Top.Mail.Ru
? ?

Privacy Policy

Updated: July 13 2023, 17:28 MSK
Location: https://www.livejournal.com/legal/privacy-en.bml?r=1207

The Privacy Policy defines the Company’s policy regarding the processing of Users’ Data when they use the Service, and also contains information about the implemented requirements for the protection of Users’ personal data.


  1. TERMS

    1. Company — a legal entity providing the Service to Users: Limited Liability Company «SIM» (PSRN 5167746322497; address: 117105, Moscow, Varshavskoe highway, 9, building 1, premises D, room 5).
    2. Resource — the Company’s website, software and/or other online resource.
    3. Service — the functionality of the LiveJournal service, which provides Users with the ability, among other things, to maintain blogs, post entries and comments.
    4. User — an individual using the Service.
    5. Data — the User’s personal data, as well as other user information.

  2. APPLICABILITY OF THE POLICY

    1. By using the Service (including accessing the Resource, Registration, Authorization), the User agrees to the Company’s Data processing terms described in this Privacy Policy (the «Policy»). If the User does not agree to such terms, the use of the Service, including access to the Resource, must be discontinued.
    2. The Policy may be amended by the Company. The amended Policy will be posted on the Resource. By using the Service after the Policy has been amended, the User agrees to the amended Data processing terms.

  3. PURPOSE AND CONDITIONS OF PROCESSING

    1. The Company processes Data for the purpose of providing the Service, including:
      • ensuring the operation of the Service;
      • improving the quality and usability of the Service;
      • creating and developing existing and new products of the Company and its partners;
      • personalizing content and other offers;
      • delivering messages to the User;
      • receiving Users’ inquiries and providing responses to such inquiries;
      • conducting statistical and other studies on the use of the Service.

      For this purpose, the Company processes the following Data: surname, first name, patronymic; sex; date of birth; email address; information collected via metric programs; userpic; information about the user’s device; cookies; user identifier; usage data; login and password; network address; third-party service account.

    2. For the purpose specified in clause 3.1 of the Policy, the following processing conditions apply:
      1. The Company does not process biometric or special categories of Users’ personal data. The personal data processed by the Company belong to other categories of personal data.
      2. List of actions with Data: collection, recording, systematization, accumulation, storage, updating (refreshing, modifying), retrieval, use, transfer (disclosure, access), anonymization, blocking, deletion and destruction. These actions may be performed both manually and automatically.
      3. Data processing and storage period: until the processing purpose is achieved, until the consent expires or until consent is withdrawn (if there are no other grounds for processing such Data), whichever event occurs first.
    3. The Company undertakes to ensure the recording, systematization, accumulation, storage, updating (refreshing, modifying), and retrieval of Users’ personal data using databases located within the territory of the Russian Federation.
    4. To provide the relevant Service to the User, the Company may, if there is a legal basis, transfer (disclose, grant access to) Data for their subsequent processing to service providers and partners specified in the Company’s relevant documents posted on the Resource.

  4. BASIS FOR PROCESSING

    1. The legal bases for the Company’s processing of Data include, among others:
      • the User’s consent;
      • performance or conclusion of the User Agreement or other agreements with the User;
      • exercising the rights and legitimate interests of the Company or third parties, provided that the User’s rights and freedoms are not violated;
      • processing for statistical or other research purposes, provided that Data is anonymized;
      • necessity to process Data to achieve purposes provided by law, as well as to fulfill obligations imposed on the Company by legislation.

  5. USER RIGHTS

    1. The User has the right to:
      • receive information concerning the processing of their Data;
      • request the Company to update their Data, block it or delete it if it is incomplete, outdated, inaccurate, unlawfully obtained or unnecessary for the declared processing purpose;
      • withdraw consent to the processing of their Data by submitting a request to the Company.

  6. COOKIES USAGE TERMS

    1. To fulfill the Terms of Use and for the purpose specified in clause 3.1 of the Policy, the Company processes cookies, including for ensuring the operation of the Service; personalizing Content and other offers; conducting statistical and other studies on the use of the Service. The User may view the cookies’ validity period and disable their storage in their browser settings.
    2. Cookies and other information may be processed, among other things, using metric programs, in particular, Статистика от SberAds, Yandex.Metrica, Mediascope, AppMetrica.

  7. DATA DESTRUCTION PROCEDURE

    1. For Data processed by the Company for the purpose specified in clause 3.1 of the Policy, a uniform destruction procedure applies in accordance with the legislation of the Russian Federation and the Company’s local regulations.
    2. Data must be destroyed by the Company, in particular, if the processing purpose has been achieved or if the User has withdrawn consent to their processing (and there are no other grounds for processing such Data), or if unlawful processing has been detected.
    3. If the processing purpose has been achieved, the Company shall cease processing the Data and destroy it within a period not exceeding 30 days from the date the processing purpose was achieved. If the User withdraws consent to the processing of their Data, the Company shall cease processing it and, if the Data is no longer required for the processing purpose, destroy it within a period not exceeding 30 days from the date of receipt of such withdrawal.
    4. If unlawful processing of personal data by the Company is detected, the Company shall cease such processing within a period not exceeding 3 business days from the date of detection. If it is impossible to ensure lawful processing, the Company shall destroy such Data within a period not exceeding 10 business days from the date of detecting unlawful processing. The Company shall notify the User about the elimination of violations or the destruction of Data.

  8. INFORMATION ON IMPLEMENTED PROTECTION REQUIREMENTS

    1. The Company undertakes to ensure the confidentiality of Users’ personal data.
    2. The Company ensures the security of Users’ personal data through the implementation of legal, organizational and technical measures.
      1. Legal measures taken by the Company include:
        • issuing documents defining the policy on personal data processing, local acts on personal data processing, as well as local acts establishing procedures aimed at preventing and detecting violations of the legislation of the Russian Federation, and eliminating the consequences of such violations.
      2. Organizational measures taken by the Company include:
        • providing unrestricted access to the Policy and information on implemented personal data protection requirements;
        • conducting internal control and/or audit of compliance with personal data processing under Federal Law of the Russian Federation No. 152-FZ of 27.07.2006 «On Personal Data» (the «Law») and regulatory legal acts adopted in accordance with it, personal data protection requirements, the Company’s policy on personal data processing, and the Company’s local acts;
        • assessing the harm that may be caused to personal data subjects in case of violation of the Law, and balancing such harm against the measures taken by the Company to ensure compliance with the obligations under the Law;
        • familiarizing employees directly involved in personal data processing with the provisions of the Russian Federation’s legislation on personal data, including personal data protection requirements, documents defining the Company’s policy on personal data processing, and local acts on personal data processing, and/or training such employees;
        • appointing a person responsible for organizing personal data processing;
        • appointing a person responsible for ensuring the security of personal data in personal data information systems (PDIS);
        • approval by the Company’s head of a document defining the list of persons who need access to personal data processed in PDIS to perform their official (employment) duties;
        • ensuring the safety of personal data storage media;
        • accounting for machine-readable personal data media;
        • identifying threats to personal data security during their processing in PDIS;
        • organizing a controlled zone within which stationary technical means processing information and information security means, as well as operational support means, are permanently located;
        • organizing security procedures for premises where PDIS is located, preventing uncontrolled entry or presence of persons not authorized to access such premises.
      3. Technical measures taken by the Company include:
        • using information security tools that have undergone compliance assessment with the requirements of the Russian Federation’s legislation in the field of information security, if such tools are necessary to neutralize current threats;
        • assessing the effectiveness of measures taken to ensure personal data security before putting PDIS into operation;
        • establishing rules for access to personal data processed in PDIS, as well as ensuring registration and accounting of all actions performed with personal data in PDIS;
        • detecting unauthorized access to personal data and taking measures, including measures to detect, prevent and eliminate the consequences of cyberattacks on PDIS and to respond to cyber incidents in them;
        • restoring personal data modified or destroyed due to unauthorized access;
        • monitoring the measures taken to ensure personal data security and the level of PDIS protection.

  9. MISCELLANEOUS

    1. The User is responsible for the lawfulness, relevance and accuracy of the User’s Data and other persons’ data provided by the User to the Company.
    2. The Company handles inquiries related to the Policy, including Users’ requests regarding the use of their Data, at the following address: 117105, Russia, Moscow, Varshavskoe highway, 9, building 1.
    3. This Policy is written in Russian. The English version is a translation provided solely for the convenience of reviewing the Policy text. In case of any discrepancy between the Russian text and its translation, the Russian version of the Policy shall prevail.
Image