Privacy Policy for riss-kaliningrad.com
1. Introduction
At riss-kaliningrad.com, we are committed to safeguarding the privacy and personal data of our users and visitors. We recognize the importance of transparency, data integrity, and ensuring compliance with all relevant privacy legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Your trust is paramount, and we aim to handle your personal information responsibly and lawfully.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to the personal data we collect through your use of the website riss-kaliningrad.com and related digital services. The entity responsible for data processing and acting as the Data Controller is RISS Kaliningrad, which determines the purposes and means of processing personal data collected via this website.
3. Categories of Data Processed
We may process the following categories of personal data based on your interactions with riss-kaliningrad.com:
a. Usage Data
Includes information about how you use our website, such as IP address, browser type and version, time zone setting and location, pages visited, access times, and referring website addresses.
b. Account Data
Includes your name, address, email address, telephone numbers, login credentials, and other information supplied upon account registration or form submission.
c. Profile Data
Includes your preferences, purchase history, feedback, survey responses, and behavioral trends while using our website.
d. Communication Data
Includes any correspondence you send us, including support inquiries, feedback, messages submitted through contact forms, and details of communications with our customer support team.
e. Technical Data
Includes data related to the devices you use to access riss-kaliningrad.com, such as IP addresses, device identifiers, operating system, browser configurations, screen resolution, and mobile device information.
f. Transaction Data
Includes data required to process purchases or service-related transactions, including contact, billing, payment method, delivery address, payment status, and order history.
g. Preference Data
Includes your consent for communications, marketing preferences, subscription choices, and interests related to our products, research, or other site offerings.
4. Legal Bases for Processing
We only process your personal data where a lawful basis exists under applicable data protection laws, including:
– Consent: Where you have provided explicit permission for us to process your data (e.g., for marketing emails).
– Contractual necessity: Where data processing is required to enter into or perform a contract with you.
– Legal obligation: Where we are required to comply with legal or regulatory obligations.
– Legitimate interests: Where processing is necessary for our legitimate business interests and does not override your data rights and freedoms (e.g., fraud prevention, service improvement).
5. Your Rights Under GDPR and CCPA
As a user, you have specific rights regarding your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right of Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: Under certain conditions, you may request the deletion of your data.
– Right to Restrict Processing: You may request limited processing of your data in specific circumstances.
– Right to Data Portability: You may request a copy of your data in a structured, machine-readable format, and have it transferred to another controller.
– Right to Object: You may object to processing based on legitimate interest or direct marketing.
– Right Not to Be Subject to Automated Decision-Making: You may request human intervention in cases of purely automated processing or profiling.
CCPA Rights for California Residents also include:
– Right to Know: You have the right to request details about the categories and specific pieces of personal data collected.
– Right to Delete: You may request the deletion of personal data collected from you.
– Right to Opt-Out of Sale: We do not sell your personal data, but you have a right to request restriction of such activity if it occurs.
– Right to Non-Discrimination: Exercising your rights under CCPA will not result in discrimination as defined under the Act.
To exercise any of the above rights, contact us via: [email protected].
6. Security Measures
We maintain robust technical and organizational security safeguards, including:
– End-to-end encryption of data in transit and at rest
– Restricted access to personal data on a need-to-know basis
– Routine risk assessments of our infrastructure and data assets
– Regular backups and redundant storage systems
– Staff training on data protection principles and breach response protocols
These measures are continuously evaluated and improved to ensure data confidentiality, integrity, and availability.
7. International Transfers
If your personal data is transferred outside of the European Economic Area (EEA) or your local jurisdiction, we implement appropriate safeguards, including:
– Standard Contractual Clauses approved by the European Commission
– Transfers to jurisdictions recognized as providing an adequate level of data protection
– Binding corporate rules (where applicable)
We also ensure third-party providers operate in compliance with relevant local laws regardless of their geographic location.
8. Data Retention
We retain your personal data only for as long as necessary, in accordance with the purposes set out in this Privacy Policy. This includes:
– Usage and Technical Data: stored for up to 12 months for analytics and performance optimization
– Account and Profile Data: retained for the duration of the account and 7 years thereafter for audit and legal compliance
– Communication Data: retained for 3 years from last correspondence
– Transaction Data: retained for 7 years for financial recordkeeping and compliance
– Preference and Consent Data: retained until consent is withdrawn or the data becomes obsolete
Upon expiry of applicable retention periods, data will be securely deleted or anonymized.
9. Cookie Policy
riss-kaliningrad.com uses cookies and similar technologies to enhance user experience and gather data for performance and analytics. Cookies may include:
– Essential Cookies: necessary for site navigation, login authentication, and transaction functionality.
– Functional Cookies: remember your preferences and past selections to streamline future visits.
– Analytics Cookies: collect aggregated data to understand user behavior and site usage.
– Performance Cookies: help improve website speed, responsiveness, and usability.
10. Cookie Management and Compliance
Upon your first visit to riss-kaliningrad.com, a consent banner allows you to manage cookie preferences in accordance with GDPR and CCPA requirements. You may withdraw or modify your consent at any time via the website’s cookie settings or your browser’s privacy settings.
We do not install non-essential cookies without explicit prior consent. We honor ‘Do Not Track’ browser signals and other mechanisms provided under applicable data protection laws.
11. Children’s Privacy
Our website and services are not directed to children under the age of 13. We do not knowingly collect personal data from children and comply strictly with applicable child privacy protection laws. If we discover that a child has submitted personal data without verifiable parental consent, we will delete the data promptly.
12. Privacy Policy Updates
We reserve the right to update this Privacy Policy periodically to reflect changes in legal, technical, or business developments. When changes are made, we will update this page and, where material, notify you through prominent on-site messages or direct communication.
We encourage users to review this page regularly to remain informed of how we are protecting their personal data.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
We are committed to resolving all privacy-related concerns promptly and transparently.
—
RISS Kaliningrad upholds the highest standards of data protection and privacy compliance. If you have privacy concerns or wish to exercise your rights, please contact us directly at [email protected].