Name and contact details: When registering or subscribing to services, customers provide their first and last names, email addresses, phone numbers, and postal addresses. This data is used to identify the customer, communicate with them, and send information about orders and updates.
Payment information: To process payments, customers may provide credit or debit card details, bank account information, or payment system information such as PayPal. This data is necessary to carry out financial transactions and issue invoices.
Order history: Information about previous orders, including types of services ordered, dates, and payment amounts, is used to improve service quality, offer personalized services, and process repeat orders.
User Data
Names and nicknames: Users who leave reviews may provide their real names or use nicknames. This data helps identify the review author and ensures transparency and trust from other users.
IP addresses: IP addresses are collected to prevent fraud, track site activity, and ensure system security. This information may also be used to analyze the geographic location of users.
Geographic location: Data on the location of users may be collected to verify the authenticity of reviews and prevent abuse. It also helps provide more accurate and relevant services.
Devices and browsers: Information about the type of device, browser, and operating system used to access the site is collected to improve user experience and optimize site performance.
Browsing and activity history: Information about the pages users visit, the time spent on the site, and activities such as writing and submitting reviews is used to analyze user behavior and improve service.
Automatically Collected Information
Cookies: Cookies are used to store information about user preferences, authentication, and content personalization. This helps improve site usability and provide more targeted offers.
Analytical data: Web analytics systems, such as Google Analytics, collect data on site traffic, traffic sources, user behavior, and other metrics. This data is used to analyze the effectiveness of marketing campaigns and improve the site.
Information from Third Parties
Social networks: If users link their social network accounts with their account on the site, information from their profiles, such as name, photo, and friend list, may be collected. This is used to enhance functionality and provide a more personalized experience.
Payment systems and partners: Data obtained from payment systems and partners is used to verify transactions and ensure the security of financial operations.
Use of Information
Purpose of Use
Providing services: The collected data is used to fulfill orders and provide services to customers, including writing reviews on Google Maps and other platforms. This includes creating unique reviews, processing payments, and organizing service delivery.
Service improvement: Information about users and their preferences helps improve service quality. Data analysis allows identifying trends, forecasting customer needs, and adapting offers to their expectations.
Content personalization: Collected data is used to personalize content and offers presented to customers. This may include product or service recommendations tailored to the specific user's preferences.
Marketing and advertising: Information about customers is used to create marketing campaigns and promotional offers. This may include sending personalized promotional messages via email or SMS and placing ads on internet platforms.
Analytics and research: Data is used to analyze the effectiveness of business processes, monitor market trends, and conduct research. This helps optimize sales strategies, identify potential threats and opportunities, and make informed decisions.
Data Sharing
Partner companies: Some data may be shared with partner companies that collaborate with the company for writing reviews on Google Maps. This may include payment systems, service providers, marketing agencies, and other partners.
Government authorities: In case of a request from relevant government authorities, the company may be required to provide certain information about customers. This may include payment data, order information, and other information as required by law.
Data Anonymization
Aggregated statistics: Some data may be used in aggregated form to create statistical reports or research. In this case, personal identification of customers is not carried out, and the data cannot be linked to specific individuals.
Hashing and encryption: To ensure data security, methods such as hashing and encryption may be used. This helps protect confidential information from unauthorized access and use.
Responsibility for Data Use
Compliance with laws: The company undertakes to comply with all applicable laws and regulations concerning the collection, storage, and use of personal data. This includes compliance with GDPR, CCPA, and other legislative acts.
Confidentiality and security: The company undertakes to ensure the confidentiality and security of customer and user data. This includes protection against unauthorized access, loss, theft, or disclosure of data.
User consent: When using personal data, the company adheres to the principles of user consent and notification of the purposes of data use.
Organizational Security Measures
Data encryption: All transmitted data is protected by encryption protocols such as SSL/TLS to prevent interception and unauthorized access.
Network protection: Network protection measures such as firewalls and intrusion detection systems (IDS/IPS) are used to prevent unauthorized access to servers and databases.
Regular security audits: Regular security audits of the system are conducted to identify vulnerabilities and detect potential threats.
Data Protection
Technical Security Measures
Data encryption: All transmitted data is protected by encryption protocols such as SSL/TLS to prevent interception and unauthorized access.
Network protection: Network protection measures such as firewalls and intrusion detection systems (IDS/IPS) are used to prevent unauthorized access to servers and databases.
Regular security audits: Regular security audits of the system are conducted to identify vulnerabilities and detect potential threats.
Organizational Security Measures
Access policies: Strict access rules are established to limit access only to necessary information according to the roles and responsibilities of employees.
Employee training: All employees undergo training on information security issues, including procedures for handling confidential data and preventing information leaks.
Physical Security Measures
Restricted access: Physical access to servers and equipment containing confidential data is restricted and controlled.
Video surveillance and security: Video surveillance and security systems are used to ensure the safety of premises where equipment with data is located.
Incident Response Procedures
Response plans: Incident response plans are developed, including notification, isolation, and threat elimination procedures.
Monitoring and response: Continuous monitoring of the network and system for abnormal activity is conducted, as well as prompt response to detected incidents.
External Audits and Certification
Security audits: External security audits and system certification for compliance with security standards (e.g., ISO 27001) are conducted to confirm compliance with international information security standards.
Jurisdiction and Law
Determination of Jurisdiction
Geographical area: Jurisdiction determines the legal norms applicable in a specific geographic area where the company operates or provides services.
Laws and regulations: Jurisdiction includes laws and regulations establishing the rights and obligations of the company, its employees, and customers, as well as dispute resolution procedures and compliance obligations.
Application of Law
Local laws: The company is obligated to comply with the laws and regulations of the country or region where its activities are carried out or services are provided.
International law: In case of international activities, the company is also subject to international law, including treaties and agreements between states.
Legal Obligations
Compliance with regulations: The company is obligated to comply with all applicable regulatory requirements and standards, including data protection laws, consumer rights, taxation, and labor legislation.
Confidentiality and privacy: The company is obligated to ensure the confidentiality and privacy of personal data of customers and users, complying with relevant data protection laws and standards.
Dispute and Conflict Resolution
Judicial authorities: In case of disputes or conflicts, the company and its customers have the right to turn to judicial authorities to resolve legal issues and protect their rights.
Alternative dispute resolution methods: In addition, the company may offer alternative dispute resolution methods, such as mediation or arbitration, for quick and efficient conflict resolution without going to court.
Legal Consultations
Legal experts: The company may consult with legal experts and specialists on legal issues to ensure compliance with regulatory requirements and minimize risks.
Employee training: Company employees must be instructed on legal norms and company policies to avoid violations of legislation and comply with rights and obligations.
Changes in Legislation
Monitoring changes: The company must carefully monitor changes in legislation and adapt its actions and policies in accordance with new requirements and standards.
Policy updates: The company's policy must be periodically updated and adjusted in accordance with changes in legislation and the external environment.