Privacy Policy
1. Introduction
At RNA in Russia (“we,” “our,” or “us”), accessible via rnasinrussia.com, we are committed to respecting and protecting your privacy. We recognize the importance of safeguarding your personal information and upholding your data protection rights in strict accordance with applicable data privacy laws, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy has been designed to offer transparent insight into how we collect, process, store, and secure your personal data.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all users and visitors of our website, rnasinrussia.com, and any related services we provide through it. For the purposes of the GDPR, RNA in Russia acts as the “Data Controller” for personal data collected through the website. As a Data Controller, we determine the purposes and means by which your personal information is processed.
3. Categories of Personal Data We Process
We collect and process the following categories of personal data:
a. Usage Data
This includes information regarding how visitors interact with our website. It may include your IP address, browser type, browser version, pages visited, time and date of visit, time spent on pages, referral URLs, and session identifiers.
b. Account Data
When you create an account or register on our website, we collect your name, email address, phone number, physical mailing address, and any other necessary registration details.
c. Profile Data
Profile Data includes your user preferences, past purchases, browsing behavior, and any optional profile information you choose to provide through your account settings.
d. Communication Data
We may collect data from your communications with us, including support inquiries, contact forms, emails, chat logs, and correspondence records.
e. Technical Data
Technical Data refers to information about your device and system configuration, such as operating system, mobile identifiers, screen resolution, device model, and internet service provider.
f. Transaction Data
If you make any purchases or transactions via rnasinrussia.com, we process billing details, payment method information (in compliance with PCI DSS standards through third-party providers), delivery addresses, and invoices.
g. Preference Data
This includes data such as marketing preferences, newsletter opt-ins, product interest categories, feedback, and survey responses that help us personalize your experience.
4. Legal Bases for Processing
We process your personal data pursuant to one or more of the following legal grounds:
– Contractual necessity: For fulfilling our obligations under a contract with you (e.g., processing orders or delivering services).
– Legitimate interests: For purposes such as improving our site, preventing fraud, and securing our service, where these interests are not overridden by your rights.
– Consent: Where you have expressly given us permission, such as for marketing emails or non-essential cookies.
– Legal obligation: To comply with applicable laws, regulatory requirements, or court orders.
5. Your Rights Under Data Protection Law
Subject to applicable laws, including the GDPR and CCPA, you have the right to:
– Access: Request a copy of your personal information we hold.
– Rectification: Request correction of inaccurate or incomplete personal data.
– Erasure: Request deletion of your data when no longer necessary or if processing is unlawful.
– Restriction: Request temporary suppression of processing when you contest its accuracy or lawfulness.
– Portability: Request a copy of your personal data in structured, commonly-used, machine-readable format.
– Object: Object to data processing based on legitimate interests or direct marketing.
– Withdraw Consent: Revoke any previously given consent for processing personal data.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We have implemented a comprehensive range of technical and organizational safeguards to protect personal data:
– End-to-end data encryption using SSL/TLS protocols
– User authentication and role-based access controls
– Regular data backups and secure storage policies
– Employee training and security awareness protocols
– Intrusion detection and vulnerability scanning mechanisms
Although we strive to use industry-standard practices to protect your data, no system is entirely immune from security threats.
7. International Transfers
Some of the data we process may be transferred to and stored in countries outside your jurisdiction. Where this occurs, we ensure an adequate level of protection is afforded to the data by implementing:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Verification of third-party compliance with GDPR, CCPA, or equivalent protection frameworks
– Additional technical safeguards and risk assessments to ensure transfer security
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes we collected it for. Specific retention periods include:
– Usage Data: up to 24 months for analytics and performance evaluation
– Account and Profile Data: maintained while the account remains active, and up to 12 months after closure
– Communication Data: up to 36 months for customer service and administrative purposes
– Technical and Transaction Data: retained for up to 7 years, as required by tax and financial regulations
– Preference Data: deleted upon withdrawal of consent or account deletion
9. Cookie Policy
We use cookies and similar tracking technologies on rnasinrussia.com to enhance user experience and gather analytics. Cookies fall into the following categories:
– Essential Cookies: Required for basic website functionality and security
– Functional Cookies: Enable additional features such as remembering preferences
– Analytics Cookies: Help us understand user interaction and improve content (e.g., via Google Analytics)
– Performance Cookies: Monitor the performance and loading time of web components
10. Cookie Management and Compliance
You may control your cookie preferences at any time through our cookie banner or browser settings. For GDPR compliance, we obtain explicit consent for non-essential cookies and allow withdrawal of consent with equal ease.
California residents under the CCPA may opt out of data sharing for cross-context behavioral advertising. We honor “Do Not Track” and “Global Privacy Control” signals where technically feasible.
11. Special Protections for Children Under 13
Our website and services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from individuals under 13. If we become aware that we have collected personal data from a child under 13, we will promptly delete such information. Parents or guardians who believe their child has provided us with personal data may contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to amend this Privacy Policy to reflect changes in our practices or legal obligations. Any updates will be posted prominently on rnasinrussia.com. Where required by law, material changes will be communicated directly to users through email or on-site notifications.
13. Contact Us
If you have any questions, requests, or concerns regarding this Privacy Policy or the handling of your personal data, you can reach our Data Protection Officer at:
Email: [email protected]
Website: https://rnasinrussia.com
We are committed to full compliance with applicable data protection laws and take your privacy concerns seriously. If you believe your rights have been violated, please contact us so we may investigate and resolve the matter promptly.