1. General Provisions
1.1. Mail.Ru LLC (OGRN 1027739850962, Russia, 125167, Moscow, Leningradskiy prospect, 39, building 79), hereinafter referred to as the "Company" or "Licensor", undertakes to maintain the confidentiality of data and information (hereinafter - " Information ") provided by users (hereinafter -" Licensee "or" User ") when using the service" TamTam ", which is a computer program (web version, as well as mobile applications on Android and iOS platforms) (hereinafter -" Messenger "Or" Service ").
1.2. The purpose of this Policy is to ensure adequate protection of information about Users, including their personal data, from unauthorized access and disclosure.
1.3. Relations related to the collection, storage, distribution and protection of information about Messenger Users are governed by this Policy and the License Agreement (hereinafter referred to as the "Rules"), as well as the current legislation of the Russian Federation.
The meaning of some of the terms used in this Policy is determined by the Agreement.
1.5. This Policy can be changed by the Company. Any changes to the Policy are made by the Company independently and come into force on the day following the day of publication of such changes. The Company notifies Users of changes to this Policy, including by publishing a new version of this Policy. The user undertakes to independently familiarize himself with the changes made to the Policy. Actual use of the Messenger by the User after the amendments are made to the terms of this Policy means that the User agrees with the new terms.
1.6. If the User disagrees with the terms of this Policy, the use of the Messenger must be stopped immediately.
2. Purpose of information processing
2.1. The credentials and other data of the Licensee are processed by the Licensor in order to execute the Agreement.
3. Composition of User Information
3.1. Information processed by the Company includes:
3.1.1. Credentials, which are understood as:
(a) data about the User provided by the User to create an account during the registration process in the Messenger;
(b) additional information filled in by the User when editing his account in the process of using the Messenger;
(c) data additionally provided by the User at the request of the Company in order to fulfill the Company's obligations to the User arising from the agreement on the provision of the Messenger functionality;
3.1.2. Other data required for the Messenger to function, namely:
(a) data on technical means (devices), technological interaction with the Messenger (including the IP address of the host, type of the User's operating system, browser type, geographical location, Internet service provider);
(b) information automatically obtained when accessing the Messenger using cookies;
(d) information obtained as a result of the User's actions in the Messenger, in particular, information about the addition of any content;
(f) generalized analytical information about the use of Internet services.
The Credentials and Other data received by the Company in the amount necessary and sufficient for their classification in accordance with the current legislation of the Russian Federation to personal data are processed by the Company as personal data under the terms of this Policy.
3.2. The table below shows in more detail the list of Credentials and Other Data that are processed by the Company in order to fulfill the agreement with the Users:
Purpose of processing
Common for all platforms
1) User data provided by the User to create an account during the registration process in the Service: phone number.
2) Additional information filled in by the User when editing his account in the process of using the Messenger, namely, name.
3) Data additionally provided by the User at the request of the Company (information specified by the User in the account, namely, the name, address, phone number and other information necessary to restore access to the profile).
Execution of the agreement with the User for the provision of the Service. In particular, to confirm the ownership of the account to the applicant who has made a request to restore access to the account, to manage and administer the service, and more. The phone number can be used by the Company to send messages to the User.
Other data, namely:
4) Information about your activity when using the Service (status "online" or "offline").
5) Contacts from the User's phone book.
6) Information about the location of the User.
7) Information created or published by the User as a result of his actions when using the Service (including photos and videos).
Execution of the agreement with the User for the provision of the Service.
The Messenger uses device location data so that the Licensee can share it in chats and channels while using the Messenger. For the live location service, Messenger uses the background location even if the app is closed or minimized. Live broadcast of the location displays the Licensor's movements on the map in real time chat. Messenger also uses the device's location to search for nearby contacts while Messenger is open in the Nearby tab. The licensor can authorize or revoke access to the location at any time in the device settings.
Web version of Messenger
Other data, namely:
8) Data that becomes available to the Company in the process of using the Service by the User, including the ip-address, information about the User's browser (including the interface language, screen sizes, User Agent browser, etc.), time zone, system language, information about the operating system, etc.
9) information about cookies.
Execution of the agreement with the User for the provision of the Service. In particular, in cases of internal control, improvement of the operation and content of the Service, prevention and suppression of any errors that may arise when using the Service, the need to notify the User about changes in the Service and personalize the use of the Service.
App for Android and iOS
Other data, namely:
10) Data that becomes available to the Company in the process of using the Application by the User, including the type of device, device name, OpenUDID, IDFA, GAID, Apps Flyer UID, OS version, device model, year of release of the mobile device, time zone, preferred language, geo, Device ID ForVendor, name of the Wi-Fi network, MAC of the Wi-Fi access point, name of the mobile operator, operator network code (MNC), OS name, type of Internet connection, screen resolution, contacts from the address book of the User's mobile device, etc.
Execution of the agreement with the User for the provision of the Service. In particular, to improve the operation and content of the Service, to prevent and suppress any errors that may arise when using the Service and to personalize the use of the Service.
3.3. By the functionality and rules of using the Messenger, the User may be given the opportunity to post in the Messenger any other information (if applicable), in addition to that specified in clauses 3.1 and 3.2 of this Policy, if it does not contradict the requirements of the current legislation. The company does not intend to process such information, as well as biometric and special categories of personal data. By posting information about himself, the User understands that it may be available to an indefinite circle of Internet users, taking into account the settings of the desired level of confidentiality.
3.4. The company has no purpose to process and does not process biometric data (in particular, it does not use an image to identify users) and special categories of data.
4. Conditions of information processing
4.1. The processing of User Information is carried out by the Company in accordance with the following principles:
4.1.1. the legality of the purposes and methods of processing Information;
4.1.2. the good faith of the Company;
4.1.3. compliance of the purposes of processing the Information with the purposes predetermined and declared during its collection, as well as the powers of the Company;
4.1.4. correspondence of the volume and nature of the processed Information, methods of its processing to the purposes of processing the Information;
4.1.5. inadmissibility of combining databases containing User Information created for incompatible purposes.
4.2. Collection of information
The collection of the User's Credentials is carried out during his registration in the Service by filling out the registration form by the User, as well as in the future when the User edits previously provided information, including using the VK ID service (for more details, see the Company's license agreement) or another third party service, and also in the future when the User edits the previously provided information or when adding Credentials on his own initiative (if applicable) using the Service tools.
The user can register / authorize in the Messenger by phone number (by sending the confirmation code to the phone number specified by the Licensee), as well as through the available registration / authorization tools, for example, using the Licensee's account on the social network (Odnoklassniki), the Licensee's mail account (gmail), Apple ID, VK ID account, etc. The Licensee agrees that when registering / authorizing in the Messenger through the registration / authorization tool chosen by the User, the Company gains access to certain User information provided for by such a tool and stores it in the Messenger.
Personal data processing as well as other information that does not belong to personal data is carried out in the Service during registration and / or authorization by filling out the registration form by the User or by other available methods, including using the VK ID tool or other third party services, and also in the future if the User edits the previously provided information or adds personal data on his own initiative (if applicable) by using the Service tools.
The collection of Other data is carried out by the Company independently in the process of using the Service by the User. In some cases, the collection of Other User data begins from the moment the User gains access to the Service (for example, when loading a website or launching an application) until the moment of his registration in the Service.
4.3. Processing and Transfer of Information
User credentials and other data are not transferred to any third parties, except as expressly provided for in this Policy, other applicable rules, as well as applicable law.
The Company may transfer the User's Credentials and Other Data to third parties, in compliance with the purpose specified in section 2 of this Policy. These third parties may include:
- persons who provide the Company or the Company's affiliates with services related to the placement and display of advertisements in programs, products or services that are owned or controlled by such persons (for example, owners of websites and applications, advertising networks and other persons, etc.) );
- persons who order services for displaying advertising to Users on the sites and / or on the services of the Company or affiliated persons of the Company;
- persons who have legal grounds to process Credentials and Other data, for example, if the transfer of Credentials and Other data to such persons is carried out with the consent of the User, including if the Credentials and Other data are necessary to provide the User with an appropriate service or to fulfill a certain agreement or contract concluded with the User. These persons also include partners and affiliates of the Company, whose data processing is provided for by the terms of this Policy;
- third parties in respect of whom the assignment of rights or obligations has been made, or novation under the relevant agreement;
- any government or local government body to which the Company is obliged to provide information in accordance with applicable law at the appropriate request.
When the User uses VK ID his Personal data and Other information that does not belong to personal data may be transferred to third parties (VK Ecosystem Services and other Services using the VK ID tool in the process of using such services and / or tools by the User), as well as the Company may receive from the specified third parties the User's credentials and other information that does not belong to personal data in the amount specified in the personal account of the VK Ecosystem User in order to fulfill agreements with the Users of the Ecosystem participants.
The Company may share User data with the VK Ecosystem Services as well as external Services using the VK Ecosystem tools in order to provide the User with access, capabilities and benefits of the VK Ecosystem, for example, if the User decides to log in to the Service using the VK ID tool. By starting to use such Service / tool / its individual functions, the User agrees to such data transfer in the amount that is necessary for the operation of the Service / tool. Thereby, the User also agrees and accepts the User documentation of such VK Ecosystem Service and / or its tool in full, without any reservations or exceptions. If the User does not agree with any of the provisions of the User documentation of the Service / tool, the User is not entitled to use such Service / tool. The list of VK Ecosystem Services is available at https://vk.com/vk_ecosystem_services. The list of VK Ecosystem Tools is available at https://vk.com/vk_ecosystem_tools.
In order to provide high-quality, multifunctional, easy-to-use and focused on the personal needs and interests of the Users of the Services, the Company develops, improves, optimizes the current and introduces new functionality of the Services (information, communication, advertising, educational, entertainment and other), including with the participation of partners and / or affiliates.
Taking into account the foregoing, and also taking into account the Company's compliance with the purpose of processing specified in clause 2 of this Policy, the User agrees and instructs the Company to carry out the following actions:
- processing, including collection, recording, systematization, accumulation, storage, clarification (update, change), comparison, extraction, use, blocking, deletion / destruction of the User's credentials and other data;
- transfer of Credentials and Other data to partners and affiliates, and their processing by partners and affiliates, on the basis of instructions from the Company (in the ways specified in this clause), as well as joint processing by partners and affiliates of Credentials and Other data with the data available partners and affiliates;
- collection (receipt) from partners and / or affiliates of the results of processing Credentials and Other data together with the data at the disposal of partners and affiliates, including in the form of integer and / or text values and identifiers.
It is not allowed to extract and use the Credentials and Other Data of Users, including for commercial purposes, without the permission of the Company.
4.4. Data storage
User credentials and other data are stored on the territory of the Russian Federation, while storage is carried out exclusively on electronic media, and processing is carried out using automated systems, except for cases when manual processing of credentials and other data is necessary in connection with the fulfillment of the requirements of applicable law.
4.5. Storage periods for Information
Credentials and Other data are stored by the Company during the term of the agreement between the User and the Company on the use of the relevant Service, and after the termination of such an agreement - for the period required and established by the current legislation of the Russian Federation.
4.6. Termination of information processing
Upon reaching the goals of information processing, the Company stops processing the Credentials and Other Data in one of the ways provided for by the Federal Law "On Personal Data".
5. Rights and obligations of Users in the processing of their Information
Users have the right to:
5.1. get free access to information about yourself by viewing the User Account in the Service;
5.2. using the Service tools to set the desired level of confidentiality in relation to information about yourself (conditions of access to information), taking into account the functionality of the Service (if applicable);
5.3. independently make changes and corrections to information about yourself by editing information in the User's Account, provided that such changes and corrections contain up-to-date and reliable information;
5.4. delete information about yourself by editing information in the Service Account (if applicable); at the same time, the removal by the User of certain information about himself from the User's Account may lead to the impossibility of providing the User with access to the Service.
5.5. require the Company to clarify information about the User, block it or destroy it if such information is incomplete, outdated, unreliable, unreasonably obtained or not necessary for the stated purpose of processing and if the functionality of the Service does not allow the User to delete such information on his own;
5.6. on the basis of a request, receive information from the Company regarding the processing of information about the User.
5.6. get away from the processing of personal data by sending the Company in the manner provided for in section 8 of this Policy, the corresponding request.
6. Measures to protect information
6.1. The company takes technical, organizational and legal measures in order to ensure the protection of information about Users from unauthorized or accidental access to them, destruction, modification, blocking, copying, distribution, as well as from other illegal actions.
6.2. Technical security measures have been implemented by the Company taking into account the requirements of the applicable legislation, the current level of technology, the nature of the information processed and the risks associated with its processing.
The information is processed mainly automatically without access to it by the employees and / or contractors of the Company. If such access is provided to employees or contractors of the Company, then only to the extent necessary for such persons to perform their official duties or obligations under an agreement with the Company, while such persons are obliged to comply with security requirements when accessing Information. To protect and ensure the confidentiality of data, all employees / contractors comply with internal rules and procedures regarding information processing. These persons also comply with all technical and organizational security measures provided for by applicable law and necessary to protect information about Users.
7. Limitation of Company Liability
7.1. The Company is not responsible for the disclosure and dissemination of information about the User by other Users of the Service or other Internet users in the event that such persons have gained access to the specified information in accordance with the settings of the privacy level of the Service selected by the User, or if the User violates the safety of his login and / or password or other data required for authorization.
8. User requests
8.1. Information about the data processed by the Company, including the User's personal data, in connection with his use of the Service, is provided to the User or his representative upon contact (request).
8.2. Requests are sent in writing to the address of the location of the Company or in another form provided for by the current legislation of the Russian Federation.
8.3. The user has the right to revoke his consent to the processing of his personal data by sending a written application to the Company at the location of the Company in accordance with the requirements of the current legislation.
8.4. The user can give his opinion on the Company's principles of confidentiality by sending an email to firstname.lastname@example.org.
9. Changes and additions to this Policy
9.1. This Policy can be changed by the Company with the notification of the User, including by posting a new version of the changed policy on the website. Changes to the Policy made by the Company come into force on the day following the day of its posting on the Site of the new version of the Policy. The user undertakes to independently check this Policy for any changes. Failure by the User to take steps to familiarize himself cannot serve as a basis for the User's failure to fulfill his obligations and the User's failure to comply with the restrictions established by this Agreement and the Agreements of individual Services.
9.2. The User has the right to refuse to accept changes and additions to this Policy, which means the User's refusal to use the Service.
9.3. This Policy is governed by and construed in accordance with the laws of the Russian Federation. Issues not regulated by this Policy are subject to resolution in accordance with the legislation of the Russian Federation.
Last update 28 October, 2021