1. General provisions
The Internet portal itBoat.com (hereinafter “company”), in the performance of its main activities, processes the personal data of different categories of subjects using information systems.
In organizing and carrying out the processing of personal data, the company is guided by the requirements of the relevant European Union legislation.
For the purposes of this policy, personal data refers to any information provided through the company's websites and/or collected using such websites, relating to the directly or indirectly identified or identifiable individual (the subject of personal data).
2. Collection of personal data
The company collects information via Internet sites in two ways:
- Personal data provided by users
The company collects personal data that users or other persons on their behalf enter into data fields on its websites.
- Passive collection of personal data on current connections in terms of statistical information
The company's websites may collect statistical data about the user, including
- Pages visited;
- The number of visits to the pages;
- The duration of the user session;
- Entry points (third-party sites from which a user links to the company's sites);
- Exit points (links on the company's sites from which a user links to third-party sites);
- User's country;
- User’s region;
- User's provider;
- User's browser;
- User's system languages;
- User's OS;
- User's screen resolution;
- Number of colors on the user's screen.
The data may be collected using various methods, such as cookies, web beacons, etc. The company may use third-party web services to organize the collection of statistical personal data; these web services provide for the storage of the obtained data on their own servers. The company is not responsible for the localization of servers of third-party Internet services.
The company does not compare the information provided by the user independently and allow for the identification of the personal data subject with the statistical personal data obtained through similar passive data collection methods.
3. Purposes of collecting and processing of users' personal information
The company only collects and stores personal information required to provide its services. The personal information of the website user can be used for the following purposes:
- Identification of a party under agreements and contracts;
- Providing services to the user;
- Communication with the user, including sending notifications, requests and information regarding the use and provision of services as well as processing requests and applications from the user;
- Improving the quality of services, convenience of their use and development of new services;
- Targeting of advertising materials;
- Carrying out statistical and other research based on impersonal data.
4. Principles and conditions of personal data processing
The processing of personal data in the company is lawful and fair and limited to achieving specific, predetermined and legitimate purposes.
Only personal data suitable for the purposes for which it is processed may be processed. The content and scope of personal data processed in the company are consistent with the stated processing purposes; the excessive processing of personal data is not permitted.
When processing personal data, the company shall ensure its accuracy, adequacy and, if required, relevance in relation to the purpose of personal data processing. The company shall take necessary measures to remove or clarify incomplete or inaccurate personal data.
The company, in the course of its activities, may provide and/or assign the processing of personal data to another person with the consent of the subject of personal data, unless otherwise provided by the EU legislation. In this case, a prerequisite for providing and/or commissioning the processing of personal data to another person is the obligation of the parties to ensure the confidentiality and security of personal data during their processing.
The terms of personal data processing shall be determined in accordance with the purposes for which it was collected.
5. Rights of the subject of personal data
The subject of personal data has the right (unless otherwise provided by law) to
- Demand clarification of their personal data and blocking or destruction if the personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as to take statutory measures to protect their rights;
- Require a list of their personal data, processed by the company and the source of its receipt;
- Obtain information about the timing of the processing of their personal data, including the period of its storage;
- Complain to the authority responsible for the protection of the rights of subjects of personal data or in court against illegal actions or omissions in the processing of their personal data;
- Protect their rights and legitimate interests, including damages and/or compensation for moral damage in court.
If you have any questions about the nature of the application, the use, modification or deletion of the personal data that you have provided or if you wish to opt out of further processing by the company, please contact us by mail at the company address or by e-mail at [email protected].
Please note that the company is not responsible for inaccurate information provided by the subject of personal data.
6. Implementing personal data protection requirements
To ensure compliance with the requirements of the federal legislation, the company considers the most important tasks to ensure legitimacy and guarantee an adequate level of security of personal data and its processing in the company's business processes.
The company requires that other persons who gain access to personal data not disclose or distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided for by federal law.
In order to ensure the security of personal data during their processing, the company shall take the necessary and sufficient legal, organizational and technical measures to protect the data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution as well as from other unlawful actions in respect of them.
The company ensures that all organizational and technical personal data protection measures it implements are carried out lawfully in accordance with the requirements of EU legislation on personal data processing.
To ensure the adequate protection of personal data, the company performs assessments of damage that may be caused to personal data subjects in case of a breach of security as well as determines current threats to its security during processing in personal data information systems.
In accordance with the relevant identified threats, the company applies the necessary and sufficient legal, organizational and technical measures to ensure the security of personal data—including the use of information protection tools, detection of unauthorized access and taking measures to prevent it, recovery of personal data, restriction of access to the data and registration and accounting of actions in addition to the control and evaluation of the effectiveness of applied measures to guarantee safety.
The company's management is aware of the importance and necessity of personal data security and encourages the continuous improvement of the security system in the main activities of the company.