Privacy Policy
This Privacy Policy (hereinafter referred to as the "Privacy Policy") applies to all information that the "Vpeexchange" service, located at the domain name vpeexchangee.com, may collect about the User while using the website.
1. General Provisions
This document defines the policy of the website vpeexchangee.com (hereinafter referred to as the "Operator") regarding the processing of personal data of users of the site and outlines the system of basic principles applied to the processing of personal data.
1.2. The Policy regarding the processing of personal data of users of the site (hereinafter referred to as the "Policy") has been developed to comply with the requirements of the legislation related to personal data and the identification of users on the site.
The Policy applies to all personal data that is subject to processing by the Operator.
1.3. The Policy regarding the processing of personal data of users of the site (hereinafter referred to as the "Policy") has been developed to comply with the requirements of the legislation related to personal data and the identification of users on the site.
The Policy applies to all personal data that is subject to processing by the Operator.
1.4. The Policy establishes the procedure for processing personal data of users of the site: actions for collecting, systematizing, accumulating, storing, clarifying (updating, changing), and destroying personal data.
1.5. The Policy sets out mandatory requirements and rules for employees of the Operator involved in servicing the site, governing the handling of all types of information carriers containing personal data of users of the site.
1.6. The Policy does not address issues related to ensuring the security of personal data classified as state secrets in accordance with established procedures.
1.7. Terms and Definitions:
Personal Data – any information relating directly or indirectly to a specific or identifiable individual (data subject).
Operator – a government body, municipal authority, legal entity, or individual, either independently or jointly with others, organizing and/or conducting the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data subject to processing, and the actions (operations) performed with personal data.
Processing of Personal Data – any action (operation) or set of actions (operations) performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transmission (distribution, provision, access), anonymization, blocking, deletion, or destruction of personal data.
User – an Internet user, in particular, a user of the website.
Automated Processing of Personal Data – the processing of personal data using computing technology.
Provision of Personal Data – actions aimed at disclosing personal data to a specific person or a specific group of individuals.
Blocking of Personal Data – temporary cessation of personal data processing (except when processing is necessary for clarifying personal data).
Destruction of Personal Data – actions that result in the impossibility of restoring the content of personal data in the personal data information system and/or the destruction of physical carriers of personal data.
Anonymization of Personal Data – actions that make it impossible to identify the personal data of a specific data subject without additional information.
1.8. The Operator ensures the confidentiality and security of personal data during their processing in accordance with legal requirements and does not disclose or distribute personal data to third parties without the consent of the data subject, unless otherwise provided by law.
In accordance with the list of personal data processed on the website, the personal data of users of the site are confidential information.
2. Fundamental Rights and Obligations of the Operator and the Data Subject
2.1. The Operator has the right to:
Receive personal data from data subjects and third parties (persons who are not data subjects);
Independently determine the composition and list of measures necessary and sufficient to ensure compliance with obligations stipulated by personal data laws and related regulatory legal acts;
Continue processing personal data without the subject’s consent in case of withdrawal of consent by the data subject.
2.2. The Operator is obliged to:
Organize the processing of personal data in accordance with the requirements of personal data laws;
Respond to inquiries and requests from data subjects and their legal representatives in accordance with personal data laws.
2.3. The Data Subject has the right to:
Receive information regarding the processing of their personal data, except in cases provided by law. The information is provided to the data subject in an accessible form and must not contain personal data of other data subjects unless there are legal grounds for disclosing such data;
Request the Operator to update, block, or delete their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing.
3. Purposes of Personal Data Collection
3.1. The processing of personal data is limited to achieving specific, predetermined, and lawful purposes. Processing that is incompatible with the purposes of data collection is not permitted.
3.2. Only personal data relevant to the processing purposes shall be subject to processing.
3.3. The processing of website users' personal data is carried out solely to enable user interaction with the website.
3.4. Personal data on the website includes any information related to an identified or identifiable individual (data subject) based on such information.
4. Scope of Processed Personal Data
4.1. The content and scope of personal data processed by the website’s users comply with the stated processing purposes outlined in Section 3 of this Policy. The processed personal data must not be excessive in relation to the declared processing purposes.
4.2.The Operator may process the following personal data of users:
- Source of website visit (referring sites) and information on search or advertising queries;
- User device data (including resolution, version, and other attributes characterizing the user’s device);
- User interactions such as clicks, page views, form submissions, ad and video impressions;
- Data characterizing audience segments;
- Session parameters;
- Time of visit;
- User identifier stored in cookies;
- Last name;
- First name;
- Patronymic (if applicable);
- Contact phone number;
- Email address.
4.3. The Operator does not process special categories of personal data related to race, nationality, political views, religious or philosophical beliefs, health status, or private life.
4.4.The Operator does not process biometric personal data.
4.5. The Operator does not perform cross-border transfers of personal data.
5. Procedure and Conditions for Processing Personal Data
5.1. The Operator processes personal data in accordance with legal requirements.
5.2. Processing of personal data is carried out with the consent of the data subjects.
5.3. The Operator performs both automated and non-automated processing of personal data.
5.4. Only employees whose official duties include processing personal data are allowed to handle such data.
5.5. Disclosure, sharing, and distribution of personal data to third parties without the data subject’s consent are not permitted.
5.6. The Operator takes necessary legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, distribution, and other unlawful actions, including:
- Identifying security threats to personal data during processing;
- Adopting internal regulations and other documents governing personal data processing and protection;
- Creating the necessary conditions for working with personal data;
- Maintaining records of documents containing personal data;
- Managing information systems where personal data is processed;
- Storing personal data under conditions ensuring its security and preventing unauthorized access.
5.7. The Operator retains personal data in a form that allows the identification of the data subject for no longer than required for the processing purposes.
6. Procedure and Retention Periods for Personal Data
6.1. The Operator only stores users' personal data on the Website.
6.2. The retention period for users' personal data begins from the moment consent to process personal data is given. This consent is obtained through acceptance of the offer, which does not require a bilateral signature and is valid in electronic form. The data remains stored until the user requests the deletion of their personal data from the website.
6.3. If data is deleted from the website at the initiative of either party (for example, upon discontinuation of website use), the user’s personal data is retained in the Operator’s databases for five years.
6.4. At the end of the specified retention period, the user’s personal data is automatically deleted using a predefined algorithm set by the Operator.
6.5. The Operator does not process users' personal data on physical (paper) media.
7. Deletion and Destruction of Personal Data
7.1. Personal data is subject to destruction once the processing purposes have been achieved or if the data subject withdraws consent for processing, unless:
- Otherwise provided by a contract in which the data subject is a party, beneficiary, or guarantor;
- The Operator is legally prohibited from processing without the data subject’s consent;
- Another agreement exists between the Operator and the data subject.
7.2. The data subject has the right to request in writing the destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purposes.
7.3. If personal data cannot be destroyed, the Operator shall block it.
7.4. Personal data is destroyed by erasing information using certified software that ensures complete data destruction, in accordance with the software’s specified security features.
8. Final Provisions
8.1. Compliance with this Policy is monitored by an authorized person responsible for organizing personal data processing at the Operator.
8.2. The terms of this Policy may be established, modified, or revoked by the Operator unilaterally without prior notice to the User. Once a new version of the Policy is published on the website, the previous version becomes void. If significant changes are made, the Operator notifies users by posting an announcement on the website.
8.3. Unconditional acceptance (acceptance) of this Policy occurs when the user submits an application on the website vpeexchangee.com, thereby consenting to the processing of their personal data.
Consent to personal data processing, obtained through acceptance of this offer, does not require a bilateral signature and is valid in electronic form.
8.4. If a User disagrees with the terms of this Policy, they must immediately delete their profile from the website or notify the Operator of their disagreement. Otherwise, continued use of the website constitutes acceptance of the Policy’s terms.
