1. “General Provisions”
This privacy policy is developed in accordance with the requirements of the law “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedures for processing personal data and measures to ensure the security of personal data undertaken on the website www.lesmills.love (hereinafter referred to as the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the right to privacy, personal, and family secrecy, as its primary objective and condition for conducting its activities.
1.2. This privacy policy of the Operator (hereinafter referred to as the Policy) applies to all information that the Operator may receive about visitors of the website https://lesmills.love.
2. “Key Terms Used in the Policy”
2.1. Automated processing of personal data – processing of personal data using computer technology.
2.2. Blocking of personal data – temporary cessation of processing personal data (except in cases where processing is required to clarify personal data).
2.3. Website – a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the internet at the network address https://lesmills.love.
2.4. Information system of personal data – a set of personal data contained in databases, and information technology and technical means that ensure its processing.
2.5. Anonymization of personal data – actions that make it impossible to determine the identity of personal data to a specific User or other data subject without additional information.
2.6. Processing of personal data – any action (operation) or set of actions (operations) performed with or without the use of automation tools on personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator – a government body, municipal authority, legal or natural person, which independently or together with others organizes and/or performs the processing of personal data, as well as determines the purposes of processing personal data, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data – any information related directly or indirectly to a specific or identifiable User of the website https://lesmills.love.
2.9. Personal data allowed by the subject of personal data for dissemination – personal data that the subject has provided access to an unlimited number of persons by giving consent for processing and dissemination in accordance with the Personal Data Law (hereinafter referred to as personal data allowed for dissemination).
2.10. User – any visitor to the website https://lesmills.love.
2.11. Provision of personal data – actions aimed at disclosing personal data to a certain person or group of persons.
2.12. Dissemination of personal data – any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data available to the public, including publication in mass media, posting on information and telecommunication networks, or granting access to personal data in any other way.
2.13. Cross-border transfer of personal data – transfer of personal data to the territory of a foreign country, to a foreign government authority, a foreign individual, or foreign legal entity.
2.14. Destruction of personal data – any actions resulting in the irreversible destruction of personal data with no possibility of further recovery of personal data content in the personal data information system and/or destruction of physical carriers of personal data.
3. “Basic Rights and Obligations of the Operator”
3.1. The Operator has the right to:
– receive reliable information and/or documents containing personal data from the subject of personal data;
– continue processing personal data without the consent of the subject in case the subject revokes consent to process their personal data, provided there are grounds specified in the Personal Data Law;
– independently determine the necessary and sufficient measures to ensure the fulfillment of duties prescribed by the Personal Data Law, except where otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obligated to:
– provide the data subject with information regarding the processing of their personal data upon request;
– organize the processing of personal data in accordance with the current legislation;
– respond to requests from data subjects and their legal representatives in compliance with the requirements of the Personal Data Law;
– communicate information required by the authorized body for data subject rights protection within 10 days from the date of receipt of such a request;
– publish or otherwise provide unrestricted access to this Policy regarding personal data processing;
– implement legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, provision, distribution, as well as from other unlawful actions;
– cease the transfer, processing, and destruction of personal data in cases prescribed by the Personal Data Law;
– fulfill other obligations stipulated by the Personal Data Law.
4. “Basic Rights and Obligations of Personal Data Subjects”
4.1. Personal data subjects have the right to:
– obtain information regarding the processing of their personal data, except as otherwise provided by federal laws;
– request that the Operator clarify, block, or destroy their personal data if it is incomplete, outdated, inaccurate, illegally obtained, or unnecessary for the stated purpose of processing;
– set conditions for preliminary consent in the processing of personal data for the promotion of goods, works, and services;
– withdraw consent to process personal data and demand termination of processing;
– appeal unlawful actions or inactions of the Operator regarding their personal data to an authorized body or through legal proceedings;
– exercise other rights stipulated by legislation.
5. “Principles of Personal Data Processing”
5.1. Personal data processing is carried out on a lawful and fair basis.
5.2. The processing of personal data is limited to the achievement of specific, predefined, and legitimate purposes. Processing incompatible with the purposes of collecting personal data is not allowed.
5.3. It is prohibited to combine databases containing personal data if the processing purposes are incompatible.
5.4. Only personal data that meet the processing purposes are subject to processing.
5.5. The content and scope of processed personal data correspond to the stated processing purposes. Excessive personal data processing in relation to the declared purposes is not permitted.
5.6. Accuracy, sufficiency, and, where necessary, relevance of personal data in relation to the processing purposes are ensured. The Operator takes necessary measures or ensures their implementation to remove or clarify incomplete or inaccurate data.
5.7. Personal data is stored in a form that allows identifying the subject of personal data, no longer than the processing purposes require, unless a longer storage period is required by federal law or a contract where the subject is a party, beneficiary, or guarantor. Processed personal data is destroyed or anonymized upon achieving the processing purposes or if the necessity to achieve these purposes is lost, unless otherwise provided by federal law.
6. “Purposes of Personal Data Processing”
Purpose of Processing: Informing the User by sending emails.
Personal Data:
– Surname, first name, patronymic
– Email address
– Phone numbers
Legal Grounds:
– Contracts concluded between the Operator and the data subject.
Types of Personal Data Processing:
– Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data.
7. “Conditions for Personal Data Processing”
7.1. Processing is carried out with the consent of the data subject.
7.2. Processing is necessary to achieve purposes provided by an international treaty of the Russian Federation or by law, to fulfill the functions, powers, and duties assigned to the Operator by Russian Federation legislation.
7.3. Processing is necessary for the administration of justice, execution of a court order, or act of another body or official subject to enforcement under execution law.
7.4. Processing is necessary for contract execution to which the data subject is a party, beneficiary, or guarantor, or for concluding a contract on the data subject’s initiative.
7.5. Processing is necessary for the legitimate interests of the Operator or third parties, or for socially significant goals, provided this does not violate the rights and freedoms of the data subject.
7.6. Processing is carried out for public personal data provided by or at the request of the data subject.
7.7. Processing is carried out for personal data subject to publication or mandatory disclosure as per federal law.
8. “Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing”
The security of personal data processed by the Operator is ensured through legal, organizational, and technical measures necessary to fully comply with the requirements of current data protection legislation.
8.1. The Operator ensures the security of personal data and takes all possible measures to prevent unauthorized access to personal data.
8.2. Personal data of the User will never be transferred to third parties under any circumstances, except in cases related to compliance with current legislation or with the User’s consent to transfer data to third parties to fulfill contractual obligations.
8.3. In case of inaccuracies in personal data, the User can update it independently by sending a notification to the Operator’s email at lesmills.store@gmail.com marked “Personal Data Update.”
8.4. The processing period is determined by the purposes for which the personal data was collected, unless otherwise specified by contract or current legislation. The User can withdraw consent at any time by sending a notification to the Operator’s email with the subject “Withdrawal of Consent for Personal Data Processing.”
8.5. Information collected by third-party services, including payment systems, communication facilities, and other service providers, is stored and processed by these entities according to their User Agreements and Privacy Policies. The data subject is responsible for familiarizing themselves with these documents. The Operator is not responsible for the actions of third parties, including those listed as service providers.
8.6. Prohibitions set by the data subject on data transfer, processing, or processing conditions for personal data authorized for distribution do not apply when processing data for public, state, or other legally significant interests.
8.7. The Operator ensures confidentiality of personal data.
8.8. Personal data storage is in a form that allows identifying the data subject no longer than required for processing purposes, unless a federal law or contract stipulates a longer period.
8.9. Processing termination conditions may include achievement of processing purposes, expiration of consent, withdrawal of consent, or a request to cease processing, as well as identification of unlawful data processing.
9. “List of Actions Performed by the Operator with Received Personal Data”
9.1. The Operator collects, records, systematizes, accumulates, stores, updates (modifies), retrieves, uses, transfers (distributes, provides, accesses), anonymizes, blocks, deletes, and destroys personal data.
9.2. The Operator performs automated data processing with the reception and/or transfer of obtained information via information and telecommunication networks or without it.
10. “Cross-Border Transfer of Personal Data”
10.1. The Operator, before starting cross-border data transfers, must notify the authorized personal data protection authority of the intent to perform such transfers (this notification is sent separately from the notice of intent to process personal data).
10.2. Before submitting this notice, the Operator must obtain relevant information from foreign government authorities, individuals, or legal entities to whom personal data will be transferred.
11. “Personal Data Confidentiality”
The Operator and other individuals who gain access to personal data are required to not disclose or distribute personal data to third parties without the consent of the data subject, unless otherwise stipulated by federal law.
12. “Final Provisions”
12.1. The User may obtain any clarifications on matters related to the processing of their personal data by contacting the Operator via email at lesmills.store@gmail.com.
12.2. Any changes to the Operator’s personal data processing policy will be reflected in this document. The Policy is valid indefinitely until replaced with a new version.
12.3. The current version of the Policy is freely available on the Internet at https://lesmills.love/privacy-policy.
This translation provides a precise English version of the key sections of your privacy policy, maintaining the formal tone and specificity appropriate for legal and compliance documents. Let me know if you’d like further assistance with additional sections.