Privacy Policy for riss-kaliningrad.com
1. Introduction – Our Commitment to Your Privacy
RISS Kaliningrad (“Company”, “we”, “our” or “us”) is committed to protecting and respecting your privacy. This Privacy Policy informs you of how we collect, use, disclose, and safeguard your personal data when you visit or interact with our website available at https://riss-kaliningrad.com (the “Website”). We uphold the principles of lawfulness, fairness, and transparency in accordance with applicable privacy laws, including the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
We prioritize your privacy by implementing stringent safeguards designed to secure your personal data and grant you clear rights regarding its management.
2. Scope of this Privacy Policy and Data Controller Role
This Privacy Policy applies to personal data collected and processed through the operation of our Website and provision of services to visitors, subscribers, clients, and other users (“you” or “your”).
For the purposes of the GDPR, the data controller responsible for your personal data is:
RISS Kaliningrad
Website: https://riss-kaliningrad.com
Contact Email: [email protected]
3. Categories of Data We Process
We only collect and process personal data necessary for the operation, enhancement, and protection of our services. The following categories of data may be collected:
a. Usage Data
Includes data about your interactions with our Website such as IP address, browser type, operating system version, pages you viewed, access times, and referring URLs.
b. Account Data
Includes full name, postal address, email address, telephone number, or other identifiers you voluntarily provide when creating an account or completing contact forms.
c. Profile Data
Includes data related to your preferences, chosen language, browsing behavior, purchase history, and other profile settings you may configure.
d. Communication Data
Includes records of your interactions with us, including support requests, service inquiries, submitted complaints, and correspondence history.
e. Technical Data
Includes device identifiers, screen resolution, connection time settings, system configuration, and hardware details sent automatically by your device.
f. Transaction Data
Includes payment information, billing details, delivery addresses, and evidence of completed or attempted transactions made through the Website.
g. Preference Data
Includes your expressed or inferred marketing preferences, newsletter subscriptions, and interests in specific services or products.
4. Legal Bases for Processing Your Information
We only process your personal data where we have a valid legal basis under applicable law. These include:
– Consent: Where you have provided explicit consent for specific uses of your data (e.g., receiving newsletters).
– Contractual Necessity: Where processing is necessary to fulfill an agreement or pre-contractual measures with you.
– Legitimate Interests: Where processing is based on our legitimate interest in operating and improving our services, except where such interests are overridden by your data protection rights.
– Legal Obligation: Where we are legally required to process your personal data.
5. Your Data Protection Rights
Subject to applicable laws, you have the following rights relating to your personal data:
– Right of Access: You can request a copy of the personal data we hold about you.
– Right to Rectification: You can request correction of inaccurate or incomplete data about you.
– Right to Erasure: You may request deletion of your data where legally permissible.
– Right to Restriction: You may ask us to restrict the processing of your data under certain circumstances.
– Right to Portability: You have the right to receive a copy of your data in a structured, commonly used format, and to transmit it to another controller.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw your consent at any time.
– Right to Object: Where data is processed under legitimate interests, you may object to such use of your data.
To exercise your rights, please contact us at [email protected]. We will respond to your request in accordance with applicable legislation.
6. Data Security Measures
We implement industry-standard security practices to ensure the confidentiality, integrity, and availability of your data, including:
– Encryption of data in transit and at rest where applicable
– Role-based access controls and authentication protocols
– Regular security audits and vulnerability assessments
– Secure data backups and data recovery systems
– Employee data protection training and privacy awareness programs
7. International Data Transfers
Our services may involve transferring your personal data to countries outside the European Economic Area (EEA) or your jurisdiction, in which case we ensure appropriate safeguards are in place. These may include use of European Commission-approved Standard Contractual Clauses or equivalent legal instruments.
8. Data Retention
We retain your personal data only as long as necessary for the purposes for which it was collected or to comply with applicable legal obligations. Typical retention periods include:
– Usage Data: up to 12 months
– Account Data: for the duration of your account and up to 5 years after closure
– Transaction and Financial Data: 7 years for audit and compliance
– Communications: 3 years from the date of the last interaction
– Preference and Technical Data: as long as reasonably necessary or until you update your preferences
Data is securely deleted or anonymized when it is no longer required.
9. Cookie Policy
Our Website uses cookies and similar technologies to enhance user experience and collect usage statistics. Cookies we utilize include:
– Essential Cookies: Required for Website operation, such as session identifiers and security tokens.
– Functional Cookies: Enable personalization features and user preferences.
– Analytics Cookies: Collect anonymous information about Website usage to help improve our services.
– Performance Cookies: Monitor system performance and loading times.
Third-party analytics services (such as Google Analytics) may place cookies for statistical reporting.
10. Cookie Management and Legal Compliance
You may configure your browser to refuse some or all cookies or to prompt before accepting. Our cookie banner enables explicit opt-in consent for non-essential cookies, in accordance with GDPR guidelines and CCPA requirements.
California residents have the right to opt out of the “sale” of their personal data (as defined under CCPA). We do not sell personal data in the conventional sense, but any applicable opt-out rights may be exercised by contacting us via [email protected].
11. Children Under 13
Our Website is not directed to children under the age of 13. We do not knowingly collect or solicit personal data from minors. If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to remove the information promptly.
12. Changes to This Policy
We reserve the right to amend this Privacy Policy at any time to reflect changes in our practices, technology, or legal obligations. Any changes will be posted on this page. We encourage users to periodically review this page to stay informed of how we protect their data. Any material changes affecting your rights will be notified prominently.
13. Contact Us
Questions, concerns, or requests regarding this Privacy Policy or how we process your personal information can be directed to:
Email: [email protected]
Website: https://riss-kaliningrad.com
We are committed to full compliance with all privacy obligations under applicable law and encourage you to contact us with any privacy-related concerns.