PRIVACY POLICY

riornails.com website

The latest edition № UA-01

approved on 18.07.2024

І. TERMINOLOGY

1.1.      For a more accurate understanding of the terms of this Privacy Policy, the terms used in it have the following meanings:

1.1.1.   Privacy Policy - this document (Privacy Policy), which is available at the following link: https://riornails.com/info/privacy/

1.1.2.   Website - a web page located at riornails.com, including all subdomains (subfolders) owned by the Website Administration.

1.1.3.   Website Administration - is an individual entrepreneur Samolazova Maria Vadymivna (identificatiob code: 3607610829; address: 22 Korobova Street, apartment 59, Dnipro, 49128, Ukraine, registration number in the Unified State Register 2002240000000150145 dated 01.02.2021), registered in accordance with the current legislation of Ukraine and/or persons authorized by her to manage the Website. In the text of the Privacy Policy, a reference to the Website Administration means a simultaneous reference to the authorized persons of the Website Administration.

1.1.4.   User - an individual with full civil legal capacity and capacity to act who uses the Website.

1.1.5.   GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (available at https://eur-lex.europa.eu/eli/reg/2016/679/oj).

1.1.6.   Personal data - is any information relating to an identified or identifiable individual (User); an identifiable individual is a person who can be identified, directly or indirectly, in particular, by such identifiers as name, identification number, location data, online identifier or by one or more factors that are decisive for the physical, physiological, genetic, mental, economic, cultural or social essence of such an individual (para. 1 of Article 4 of the GDPR).

1.2.      Only the Website Administration, except for the court, has the right to interpret Політики конфіденційності, а також термінів, що в ній вживаються.

ІІ. TERMS

2.1.      The administration of the riornails.com Website and its authorized representatives respect the privacy of the Website Users and undertake to protect it using the privacy practices described in this Policy.

2.2.      This Privacy Policy specifies what Personal Data is collected by the Website Administration and how it is processed. The legal force of this Privacy Policy applies to the Personal Data that the Website Administration collects through the Website offline and online.

2.3.      The User is obliged to carefully read each clause of this Privacy Policy and, in case of disagreement with any clause, immediately stop using the Website.

ІІІ. COLLECTION OF PERSONAL DATA

3.1.      By using the Website, the User may provide the Website Administration with the following information:

3.1.1.   data that the User provides by filling out forms on the Website (in particular, but not exclusively “Comment to the order”). This includes Personal Data and contact information provided during registration, placing an order for a product/service, communicating with representatives of the Website Administration or other information provided by the User to the Website Administration, including

                        3.1.1.1. last name, first name and patronymic;

                        3.1.1.2. location (country, city);

                        3.1.1.3. address of the place of residence/stay;

                        3.1.1.4. telephone number;

                        3.1.1.5. e-mail address (email);

                        3.1.1.6. IP address.

3.1.2.   information about orders, filling the basket, purchases and other activities of the User on the Website;

3.1.3.   search queries on the Website.

3.1.4.   other Personal Data provided by the User to the Website Administration.

3.2.      If the User decides to provide information to the Website Administration outside the Website (for example, through the Instagram, Telegram, Viber, WhatsApp, etc. page), such information is transmitted by the User at their own risk and in accordance with the terms of the privacy policy of these platforms. The Website Administration is not authorized to establish rules regarding Personal Data on such platforms.

3.3.      If the User has provided the Website Administration with the Personal Data of third parties, it is presumed that the User has previously obtained consent from such third party to the processing of Personal Data. If it turns out that the User has not received consent to the processing of Personal Data of such third party, the User shall be solely responsible for such actions and shall settle all possible disputes on their own.

3.4.      The User agrees to record and store their conversation with the Website Administration in order to improve the quality of service, goods and services.

3.5.      The Website is not intended for persons under the age of 18 and the Website Administration does not knowingly collect Personal Data of such persons. The User under the age of 18 undertakes not to use the Website and not to provide any information to the Website Administration, not to make any purchases, not to use any functions of the Website or to provide any Personal Data. If the Website Administration becomes aware that Personal Data has been collected or received from a child under the age of 13 without confirmation of parental consent, the Website Administration will delete this information. If the User becomes aware that his/her child under the age of 13 has provided his/her Personal Data to the Website Administration, such User shall immediately contact the Data Protection Officer (DPO) by e-mail: riornails@gmail.com and provide the details by which the Website Administration will be able to identify such child and delete information about him/her.

IV. PERSONAL DATA PROCESSING

4.1.      The User gives the Website Administration consent to the processing of his/her Personal Data, in turn, the Website Administration collects the Personal Data of the Users to the extent necessary to provide services/sell goods, improve the quality of service, marketing and statistical purposes.

4.2.      The Website Administration acts as the administrator of the Personal Data of the Users and third parties whose data was provided by the Users.

4.3.      Personal data of Users/third parties and information collected through cookies or other similar technologies are processed by the Website Administration:

4.3.1.   for the provision of services/sale of goods (organization of their delivery) - in accordance with clause “b” of part 1 of Article 6 of the GDPR in order to obtain the necessary data for the User Agreement posted on the Website, organization of delivery of goods or other transaction to fulfill the User's order;

4.3.2. for analytical and statistical purposes - in accordance with clause “f” of part 1 of Article 6 of the GDPR in order to analyze the actions of Users, as well as their preferences to improve the function of the Website, services or goods;

4.3.3.   for the purpose of claim processing or defense against claims - in accordance with clause “f” of part 1 of Article 6 of the GDPR in order to protect the rights of the Website Administration;

4.3.4.   for marketing purposes - in accordance with clause “f” of part 1 of Article 6 of the GDPR for the purpose of generating, sending, publishing marketing content.

4.4.      The Website Administration processes the Personal Data of Users who visit the profiles of the Website Administration in social networks or messengers (TikTok, Instagram, WhatsApp, Telegram, Viber). This data is processed solely in connection with the maintenance of the profile, including to inform Users about the activities of the Website Administration and to promote various events, services and goods. The legal basis for the processing of personal data by the Website Administration for this purpose is its legitimate interest in promoting its own brand (in accordance with clause “f” of part 1 of Article 6 of the GDPR).

4.5.      The User's activities on the Website and Personal Data are registered in the internal databases of the Website Administration (a special computer program used to store a chronological record containing information about events and actions related to the IT system used to provide services/sell goods by the Website Administration). The information collected in such databases is processed primarily for purposes related to the provision of services/sales of goods. The Website Administration also processes them for technical and administrative purposes to ensure the security of the IT system and to manage this system, as well as for analytical and statistical purposes - in this regard, the legal basis for processing is the legitimate interest of the Website Administration (in accordance with paragraph “f” of part 1 of Article 6 of the GDPR).

4.6.      Personal data is processed until the User withdraws consent to processing or raises an objection to the processing of such data. Within a reasonable period of time, but not more than 5 (five) business days from the date of receipt of the request from the User by e-mail riornails@gmail.com, the Personal Data will be deleted or anonymized.

4.7.      The period of processing of Personal Data may be extended if processing is necessary to establish and consider possible claims or defense against them and within the limits provided by law. Upon expiration of the period of processing of Personal Data, it is irrevocably deleted or anonymized.

V. TRANSFER OF PERSONAL DATA

5.1.      The User's personal data may be disclosed to third parties on a periodic and temporary basis, in particular to providers of IT services, analytical, advertising and marketing tools, as well as organizations that ensure the sale of goods or provision of services by the Website Administration.

5.2.      On a periodic basis, in connection with the order of goods, the Website Administration transfers Personal Data to the following persons:

5.2.1.   Nova Poshta (carrier), represented by Nova Poshta Limited Liability Company (identification code: 31316718), namely: surname, name, patronymic (if any); location (country, city); address of residence/stay (in case of courier delivery); Personal data that may be contained in the User's comments to the order. Personal data is transferred to this company in order to organize the delivery of goods to the User.

5.2.2.   Tranzzo (acquirer), represented by FINANCIAL COMPANY FINEXPRESS Limited Liability Company (identification code: 39706018), namely: surname, name, patronymic (if any); telephone number; e-mail address (email). Personal data is transferred to this company in order to provide online payment for the order.

5.3.      On a temporary basis, the Website Administration transfers Personal Data to persons who are temporarily involved in the provision of certain services necessary for the economic activities of the Website Administration. The User has the right to receive information about the persons to whom their Personal Data is transferred. If the User categorically disagrees that his/her Personal Data is transferred to third parties, the User shall immediately notify the Website Administration thereof by sending an e-mail to riornails@gmail.com. Otherwise, it is presumed that the User does not object to this.

5.4.      The Website Administration reserves the right to disclose the User's Personal Data to the competent authorities or third parties requesting such information on the appropriate legal basis and in accordance with the provisions of applicable law.

5.5.      The User gives his/her consent to the Website Administration to transfer his/her Personal Data to the persons specified in this section. Such consent may be withdrawn by sending an e-mail to riornails@gmail.com.

VI. TRANSFER OF PERSONAL DATA OUTSIDE THE EEA

6.1.      The level of protection of Personal Data outside the European Economic Area (EEA) differs from the level provided by European legislation. For this reason, the Website Administration transfers Personal Data outside the EEA only if necessary and ensuring an adequate level of protection, primarily through

6.1.1.   cooperation with the subjects of Personal Data processing in the countries in respect of which the relevant decision of the European Commission has been issued to determine the appropriate level of Personal Data protection (the current information on the list of countries is contained in the relevant decision of the European Commission);

6.1.2.   application of standard contractual clauses issued by the European Commission, which provide Personal Data with the same protection to which they are entitled in the European Union;

6.1.3.   application of mandatory corporate rules approved by the competent supervisory authority.

6.2.      As of the date of approval of this Privacy Policy, the Website Administration does not transfer the Personal Data of Users outside the EEA.

 

VIІ. USER RIGHTS

7.1.      The user has the right to: access the data content and demand its correction, deletion, restriction of processing, the right to transfer data and the right to object to data processing, as well as the right to file a complaint with the authority responsible for the protection of Personal Data.

7.2.      If the User's data is processed on the basis of consent, it can be withdrawn at any time by contacting the Website Administration by sending a duly executed written request to the e-mail address riornails@gmail.com. The withdrawal of such consent does not affect the lawfulness of processing based on the consent that the Website Administration had before its withdrawal.

7.3.      Any clause of this Privacy Policy may not be construed as limiting the scope of the User's rights.

VIII. SECURITY OF PERSONAL DATA

8.1.      The Website Administration conducts a risk analysis on an ongoing basis to ensure that Personal Data is processed in a secure manner, ensuring that only authorized persons have access to the data and only to the extent necessary in accordance with the tasks they perform. The Website Administration ensures that all operations with Personal Data are processed only by authorized persons.

8.2.      The Website Administration shall take all necessary measures to ensure that its contractors guarantee the use of appropriate security measures whenever they process Personal Data on behalf of the Website Administration.

IX. FINAL PROVISIONS

9.1.      You can contact the Website Administration by e-mail: riornails@gmail.com or the address for correspondence: 22 Korobova Street, apartment 59, Dnipro, 49128, Ukraine.

9.2.      The Website Administration has determined the Data Protection Officer (DPO), who can be contacted by e-mail: riornails@gmail.com with any questions regarding the processing of Personal Data.

9.3.      The Privacy Policy is constantly reviewed and updated as necessary. In case of updating the Privacy Policy, the User will be notified by displaying clear information on the Website or by sending an e-mail to the User. In some cases, the User may be notified in advance of the update of the Privacy Policy. The new version of the Privacy Policy comes into force from the moment it is published on the Website.

9.4.      A User who does not agree with the terms of the Privacy Policy is obliged not to use the Website and must send a notice of termination of processing of the User's Personal Data to riornails@gmail.com.

9.5.      The current version of the Privacy Policy has been adopted and is effective since July 18, 2024. The fact of using the Website means full and unconditional consent to the current version of the Privacy Policy.