PRIVACY POLICY

1.1.This Privacy Policy (the Policy) explains how personal data of users of the GMTraffic website and services (the Service) is processed and protected. It was prepared in accordance with Federal Law No. 152-FZ “On Personal Data”, Federal Law No. 149-FZ “On Information, Information Technologies and Information Protection”, and other applicable laws of the Russian Federation.

1.2.The personal data operator is the party identified in this Policy (the Operator).

1.3.This Policy applies to all information the Operator may obtain about Users when they use the Service.

1.4.By using the Service, the User confirms that they have read this Policy and understand its terms. In cases where this is required by law, the processing of personal data is carried out on the basis of the separate consent of the User.

2.1.Personal data (PD) means any information relating directly or indirectly to a specific or identifiable individual.

2.2.Processing of personal data means any action or set of actions performed with personal data, including collection, recording, systematization, accumulation, storage, clarification, use, transfer, depersonalization, blocking, and destruction.

2.3.User means an individual who accesses the Service and/or uses its functionality.

2.4.Cookies are small pieces of data stored on the User’s device and transferred to the Service when using it.

2.5.Other terms have the meanings established by the laws of the Russian Federation.

3.1.Legal basis for processing. The Operator processes personal data on the following grounds:

• concluding and performing agreements with the User, including the user agreement and other agreements related to the use of the Service;
• the User’s consent to the processing of personal data - in cases expressly provided for by law;
• fulfilling the Operator’s duties under the laws of the Russian Federation;
• pursuing the Operator’s legitimate interests, provided that such interests do not violate the rights and freedoms of the User.

3.2.Purposes of personal data processing. Personal data is processed for the following purposes:

• providing access to the Service functionality and ensuring its operation;
• registration and identification of Users;
• communicating with Users, including processing support requests and inquiries;
• fulfilling the Operator’s obligations to Users;
• ensuring the security of the Service and preventing abuse;
• analyzing Service operation and improving its functionality;
• sending informational and advertising messages, where appropriate consent has been obtained;
• complying with the requirements of the laws of the Russian Federation.

4.1.The Operator processes the minimum required amount of personal data, which may include:

• User's email address;
• details of the User's payment method;
• account name and User name in third-party gaming services;
• data provided by the User when registering and using the Service;
• technical information, including IP address, browser, device and Cookie information.

4.1.1.If payment functionality is used, payment information is processed with the assistance of payment providers. The Operator does not store complete data of Users' bank cards.

4.1.2.The Operator does not process special categories of personal data or biometric personal data.

5.1.Personal data is processed according to the following principles:

• lawfulness and fairness;
• limitation of processing to the achievement of specific, predetermined purposes;
• minimizing the volume of processed data;
• accuracy and relevance of personal data;
• storing personal data no longer than necessary for the processing purposes;
• ensuring the security of personal data.

5.1.1.Processing of personal data is carried out using databases located on the territory of the Russian Federation.

6.1.The Service uses Cookies and similar technologies to ensure correct operation, analyze user activity and improve the quality of services provided.

6.2.The User can configure, block, or refuse cookies in the browser settings (for example, Chrome or Safari) or on the device used to access the Service. Information about setting, blocking, and deleting cookies is available in the help sections of the User’s browser or device.

7.1.The Operator may transfer personal data to the following categories of recipients:

• contractors and service providers engaged to support the operation of the Service (hosting, technical support, analytics);
• payment organizations - to the extent necessary to carry out settlements.

7.1.1.The transfer of personal data is carried out subject to the recipients' compliance with the requirements of confidentiality and security of personal data.

8.1.Cross-border transfers of personal data may be carried out by the Operator subject to the requirements of Article 12 of Federal Law No. 152-FZ.

8.2.In the event of such a transfer, the Operator takes measures to ensure an adequate level of protection of personal data.

9.1.The Operator takes the necessary legal, organizational, and technical measures to protect personal data, including:

• restriction of access to personal data;
• application of information security tools;
• control over actions with personal data;
• backups and measures to ensure the stability of information systems.

10.1.The User has the right to:

• receive information about the processing of their personal data;
• request clarification, blocking, or destruction of personal data;
• withdraw consent to the processing of personal data (in cases where processing is based on consent).

11.1.To exercise their rights, the User can send a request by email: privacy@gmtraffic.gg.

11.2.The Operator reviews the request within no more than 10 business days from the date of its receipt, unless a different period is established by law.

12.1.Personal data is processed until the purposes of processing are achieved or within the time limits established by the laws of the Russian Federation.

12.2.Once the processing purposes have been achieved, personal data is subject to destruction or depersonalization.

13.1.The Operator has the right to make changes to this Policy without prior notice to Users.

13.2.The current version of the Policy is published on the Service website and takes effect upon publication.

14.1.GMT Digital Ltd, registration number 457892, VAT: CY10457892K, registered address: Agiou Andreou 332, Patrician Chambers, Office 304, 3036 Limassol, Cyprus; email for inquiries regarding the processing of personal data: privacy@gmtraffic.gg.