1. GENERAL PROVISION
Data controller is a natural or legal person who interacts with the User, collects data and determines how to process it.
Data Operator (Processor) is a natural or legal person who receives data from the controller, stores it or processes it in some way, at the direction of the controller.
The data subject (hereinafter referred to as the "User") is an individual who uses the Application, and whose Data is processed by the Administration.
Kalinovskaya Anastasia Sergeevna (hereinafter referred to as the “Administration”) is an individual with a location address (Republic of Belarus, Minsk, Sergei Yesenin st., 22) and acts in accordance with the legislation of the Republic of Belarus. The administration is at the same time a controller, an operator (processor) as these terms are understood in the General Data Protection Regulation ("GDPR") of the European Union. The Administration independently organizes and (or) carries out the processing of the Data, and also determines the purposes of the Data processing, the composition of the data to be processed, the actions (operations) performed with the data. The Administration is the copyright holder of the Application.
This Policy defines and describes how the Administration collects, stores, transfers and uses Data and other information about Users using the Application. The administration pays great attention to the protection of data and other information provided by Users, and ensures their protection in strict accordance with applicable laws and regulations.
User data covers any information that the Administration can receive when using the Application by Users.
The Administration can change this Policy at its discretion without prior notice to the Users, if the User continues to use the Application after the publication of a new version of the Policy, the User automatically agrees to the changes. The administration recommends the User to regularly check the terms of this Policy for changes.
The administration guarantees that:
The Administration processes User Data in the following ways:
2. PURPOSE OF DATA PROCESSING
2.1.The Administration processes User Data for the following purposes:
2.1.1.Fulfillment of the obligations of the Administration to the Users of the Application for processing User photos using machine learning in order to select makeup on the server.
2.1.2.For other purposes necessary for the functioning of the Application and the fulfillment of other obligations of the Administration to the Users of the Application in accordance with the Agreement.
3. COMPOSITION OF DATA
3.1 User data processed by the Administration includes:
3.1.1.Photos of Users;
3.1.2. ID (unique identifier), or other anonymized data about the account in social networks.
3.2. The Administration can also process other information about the User's IP address in order to send the result of processing the User's photo to the User's mobile device, information about the User's IP address is stored up to 30 (thirty) minutes from the moment the User sends the photo for processing.
3.3. The Administration also receives anonymized information about the region, the version of the operating system of the User's mobile device, the model of the User's mobile device, actions within the User of the Application from Google Firebase, Google Play Console, App Store Connect services, the processing of this information is based on agreements (contracts) between the User. and the copyright holders of Google Firebase, Google Play Console, App Store Connect.
4. STORAGE AND TRANSFER OF DATA
4.1 The Administration will temporary store User Data only as long as this information is necessary for the purposes of processing the Data specified in this Policy. The Administration will delete forever the User's Data after processing them within 30 (thirty) minutes from the moment the User sends a photo for processing.
4.2.All collected Data is stored in impersonal electronically way. The Administration applies all necessary measures and procedures to prevent unauthorized access and maintain an appropriate level of Data protection.
4.3. By accepting this Policy, the User agrees to the transfer and temporary storage of Data on the servers of the Administration located on the territory of the Russian Federation. If the User is in a jurisdiction where the transfer of Data to another jurisdiction requires the consent of the User, then using the Application, the User provides the Administration with his explicit and unambiguous consent to such transfer, storage and / or processing of information in other jurisdictions, including the Russian Federation. Since the Russian Federation is a jurisdiction outside the European Economic Area, which has not been recognized by the European Commission as providing an adequate level of protection of personal data, the Administration takes appropriate measures to ensure the processing of Data in accordance with the applicable rules for the protection of personal data in the EU.
4.4.By accepting this Policy, the User agrees to the Administration to store temporary a copy of the User's Personal Data in the United States, the European Union and the Russian Federation.
4.5. If the User is located in the EU, the User can contact the Administration using the contact information specified in section 12 of this Policy to obtain information on the procedure and technologies used by the Administration when transferring User Data outside the EU.
5. DATA PROTECTION
5.1. The Administration takes reasonable and appropriate administrative, technical, organizational, physical security measures in accordance with market standards and applicable law to ensure adequate protection of User Data from accidental or illegal destruction, manipulation, damage, loss, alteration, unauthorized or illegal access, disclosure, unlawful use or any other illegal form of Data processing. The Administration controls and records access to User Data. The Administration is constantly developing and improving technologies for protecting User Data. The administration regularly conducts training for employees on security, confidentiality and protection of User Data. The User understands and agrees that no technology for protecting data transmission over the Internet does not guarantee complete security, therefore the User provides the Data at his own peril and risk.
5.2. The Administration appoints Anastasia Sergeevna Kalinovskaya as the person responsible for the security of User Data and the person who interacts with Users on issues related to the processing of User Data. The user can contact Kalinovskaya A.S. according to the contact details specified in section 12 of this Policy.
6. RIGHTS AND OBLIGATIONS
6.1. The Administration is obliged:
6.1.1. Arrange the processing of Data in strict accordance with applicable laws, regulations and this Policy.
6.1.2. Respond to requests and inquiries from Users and their legal representatives in strict accordance with applicable laws, regulations and this Policy.
6.1.3. Provide User Data at the legitimate request of government agencies in connection with any request, subpoena, court order, other legal or regulatory procedures in strict accordance with applicable laws and informative acts.
6.2. The User has the right to:
6.2.1. Access to its Data;
6.2.2. Receive an electronic copy of the Data processed by the Administration;
6.2.3. Delete or restrict the processing of Data;
6.2.4. Withdraw its consent to the processing of Data;
6.2.5. Provide the Application with temporary or permanent access (permission) to the camera of the mobile device and / or to the place where photos are stored. The Administration uses the access provided by the User only for the functioning of the Application;
6.2.6. Receive information from the Administration about any breaches of Data security.
6.2.7. Transfer the Data for processing to another person.
6.3. The Administration takes all reasonable measures to ensure the implementation of the User's rights in relation to the Data. The user can contact the person specified in clause 5.2 of this Policy with a request to exercise the rights specified above. The contact details of the person specified in clause 5.2 of this Policy are indicated in section 12 of these Rules. The User's request is processed within 30 (thirty) days from the date of receipt of the User's request.
7. MINOR DATA
7.1. The Administration deliberately does not collect Data from minors. If you are a legal representative of a minor User and you know that a minor User has provided the Administration with his Data without your consent, please contact the person specified in clause 5.2 of this Policy using the contact information specified in section 12 of this Policy.
8. TRANSFER OF DATA TO THIRD PARTIES
8.1. Except as expressly specified in this Policy, the Administration does not transfer any User Data to third parties, except at the legitimate request of state authorities in connection with any request, subpoena, court order, other legal or regulatory procedures that the Administration is obliged to comply with. The Administration may also transfer Data to protect their rights, property or safety, as well as the rights, property or safety of others, or to defend against legal claims.
9. LIMITATION OF LIABILITY
9.1. The Application is not a public source of User Data.
9.2. The Administration informs Users that this Policy is applicable only to the processing of Data by the Application. The Administration does not control and is not responsible for the use of sites and applications of third parties to which the User can access through the advertisements shown to the User in the Application in the cases provided for by the Agreement. The user uses third-party applications and sites at his own risk.
10. PROCEDURE FOR WITHDRAWAL CONSENT TO DATA PROCESSING
10.1. The user can revoke his consent to the processing of the Data or restrict the processing of the Data by contacting the person specified in clause 5.2. of this Policy with the appropriate reference.
10.2. The User's appeal is considered within 30 (thirty) days from the date of receipt of the User's appeal.
11. APPLICABLE RIGHT
11.1. The interpretation of the provisions of this Policy is governed by the legislation of the Republic of Belarus and applies to claims for violation of the provisions of this Policy, regardless of the principles of conflict of laws. The User agrees to the exclusive jurisdiction and venue of the court hearings in Minsk, Republic of Belarus. This Policy is fully compliant with the provisions of the European Union General Data Protection Regulation ("GDPR"), California Consumer Privacy Act 2018 ("CCPA"), US Electronic Communications Privacy Act 1986 ("ECPA") , Email Privacy Act 2016, California Electronic Communications Privacy Act 2015 (CalECPA), Swiss Federal Data Protection Act 2016 ("FDPA"), Federal Law of the Russian Federation of July 27, 2006 N 152-FZ "On Personal Data" and other applicable regulations.
12. CONTACT DETAILS
Kalinovskaya Anastasia Sergeevna
Citizen of the Republic of Belarus
Republic of Belarus, Minsk, Sergei Yesenin st., 22