Privacy Policy
Updated on 01.07.2024
1. Terms and Definitions
This Privacy Policy uses the following terms:
1.1 Site is an Internet resource consisting of a combination of all information (textual and graphic) functions, computer programs, and content placed in them (data, information, materials, documents, files, messages, images, etc. in electronic form), located at the network address (domain name) https://rubydrop.ru, including all internal pages of this address.
1.2 Administration of the Site is MIDEFY LIMITED, 15 Alikhan Bokeikhan Street, Office 25, Yessil District, Astana, Kazakhstan, 010000, Company number: 200640900199, which owns and manages the Site.
1.3 The Site User (hereinafter referred to as the User) is an individual using the Site. The legal entity performs the functions of the User through its representative.
1.4 Personal data - any information relating directly or indirectly to a specific or identifiable natural person (subject of personal data).
1.5 Processing of personal data - any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
1.6 Confidentiality of personal data is a mandatory requirement for the Site Administration, the User, or other person who has access to personal data to prevent their distribution without the consent of the subject of personal data or other legal grounds.
2. General Provisions
2.1 This personal data processing policy has been drawn up in accordance with the requirements of the Federal Law of July 27, 2006. No. 152-FZ “On Personal Data” (hereinafter referred to as the Law on Personal Data) and determines the procedure for processing personal data and measures to ensure the security of personal data taken by MIDEFY LIMITED (hereinafter referred to as the Site Administration).
2.2 The Site Administration sets as its most important goal and condition for the implementation of its activities the observance of the rights and freedoms of a person and a citizen in the processing of his personal data, including the protection of the rights to privacy, personal and family secrets.
2.3 This Site Administration policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Site Administration can receive about visitors to the site https://rubydrop.ru.
2.4 This Personal Data Privacy Policy (hereinafter referred to as the Privacy Policy) applies to all information that the Site can receive about the User while the latter is using the Site and any functions offered on the Site.
2.5 The use of the Site by the User means acceptance of this Privacy Policy and the terms of processing of the User's personal data.
2.6 In case of disagreement with the terms of the Privacy Policy, the User is obliged to stop using the Site.
2.7 This Privacy Policy directly applies only to the Site. The Site Administration does not control and is not responsible for the sites of third parties to which the User can follow the links available on the Site.
2.8 The Site Administration does not check and is not responsible for the accuracy of personal data provided by the Site User.
3. Subject of the Privacy Policy
3.1 This Privacy Policy establishes the obligations of the Site Administration for non-disclosure and provision of a regime for protecting the confidentiality of personal data that the User provides when registering on the Site.
3.2 Personal data authorized for processing under this Privacy Policy is provided by the User by voluntarily filling out one or more feedback forms, registering or using other functions offered on the Site.
3.3 Any other personal information not specified above is subject to secure storage and non-distribution, except as provided in clause 5.2. and clause 5.3. of this Privacy Policy.
4. Purposes of Collecting Personal Information by the Site Administration
The Site Administration may use the User's personal data for the following purposes:
4.1 Identification of the User, for placing an order and (or) concluding an agreement for the provision of services, the sale of goods or their payment.
4.2 Providing the User with access to personalized information.
4.3 Establishing feedback with the User, including: sending notifications, requests regarding the use of the Site, providing services, selling goods, paying, processing requests and applications from the User.
4.4 Processing and receiving payments, confirming tax or tax benefits, contesting (refunding) a payment;
4.5 Providing the User with customer and technical support in case of problems related to the use of the Site.
4.6 Providing the User, with his consent, with updates on the range of goods and services, special offers, information on prices, newsletters, and other information on behalf of the Site Administration or on behalf of the partners of the Site Administration.
4.7 Granting access to the User to the sites or functions of the partners of the Site Administration in order to obtain products, updates, goods, and services.
4.8 The Site Administration collects, records, systematizes, accumulates, stores, clarifies (updates, changes), extracts, uses, transfers (distributes, provides, accesses), depersonalizes, blocks, deletes and destroys personal data.
4.9 The Site Administration carries out automated processing of personal data with the receipt and / or transmission of the received information via information and telecommunication networks or without it.
4.10 Impersonal data of Users collected using Internet statistics services are used to collect information about the actions of Users on the site, improve the quality of the site and its content.
5. Methods and Terms of Processing Personal Information
5.1 The processing of the User's personal data is carried out without time limit, in any legal way, including in personal data information systems using automation tools or without using such tools.
5.2 The User agrees that the Site Administration has the right to transfer personal data to third parties, in particular, courier services, postal services, telecommunication operators, and other services, in order to fulfill orders, applications and requests of the User.
5.3 In case of loss or disclosure of personal data, the Site Administration informs the User about the loss or disclosure of personal data.
5.4 The Site Administration takes the necessary organizational and technical measures to protect the User's personal information from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties.
5.5 The Site Administration, together with the User, takes all necessary measures to prevent losses or other negative consequences caused by the disclosure of the User's personal data.
6. Principles of Personal Data Processing
6.1 The processing of personal data is carried out on a legal and fair basis.
6.2 The processing of personal data is limited to the achievement of specific, predetermined, and legitimate purposes. It is not allowed to process personal data that is incompatible with the purposes of collecting personal data.
6.3 It is not allowed to combine databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other.
6.4 Only personal data that meet the purposes of their processing are subject to processing.
6.5 The content and scope of the processed personal data correspond to the stated purposes of processing. The redundancy of the processed personal data in relation to the stated purposes of their processing is not allowed.
6.6 When processing personal data, the accuracy of personal data, their sufficiency, and, if necessary, relevance in relation to the purposes of processing personal data, is ensured. The Site Administration takes the necessary measures and / or ensures their adoption to remove or clarify incomplete or inaccurate data.
6.7 The storage of personal data is carried out in a form that allows determining the subject of personal data, no longer than required by the purposes of processing personal data, if the period for storing personal data is not established by federal law, an agreement to which the subject of personal data is a party, beneficiary or guarantor. The processed personal data is destroyed or depersonalized upon reaching the goals of processing or in case of loss of the need to achieve these goals, unless otherwise provided by federal law.
7. Obligations of the Parties
7.1 The Site Administration is obliged to:
7.1.1 Use the information received solely for the purposes specified in clause 4 of this Privacy Policy.
7.1.2 Ensure the storage of confidential information in secret, not to disclose without the prior written permission of the User, and also not to sell, exchange, publish, or disclose in other possible ways the transferred personal data of the User, except for clause 5.2. of this Privacy Policy.
7.1.3 Take precautions to protect the confidentiality of the User's personal data in accordance with the procedure usually used to protect this kind of information in existing business transactions.
8. Responsibility of the Parties
8.1 The Site Administration, in case of failure to fulfill its obligations, is liable for losses incurred by the User in connection with the unlawful use of personal data, in accordance with the legislation of Kazakhstan, except as provided in clause 5.2. and clause 8.2. of this Privacy Policy.
8.2 In case of loss or disclosure of Confidential Information, the Site Administration is not responsible if this confidential information:
8.2.1 Became public property before its loss or disclosure.
8.2.2 It was received from a third party until it was received by the Site Administration.
8.2.3 Was disclosed with the consent of the User.
8.2.4 It was disclosed by third-party sites and services, links to the use of which are present on the Site, if such links and services are used by the User.
8.3 The user is solely responsible for the possible consequences in case of submission of false and / or incomplete personal data.
9. Additional Conditions
9.1 The Site Administration has the right to make changes to this Privacy Policy without the consent and notification of the User.
9.2 Changes to the Privacy Policy come into force from the moment they are posted on the Site.
9.3 The current Privacy Policy is posted on the Site at https://rubydrop.ru/privacy-policy
9.4 The user can get any clarifications on issues of interest regarding the processing of his personal data by contacting the Site Administration via e-mail rubydrop.ru
Security Policy for Paying with a Bank Card
When paying with a bank card, the payment processing (including entering the card number) takes place on a secure page of the processing system, which has passed international certification. This means that confidential data (card details, registration data, etc.) are completely protected and no one, including our resource, can receive the personal and banking data of the client. When working with card data, the information security standard developed by the international payment systems Visa and MasterCard - Payment Card Industry Data Security Standard (PCI DSS) is used, which ensures the safe processing of the details of the Holder's Bank Card. The applied data transfer technology guarantees the security of transactions with bank cards through the use of Secure Sockets Layer (SSL), Verified by Visa, Secure Code protocols, and closed banking networks with the highest degree of protection.