Effective date: 10.01.2020
This English version is a translation. Only the Russian version which can be found at http://nextgis.ru/privacy is legally binding.
1.1. This Policy is an integral part of Terms of Service available at http://nextgis.com/terms and User Agreements and Contracts for the specific Services, in case User Agreements and Contracts directly specify it.
1.2. Hereinafter the Policy uses the meaning of terms and expressions pursuant to the Terms of Service or User Agreements and Contracts for the specific Services, unless the Policy directly specifies or implies otherwise. If the definition is not provided, terms and expressions shall be construed pursuant to the laws of the Russian Federation.
1.3. By using Services in any way User signifies his/her acceptance of this Policy and terms for processing of his/her Personal information set out in the Policy. If User does not agree with these terms he/she should abstain from use of the Services.
1.4. Administrator contracts with third party service providers. These third party services may require access to User Personal information. For example, Administrator uses third party services to provide hosting, payment processing, customer support, data analytics, email automation, and other services. Administrator’s contracts with these services provide for the confidentiality and security of the User Personal information shared with them.
2. What information we collect about you
2.1. User Personal information (the “Personal information”) in this Policy means the following information, including personal data:
- mandatory information provided by User to Administrator during signup or authorization. This information includes User’s e-mail address, username and password;
- additional information which User can choose to provide to Administrator at his/her will either manually or by giving access to his/her accounts at other online resources. Such additional information may include: name, last name, phone number, company affiliation, country of residence, profile photo, links to User social media accounts, etc.;
- information provided by User to Administrator itself or through third party service providers during the use of the specific Services, including information provided through feedback forms or required for creation and execution of orders, agreements and invoices for paid Services, such as name, last name, address, phone number, occupation, company affiliation, billing details, additional email addresses, support requests, services feedback, etc.;
- data collected by Administrator itself or through third party service providers in automatic mode according to User software settings, including but not limited to: operating system, Internet Protocol (IP) address, cookie information, browser (or other software used to access the Services) identification information, technical parameters of User software and hardware, date and time of accessing the Services, accessed pages, information uploaded and/or downloaded during the use of the Services, User actions (clicks on certain links, accessed features, etc.).
2.2. Administrator does not verify Personal information provided to him and assumes the User acts in good faith, with due deliberation and applies reasonable efforts to keep his/her Personal information up-to-date.
2.3. Administrator does not control processing of Personal information of persons who are not Services Users. In case User uploads to Services personal data of third parties and/or uses Services to collect, process and publish such data, he/she bears full responsibility for obtaining consent of personal data subjects to perform such actions, for personal data safety and confidentiality, and for complying with other legal requirements, imposed by the Russian Federation laws and other applicable laws.
2.4. Administrator receives only partial information about User billing details from third party payment providers (such as name, billing address, email, phone number, IP address) and does not process any credit card/debit card data.
2.5. Administrator does not perform any automatic decision-making, including profiling, based on the collected Personal information. The monitoring of User behaviour during the use of the Services is performed only for the purpose of enhancement of performance and user experience of Services and for the development of new Services.
2.6. User can at any time request personal data collected by Administrator concerning him or her, by using relevant technical functionality in the Services or by sending the relevant request to firstname.lastname@example.org. Administrator provides requested personal data not later than 30 days after receipt of User request.
3. How we use Personal information we collect
3.1. Administrator processes Personal information only to the extent which is necessary in relation to the specific purposes for which Personal information is collected.
3.2. User accepts and agrees that Administrator processes Personal information for the following purposes:
- entering into User agreements and contracts with Users regarding the use of Services;
- identifying User in order to perform obligations under the existing User agreements and contracts;
- performing obligations under the existing User agreements and contracts, including provision of User access to Services;
- contacting User by sending him notices, requests and information related to the use of Services and/or execution of contracts, including notices about changes in Administrator Terms of Service, User agreements and/or Policies, changes in terms and forms of payment, changes in technical functionality of the Services, release of new Services;
- processing of User requests, notices and feedback, including User requests for free consultations made during signup process by selecting the relevant option in the signup form;
- providing technical support related to the use of Services;
- enhancing performance and user experience of Services, developing new Services;
- marketing and other research based on depersonalised data.
3.3. By using Services User gives his consent to receive advertising messages from Administrator in regard to the Services, and for his/her personal data to be processed by Administrator for the purpose of advertising of Administrator services in accordance with Article 18(1) of the Federal law “On advertising” and Article 15(1) of the Federal law “On personal data”.
3.4. User can at any time waive his consent to receive advertising messages by using relevant technical functionality (“Unsubscribe” link in the email) or by sending the relevant request to email@example.com.
4. How we store and protect your Personal information
4.1. Administrator takes all necessary and sufficient legal, organizational and technical measures to protect Personal information from illegal or accidental access, removal, editing, blocking, copying, publishing or other unauthorized action by third parties.
4.2. Administrator stores and processes Personal information in accordance with its internal rules and regulations. Administrator processes User personal data in accordance with Federal law “On personal data”.
4.3. User Personal information is confidential except when User voluntarily makes it available to general public. User accepts and agrees that use of some of the Services technical functionality leads to making part of his/her Personal information available to general public.
4.4. Administrator arranges storage of Personal information inside the Russian Federation. By providing to Administrator their Personal information non-Russia-resident Users accept and agree that their Personal information will be processed and protected according to Russian laws on personal data which can differ from laws in User country of residence.
5. How we share Personal information we collect
5.1. User accepts and agrees that Administrator can transfer Personal information to third parties in the following cases:
- User gave his consent for such transfer;
- such transfer is necessary for functioning of Services according to the Administrator’s obligations under his agreement with User (for example, when third party hosting or email automation services are used by Administrator);
- such transfer is necessary for collection and processing of depersonalised data for enhancing performance and user experience of Services (for example, when Administrator uses third party analytics services);
- following request from court or other designated authority made according to the valid legal procedure;
- in the event of a sale or merger of all or any portion of Administrator’s business units;
- for protection of rights and interests of Administrator and third parties in case User violates NextGIS Terms of Service, present Policy and/or User Agreements and Contracts for the specific Services;
- for other legitimate business purposes or legal obligations of Administrator.
5.2. Administrator does not sell User Personal information to advertisers, data brokers or other third parties.
6.2. User is aware that hardware and software used for his/her web browsing may ban operations with cookie files for all or selected websites and remove previously received cookie files.
6.3. Administrator may provide access to the specific Services on a condition that User accepts operations with cookie files.
6.4. Structure, content and technical parameters of cookie files are set by Administrator and can be changed without User prior notification.
6.5. Trackers placed by Administrator at Services pages can be used to analyse User’s cookie files, to collect and process statistical data on how Services are used, to maintain Services or their separate functions. Trackers technical parameters are set by Administrator and can be changed without User prior notification.
7. How you can edit or remove your Personal information
7.1. User can at any time edit in his/her account Personal information provided during signup or authorization.
7.2. Personal information can be removed:
- by User when editing Personal information in his/her account;
- by Administrator when User requests to remove his/her account completely;
- by Administrator when Administrator removes User account according to NextGIS Terms of Service or User Agreements and Contracts for the specific Services;
- by Administrator when User withdraws his/her consent for processing of his/her personal data and this data is no longer required for the purposes outlined in this Policy.
7.3. Administrator is obliged to remove Personal information from his servers not later than:
- 6 (six) months after its edit/removal by User or User account removal, except for the cases when different term is required according to Russian federal laws;
- 30 (thirty) days after User withdraws his/her consent for processing of his/her personal data and this data is no longer required for the purposes outlined in this Policy.
7.4. To enhance performance and user experience of Services Administrator can store logs with depersonalised data on User actions for 3 (three) years.
8. Amendments to the Policy
8.1. Administrator may modify/update this Policy from time to time without giving any prior notice. The most current version of the Policy is available at http://nextgis.com/privacy. Administrator recommends Users to check this page for updates. By continuing to access or use the Services after Policy was modified/updated, User agrees to be bound by the updated Policy.
9.1. All questions, notices and claims regarding the present Policy and processing of User Personal information by Administrator should be sent to firstname.lastname@example.org or to the following postal address:
Office 201, 23B bld. 20 Novaya Basmannaya street
Moscow, 107078, Russia