Privacy Policy "MerchHub Merchandiser"

Date of entry into force: 01 September 2018

1. General provisions
   Dawn" Ltd. (hereinafter referred to as "the operator") respects the right to privacy of persons using the operator's application. This document (hereinafter referred to as the "Policy") defines the Operator's policy with regard to the processing of personal data of Users and the information on the implemented requirements for the protection of personal data of Users.
   This Policy has been developed in accordance with the legislation on personal data protection and regulates the terms of processing of personal information received by Dawn (hereinafter - the operator) from the Users as a result of using the mobile application Merchandiser (hereinafter - the Appendix) of the operator.

2. Purposes of personal data collection
   The operator collects and stores only those personal data that are necessary for use in the application.
   The operator may use the User's personal data for the following purposes:

   • User identification;

   • communication with the User, including the provision of technical support to the User;

   • provision of services;

   • Improving the quality of the Application, their usability;

   • informing the Users about the innovations and updates in the Services.

3. Legal grounds for processing personal data
   The legal basis for processing personal data is the Federal Law of 27.07.2006 № 149-FZ "On Information, Information Technologies and Information Protection", the Federal Law of 27.07.2006 № 152-FZ "On Personal Data".

4. Volume and categories of processed personal data
   Within the scope of this Policy, the operator may organize the collection and processing of the following data:

   • personal information of the user (surname, first name, patronymic, phone number, e-mail address);

   • User's geoposition;

   • Photos taken by the User while working with the Application;

   • device identifier.

5. Procedure and conditions of personal data processing, personal data protection
   Personal information of the User is kept confidential.
   The Operator has the right to transfer the User's personal information to third parties if the transfer is necessary within the framework of the User's use of the Application;
   In accordance with reasonable and applicable requirements of the law, for example, to bodies of inquiry and investigation, other authorized bodies on the grounds provided by the current legislation of the Russian Federation.

6. Measures taken by the operator to protect personal data
   The Operator takes necessary and sufficient organizational and technical measures to protect the User's personal information from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties with it:
   
   

   • The Operator has accepted the documents defining the Operator's policy in respect of personal data processing, local acts on personal data processing issues, appointed a person responsible for organization of personal data processing;

   • legal, organizational and technical measures to restrict access to personal data are applied;

   • access to personal data is technically limited so that access to it can be obtained only by specially authorized employees through special encrypted communication channels.

   The personal data of Users collected by the operator is stored in/on premises/storage/media not accessible to unauthorized persons (including keyed premises). To prevent unauthorized access to personal data of Users via the Internet, the operator uses servers protected by firewalls and cryptographic means. The Operator also requires the observance of protection and security measures with regard to the personal data of Users from third parties to whom such data is transferred.

7. Terms of storage of personal data, destruction of personal data
   The user has the right to request from the operator: information on the processing of personal data, clarification of his personal data, blocking or destruction in the event that the personal data are incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as to take measures provided by law to protect their rights.
   The request to clarify, block or destroy personal data shall contain:

   1. number of the main document certifying the User's identity, information on the date of issue of the said document and the authority that issued it;

   2. information confirming the participation of the User in the relations with the Operator, or information otherwise confirming the fact of personal data processing by the Operator;

   3. Signature of the personal data subject or its representative;

The request may be sent in the form of an electronic document and signed by an electronic signature.
The request may be sent by e-mail to support@rassvet.ooo

The User has the right to withdraw his consent to processing of his personal data, but the operator has the right to continue processing of the User's personal data for the purpose of resolving disputable situations, fulfillment of his obligations to the User and agreements reached to ensure security in cases where the User's consent to processing of personal data is not required.

The condition for termination of processing of personal data is achievement of the purposes of processing of personal data, expiration of the term of consent or withdrawal of consent of the subject of personal data for processing of his personal data, as well as detection of illegal processing of personal data.

When storing personal data, the operator uses databases located in the territory of the Russian Federation in accordance with Part 5 of Article 18 of the Federal Law "On Personal Data".