Register or log in to contact support
Register

Privacy Policy

1. General provisions

  • 1.1. This Policy regarding the processing of personal data (hereinafter referred to as the Policy) was prepared in accordance with clause 2, part 1 of Art. 18.1 of the Federal Law of the Russian Federation “On Personal Data” No. 152-FZ of July 27, 2006 (hereinafter referred to as the Law) and determines the position of the Site Administration (hereinafter referred to as the Site Administration) in the field of processing and protection of personal data (hereinafter referred to as Data), compliance with rights and the freedoms of every person and, in particular, the right to privacy, personal and family secrets.

2. Scope of application

  • 2.1. This Policy applies to Data received both before and after the entry into force of this Policy.
  • 2.2. Understanding the importance and value of the Data, as well as caring about respecting the constitutional rights of citizens of the Russian Federation and citizens of other states, the Site Administration ensures reliable protection of the Data.

3. Definitions

  • 3.1. Data means any information relating to a directly or indirectly identified or identifiable individual, i.e. Such information, in particular, includes: last name, first name, patronymic, email, location, link to a personal website or social network, IP address.
  • 3.2. Data processing means any action (operation) or set of actions (operations) with Data performed using automation tools and/or without the use of such tools. Such actions (operations) include: collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of Data.
  • 3.3. Data security means the protection of Data from unlawful and/or unauthorized access to it, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other unlawful actions in relation to Data.

4. Legal grounds and purposes of Data processing

  • 4.1. Processing and ensuring the security of Data by the Site Administration is carried out in accordance with the requirements of the Constitution of the Russian Federation, the Law, the Labor Code of the Russian Federation, by-laws, other federal laws of the Russian Federation defining cases and features of Data processing, guidelines and methodological documents of the FSTEC of Russia and the FSB of Russia.
  • 3.3. Data security means the protection of Data from unlawful and/or unauthorized access to it, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other unlawful actions in relation to Data.

4.2. The subjects of the Data processed by the Site Administration are:

  • 4.2.1. Users and visitors of the site https://up-game.pro/, owned by the Site Administration, including for the purpose of placing an order on the Site https://up-game.pro/.

4.3. The site administration processes the Data of the subjects for the following purposes:

  • 4.3.1. implementation of the functions, powers and responsibilities assigned to the Site Administration by the legislation of the Russian Federation in accordance with federal laws.
  • 4.3.1. implementation of the functions, powers and responsibilities assigned to the Site Administration by the legislation of the Russian Federation in accordance with federal laws.

4.3.2. Users for the purposes of:

  • 4.3.2.1. - providing information on goods/services, ongoing promotions and special offers;
  • 4.3.2.2.- analysis of the quality of the service provided and improvement of the quality of customer service;
  • 4.3.2.3.- informing about the status of the order;
  • 4.3.2.4.- execution of the contract, incl. purchase and sale agreements, incl. concluded remotely on the Site, paid provision of services; provision of services, as well as accounting for services provided to consumers for mutual settlements;
  • 4.3.2.5.- delivery of the ordered Product to the User who placed an order on the Site, return of the product.

5. Principles and conditions for Data processing.

  • 5.1. When processing Data, the Site Administration adheres to the following principles: Data processing is carried out on a legal and fair basis; Data is not disclosed to third parties and is not distributed without the consent of the Data subject, except for cases requiring disclosure of Data at the request of authorized government bodies or legal proceedings; identification of specific legitimate purposes before processing (including collection) of Data; Only those Data are collected that are necessary and sufficient for the stated purpose of processing; combining databases containing Data, the processing of which is carried out for purposes incompatible with each other is not permitted; the processing of Data is limited to the achievement of specific, predetermined and legitimate purposes; The processed Data is subject to destruction or depersonalization upon achievement of the processing goals or in the event of the loss of the need to achieve these goals, unless otherwise provided by federal law.
  • 5.2. The site administration may include data of subjects in publicly available data sources, while the site administration takes the written consent of the subject to process his Data, or by expressing consent through the site form (checkbox), by clicking which the subject of personal data expresses his consent.
  • 5.3. The site administration does not process Data relating to race, nationality, political views, religious, philosophical and other beliefs, intimate life, membership in public associations, including trade unions.
  • 5.4. Biometric Data (information that characterizes the physiological and biological characteristics of a person, on the basis of which his identity can be established and which is used by the operator to establish the identity of the Data subject) is not processed by the site administration.
  • 5.5. The site administration carries out cross-border data transfer. The site administration confirms that the foreign state to whose territory personal data is transferred provides adequate protection of the rights of personal data subjects in accordance with the level of security defined by the Council of Europe Convention for the Protection of Individuals with Automatic Processing of Personal Data.
  • 5.6. In cases established by the legislation of the Russian Federation, the Site Administration has the right to transfer Data to third parties (federal tax service, state pension fund and other government bodies) in cases provided for by the legislation of the Russian Federation.
  • 5.7. The site administration has the right to entrust the processing of Data of Data subjects to third parties with the consent of the Data subject, on the basis of an agreement concluded with these persons, including agreement with the user agreement and the policy for processing personal data posted on the site.
  • 5.8. Persons processing Data on the basis of an agreement concluded with the Site Administration (operator's instructions) undertake to comply with the principles and rules for processing and protecting Data provided for by the Law. For each third party, the contract defines a list of actions (operations) with the Data that will be performed by the third party processing the Data, the purposes of the processing, establishes the obligation of such a person to maintain confidentiality and ensure the security of the Data during their processing, and specifies the requirements for the protection of the processed Data in accordance with the Law.
  • 5.9. In order to fulfill the requirements of its contractual obligations, the processing of Data by the Site Administration is carried out both with and without the use of automation tools. The set of processing operations includes collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (provision, access), depersonalization, blocking, deletion, destruction of Data.
  • 5.10. The site administration prohibits making decisions based solely on automated processing of Data that give rise to legal consequences in relation to the Data subject or otherwise affect his rights and legitimate interests.

6. Rights and obligations of Data subjects, as well as the Site Administration regarding Data processing

6.1. The subject whose data is processed by the Site Administration has the right:

6.1.1. receive from the Site Administration:

  • 6.1.1.1. confirmation of the fact of Data processing and information about the availability of Data relating to the relevant Data subject;
  • 6.1.1.2. information about the legal grounds and purposes of Data processing;
  • 6.1.1.3. information about the methods of Data processing used by the Site Administration;
  • 6.1.1.4. a list of processed Data related to the Data subject and information about the source of their receipt;
  • 6.1.1.5. information about the terms of Data processing, including the periods of their storage;
  • 6.1.1.6. information on the procedure for exercising rights by the Data subject;
  • 6.1.1.7. other information provided for by the Law or other regulations of the Russian Federation;

6.1.2. demand from the site Administration:

  • 6.1.2.1. clarification of your Data, blocking or destruction of it if the Data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing;
  • 6.1.2.2. withdraw your consent to the processing of Data at any time; demand elimination of unlawful actions of the Site Administration in relation to its Data;
  • 6.1.2.3. to protect their rights and legitimate interests, including compensation for losses and/or compensation for moral damage in court.

6.2. During the processing of Data, the site administration is obliged to:

  • 6.2.1. provide the Data subject, upon his request, with information regarding the processing of his personal data, or legally provide a refusal within thirty days from the date of receipt of the request of the Data subject or his representative;
  • 6.2.2. explain to the Data subject the legal consequences of refusal to provide Data if the provision of Data is mandatory in accordance with federal law;
  • 6.2.3. take the necessary legal, organizational and technical measures or ensure their adoption to protect the Data from unauthorized or accidental access to it, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other unlawful actions in relation to the Data;
  • 6.2.4. publish on the Internet and provide unrestricted access via the Internet to a document defining its policy regarding Data processing, to information about the implemented requirements for Data protection;
  • 6.2.5. provide Data subjects and/or their representatives with the opportunity to familiarize themselves with the Data free of charge when making a corresponding request within 30 days from the date of receipt of such a request;
  • 6.2.6. block illegally processed Data relating to the Data subject, or ensure their blocking (if the Data processing is carried out by another person acting on behalf of the Site Administration) from the moment of contacting or receiving a request for the verification period, if unlawful processing of Data is detected when the Data subject applies or his representative or at the request of the Data subject or his representative or the authorized body for the protection of the rights of personal data subjects;
  • 6.2.7. clarify the Data or ensure its clarification within 7 working days from the date of submission of information and remove the blocking of the Data, if the fact of inaccuracy of the Data is confirmed based on the information provided by the Data subject or his representative;
  • 6.2.8. stop the unlawful processing of the Data or ensure the cessation of the unlawful processing of the Data;
  • 6.2.9. stop the processing of Data or ensure its termination and destroy the Data or ensure their destruction upon achieving the purpose of Data processing, unless otherwise provided by the agreement to which the Data subject is a party, beneficiary or guarantor, if the purpose of Data processing is achieved;
  • 6.2.10. stop the processing of Data or ensure its termination and destroy the Data or ensure their destruction if the Data subject withdraws consent to Data processing, if the Site Administration does not have the right to process Data without the consent of the Data subject;

7. Data protection requirements

  • 7.1. When processing Data, the site administration takes the necessary legal, organizational and technical measures to protect Data from unlawful and/or unauthorized access to it, destruction, modification, blocking, copying, provision, distribution of Data, as well as from other unlawful actions in relation to Data.

7.2. Such measures in accordance with the Law, in particular, include:

  • 7.2.1. appointment of a person responsible for organizing Data processing and a person responsible for ensuring Data security;
  • 7.2.2. development and approval of local regulations on the processing and protection of Data;
  • 7.2.3. application of legal, organizational and technical measures to ensure Data security:
  • 7.2.4. identification of threats to the security of Data during their processing in personal data information systems;
  • 7.2.5. application of organizational and technical measures to ensure the security of Data during their processing in personal data information systems necessary to fulfill the requirements for Data protection;
  • 7.2.6. use of information security means that have passed the compliance assessment procedure in accordance with the established procedure;
  • 7.2.7. assessment of the effectiveness of measures taken to ensure Data security before putting into operation the personal data information system;
  • 7.2.8. accounting for computer storage media of Data, if Data storage is carried out on computer storage media;
  • 7.2.9. detecting cases of unauthorized access to Data and taking measures to prevent similar incidents in the future;
  • 7.2.10. restoration of Data modified or destroyed due to unauthorized access to it;
  • 7.2.11. establishing rules for access to Data processed in the personal data information system, as well as ensuring registration and accounting of all actions performed with Data in the personal data information system.
  • 7.2.12. control over the measures taken to ensure Data security and the level of security of personal data information systems;
  • 7.2.13. assessment of the harm that may be caused to Data subjects in the event of violation of the requirements of the Law, the relationship between this harm and the measures taken by the Site Administration aimed at ensuring the fulfillment of the obligations provided for by the Law;
  • 7.2.14. compliance with conditions that exclude unauthorized access to material storage media of Data and ensure the safety of Data;

8. Terms of processing (storage) of Data

  • 8.1. The terms of processing (storage) of Data are determined based on the purposes of Data processing, in accordance with the validity period of the contract with the Data subject, the requirements of federal laws, the requirements of Data operators, on whose behalf the Site Administration processes the Data, the basic rules for the operation of archives of organizations, and the statute of limitations.
  • 8.2. Data whose processing (storage) period has expired must be destroyed. Storage of Data after termination of its processing is permitted only after its depersonalization.

9. The procedure for obtaining clarification on Data processing issues

  • 9.1. Persons whose Data is processed by the Site Administration can receive clarification on the processing of their Data by contacting the Site Administration through the feedback form.

10. Features of processing and protection of Data collected by the Site Administration using the Internet

  • 10.1. The site administration processes Data received from Site users from the resource: https://up-game.pro/ (hereinafter collectively - the Site) and when directly proceeding to placing an Order.

10.2. Data collection

There are two main ways in which the Site Administration receives Data via the Internet:

10.2.1. Providing Data (independent data entry):

  • 10.2.1.1. surname
  • 10.2.1.2. Name
  • 10.2.1.3. surname
  • 10.2.1.4. Email
  • 10.2.1.5. link to personal website or social network

10.3. Automatically collected information

The site administration may collect and process information that is not personal data:

  • 10.3.1. location determination
  • 10.3.2. ip address
  • 10.3.3. information about the interests of Users on the Site based on the entered search queries of Site users about goods sold and offered for sale in order to provide up-to-date information to users when using the Site, as well as generalization and analysis of information about which sections of the Site and products are in greatest demand among Site customers ;
  • 10.3.4. processing and storing search queries of Site users for the purpose of summarizing and creating client statistics on the use of sections of the Site. The site administration automatically receives certain types of information obtained during user interaction with the Site, correspondence by email, etc. We are talking about technologies and services, such as web protocols, cookies, web tags, as well as applications and tools of the specified third party. However, web tags, cookies and other monitoring technologies do not automatically obtain Data. If a user of the Site at his own discretion provides his Data, for example, when filling out a feedback form or sending an email, then only processes for automatically collecting detailed information are launched for the convenience of using the Site and/or to improve interaction with Users.

10.4. Data usage

  • The site administration has the right to use the provided Data in accordance with the stated purposes of their collection with the consent of the Data subject, if such consent is required. The obtained Data in a generalized and anonymized form can be used to better understand the needs of buyers of goods and services sold by the Site Administration and improve the quality of service.

10.5. Data transfer

  • The site administration has the right to use the provided Data in accordance with the stated purposes of their collection with the consent of the Data subject, if such consent is required. The obtained Data in a generalized and anonymized form can be used to better understand the needs of buyers of goods and services sold by the Site Administration and improve the quality of service.

10.6. The Site contains links to other web resources where information may be useful and interesting to Site users. However, this Policy does not apply to such other sites. Users who follow links to other sites are advised to review the Data Processing Policies posted on such sites.

11. Final provisions

11.1. This Policy is a local regulatory act of the Site Administration. This Policy is publicly available. The public availability of this Policy is ensured by publication on the Site. This Policy may be revised in any of the following cases:

  • 11.1.1. when the legislation of the Russian Federation in the field of processing and protection of personal data changes;
  • 11.1.2. in cases of receiving instructions from competent government authorities to eliminate inconsistencies affecting the scope of the Policy;
  • 11.1.3. by decision of the Site Administration;
  • 11.1.4. when the purposes and terms of Data processing change;
  • 11.1.5. when changing the organizational structure, structure of information and/or telecommunication systems (or introducing new ones);
  • 11.1.6. when using new technologies for processing and protecting Data (including transmission, storage);
  • 11.1.7. when there is a need to change the Data processing process related to the activities of the Site.

11.2. An integral part of this Policy is the Consent to the processing of personal data posted on the Site.

11.3. This Policy applies directly and is interconnected with the User Agreement posted on the Site.