Privacy Policy

Privacy Policy

1. General provisions
   This Privacy Policy (the “Policy”) describes how the social network “[Service Name]” processes and protects the personal data of its users in the Russian Federation, the European Union and CIS countries. The processing of personal data is carried out in accordance with the laws of the Russian Federation, including Federal Law No. 152-FZ “On Personal Data”, the EU General Data Protection Regulation (GDPR), as well as applicable laws of the respective states.

2. Data we process
   We may process the following categories of data: registration data (name, username, email, phone number), profile information, photos, messages, IP address, cookie data, device information and data about your activity within the service. We do not intentionally process special categories of data (such as health information, political opinions, etc.) and ask you not to provide such data unless this is required by the functionality of the service.

3. Purposes of processing
   Personal data is processed for the following purposes: registering and identifying the user, providing the functionality of the social network, supporting and improving the service, ensuring security and preventing fraud, complying with legal obligations, and sending notifications and service messages. Processing is carried out in accordance with the principles of lawfulness, fairness, transparency, data minimisation and storage limitation.

4. Legal basis
   The legal bases for processing your data include: your consent, the conclusion and performance of a contract (the user agreement), compliance with our legal obligations, as well as our legitimate interests, provided that your rights and freedoms are respected. For users in the EU, processing is carried out in accordance with Article 6 GDPR, including processing based on consent, contract performance and legitimate interests.

5. Disclosure and cross‑border transfer
   Data may be disclosed to authorised partners, hosting providers, analytics services and other processors strictly to the extent necessary to provide the services and subject to appropriate safeguards. When transferring data outside your country of residence, we ensure an adequate level of protection, including compliance with GDPR requirements on cross‑border data transfers where applicable.

6. Data retention
   Personal data is stored no longer than necessary for the purposes for which it was collected, or for the periods established by applicable law. Once the purposes of processing have been achieved or the applicable retention periods have expired, the data will be deleted or anonymised, unless otherwise required by law.

7. User rights
   You have the right to request information about your personal data, to have it corrected, updated, restricted or deleted, to withdraw your consent to processing, and to object to certain types of processing as provided by law. Users in the EU additionally have the right to data portability and the right to lodge a complaint with a data protection supervisory authority.

8. Data security measures
   We implement organisational and technical measures to protect personal data, including access controls, information security tools, encryption, backups and regular security reviews. These measures are designed to prevent unauthorised access, alteration, disclosure or destruction of personal data.

9. Contact details of the controller
   If you have any questions regarding the processing of your personal data or wish to exercise your rights, you can contact the service administration at: cs-iron@mail.ru. For certain requests we may ask you to verify your identity in order to protect your data.

10. Changes to this Policy
    We may update this Policy from time to time. The updated version takes effect from the moment it is published on the service’s website, unless otherwise required by applicable law. Your continued use of the service after changes to this Policy constitutes your acceptance of the updated version.