Personal Data Processing Policy

1. General Provisions

This Personal Data Processing Policy is prepared in accordance with Federal Law No. 152-FZ “On Personal Data” dated July 27, 2006 and defines the procedure for personal data processing and measures to ensure safety and confidentiality of personal data at Push World Inc.

The partner of Push World Inc, Amazon SES, acts as an operator as part of personal data processing.

The operator aims to carry out its activity by respecting human and citizen rights and freedoms during the processing of personal data, including by protecting the right of privacy, personal and family secrets.

This Operator’s policy regarding personal data processing (hereinafter referred to as the “Policy”) shall apply to all information which the Operator may receive about the visitors of website https://push.world/en.

2. Main terms used in the Policy

Automated Processing of Personal Data means personal data processing using computer equipment;

Personal Data Blocking means suspension of personal data processing (except when processing is required for the personal data specification);

Website is a combination of graphic and information materials, as well as computer software and data bases which ensure their availability in the Internet at web-address: https://push.world/en;

Personal Data Information System means a combination of personal data contained in databases as well as the information technologies and hardware supporting its processing;

«Personal Data Confidentiality» means the requirement for non-disclosure of personal data without the consent of the personal data subject or any other legal ground, which requirements shall be binding upon the Operator or other person accessing personal data;

Personal data anonymization means actions as a result of which it becomes impossible to match personal data with a specific User or another personal data subject without the use of additional information;

«Personal Data Processing» — means any personal data action/operation or a totality of personal data actions/operations which may be performed through the use of automation tools or without using the same, including the collection, recording, systematization, accumulation, storage, refinement (update, modification), retrieval, usage, transmission (disclosure, provision, access), anonymization, blocking, deletion, destruction of personal data;

«Operator» means government authority, municipal authority, juridical or natural person that individually or together with other persons organizes and/or performs the processing of personal data, as well as defines the goals of personal data processing, the composition of personal data to be processed, the actions (operations) involving personal data;

«Personal data» means any information which relates directly or indirectly to a specific or specifiable User of website https://push.world/en;

«User» is any user of website https://push.world/en;

«Personal data provision» means actions aimed at the personal data disclosure to a certain person or a set of people;

«Personal data distribution» means any actions aimed at the disclosure of personal data to general public (transmission of personal data) or introduction of personal data to an unlimited range of persons, including publication of personal data in the mass media, publications in the information and telecommunication networks or granting access to the personal data by any other method;

«Cross-border transmission of personal data» means transmission of personal data to the territory of a foreign state, public authority of a foreign state, foreign individual or foreign legal entity;

«Personal data destruction» means any actions as a result of which personal data is permanently destroyed without an opportunity to restore its content in the personal data information system and (or) as a result of which tangible media with personal data are destroyed.

3. Operator may process the following User’s personal data

E-mail address; telephone number; website name.

The website also collects and processes anonymized data on its visitors (including cookies) using web statistics services (Yandex.Metrica, Google Analytics etc.).

These data shall be hereinafter collectively referred in this Policy as «Personal Data».

4. Purposes of personal data processing

The purpose of User’s personal data processing is to ensure service functioning and provision of information to the users.

The Operator also has a right to send notifications of new products and services, special offers and various events to the User. The User can at any time refuse to receive information messages by sending a letter marked «Refusal to receive notifications about new products and services, and special offers» to the Operator at the following e-mail address: support@push.world

Anonymized User data gathered through web statistics services is used to collect the information about the actions taken by the Users on the website and improve the website quality and content.

5. Legal grounds for personal data processing

The Operator shall process User’s personal data only upon completion and/or submission of this data by the User through special forms which can be found on https://push.world/en. By completing the relevant forms and/or sending his/her personal data to the Operator the User shall confirm his/her consent with this Policy.

The Operator shall process anonymized User’s data if it is permitted by the User’s browser settings (activation of cookie saving and use of JavaScript technology). Cookie processing policy is described in detail on https://push.world/en/cookie.

6. Procedure for collection, storage, transmission and other processing of personal data

Safety of personal data processed by the Operator shall be ensured by implementation of legal, organizational and technical measures required to fully comply with the existing legislation in the field of personal data protection.

The Operator must ensure the integrity of personal data and take all possible measures to exclude the access to personal data by unauthorized persons.

User’s personal data can be provided to third parties if it is provided for in the existing legislation (tax, law enforcement agencies etc.) and/or this Policy only with the User’s consent which must be expressed in accordance with Section 5 of this Policy.

This Policy defines business partners and service providers with whom Push World Inc maintains business relationship as part of the provision of access to the Website and relevant services as third parties.

Push World Inc shall send a list of third parties to whom the User’s personal data has been provided upon the User’s written request to the e-mail address of Amazon SES operator within a reasonable time period.

If any piece of personal data is found inaccurate, the User may update it by sending a notification marked «Update of personal data» to the Operator at the e-mail address of Amazon SES operator.

The period of personal data processing is unlimited. The Use may at any time withdraw his/her consent with personal data processing by sending a notification marked «Withdrawal of consent with personal data processing» to the Operator at the e-mail address of Amazon SES operator.

7. Cross-border transmission of personal data

Before proceeding to the cross-border transmission of personal data, the Operator must make sure that the foreign country to which it is planned to transmit personal data provides reliable protection of the rights of personal data subjects.

The cross-border transmission of personal data on the territory of foreign countries which do not meet the above-mentioned requirements can be performed only subject to the written consent of the personal data subject with the cross-border transmission of his/her personal data and/or performance of the agreement concluded by a personal data subject.

8. Linkage between this Policy and General Data Protection Regulation

This Personal Data Processing Policy is drawn up also in accordance with the General Data Protection Regulation (GDPR).

Push World Inc. shall not act as a data operator or a data controller according to the GDPR definition and shall not be liable as a data operator and/or a data controller according to the GDPR regulations, because it does not gather and process personal data of the Subjects and does not define their use and goal.

Amazon SES acts as a data operator and a data controller according to GDPR and bears the appropriate liability.

Additional rights for the European Economic Area and some other territories:

  • a right to request the copies of stored User’s data.
    If the User wants to receive a copy of a part or all of his/her personal data that is stored, he/she shall send an e-mail message to Amazon SES.
  • a right to challenge personal data processing.
  • a right to receive personal data in a structured, widely used and machine-sensible format
  • a right to arrange the transmission of data from the current controller to another controller, provided that:
    1. data is processed with the consent or under the agreement, and
    2. data is processed with automation equipment.
    To exercise this right, it is required to send an e-mail message to Amazon SES.
  • a right to be forgotten.
    For complete destruction of all User’s data, it is required to send an e-mail message to Amazon SES.
  • a right to file complaints regarding the collection and use of User’s personal data by the Operator to the data protection agency.

9. Safety and confidentiality of personal data

The safety and confidentiality of personal data processed by the Operator shall be ensured by implementation of legal, organizational and technical measures required to comply with the federal legislation in the field of personal data protection.

To prevent unauthorized access to personal data, the Operator shall take the following organizational and technical measures:

appointment of officers responsible for organization of personal data processing and protection; limitation of number of persons eligible to perform personal data processing; introduction of the requirements for personal data processing and protection, which are set out in the federal legislation and Operator’s regulatory documents, to the subjects; organization of recording, storage and handling of media containing personal data; identification of risks to the safety of personal data during its processing and generation of risk models based on this data; development of personal data protection system on the basis of risk models; checking the readiness and effectiveness of using the information protection tools; separation of user access to information resources, hardware and software means of information processing; registration and recording of actions taken by the users of information systems of personal data; use of antivirus tools and tools for restoration of personal data protection system; (when necessary) use of firewalling, intrusion detection, protection analysis tools and data encryption tools; organization of pass control at the entrance to the Operator’s territory, protection of rooms equipped with technical tools of personal data processing.

10. Final provisions

Push World Inc may amend this Personal Data Processing Policy without the User’s consent.

The User may receive any explanations in response to his/her questions regarding the processing of his/her personal data by sending an e-mail message to Amazon SES.

This document will describe any amendments to the personal data processing policy, which have been made by the Operator. The policy shall be valid for an unlimited term until it is replaced with its new version.

The up-to-date version of this Policy is freely available on https://push.world/en/privacy.