Privacy Policy

Version of 08.08.2019
Please note! This Personal Data Processing Policy (hereinafter referred to as the Policy) describes in detail how our company treats personal data of Polygled users (hereinafter referred to as the Service). We respect the data shared with us by users of the Service and take their protection very seriously.
Each user wishing to use the Service must carefully read the provisions of the Policy before using the Service, which is accessed via the website https://polygled.com (hereinafter - the Site, Service) and ensure their security.

1. PROVIDER INFORMATION

1.1. Name: ABRUE TRADING LIMITED (further – Polygled or the Provider).
1.2. Address: Kennedy 12, Kennedy Business Centre, 2nd floor, 1087, Nicosia, Cyprus
1.3. Contacts: support@polygled.com.

2. GENERAL PROVISIONS

2.1. The Policy determines the procedure for provision, formation, processing, and storage of personal data submitted by Users for the purpose of providing the Service (the Provider's service, hereinafter referred to as the Service) or other purposes provided for in the Policy.
2.2. The Policy regulates relations from the moment of its acceptance by the User as a result of the registration procedure, use of the Services, or by performing other similar actions. 
2.3. Accepting the terms of the Policy, the User agrees to any methods of processing their personal data, including any action (operation) or set of actions (operations) performed with or without the use of such means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, erasure, destruction of personal data within the aims specified in the Policy.

3. PERSONAL DATA

3.1. Personal data includes any information about personal or factual circumstances of the User. 
3.2. Personal data may include: name, phone number, e-mail, place of residence, date of birth (age), payment details, addresses, information about social networks, means of electronic communication, data on the country of birth (origin), gender, identifiers of mobile devices, information about education, photos of Users or their documents and other information necessary for the provision of the Services, and equal to any other data about the User in accordance with the Federal Law of 27.07.2006 N 152-FZ "On Personal Data", which are specified or reported by the User themself or are necessary to use the Service and sign relevant agreements with Polygled.

4. LEGAL GROUNDS FOR PROCESSING

4.1. The User data is processed in accordance with the following legal provisions:
4.1.1. With regard to data to be reported on forms, etc., with the consent of the User, Art. 6 (1) (a) GDPR (General EU Data Protection Regulation (EU-GDPR);
4.1.2. With regard to the services that the User uses to perform the agreement, Art. 6 (1) (b) GDPR;
4.1.3. Otherwise, with special reference to statistics and network identifiers based on legitimate interests, Article 6 (1) (f) of the GDPR (see below).
4.2. Polygled processing is based on the principles of:
  • legality and fairness;
  • processing only personal data that meet the purposes of processing;
  • correspondence of the content and volume of processed personal data to the stated processing purposes. 
  • prohibiting the aggregation of databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other.
  • ensuring the accuracy of personal data, its sufficiency and, where necessary, its relevance to the purposes of personal data processing. Polygled shall take the necessary measures or ensure that they are taken to delete or clarify incomplete or inaccurate data;
  • storing personal data in a form that allows for the identification of the User for no longer than the purpose of personal data processing.
4.3. Processing the User's personal data is carried out in compliance with the Federal Law of July 27, 2006 No. 152-FZ "On Personal Data" and other regulations governing personal data protection, as well as taking into account the specifics of GDPR (General Regulation of the EU on Data Protection (EU-GDPR). 
4.4. The User's personal data related to race, political views, religious and philosophical beliefs, health status, and private life are not collected or processed.

5. LEGAL INTERESTS AND DATA SOURCES

5.1. When processing User data, we pursue the following legal interests:
  • Improving the Service;
  • Protection against misuse;
  • Service statistics and analytics.
5.2. Unless otherwise stated, we receive data from the User (including through the devices used by the User).
5.3. Polygled strictly adheres to the principles of confidentiality. The User agrees that Polygled may store several general levels of information about visits to the Site:
5.4. The first level of information includes static and other analytical information collected through integration with third-party resources (e.g., IP address, browser type, computer operating system, application version, language settings, and pages displayed). Also, the data identifying the User's mobile device, its specific settings, and characteristics, information about latitude/longitude.)
5.5. The second level of information is individual or personal information sent to Polygled. 

6. TRANSBOUNDARY TRANSFER

6.1. Polygled is a worldwide service. The data is transferred to third countries outside the User's country and outside the European Union. 
6.2. Transboundary transfer of personal data in foreign countries that are parties to the Council of Europe Convention for the Protection of Individuals with regard to Automatic Personal Data Processing, as well as other foreign countries that ensure adequate protection of the rights of personal data subjects, is carried out in accordance with the provisions of the Federal Law of 27.07.2006 N 152-FZ "On Personal Data" and may be prohibited or restricted in the manner and under the conditions established by the legislation of the Russian Federation.

7. PERSONAL DATA STORAGE 

7.1. We store User data:
  • If the User has consented to the processing (until such consent is revoked). Withdrawal of the consent can be made by the User's request to the Provider to delete the account, stating the reason for the deletion);
  • If the data is necessary for the Provider to fulfill legal requirements;
  • If the User's data is required to fulfill the agreement concluded between the Provider and the User;
  • If we use the data on the basis of a legitimate interest, as long as the primary interest of the User does not force us to delete or anonymize them.
7.2. Personal data of the User is stored electronically for the duration of Service provision, as well as for the period necessary to achieve the purposes of personal data processing. If necessary, personal data may be stored on paper or in any other form permitted by the laws of the Russian Federation.
7.3. In the event of termination of the use of the Service (expiration or termination of the agreement with the User), personal data of the User shall be blocked in accordance with the requirements of the legislation of the Russian Federation, unless such personal data is required for other purposes to be achieved by Polygled.
7.4. In accordance with the requirements of the Russian legislation, the User's personal data shall be erased after the termination of the grounds for their preservation. The erasure of the User's personal data prior to the expiration of this period may be performed on the basis of a written application from the User. 

8. PURPOSES OF USE

8.1. Personal data will only be collected by us to the extent and for the purposes for which the User provides us with this data, for example, to register an account.
8.2. We use and store User data for the following purposes and only if the User has explicitly consented to us:
  • Create a public user profile for the User on Polygled;
  • Provide a supervised community only for language learners, where access is limited to members only. We make every effort to prevent abuse and to prohibit offenders as soon as we are made aware of this;
  • To send information related to the service, e.g., by e-mail or push notifications (e.g., updating the User's status, missed calls / messages, new subscribers);
  • For targeting advertisements in the application;
  • Find Polygled partners nearby;
8.3. We use the User data only internally and only forward it to companies that participate in the execution of contracts with the User or otherwise participate in the provision of related services.
8.4. Otherwise, the User's information will not be passed on to third parties unless the User has given his or her explicit consent or unless we are obliged to disclose it - for example, at the behest of a court or administrative body.
8.5. We pass on the following User data to third parties:
  • In order to analyze how Polygled is used by our members and to optimize the service and design, anonymous use and personal data are shared with Google Analytics, Firebase Analytics, New Relic, Facebook Analytics and Rubylight Limited.
  • Names, device identifiers, e-mail addresses, and other personal information may be transmitted to OVH (OVH SAS) for the purpose of transmitting the information required for the provision of the Services via e-mail or push notifications. The User may control what type of messages they receive in their profile settings, completely disable push notifications for Polygled in their device settings and unsubscribe from e-mail notifications in each individual letter
  • To tailor ads to a particular User, we may share personal but anonymous information such as age and gender, as well as device identifiers with MoPub, InMobi, MyTarget, Admob from Google, the Facebook audience network, Ad Xchange and Fyber. iOS and Android devices have a resettable ad identifier that companies can use to target ads based on the applications used by the user.
8.6. Both iOS devices and Android devices allow the User to opt out of using the identifiers of mobile advertising in order to show the User targeted advertising. For iOS, the User is required to enable the "Restrict ad tracking" option in the settings of the iOS device. For Android, you must "Disable ad personalization" on your Android device.
8.7. We create profiles of Polygled members based on their login details and use these profiles and the information provided by the User for the following purposes:
  • We create an open Polygled member profile for the User so that they can find the most suitable language exchange partners to communicate with. While some elements of a User's profile, including their name, age, profile image, language settings, profile responses, current city, time zone, and topics, are publicly available, only members of the community may contact the User through the Polygled app. We never show a User's email address, exact location, last name, or any information that the User has chosen not to share with other users in the User's profile settings
  • To make Polygled a safe place for language learners, we take violations of our community rules very seriously. Therefore, we retain anonymous personal data of banned Users for 18 months and may deny access to the community on this basis during this period.
  • In order to control advertisements related to the target group, we record information about activities on the Service (for example, through banner ads, screen clicks, page views, etc.). Recording is done under an alias and we may use it to provide Users with advertisements that are tailored to their interests.
8.8. A cookie may be stored on a User's device for this purpose. Cookies are small text files that are stored on a User's hard drive. They allow to recognize the User's computer but do not allow to identify the User personally.
8.9. If the User does not want cookies to be applied, the User can refuse by using the User's browser settings. On mobile devices, the User may refuse to publish advertising identifiers.
8.10. The user can edit, hide and delete personal data in the "My Profile" settings in the Polygled application. You can also request the deletion of your account or change certain profile information through Polygled Support (support@polygled.com).
8.11. Personal information will only be used by Polygled for the following purposes:
  • Providing Services;
  • Using the Site;
  • Providing technical, informational support in connection with the use of the Site and the provision of the Services;
  • To eliminate any deficiencies identified in the course of providing the Services;
  • Improving the quality of Services;
  • Interaction between the Provider and the User (hereinafter referred to as the Parties);
  • Payments for Services;
  • Advertising, news and information mailing;
  • Providing interaction and dispute settlement with other Users;
  • Fulfillment of other obligations imposed on Polygled by law or contract (including provisions of the Policy).
  • When an Internet user accesses the Site on a device used by him/her for access, cookies may be recorded which will be used for:
  • Automatic authorization of the User on the Site, as well as for collecting statistical data about Users;
  • Realizing relations on providing Polygled with data from cookies to third parties for them to carry out activities on displaying targeted advertising and information materials on the Internet and/or for the purpose of providing other services to the User by such persons.
  • Implementation by the Site of other technical actions necessary for the convenience of Polygled and the User.
8.12. In fact, by using the Site, the User agrees that Polygled may collect and process data from cookies for the purposes set out in the Policy and may transfer such data to third parties in the cases listed in the Policy.
8.13. Polygled may transfer User's personal data to third parties (including, but not limited to, any couriers and transport companies, payment systems, banks, subcontractors, subagents, etc.) for the purpose of providing the Services, if such persons are engaged by Polygled, as well as by Polygled employees, without additional consent of the User. 
8.14. Third parties involved may not use User's personal data for their own purposes or for any other purposes unrelated to the provision of the Services.
8.15. Polygled may transfer the User's personal data to third parties on the User's behalf, as well as in other cases where such transfer is allowed without the consent of the User and is mandatory by law.

9. DATA PROTECTION

9.1. We have taken extensive technical and organizational measures to protect User data from potential risks, such as unauthorized entry or access, unauthorized reading, modification or distribution, and loss, deletion or misuse.
9.2. In order to protect the User's personal data from unauthorized access by third parties during transmission, we protect the transmission of data, if necessary, using SSL and TLS encryption. This is the standard encryption procedure for online and mobile services, especially for the Internet. Encryption is not supported in China.
9.3. Regarding video and audio chats: we will not track, record or broadcast video and audio chats at any time. However, we cannot prohibit the User's chat partners from broadcasting live or recorded chat sessions without the User's permission or our permission through third-party websites or services. We recommend that you exercise caution when disclosing any information, personal or otherwise, during video or chat.
9.4. Video and audio communications on Polygled are performed via Voximplant, a cloud-based communication platform for business and developers. Policy - https://voximplant.ru/legal/privacy 
9.5. Polygled uses two operators, Bulksms and SMS Traffic, to send mass SMS/MMS messages
9.6. The User's personal data is subject to protection against unauthorized access and distribution in accordance with internal rules and regulations.
9.7. The protection of the User's personal data is ensured through:
  • prevention of unauthorized access to processed personal data of the User.
  • preventing unauthorized actions on modification, distortion, distribution, blocking, destruction of processed personal data of the User.
  • ensuring confidentiality of processed personal data of the User.
  • The measures to protect personal data may include: 
  • appointing a person responsible for organizing the processing of personal data, and a person responsible for ensuring the security of personal data;
  • developing and approving local acts on processing and protection of personal data;
  • application of legal, organizational and technical measures to ensure the security of personal data: identification of threats to the security of personal data during their processing in the information systems of personal data;
  • application of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems, necessary to meet the requirements for personal data protection, the execution of which ensures the levels of protection of personal data established by the Government of the Russian Federation;
  • application of the information protection means that have passed in the established assessment procedure;
  • assessment of the effectiveness of measures taken to ensure the security of personal data prior to the commissioning of the personal data information system;
  • registration of machine carriers of personal data, if storage of personal data is carried out on machine carriers;
  • detection of unauthorized access to personal data and taking measures to prevent such incidents in the future;
  • recovery of personal data modified or destroyed as a result of unauthorized access to it;
  • establishing the rules of access to personal data processed in the personal data information system, as well as ensuring registration and accounting of all actions taken with personal data in the personal data information system.
  • control over the measures taken to ensure the security of personal data and the level of security of personal data information systems;
  • assessment of the harm that may be caused to Users in case of violation of the Law, the ratio of the said harm to the measures taken by Polygled to ensure the fulfillment of the obligations provided by the Law;
  • compliance with the conditions that exclude unauthorized access to personal data carriers and ensure the safety of personal data;
  • education of Polygled employees directly involved in the processing of personal data on the provisions of the legislation of the Russian Federation on personal data, including the requirements for personal data protection, local acts on the processing and protection of personal data, and training of Polygled employees.
9.8. Specific measures for personal data protection are determined by Polygled independently, taking into account the existing local regulations and requirements of the legislation of the Russian Federation.
9.9. In any case, Polygled is obliged to take the following measures to protect the confidentiality of personal data:
  • developing and approving local acts on personal data processing and protection issues;
  • application of legal, organizational and technical measures to ensure the security of personal data;
  • detection of unauthorized access to personal data and taking measures to prevent such incidents in the future;
  • restoring personal data modified or destroyed as a result of unauthorized access to it;
  • control over the measures taken to ensure the security of personal data and the level of security of personal data information systems;
  • compliance with the conditions that exclude unauthorized access to material carriers of personal data and ensure the safety of personal data.
  • other measures, if their adoption is necessary in accordance with the legislation of the Russian Federation.

10. INFORMATION FOR CHILDREN

10.1. Children under 13 years of age may not use Polygled without the consent of their parents (legal representatives) unless otherwise provided by the User's national law.
10.2. If the User is a parent and learns that the User's child is using Polygled and the User wants them to do so, they may contact support@polygled.com.

11. COOKIES

11.1. Cookies are small files that the User's browser stores on the User's device in a directory specially designed for this purpose. These cookies can be used, for example, to find out if the User has already visited the Site. Most browsers accept cookies automatically. However, the User may change the settings in their browser so that cookies are not stored or so that the explicit consent of the User is required before they are stored. The User can also delete previously installed cookies at any time. Please note that disabling cookies may result in a restriction of the User's use of the Site.
11.2. We need cookies to: 
  1. store the information so that the User does not have to re-enter it during the User's visit or the next visit to the site; 
  2. provide personalized content and information; 
  3. provide and monitor the effectiveness of the Service; 
  4. to monitor and aggregate such indicators as the total number of visitors, traffic and demographic characteristics; 
  5. to diagnose or eliminate technological problems; 
  6. to help the User effectively access User information after logging in; 
  7. provide advertising that can be adapted to the User's interests; 
  8. ensure the safety of the polygled.community for members.

12. REGISTRATION AND AUTHENTICATION

12.1. By registering or authenticating, Users allow Polygled to securely identify them and provide them with access to its services. Depending on what is described below, third parties may provide registration and authentication services. In this case, Polygled will be able to provide such persons with personal information about the User, in particular: 
12.1.1. Facebook Authentication (Facebook, Inc.): Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and connected to the Facebook social network. The personal data collected are different types of data as specified in the privacy policy of the service. Place of processing: USA, privacy policy https://www.facebook.com/policy.php 
12.1.2. Firebase Authentication (Google Inc.): Firebase Authentication is a registration and authentication service provided by Google Inc. To simplify the registration and authentication process, Firebase Authentication can use third-party identity providers and store information on its platform. Personal data collected: phone number. Place of Processing: USA, Privacy Policy https://policies.google.com/privacy
12.1.3. Google OAuth (Google Inc.): Google OAuth is a registration and authentication service provided by Google Inc. and connected to the Google network. Personal data collected: different types of data as specified in the privacy policy of the service. Place of processing: USA, Privacy Policy  http://tools.google.com/dlpage/gaoptout?hl=de
12.1.4. Weibo (Sina.com): Weibo is a registration and authentication service provided by Sina.com and connected to the Sina Weibo social network and SDK. Personal data collected: different types of data as described in the privacy policy of the service. Location: China, Privacy Policy  https://www.weibo.com/overseas
12.1.5. WeChat (Tencent Inc.): WeChat Auth is a registration and authentication service provided by Tencent Inc. and connected to the WeChat network and SDK. Personal data collected: different types of data as described in the privacy policy of the service. Place of processing: Canada and Hong Kong, Privacy Policy https://www.wechat.com/mobile/en/privacy_policy.html
12.2. Hosting and Backend Infrastructure.
12.2.1. This type of service is designed to host data and files that allow Polygled to run and distribute, as well as to provide a ready-made infrastructure to run certain functions or parts of Polygled. Some of these services run through geographically distributed servers, making it difficult to determine where your personal information actually resides.
12.2.2. OVH (OVH SAS) is a provider of dedicated servers, shared and cloud hosting, domain name registration, and VoIP telephony services. Place of processing  - https://us.ovhcloud.com/legal/privacy-policy
12.2.3. Amazon Web Services (AWS) (Amazon Web Services, Inc.): Amazon Web Services is a hosting and server service provided by Amazon.com Inc. Personal data collected: different types of data as described in the privacy policy of the service. Place of processing: USA, Privacy Policy https://aws.amazon.com/ru/legal/?nc1=f_cc
12.2.4. Google Cloud Platform (Google Inc.): Google Cloud Platform is a hosting and server service provided by Google Inc. Personal data collected: different types of data as described in the privacy policy of the service. Place of processing: USA, Privacy Policy https://policies.google.com/privacy

13. PAYMENT PROCESSING

13.1. The Payment Processing Services allow Polygled to process payments, e.g. for the use of the Service or the services provided by the User. In order to ensure greater security, Polygled does not process or store credit card data but uses only the information necessary to perform transactions with financial intermediaries that process the transaction.
13.2. Some of these services may also allow you to send messages on a timely basis, such as emails containing invoices or notifications regarding payment.
13.2.1. CardPay (CardPay Inc.) is an e-commerce company, a major member of MasterCard Europe, Visa Europe and UnionPay International, which accepts and processes online payments. Place of processing: Cyprus, Privacy Policy https://www.cardpay.com/site/assets/files/1079/cp_privacy_notice_v_01.pdf
13.2.2. PayPal is a payment service that allows users to make payments through their PayPal account. Personal data collected: different types of data as specified in the privacy policy of the service. Place of processing: USA, Privacy Policy https://www.paypal.com/webapps/mpp/ua/privacy-full
13.2.3. Android Pay (Google Inc.): Android Pay is a payment service provided by Google Inc. that allows users to make payments using their mobile phones. Personal data collected: different types of data as specified in the privacy policy of the service. Place of processing: USA, Privacy Policy  https://policies.google.com/privacy
13.2.4. Apple Pay (Apple Inc.): Apple Pay is a payment service provided by Apple Inc. that allows users to make payments using their mobile phones. Personal data collected: different types of data as specified in the privacy policy of the service. Place of processing: USA, Privacy Policy https://www.apple.com/ru/legal/privacy/ru/
13.2.5. Stripe (Stripe Inc.): Stripe is a payment service provided by Stripe Inc. Personal data collected: different types of data as described in the privacy policy of the service. Place of processing: USA, Privacy Policy https://stripe.com/en-US/privacy
13.3. The minimum amount of withdrawal from the account in Polygled is $50. Until the specified amount is on the balance of the User it is impossible to make a request for withdrawal of funds.
13.4. Polygled processes requests for withdrawal of funds from the Service within 72 hours. During this time, the amount specified in the request is transferred to the details specified by the User.

14. INFRASTRUCTURE MONITORING

14.1. This type of service allows Polygled to monitor the use and behavior of its service components, so its functions, performance, operation, maintenance, and troubleshooting can be improved. Which personal data is processed depends on the characteristics and the way in which these services are implemented, the function of which is to filter the actions of Polygled.
14.2. Crashlytics (Google Inc.): Crashlytics is a monitoring service provided by Google Inc. that allows Polygled to improve application stability and reduce application crashes. Personal data collected: geographic location, unique device identifiers for advertising (for example, Google advertiser identifier or IDFA) and various types of data, as specified in the privacy policy of the service.
14.3. Adjust (Adjust GmbH) - This service uses, among other things, "adjust" analysis technology to analyze the IP and Mac addresses of users, but only under the conditions of anonymity. In this case, it is not possible to identify a specific person. By using this website/application for the purpose of analysis, the user gives their consent to the processing of the data collected on the basis of anonymity in the manner and for the purpose mentioned above. Data collection and storage by means of adjust technologies can be cancelled at any time with effect on the future. To do this, please click on the following link: https://www.adjust.com/opt-out/.

15. FINAL PROVISIONS

15.1. The Policy may be changed unilaterally without prior notice to the User. The new version of the Policy comes into force from the moment of its placement on the Site.
15.2. The new version of the Policy is always applied to the rights and obligations of the Parties unless otherwise provided by the nature of legal relations. The new version of the Policy applies to the previously valid legal relations between Polygled and the User. 
15.3. In everything else not regulated by the Policy, the Parties shall be guided by the legislation of the Russian Federation, national legislation of the User, as well as international legislation.