Personal data protection policy in accordance with the requirements of Regulation No. 2016/679 of the European Parliament and the Council of the European Union "on the protection of individuals with regard to the processing of personal data and on the free movement of such data"
1. General information
RUFFELL HOLDING LIMITED, established and acting under the laws of the Republic of Cyprus, hereinafter referred to as Ruffell, hereby informs the subjects of personal data located on the territory of the European Union or personal data obtained from the territory of the European Union, about the principles of personal data processing used by Ruffell in accordance with the requirements of Regulation No. 2016/679 of the European Parliament and the Council of the European Union "on the protection of individuals with regard to the processing of personal data and on the free movement of such data" General Data Protection Regulation (hereinafter - GDPR).
Ruffell takes necessary and sufficient organizational and technical measures to protect the personal data of the above-mentioned persons from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, or other illegal actions taken by third parties.
2. When we can obtain personal information
2.1. Ruffell partners who are granted the right to use the computer program Ruffell, the rights to which belong to Ruffell, (hereinafter referred to as the Program), can transmit the data of its clients (hereinafter referred to as the Clients) directly to Ruffell for the following purposes:
- to create logins and passwords for the above-mentioned clients to be able to work with the program.
- to analyze the results of how the Clients work with the Program in order to provide them with an individualized approach to working with the Program
- for the organization of direct communication between Ruffell and its Clients, including for advertising mailing lists, if the Client has expressed the appropriate consent
- to facilitate collaboration between the Client and the Partner and to achieve good results of that collaboration.
2.2. Ruffell receives data from its Users which is automatically transmitted by the Ruffell site (hereinafter referred to as the Site) in the course of their using the software installed on a device.
All personal data is sent to Ruffell for strictly pre-determined purposes.
3. What personal data we process
3.1. Ruffell Partners can give us the following personal information from their Clients:
• Name, age, and contact details of Clients and their legal representatives
• Information about a Client received during the provision of services to the Client by the Partner, including data on working in the Program
• Photographic and/or video images
Ruffell Partners also provide us with data on their employees and third parties they use to provide services under agreements concluded between Ruffell and the Partner;
3.2. Ruffell can receive the following data from Site Users:
• Name and contact information
• Information about activity on the Site, including IP addresses, cookie data, information about browsers (or other programs that access the Site and the Program), technical specifications of the equipment and software used by Users, dates and times of access to the Program, addresses of requested pages, and other similar information.
3. Conditions for the processing of personal data.
Ruffell confirms the importance of processing personal data in accordance with GDPR and informs about the following:
3.1. The processing of Clients' personal data is carried out only if one of the following conditions is applied:
- The Client has consented to the processing of their personal data for one or more specific purposes.
- The processing is necessary in order for Ruffell to fulfill its legal obligations;
3.2. Considering that the agreement according to which the Client can access the Program is concluded between the Client and the Partner, we ask our Clients to take into account the following information:
- Compliance with GDPR is an integral part of any agreement between Ruffell and the Partner.
- Considering that the agreement according to which the Client can access the Program is concluded between the Client and the Partner, Ruffell commits to provide the Partner on a contractual basis with consent from Clients for the processing of personal data.
- When receiving personal data on Clients from Partners, Ruffell proceeds from the Partner's compliance with its obligations under the Agreement
- Ruffell will try to provide support to Clients when interacting with Partners on the processing of personal data, if necessary.
4. Data storage period
The storage of personal data is done no longer than the processing of personal data requires, if the period of personal data storage is not established by law or by agreement.
5. Rights of the subject of personal data in accordance with GDPR
For your convenience, Ruffell provides below a list of the rights of the subject of personal data provided by GDPR
- The right to access personal data
- The right to correct personal data
- The right to limit the processing of personal data
- The right to delete your personal data
- The right to transfer data
- The right to object to the processing of personal data
- The right to refuse marketing activities
- The right to file a complaint with a supervisory authority
6. Cross-border transfer
In accordance with predetermined legislative goals and requirements, Ruffell can transfer personal data to public or governmental bodies in order to fulfill its legal requirements.
Cross-border transfer of personal data to foreign territories that do not provide adequate protection of the rights of personal data subjects is carried out strictly if the subject has given consent and/or for the purposes of executing the agreement and/or to comply with legal requirements.
For the transfer of personal data to third parties located outside the territory of countries that are parties to the Council of Europe Convention on the Protection of Individuals with regard to the Automatic Processing of Personal Data and also from the territory of countries providing an adequate level of protection of personal data with relevant third parties (where applicable in accordance with applicable law on the protection of personal data), contracts are concluded containing the "Standard clauses of contracts" (SCC), guaranteeing observance of the rights and freedoms of personal data subjects. The list of third parties and the personal data transferred to them can be requested from the person Responsible for organizing the protection of personal data.
The site administration does not store personal data or passwords in cookies.
The User has the right to prohibit the saving of cookies on the computer used to access the Site by appropriately configuring their browser. It should be borne in mind that the services of the Site using this technology may not be available.
8. How to contact us regarding the processing of personal data
Individuals specified in section 1 can contact Ruffell and those designated by Ruffell as persons Responsible for organizing the processing of personal data regarding all issues related to the processing and protection of personal data using the following email: firstname.lastname@example.org