing, including profiling to the extent it is related to direct marketing.
12.8. Rights related to automated decision-making, including profiling (art. 22 of the Regulations). You have the right not to be subject to a decision based solely on automatic processing, including profiling, that generates legal consequences for him or her or significantly affects him or her. Please note that this right is not absolute and applies only in certain circumstances provided for in article 22 of the Rules of Procedure. You can revoke your consent to the processing of Personal Data at any time. Please remember that revocation of consent applies only to the future. Any processing-related actions performed prior to such a recall are not affected by it.
13. Transfer of Personal Data
13.1. Transfer of Personal Data. In order to achieve the purposes of Personal Data Processing, we may need to provide your Personal Data to our contractors. Your Personal Data may be transferred to government authorities, in particular, executive authorities, on the basis of their request.
13.2. Compulsory and optional transfer. The transmission of information may be mandatory, for example, in terms of information about user equipment: IP address, OS, geographical data, ID/type of equipment, channel used: browser/application, payment authorization, identification/verification, or optional, for example, in terms of information about address match indicators, information about account , etc .
14. Storage of Personal data
14.1. Localization of Personal Data. If you are a citizen of the Russian Federation, we store your data on servers located on the territory of the Russian Federation. If you are a citizen of one of the member States of the European Economic Area, the United Kingdom, or another country whose personal data legislation requires that Personal Data be Processed on the territory of such country, then your Personal Data is collected and Processed on the territory of the European Economic Area or such country, respectively.
15. Principles and measures of Personal Data protection
15.1. Principles of protection. We apply legal, organizational, administrative, technical and physical measures to protect Personal Data to ensure the protection of your Personal Data.
15.2. Security measures. Measures to ensure the security of Personal Data during their processing are planned and implemented in order to ensure compliance with the requirements of legislation in the field of Personal Data and regulatory legal acts adopted in accordance with it. We ensure the security of your Personal Data, including in the following ways:: (1) by limiting and specifying the number of employees of the Operator who have access to Personal Data, (2) by appointing a person responsible for organizing the processing of Personal Data, (3) by developing and implementing local acts on personal data processing, (4) by identifying threats to the security of Personal Data during their processing in Personal data information systems, (5) the application of organizational and technical measures to ensure the security of Personal Data, (6) the application of information security measures that have passed the compliance assessment procedure in accordance with the established procedure, (7) taking into account electronic media, (8) establishing rules for access to Personal Data, (9) restricting access to premises where technical means for processing Personal Data are located, as well as information media are stored, (10) by detecting the facts of unauthorized access to Personal Data and taking measures to prevent such access, (11) by entering Personal Data (which are not publicly available, confidentiality requirements) to the list of confidential information of the Operator, (12) obtaining an obligation not to disclose confidential information, including Personal Data, from all employees of the Operator directly involved in the processing of Personal Data, (13) restoring Personal Data modified or destroyed due to unauthorized access to them, (14) familiarizing employees Operators who directly process Personal Data in accordance with the provisions of the legislation on personal data, including requirements for the protection of Personal Data, local acts on the processing of Personal Data, (15) control over the measures taken to ensure the security of Personal Data.
16. Cookies files
16.1. Use of Cookies. The platform uses cookies. When visiting the Platform, your Internet browser transmits certain information to Our server: (1) date and time of the visit, (2) browser type, (3) language settings, (4) operating system. This information is stored in connection logs for a limited time (from a session to a year) to ensure the security and proper operation of the Platform, as well as to collect statistical information.
16.2. Cookie Functions. There are various groups of Cookies that are used on the Platform. The first group is functional and technical Cookies. The main function of such files is to allow the server of the site hosting the Platform to receive information about your session, the language used, the browser, etc., as well as to ensure the full operation of the Platform. These files are needed in order to recognize you when you log back on to the Platform. This allows us to personalize the content of the Platform to your needs and remember your preferences. The second group is analytical Cookies, which allow us to evaluate and count the number of visitors, as well as understand how they move around the Platform when working with it. This helps us to make improvements to the Platform, for example, optimizing the search for the right sections, making it simple and efficient. You have the right to refuse the use of analytical Cookies by making the appropriate settings in your web browser.
16.3. Cookie storage time. According to the storage time on users' devices, Cookies are divided into Permanent and Session Cookies: “Session Cookies” are files that are stored on your device until you close your browser. “Permanent Cookies" are stored on your device until they expire or until you delete them.
16.4. Disabling Cookies. You have the option to accept or reject all Cookies on all sites that you visit by changing the settings in your web browser. For example, when you use Internet Explorer version 11.0, you should do the following: (1) select "Settings", then "Internet Options", (2) go to the "Privacy" tab, (3) use the mouse to select your preferred settings. Each browser must use its own settings to change and delete Cookies. Please note that certain Platform functionality may not be available when Cookies are disabled. To learn more about how to adjust or change your browser settings, refer to the browser instructions or at www.aboutcookies.org either www.allaboutcookies.org . If you use different devices to access the Platform (e.g. smartphone, tablet, computer, etc.), you should make sure that each browser on each device is configured according to your preferences regarding cookies.
17. Addresses for exchanging legally relevant messages
17.1. Details of the Parties. In the course of fulfilling our obligations under this Policy and/or other obligations as an Operator of Personal Data, there may be (and in some cases must be) an exchange of legally relevant messages between Us. Such an exchange takes place through the official contacts of the Parties, both in written and electronic form (equivalent). At the same time, the conclusion of a separate agreement on the use of electronic document management is not required. The Operator's email address for requests regarding personal data: privacy@нейролаб.com
18. Final provisions
18.1. The divisibility clause. In the event that one or more provisions of the Policy are declared invalid/irreconcilable, etc., then such provisions are considered to be replaced by valid provisions as close as possible in their meaning. However, the Policy cannot be invalidated in full under any circumstances.
10.1. In some cases, the Company may charge a fee for using the Services. Payment can be made on condition that you provide your bank card details/ other payment details / place and date of birth, current account number and bank card to the payment service or bank that we have engaged. Please note that we do not collect or store this data – it is processed exclusively by the bank or the payment service, and in accordance with their rules. Thus, the Company does not collect User payment data, all payment transactions are performed by the Company's counterparties – specialized companies that have the right to carry out electronic payment transactions and have the appropriate technical support to ensure the maintenance of security standards for such transactions.
10.2. Please pay special attention to the fact that all payment transactions on the Website are governed by the Rules for Making Payments, and when banks and other persons are involved in ensuring payment transactions, they are governed by the relevant rules of such banks and other persons, links to which are posted on the Website in the relevant section. By making a payment transaction, you guarantee that you have read all the documentation governing the payment transaction and agree to it in full.
11. Rights of the Personal data Subject
11.1. Receiving information. You have the right to receive information about Us, about Our location, about the availability of your Personal Data with Us, as well as to get acquainted with such Personal Data.
11.2. Clarification. You have the right to request that We clarify your Personal Data, block it, or destroy it if the Personal Data is incomplete, outdated, unreliable, illegally obtained, or is not necessary for the stated purpose of processing, as well as to take legal measures to protect your rights.
11.3. The form of provision. Information about the availability of Personal Data will be provided to you in an accessible form, and it will not contain Personal Data related to other Subjects of Personal Data.
11.4. The content of the response. In requesting access to Personal Data, you have the right to request information from Us regarding the Processing of Your Personal Data, including: (1) confirmation of the processing of Personal Data, as well as the purpose of such processing, (2) methods of processing Personal Data, (3) the name and location of the Operator, information about persons who have access to Personal Data or who may be granted such access, (4) the list of Personal Data being processed and the source of their receipt, (5) the timing of Personal Data processing, (6) information about the legal consequences that the Processing of Personal Data may entail for the Personal Data Subject.
11.5. Withdrawal of consent. You have the right to revoke your consent to the processing of Personal Data, restrict the methods and forms of Personal Data processing, and prohibit the dissemination of Personal Data without your consent.
11.6. The right to appeal. You have the right to appeal Our actions or omissions to the authorized body for the protection of the rights of Personal data Subjects or in court.
11.7. The right to protection. You have the right to defend your rights and legitimate interests, including damages and compensation for moral damage in court.
The order of access. You (or your legal representative) can access your Personal Data by contacting us personally or by sending a written request. In this case, the request must contain the number of the main document certifying your identity or your legal representative, information about the date of issue of the specified document and the issuing authority, and a handwritten signature. The request can be sent electronically. We are obliged to respond to your request within 30 (Thirty) days from the date of its receipt, which, taking into account the complexity and number of requests, can be extended up to 60 (Sixty) days.
12. Rights of the Personal Data Subject (GDPR)
If you are a citizen of a member State of the European Economic Area or the United Kingdom (or legally provide us with such person's Personal Data), you are also granted the following rights. You can use them by sending an appropriate email to Our Contact Information.
12.1. The right to be informed (Articles 12-14 of the Regulations). You have the right to receive information about the collection and use of your Personal Data, in particular about the purposes of processing this Personal Data, the duration of storage and to whom it will be transferred. This information must be provided at the time we collect your Personal Data. If we receive Personal Data from other sources, we will inform you about it within a reasonable time after receiving the data and no later than one month, unless you already have such information and if it does not require disproportionate efforts to provide it. Information should be concise, transparent, understandable, easily accessible, and expressed in clear and understandable language, which is why we try to explain our data processing policy in detail. We will inform you about any new use of your Personal Data before processing it.
12.2. The right of access (art. 15 of the Regulations). You have the right to receive confirmation from the Operator whether Personal Data concerning You is being processed and, if necessary, access to personal Data and the following information: purposes of processing; categories of relevant Personal Data; recipients or categories of recipients to whom Personal Data has been or will be disclosed, in particular recipients from third countries or international organizations. organizations; if possible, the stipulated period during which Personal Data will be stored, or, if this is not possible, the criteria used to determine such a period; the right to require the Operator to correct or delete Personal Data or restrict the processing of Personal Data in relation to the data subject or to object to such processing; the right to file a complaint with the supervisory authority; the existence of an automated decision-making process, including the profiling referred to in articles 22(1) and (4) of the Regulation, and, at least in these cases, meaningful information about the underlying algorithm, as well as the significance and intended consequences of such processing for the data subject. If Personal Data is transferred to a third country or an international organization, you have the right to receive information about the guarantees available related to such transfer. Upon request, the Operator also provides a copy of the Personal Data being processed. For all additional copies requested by the Personal Data subject, the Operator may charge a reasonable fee based on administrative costs. If you make a request by electronic means, and unless otherwise required, the information must be provided in a generally accepted electronic form.
12.3. The right to correction (art. 16 of the Regulations). You have the right to correct incorrect or inaccurate information regarding Personal Data upon a request for correction made orally or in writing. The Operator has one calendar month to respond to the request of the Personal Data subject.
12.4. The right to erasure ("the right to be forgotten") (art.17 of the Regulations). The Regulation grants individuals the right to delete personal data. You can make a deletion request by contacting Us. We will have one month to respond to your request. Please note that this right is not absolute and applies only in certain circumstances provided for in article 17 of the Rules of Procedure.
12.5. The right to restriction of processing (art. 18 of the Regulations). You have the right to request the restriction or termination of the processing of your Personal Data. If processing has been restricted, such Personal Data, with the exception of storage, is processed only with the consent of the data subject, or to justify, execute or defend legal claims, or to protect the rights of another natural or legal person, or to protect the public interest of the union or a member State. Please note that this right is not absolute and applies only in certain circumstances provided for in article 18 of the Rules of Procedure.
12.6. The right to data portability (art. 20 of the Regulations). The right to data portability allows you to receive and reuse your Personal Data for your own purposes within the framework of various services. It allows you to easily move, copy, or transfer Personal Data from one IT environment to another in a secure and reliable way without affecting the usability of Personal Data. Please note that you have the right to transfer Personal Data directly from one Operator to another, in cases where this is technically possible.
12.7. The right to object (art. 21 of the Rules). You have the right to object at any time to the processing of your personal data on grounds relevant to your specific situation. We will not further process your Personal Data, except in cases where we have sufficient legitimate grounds for processing that are more significant than the interests, rights and freedoms of the data subject or for establishing, exercising or defending legitimate claims. If your Personal Data is being processed for direct marketing purposes, you have the right to object to the processing of Personal Data about You for the purposes of said marketing, including profiling to the extent it is related to direct marketing.
12.8. Rights related to automated decision-making, including profiling (art. 22 of the Regulations). You have the right not to be subject to a decision based solely on automatic processing, including profiling, that generates legal consequences for him or her or significantly affects him or her. Please note that this right is not absolute and applies only in certain circumstances provided for in article 22 of the Rules of Procedure. You can revoke your consent to the processing of Personal Data at any time. Please remember that revocation of consent applies only to the future. Any processing-related actions performed prior to such a recall are not affected by it.
13. Transfer of Personal Data
13.1. Transfer of Personal Data. In order to achieve the purposes of Personal Data Processing, we may need to provide your Personal Data to our contractors. Your Personal Data may be transferred to government authorities, in particular, executive authorities, on the basis of their request.
13.2. Compulsory and optional transfer. The transmission of information may be mandatory, for example, in terms of information about user equipment: IP address, OS, geographical data, ID/type of equipment, channel used: browser/application, payment authorization, identification/verification, or optional, for example, in terms of information about address match indicators, information about account , etc .
14. Storage of Personal data
14.1. Localization of Personal Data. If you are a citizen of the Russian Federation, we store your data on servers located on the territory of the Russian Federation. If you are a citizen of one of the member States of the European Economic Area, the United Kingdom, or another country whose personal data legislation requires that Personal Data be Processed on the territory of such country, then your Personal Data is collected and Processed on the territory of the European Economic Area or such country, respectively.
15. Principles and measures of Personal Data protection
15.1. Principles of protection. We apply legal, organizational, administrative, technical and physical measures to protect Personal Data to ensure the protection of your Personal Data.
15.2. Security measures. Measures to ensure the security of Personal Data during their processing are planned and implemented in order to ensure compliance with the requirements of legislation in the field of Personal Data and regulatory legal acts adopted in accordance with it. We ensure the security of your Personal Data, including in the following ways:: (1) by limiting and specifying the number of employees of the Operator who have access to Personal Data, (2) by appointing a person responsible for organizing the processing of Personal Data, (3) by developing and implementing local acts on personal data processing, (4) by identifying threats to the security of Personal Data during their processing in Personal data information systems, (5) the application of organizational and technical measures to ensure the security of Personal Data, (6) the application of information security measures that have passed the compliance assessment procedure in accordance with the established procedure, (7) taking into account electronic media, (8) establishing rules for access to Personal Data, (9) restricting access to premises where technical means for processing Personal Data are located, as well as information media are stored, (10) by detecting the facts of unauthorized access to Personal Data and taking measures to prevent such access, (11) by entering Personal Data (which are not publicly available, confidentiality requirements) to the list of confidential information of the Operator, (12) obtaining an obligation not to disclose confidential information, including Personal Data, from all employees of the Operator directly involved in the processing of Personal Data, (13) restoring Personal Data modified or destroyed due to unauthorized access to them, (14) familiarizing employees Operators who directly process Personal Data in accordance with the provisions of the legislation on personal data, including requirements for the protection of Personal Data, local acts on the processing of Personal Data, (15) control over the measures taken to ensure the security of Personal Data.
16. Cookies files
16.1. Use of Cookies. The platform uses cookies. When visiting the Platform, your Internet browser transmits certain information to Our server: (1) date and time of the visit, (2) browser type, (3) language settings, (4) operating system. This information is stored in connection logs for a limited time (from a session to a year) to ensure the security and proper operation of the Platform, as well as to collect statistical information.
16.2. Cookie Functions. There are various groups of Cookies that are used on the Platform. The first group is functional and technical Cookies. The main function of such files is to allow the server of the site hosting the Platform to receive information about your session, the language used, the browser, etc., as well as to ensure the full operation of the Platform. These files are needed in order to recognize you when you log back on to the Platform. This allows us to personalize the content of the Platform to your needs and remember your preferences. The second group is analytical Cookies, which allow us to evaluate and count the number of visitors, as well as understand how they move around the Platform when working with it. This helps us to make improvements to the Platform, for example, optimizing the search for the right sections, making it simple and efficient. You have the right to refuse the use of analytical Cookies by making the appropriate settings in your web browser.
16.3. Cookie storage time. According to the storage time on users' devices, Cookies are divided into Permanent and Session Cookies: “Session Cookies” are files that are stored on your device until you close your browser. “Permanent Cookies" are stored on your device until they expire or until you delete them.
16.4. Disabling Cookies. You have the option to accept or reject all Cookies on all sites that you visit by changing the settings in your web browser. For example, when you use Internet Explorer version 11.0, you should do the following: (1) select "Settings", then "Internet Options", (2) go to the "Privacy" tab, (3) use the mouse to select your preferred settings. Each browser must use its own settings to change and delete Cookies. Please note that certain Platform functionality may not be available when Cookies are disabled. To learn more about how to adjust or change your browser settings, refer to the browser instructions or at www.aboutcookies.org either www.allaboutcookies.org . If you use different devices to access the Platform (e.g. smartphone, tablet, computer, etc.), you should make sure that each browser on each device is configured according to your preferences regarding cookies.
17. Addresses for exchanging legally relevant messages
17.1. Details of the Parties. In the course of fulfilling our obligations under this Policy and/or other obligations as an Operator of Personal Data, there may be (and in some cases must be) an exchange of legally relevant messages between Us. Such an exchange takes place through the official contacts of the Parties, both in written and electronic form (equivalent). At the same time, the conclusion of a separate agreement on the use of electronic document management is not required. The Operator's email address for requests regarding personal data: privacy@нейролаб.com
18. Final provisions
18.1. The divisibility clause. In the event that one or more provisions of the Policy are declared invalid/irreconcilable, etc., then such provisions are considered to be replaced by valid provisions as close as possible in their meaning. However, the Policy cannot be invalidated in full under any circumstances.
TOGETHER WE ARE STRONG!
.