Shop
Rus

Policy

Personal Data Processing Policy

Privacy Policy - Mainless

1. General Provisions

This Personal Data Processing Policy is prepared in accordance with the requirements of the Federal Law of July 27, 2006, No. 152-FZ "On Personal Data" (hereinafter referred to as the "Personal Data Law") and defines the procedure for processing personal data and measures to ensure the security of personal data undertaken by Individual Entrepreneur Ksenia Aleksandrovna Grebenyuk (hereinafter referred to as the "Operator").

1.1. The Operator's primary goal and condition for its operations is the observance of human and civil rights and freedoms when processing their personal data, including the protection of the rights to privacy, personal and family secrets.

1.2. This Operator's policy regarding the processing of personal data (hereinafter referred to as the "Policy") applies to all information that the Operator may obtain about visitors to the website https://mainless.com/.

2. Key Terms Used in the Policy

2.1. Automated processing of personal data - processing of personal data using computer technology.

2.2. Blocking of personal data - temporary cessation of personal data processing (except where processing is necessary to clarify personal data).

2.3. Website - a combination of graphical and informational materials, as well as computer programs and databases ensuring their availability on the internet at the network address https://mainless.com/.

2.4. Personal data information system - a set of personal data contained in databases and information technologies and technical means enabling their processing.

2.5. Depersonalization of personal data - actions resulting in the inability to determine, without additional information, the ownership of personal data by a specific User or other subject of personal data.

2.6. Processing of personal data - any action (operation) or set of actions (operations) performed with or without automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, or destruction of personal data.

2.7. Operator - a state body, municipal body, legal entity, or individual independently or jointly with others organizing and/or processing personal data, as well as determining the purposes of personal data processing, the composition of personal data to be processed, and the actions (operations) performed with personal data.

2.8. Personal data - any information directly or indirectly related to a specific or identifiable User of the website https://mainless.com/.

2.9. Personal data permitted by the subject for dissemination - personal data to which access by an unlimited number of persons has been provided by the subject of personal data by giving consent to the processing of personal data permitted for dissemination in the manner prescribed by the Personal Data Law (hereinafter referred to as "personal data permitted for dissemination").

2.10. User - any visitor to the website https://mainless.com/.

2.11. Provision of personal data - actions aimed at disclosing personal data to a specific person or a specific circle of persons.

2.12. Dissemination of personal data - actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or familiarizing an unlimited number of persons with personal data, including the publication of personal data in the media, placement in information and telecommunication networks, or providing access to personal data in any other way.

2.13. Cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to a foreign state authority, foreign individual, or foreign legal entity.

2.14. Destruction of personal data - any actions resulting in the irreversible destruction of personal data with the impossibility of further restoring the content of personal data in the personal data information system and/or the destruction of physical media of personal data.

3. Operator's Key Rights and Obligations

3.1. The Operator has the right to:

- Receive accurate information and/or documents containing personal data from the subject of personal data;

- Continue processing personal data without the subject's consent if grounds specified in the Personal Data Law exist;

- Independently determine the composition and list of measures necessary and sufficient to ensure compliance with the obligations under the Personal Data Law and adopted regulatory legal acts, unless otherwise provided by the Personal Data Law or other federal laws.

3.2. The Operator is obliged to:

- Provide the subject of personal data, upon request, with information regarding the processing of their personal data;

- Organize the processing of personal data in accordance with current Russian legislation;

- Respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;

- Provide the authorized body for the protection of personal data subjects' rights with necessary information within 10 days of receiving such a request;

- Publish or otherwise provide unlimited access to this Policy on the processing of personal data;

- Take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution, as well as from other unlawful actions;

- Cease the transfer (distribution, provision, access) of personal data, cease processing, and destroy personal data in the manner and cases provided by the Personal Data Law;

- Fulfill other obligations stipulated by the Personal Data Law.

4. Key Rights and Obligations of Personal Data Subjects

4.1. Personal data subjects have the right to:

- Receive information regarding the processing of their personal data, except in cases provided by federal laws;

- Demand that the Operator clarify, block, or destroy their personal data if the data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated processing purpose, as well as take legal measures to protect their rights;

- Impose the condition of prior consent when processing personal data for market promotion of goods, works, and services;

- Withdraw consent to the processing of personal data and demand the cessation of personal data processing;

- Appeal to the authorized body for the protection of personal data subjects' rights or in court against unlawful actions or inaction of the Operator in processing their personal data;

- Exercise other rights provided by Russian legislation.

4.2. Personal data subjects are obliged to:

- Provide the Operator with accurate information about themselves;

- Inform the Operator of updates or changes to their personal data.

4.3. Persons who provide the Operator with false information about themselves or information about another personal data subject without the latter's consent bear responsibility under Russian law.

5. Principles of Personal Data Processing

5.1. Personal data processing is conducted on a lawful and fair basis.

5.2. Personal data processing is limited to achieving specific, predetermined, and lawful purposes. Processing incompatible with the purposes of personal data collection is not permitted.

5.3. Merging databases containing personal data processed for incompatible purposes is not allowed.

5.4. Only personal data that meets the processing purposes is processed.

5.5. The content and volume of processed personal data correspond to the stated processing purposes. Redundancy in processed personal data relative to the stated purposes is not permitted.

5.6. Accuracy, sufficiency, and relevance of personal data are ensured in relation to the processing purposes. The Operator takes necessary measures to remove or clarify incomplete or inaccurate data.

5.7. Personal data is stored in a form that allows identification of the subject for no longer than required by the processing purposes, unless the storage period is established by federal law, contract, or other legal basis. Processed personal data is destroyed or depersonalized upon achieving the processing purposes or when the necessity lapses, unless otherwise provided by federal law.

6. Purposes of Personal Data Processing

Purpose: Informing the User via email

Personal data:

  • Last name, first name, patronymic
  • Email address
  • Phone numbers
  • Year, month, date, and place of birth
  • Details of identity document
  • Actual address of residence and registration

Legal basis:

  • Operator's charter documents
  • Agreements between the Operator and the personal data subject

Types of processing:

  • Collection, recording, systematization, accumulation, storage, destruction, and depersonalization of personal data
  • Sending informational emails

Purpose: Conclusion, execution, and termination of civil law contracts

Personal data:

  • Last name, first name, patronymic
  • Email address
  • Phone numbers
  • Year, month, date, and place of birth
  • Details of identity document
  • Actual address of residence and registration

Legal basis:

  • Operator's charter documents
  • Agreements between the Operator and the personal data subject

Types of processing:

  • Collection, recording, systematization, accumulation, storage, destruction, and depersonalization of personal data
  • Sending informational emails

Purpose: Providing the User with access to services, information, and/or materials on the website

Personal data:

  • Last name, first name, patronymic
  • Email address
  • Phone numbers
  • Year, month, date, and place of birth
  • Details of identity document
  • Actual address of residence and registration

Legal basis:

  • Operator's charter documents
  • Agreements between the Operator and the personal data subject

Types of processing:

  • Collection, recording, systematization, accumulation, storage, destruction, and depersonalization of personal data
  • Sending informational emails

7. Conditions for Personal Data Processing

7.1. Personal data processing is conducted with the consent of the personal data subject.

7.2. Processing is necessary for achieving purposes under an international treaty or Russian law, or for performing functions, powers, or duties assigned to the Operator by Russian legislation.

7.3. Processing is necessary for administering justice, executing a judicial act, or another body or official's act subject to execution under Russian enforcement proceedings law.

7.4. Processing is necessary for executing a contract where the personal data subject is a party, beneficiary, or guarantor, or for concluding a contract initiated by the personal data subject.

7.5. Processing is necessary for exercising the rights and legitimate interests of the Operator or third parties, or for achieving socially significant purposes, provided that the rights and freedoms of the personal data subject are not violated.

7.6. Processing involves personal data made publicly available by the personal data subject or at their request (hereinafter referred to as "publicly available personal data").

7.7. Processing involves personal data subject to publication or mandatory disclosure under federal law.

8. Procedure for Collection, Storage, Transfer, and Other Processing of Personal Data

The security of personal data processed by the Operator is ensured through legal, organizational, and technical measures necessary to fully comply with current personal data protection legislation.

8.1. The Operator ensures the confidentiality of personal data and takes all possible measures to prevent unauthorized access to personal data.

8.2. The User's personal data will never, under any circumstances, be transferred to third parties, except in cases required by law or if the personal data subject has consented to the transfer to a third party for fulfilling obligations under a civil law contract.

8.3. If inaccuracies in personal data are identified, the User may update them independently by notifying the Operator via email at info@mainless.com with the subject line "Personal Data Update."

8.4. The processing period for personal data is determined by the purposes for which the data was collected, unless otherwise specified by contract or law. The User may withdraw consent to personal data processing at any time by notifying the Operator via email at info@mainless.com with the subject line "Withdrawal of Consent to Personal Data Processing."

8.5. All information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by these persons (Operators) in accordance with their User Agreement and Privacy Policy. The personal data subject is obliged to familiarize themselves with these documents. The Operator is not responsible for the actions of third parties, including the service providers mentioned in this clause.

8.6. Restrictions set by the personal data subject on the transfer (except for providing access) and processing (except for obtaining access) of personal data permitted for dissemination do not apply in cases of processing in state, public, or other public interests as defined by Russian law.

8.7. The Operator ensures the confidentiality of personal data during processing.

8.8. The Operator stores personal data in a form that allows identification of the subject for no longer than required by the processing purposes, unless the storage period is established by federal law or contract.

8.9. The cessation of personal data processing may occur upon achieving the processing purposes, expiration of the consent period, withdrawal of consent by the subject, or a demand to cease processing, as well as upon detection of unlawful processing.

9. List of Actions Performed by the Operator with Personal Data

9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.

9.2. The Operator performs automated processing of personal data with or without the receipt and/or transfer of obtained information via information and telecommunication networks.

10. Cross-Border Transfer of Personal Data

10.1. Before engaging in cross-border transfer of personal data, the Operator must notify the authorized body for the protection of personal data subjects' rights of its intention to conduct such transfers (this notification is sent separately from the notification of intention to process personal data).

10.2. Before submitting the above notification, the Operator must obtain relevant information from the foreign state authorities, foreign individuals, or foreign legal entities to whom the cross-border transfer is planned.

11. Confidentiality of Personal Data

The Operator and other persons who have gained access to personal data are obliged not to disclose or distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided by federal law.

12. Final Provisions

12.1. The User may obtain clarifications on questions regarding the processing of their personal data by contacting the Operator via email at info@mainless.com.

12.2. This document will reflect any changes to the Operator's personal data processing policy. The Policy remains in effect indefinitely until replaced by a new version.

12.3. The current version of the Policy is freely available online at https://mainless.com/personal-data-processing-policy/.

cart

your cart is empty

Continue shopping

We use cookies and personal data to improve our site and personalize your experience. By continuing to use this website, you agree to these conditions of use  cookie policy and personal data processing policy.
ok
Privacy center
COOKIE POLICY
WHAT ARE COOKIES?
STRICTLY NECESSARY COOKIES
FUNCTIONAL COOKIES
PERFORMANCE COOKIES
REFUSING OR DELETING COOKIES
CHANGES TO OUR COOKIE POLICY
PRIVACY POLICY
COOKIE POLICY
COOKIE POLICY
Mainless and its service providers ("we", "us", "our") use cookies as described in this Cookie Policy.  By consenting to this Cookie Policy, you agree that we can distinguish you from other users of our website and app for the purposes set out below.  This helps provide you with good user experience, tailored content and interest-based adverts.  For example, we can recognise and remember important information that will make it more comfortable for you to browse our website and or use our app such as preferred settings.
WHAT ARE COOKIES?
WHAT ARE COOKIES?

A "cookie" is a small file of letters and numbers that we store via your browser on the hard drive of your computer or mobile device. 
There are three main types of cookies:
  • Session cookies: specific to a particular visit and limited to sending session identifiers (random numbers generated by the server) so you don't have to re-enter information when you navigate to a new page or check out. Session cookies are not permanently stored on your device and are deleted when the browser closes;
  • Persistent cookies: record information about your preferences and are stored in your browser cache or mobile device; and
  • Third party cookies: placed by someone other than us which may gather data across multiple websites or sessions. 

For further information about "cookies" please visit http://www.allaboutcookies.org.
We use cookies for the following purposes:

STRICTLY NECESSARY COOKIES
STRICTLY NECESSARY COOKIES
These cookies are essential for you to browse our website and use its features. The information collected relates to the operation of the website (e.g. website scripting language and security tokens) and enables us to provide you with the service you have requested.
FUNCTIONAL COOKIES
FUNCTIONAL COOKIES
These cookies remember the choices you have made, for example the country you visit our website from, your language and any changes you have made to text size and other parts of the web pages that you can customise to improve your user experience and to make your visits more tailored and enjoyable.
PERFORMANCE COOKIES
PERFORMANCE COOKIES
These cookies collect information on how users use our website, for example which pages you visit most often, whether you receive any error messages and how you arrived at our website. Information collected by these cookies is used only to improve your use of our website. These cookies are sometimes placed by third party providers of web traffic and analysis services.
REFUSING OR DELETING COOKIES
REFUSING OR DELETING COOKIES
Most internet browsers are set up by default to accept cookies. However if you want to refuse or delete them please refer to the help and support area on your browser for instructions on how to block or delete cookies (for example: Internet Explorer, Google Chrome, Mozilla Firefox and Safari).
Please note you may not be able to take advantage of all the features of our website or app, including certain personalised features, if you delete or refuse cookies.
CHANGES TO OUR COOKIE POLICY
CHANGES TO OUR COOKIE POLICY
This Cookie Policy may be updated from time to time.
If we change anything important about this Cookie Policy we will notify you through a pop-up on the website for a reasonable length of time prior to and following the change. You may review the Cookie Policy by visiting the website and clicking on the “Cookie Policy” link.
CHANGES TO OUR COOKIE POLICY
CHANGES TO OUR COOKIE POLICY
This Cookie Policy may be updated from time to time.
If we change anything important about this Cookie Policy we will notify you through a pop-up on the website for a reasonable length of time prior to and following the change. You may review the Cookie Policy by visiting the website and clicking on the “Cookie Policy” link.