General Provisions 1.1. This Privacy Policy of SoulWave, the Operator (hereinafter referred to as the Policy and Operator, respectively), is developed in accordance with the requirements of the legislation, namely the law “On Personal Data” (hereinafter referred to as the Personal Data Law) and governs the issues of the Operator’s processing of the personal data of the Website Users. 1.2. Terms used in the Policy are defined as per Clause 1.6 of the Policy. The Policy applies to personal data processing relationships that arose with the Operator both before and after the approval of this Policy. 1.3. The Operator independently or jointly with other parties organizes the processing of personal data, determines the purposes of such processing, and establishes the operations performed with personal data. 1.4. The Policy applies to all personal data received by the Operator from the Website Users. 1.5. The Policy is published in the public domain on the Internet on the Website. 1.6. Key definitions used in the Policy: 1.6.1. Personal Data – any information related directly or indirectly to an identified or identifiable Website User. 1.6.2. Website – a set of logically interconnected web pages (web documents). 1.6.3. User – any individual who provides information to the Operator using the Website. 1.6.4. Information System of Personal Data – a set of personal data stored in databases and the technical means ensuring their processing. 1.6.5. Processing of Personal Data – any action or set of actions performed with personal data, with or without the use of automation tools, including:
collection;
recording;
systematization;
accumulation;
storage;
clarification (updating, modification);
retrieval;
use;
transfer (distribution, provision, access);
anonymization;
blocking;
deletion;
destruction. 1.6.6. Automated Processing of Personal Data – processing of personal data using computing tools. 1.6.7. Distribution of Personal Data – actions aimed at disclosing personal data to an undefined circle of persons. 1.6.8. Provision of Personal Data – actions aimed at disclosing personal data to a defined person or group of persons. 1.6.9. Anonymization of Personal Data – actions that make it impossible to determine the personal data owner without additional information. 1.6.10. Blocking of Personal Data – temporary cessation of personal data processing (except where processing is necessary for clarification). 1.6.11. Destruction of Personal Data – actions resulting in the inability to recover the content of personal data in the system and/or the destruction of physical personal data carriers. 1.6.12. Cross-border Transfer of Personal Data – transfer of personal data to a foreign country’s authority, foreign individual, or foreign legal entity.
Purposes of Personal Data Processing 2.1. The Operator processes personal data for the following purposes: 2.1.1. Processing User requests to conclude contracts with the Operator. 2.1.2. Conclusion and fulfillment of contracts with Users. 2.1.3. Providing Users access to information and materials on the Website. 2.1.4. Informing Users about goods, services, promotions, and other Operator events. 2.1.5. Other purposes necessary to comply with personal data legislation.
Categories of Processed Personal Data 3.1. The Operator processes the following personal data of Users: 3.1.1. Surname, first name, patronymic. 3.1.2. Phone number. 3.1.3. Address (residence). 3.1.4. Email address. 3.1.5. User identifier stored in cookies. 3.1.6. User’s source of entry to the Website. 3.1.7. Information on User’s search or advertising requests. 3.2. The Operator does not process special categories of personal data specified by the Personal Data Law. 3.3. The Operator does not process biometric categories of personal data specified by the Personal Data Law.
Procedure and Conditions for Processing Personal Data 4.1. The Operator processes personal data with the User’s consent, which is deemed obtained once the User marks the respective checkbox on the Website’s data collection form. 4.2. The Operator carries out Automated Processing of Personal Data. 4.3. The Operator processes personal data in a form allowing identification of the personal data subject for no longer than required to fulfill the processing purposes. 4.4. Upon achieving the processing purposes or receiving a User’s withdrawal of consent, personal data is destroyed unless otherwise required by law. 4.5. The Operator ensures the following personal data protection measures: 4.5.1. Ensuring personal data confidentiality. 4.5.2. Enabling personal data subject rights, including access to their information. 4.5.3. Maintaining data accuracy and timely updates for processing purposes. 4.5.4. Protecting personal data from unlawful or accidental access, destruction, alteration, copying, provision, distribution, or other unlawful actions. 4.6. The Operator takes sufficient measures to fulfill legislative obligations related to personal data processing and protection: 4.6.1. Assigning a Personal Data Security Officer. 4.6.2. Defining staff authorized to process personal data. 4.6.3. Implementing organizational and technical measures to protect data. 4.7. The Operator may transfer User personal data to third parties in the following cases: 4.7.1. The User has consented to such actions. 4.7.2. Transfer is necessary to fulfill a contract with the User. 4.7.3. Transfer is required to grant the User access to specific Website services.
