PERSONAL DATA PROCESSING POLICY
1. General Provisions
This Personal Data Processing Policy (hereinafter the "Policy") is drafted in accordance with the requirements of the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data" (hereinafter the "Personal Data Law") and establishes the procedure for processing personal data and measures taken by Individual Entrepreneur Ilya Pavlovich Drozd (hereinafter the "Operator") to ensure the security of personal data.
1.1. The Operator considers compliance with the rights and freedoms of individuals, including the protection of privacy and family secrets, as a primary goal and precondition for its activities in processing personal data.
1.2. This Policy applies to all information that the Operator may receive about visitors to the website https://contentfactoryai.online/.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing using computing equipment.
2.2. Blocking of personal data — temporary cessation of personal data processing except where processing is needed to clarify personal data.
2.3. Website — a set of graphic and informational materials, software, and databases ensuring availability via the Internet at https://contentfactoryai.online/.
2.4. Personal data information system — a combination of databases containing personal data and the information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions making it impossible to identify the data subject without additional information.
2.6. Processing of personal data — any action or set of actions with personal data, including collection, recording, systematization, accumulation, storage, updating, extraction, usage, transfer, depersonalization, blocking, deletion, destruction, with or without automation.
2.7. Operator — a state body, municipal body, legal or natural person who independently or jointly organizes and/or carries out personal data processing, defines the purposes, composition, and processing actions.
2.8. Personal data — any information directly or indirectly relating to an identified or identifiable user of the website https://contentfactoryai.online/.
2.9. Personal data allowed by the subject for dissemination — personal data made accessible to an unlimited circle of persons by the subject’s consent under the Personal Data Law.
2.10. User — any visitor of the website https://contentfactoryai.online/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — actions aimed at disclosing personal data to an indefinite circle of persons, including publication in mass media or via telecommunications networks.
2.13. Cross-border transfer of personal data — transferring personal data to foreign authorities or foreign legal/natural persons.
2.14. Destruction of personal data — actions resulting in irreversible destruction of personal data without possibility of restoration in the information system and/or destruction of physical carriers.
3. Key Rights and Obligations of the Operator
3.1. The Operator has the right to:
4. Key Rights and Obligations of Data Subjects
4.1. Data subjects have the right to:
5. Principles of Personal Data Processing
5.1. Processing shall be lawful and fair.
5.2. Processing is limited to specific, lawful purposes declared upon data collection.
5.3. Databases with incompatible purposes shall not be merged.
5.4. Only data relevant to processing purposes shall be processed.
5.5. Data content and volume correspond to declared purposes without redundancy.
5.6. Data accuracy, sufficiency, and relevancy must be ensured with necessary measures to update or delete incorrect data.
5.7. Data storage allows identification only as long as necessary unless otherwise provided by law or contract, after which data is deleted or depersonalized.
6. Purpose of Personal Data Processing
Purpose: providing User access to services, information, and/or materials on the website;
Personal data: surname, first name, patronymic, email, phone numbers;
Legal basis: contracts between Operator and data subject;
Types of processing: collection, recording, systematization, accumulation, storage, deletion, and depersonalization.
7. Conditions of Personal Data Processing
7.1. Processing executed with data subject’s consent.
7.2. Processing required by international treaties or Russian law function fulfillment.
7.3. Processing as necessary for administration of justice and enforcement.
7.4. Processing needed to execute contracts involving the data subject.
7.5. Processing to protect legitimate interests/public purposes without violating data subject rights.
7.6. Processing public personal data disclosed or requested by data subject.
7.7. Processing subject to mandatory publication under law.
8. Procedure for Collection, Storage, Transfer, and Other Processing
The Operator ensures personal data security through organizational, legal, and technical measures in compliance with legislation.
8.1. The Operator safeguards personal data and prevents unauthorized access.
8.2. Personal data will not be transferred to third parties except as required by law or with consent for contractual fulfillment.
8.3. Users may update data by sending notification to [mpdrozdilya@gmail.com] marked "Personal Data Update."
8.4. Data processing term corresponds to purpose achievement unless otherwise stipulated.
Users may withdraw consent at any time via email to [mpdrozdilya@gmail.com] marked “Withdrawal of Consent.”
8.5. Third-party services collecting data operate under their own policies; Operator not responsible for them.
8.6. Restrictions on data transfer or conditions do not apply to legally authorized public interest processing.
8.7. Operator ensures confidentiality of personal data.
8.8. Data stored only as long as necessary to fulfill processing purposes.
8.9. Processing ceases upon purpose completion, consent expiry, withdrawal, cessation request, or detection of unlawful processing.
9. List of Actions with Personal Data by Operator
9.1. Collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer, depersonalization, blocking, deletion, destruction.
9.2. Automated and non-automated processing, including transmission through telecommunications networks.
10. Cross-border Transfer of Personal Data
10.1. Operator must notify authorized protection bodies prior to commencing cross-border data transfer.
10.2. Operator must obtain relevant information from foreign authorities or persons before such transfer.
11. Confidentiality of Personal Data
Operator and other persons with access must not disclose or disseminate personal data without subject consent unless otherwise provided by law.
12. Final Provisions
12.1. Users may request clarifications about data processing via email [mpdrozdilya@gmail.com].
12.2. This Policy is effective indefinitely until replaced.
12.3. Current Policy version is publicly available at https://contentfactoryai.online/.
1. General Provisions
This Personal Data Processing Policy (hereinafter the "Policy") is drafted in accordance with the requirements of the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data" (hereinafter the "Personal Data Law") and establishes the procedure for processing personal data and measures taken by Individual Entrepreneur Ilya Pavlovich Drozd (hereinafter the "Operator") to ensure the security of personal data.
1.1. The Operator considers compliance with the rights and freedoms of individuals, including the protection of privacy and family secrets, as a primary goal and precondition for its activities in processing personal data.
1.2. This Policy applies to all information that the Operator may receive about visitors to the website https://contentfactoryai.online/.
2. Key Terms Used in the Policy
2.1. Automated processing of personal data — processing using computing equipment.
2.2. Blocking of personal data — temporary cessation of personal data processing except where processing is needed to clarify personal data.
2.3. Website — a set of graphic and informational materials, software, and databases ensuring availability via the Internet at https://contentfactoryai.online/.
2.4. Personal data information system — a combination of databases containing personal data and the information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data — actions making it impossible to identify the data subject without additional information.
2.6. Processing of personal data — any action or set of actions with personal data, including collection, recording, systematization, accumulation, storage, updating, extraction, usage, transfer, depersonalization, blocking, deletion, destruction, with or without automation.
2.7. Operator — a state body, municipal body, legal or natural person who independently or jointly organizes and/or carries out personal data processing, defines the purposes, composition, and processing actions.
2.8. Personal data — any information directly or indirectly relating to an identified or identifiable user of the website https://contentfactoryai.online/.
2.9. Personal data allowed by the subject for dissemination — personal data made accessible to an unlimited circle of persons by the subject’s consent under the Personal Data Law.
2.10. User — any visitor of the website https://contentfactoryai.online/.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of personal data — actions aimed at disclosing personal data to an indefinite circle of persons, including publication in mass media or via telecommunications networks.
2.13. Cross-border transfer of personal data — transferring personal data to foreign authorities or foreign legal/natural persons.
2.14. Destruction of personal data — actions resulting in irreversible destruction of personal data without possibility of restoration in the information system and/or destruction of physical carriers.
3. Key Rights and Obligations of the Operator
3.1. The Operator has the right to:
- Receive reliable information and documents containing personal data from the data subject;
- Continue processing personal data without consent upon withdrawal if grounds exist under the Personal Data Law;
- Independently determine measures necessary to fulfill its obligations under the Personal Data Law unless otherwise provided.
- 3.2. The Operator is obliged to:
- Provide information about processing personal data upon request of the data subject;
- Organize personal data processing in accordance with Russian legislation;
- Respond to requests from data subjects and their representatives;
- Provide necessary information to authorized protection bodies within 10 days of request;
- Publish or ensure unlimited access to this Policy;
- Take legal, organizational, and technical measures to protect personal data against unauthorized or unlawful access, destruction, alteration, blocking, copying, distribution, and other unlawful acts;
- Stop transferring, processing, and destroy personal data as required by law;
- Fulfill other duties prescribed by law.
4. Key Rights and Obligations of Data Subjects
4.1. Data subjects have the right to:
- Receive information about personal data processing except cases prescribed by law;
- Request correction, blocking, or destruction of inaccurate or unlawfully processed data;
- Set conditions for prior consent in marketing purposes;
- Withdraw consent and demand cessation of processing;
- Appeal unlawful acts or inaction;
- Exercise other rights under Russian law.
- 4.2. Data subjects must:
- Provide reliable data about themselves;
- Inform the Operator of changes to personal data.
- 4.3. Persons providing false data or data about other persons without consent bear liability.
5. Principles of Personal Data Processing
5.1. Processing shall be lawful and fair.
5.2. Processing is limited to specific, lawful purposes declared upon data collection.
5.3. Databases with incompatible purposes shall not be merged.
5.4. Only data relevant to processing purposes shall be processed.
5.5. Data content and volume correspond to declared purposes without redundancy.
5.6. Data accuracy, sufficiency, and relevancy must be ensured with necessary measures to update or delete incorrect data.
5.7. Data storage allows identification only as long as necessary unless otherwise provided by law or contract, after which data is deleted or depersonalized.
6. Purpose of Personal Data Processing
Purpose: providing User access to services, information, and/or materials on the website;
Personal data: surname, first name, patronymic, email, phone numbers;
Legal basis: contracts between Operator and data subject;
Types of processing: collection, recording, systematization, accumulation, storage, deletion, and depersonalization.
7. Conditions of Personal Data Processing
7.1. Processing executed with data subject’s consent.
7.2. Processing required by international treaties or Russian law function fulfillment.
7.3. Processing as necessary for administration of justice and enforcement.
7.4. Processing needed to execute contracts involving the data subject.
7.5. Processing to protect legitimate interests/public purposes without violating data subject rights.
7.6. Processing public personal data disclosed or requested by data subject.
7.7. Processing subject to mandatory publication under law.
8. Procedure for Collection, Storage, Transfer, and Other Processing
The Operator ensures personal data security through organizational, legal, and technical measures in compliance with legislation.
8.1. The Operator safeguards personal data and prevents unauthorized access.
8.2. Personal data will not be transferred to third parties except as required by law or with consent for contractual fulfillment.
8.3. Users may update data by sending notification to [mpdrozdilya@gmail.com] marked "Personal Data Update."
8.4. Data processing term corresponds to purpose achievement unless otherwise stipulated.
Users may withdraw consent at any time via email to [mpdrozdilya@gmail.com] marked “Withdrawal of Consent.”
8.5. Third-party services collecting data operate under their own policies; Operator not responsible for them.
8.6. Restrictions on data transfer or conditions do not apply to legally authorized public interest processing.
8.7. Operator ensures confidentiality of personal data.
8.8. Data stored only as long as necessary to fulfill processing purposes.
8.9. Processing ceases upon purpose completion, consent expiry, withdrawal, cessation request, or detection of unlawful processing.
9. List of Actions with Personal Data by Operator
9.1. Collection, recording, systematization, accumulation, storage, updating, extraction, use, transfer, depersonalization, blocking, deletion, destruction.
9.2. Automated and non-automated processing, including transmission through telecommunications networks.
10. Cross-border Transfer of Personal Data
10.1. Operator must notify authorized protection bodies prior to commencing cross-border data transfer.
10.2. Operator must obtain relevant information from foreign authorities or persons before such transfer.
11. Confidentiality of Personal Data
Operator and other persons with access must not disclose or disseminate personal data without subject consent unless otherwise provided by law.
12. Final Provisions
12.1. Users may request clarifications about data processing via email [mpdrozdilya@gmail.com].
12.2. This Policy is effective indefinitely until replaced.
12.3. Current Policy version is publicly available at https://contentfactoryai.online/.
