This personal data processing policy is compiled in accordance with the requirements of the Federal Law "On Personal Data" of 27.07.2006 No. 152-FZ and the General Data Protection Regulation (GDPR) and defines the procedure of processing of personal data and measures to ensure the security of personal data by the individual entrepreneur Obukhov Nikita Valentinovich (hereinafter—the Operator).

1.1. The Operator's main purpose and condition for its actions is to ensure observance of human and civil rights and freedoms when processing their personal data, including protection of the rights to privacy, and personal and family privacy.

1.2. The present policy of the Operator in relation to the processing of personal data (hereinafter—the Policy) applies to all information that the Operator can receive about visitors of the tilda.education/en website.

2.1. "Automated processing of personal data" is the processing of personal data with the help of computing equipment;

2.2. "Blocking of personal data" is a temporary suspension of processing of personal data (except when the processing is necessary to clarify personal data);

2.3. "Website" is a complex of graphic and informational content, as well as software and databases ensuring their availability on the Internet at the tilda.education web address (hereinafter—the Website);

2.4. "Personal data information system" is a set of personal data contained in databases of personal data and information technology and technical means providing their processing;

2.5. "Depersonalization of personal data" is actions as a result of which it is impossible to determine, without using additional information, what personal data belongs to a particular User or another subject of personal data;

2.6. "Processing of personal data" is any action (operation) or set of actions (operations) performed, with or without the use of automated means, with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;

2.7. "Operator" is a state authority, municipal authority, legal entity, or individual, independently or jointly with other persons, arranging and (or) carrying out the processing of personal data, as well as determining the purpose of the processing of personal data, the scope of personal data to be processed, actions (operations) performed with personal data;

2.8. "Personal data" is any information pertaining to a directly or indirectly identified or identifiable User of the Website;

2.9. "User" is any visitor to the Website;

2.10. "Provision of personal data" is actions aimed at disclosure of personal data to a certain person or a certain group of persons;

2.11. "Distribution of personal data" is any action aimed at disclosure of personal data to an indefinite range of persons (transfer of personal data) or at familiarizing an unlimited range of persons with personal data, including publication of personal data in mass media, placement in information and telecommunication networks, or providing access to personal data in any other way;

2.12. "Destruction of personal data" is any actions as a result of which personal data is destroyed irretrievably with the impossibility of further restoration of the content of personal data in the personal data information system and (or) as a result of which physical media of personal data are destroyed.

3.1. User's email address.

3.2. User's last name, first name.

3.3. User's social media account.

3.4. The Website can also collect and process visitors' anonymized data (including cookies), using web statistics services (Google Analytics and Yandex Metrica, etc.).

3.5. The above-mentioned data hereinafter in the text of the Policy are referred to as Personal Data.

3.6. The User may be asked for permission to provide access to their third-party Services accounts, including but not limited to public file storage, instant messaging service, social media, etc., in accordance with the purpose of the processing of personal data set forth in this Policy. In this case, the Platform may receive additional personal data from third parties, including but not limited to gender, location, user avatar (userpic), etc. All information available through a third-party service provider is processed and stored in accordance with the User Agreement and Privacy Policy.

Payment of the fee of a non-exclusive license, according to which the User gets access to the Course, is made by using one of the payment systems: Stripe.com, PayPal, or CloudPayments. These payment systems collect and store financial information in accordance with their User Agreement and Privacy Policy.

The Administration does not store the full card details and does not process the payments, receiving from the payment system only a notification of a successful payment.

In the process of receiving the payment, the Administration may collect additional information related to the payment made by the User, including but not limited to the transaction number, time of the transaction, type and validity period of the card used for payments, as well as the last four digits of the card number, name of the cardholder, country, and city in which the money was charged from the card.

4.1. The purpose of processing the User's personal data is to provide the User with access to services, information, and/or materials published on the Website. The Operator also has the right to send the User notifications about new products and services, special offers, promotions, etc. The User can always refuse to receive informational messages by sending an email to the Operator's email address legal@tilda.cc.

4.2. The Users' anonymized data collected with the help of Internet statistics services are used for collecting information about the Users' actions on the Website, improving the quality of the Website and its content.

5.1. The Operator processes the User's personal data only if the User fills in and/or sends it on their own through the special forms published on the Website. By filling out the relevant forms and/or sending their personal data to the Operator, the User expresses their consent to this Policy.

5.2. The Operator processes the anonymized data about the User in case it is allowed in the settings of the User's browser (the saving of cookie files and/or the use of JavaScript technology is enabled).

Security of personal data processed by the Operator is ensured by implementing legal, organizational, and technical measures necessary to meet in full the requirements of applicable legislation in the area of personal data protection.

6.1. The Operator provides the security of personal data and takes all possible measures aimed at excluding access to personal data by unauthorized persons.

6.2. Personal data of the User will never, under no circumstances be transferred to third parties, except in cases related to the execution of the applicable legislation.

6.3. In case of identification of inaccuracies in personal data, the User may update them on their own by sending a notice to the Operator's email address legal@tilda.cc marked "Updating of personal data".

6.4 The period of processing of personal data is determined by the length of time required to achieve the purpose of processing personal data specified by Section 4 of the Policy.

6.5. The User may withdraw their consent to the processing of personal data at any time by sending a notice by email to the Operator's email address legal@tilda.cc marked "Withdrawal of consent to the processing of personal data".

6.6. The main ways in which the Administration receives personal data from the User are:

a) The User provides personal data directly (e.g., when registering or using a payment system);

b) Personal data is collected automatically when the User browses or uses the Website, such as with the help of cookie files. Cookie files are small pieces of text sent by a server and stored on the User's computer. Cookies perform many functions, such as saving the settings made by the User, allowing to switch between pages after authorization, and in general simplifying the use of the Website.

The Administration uses cookies for:

a) Identification—cookies allow to recognize the device and the User's Account if the User has entered a login and password and not to ask them each time they open another page;

b) Statistics—cookies allow collecting the data on browsing certain pages.

The User can disallow the browser to accept cookies, but this will significantly limit their ability to use the Platform.

6.7. The Administration may disclose the User's personal data within the law or for the protection of rights and interests if such disclosure is necessary for compliance with the law, for the protection of the rights of the Administration or third parties, as well as for the protection of property and/or interests (such as compliance with the terms of the User Agreement), or for the prevention of fraud. In particular, the Administration may disclose the personal data of the User in response to official requests from public authorities, for example, to meet the requirements of national security or law enforcement authorities.

The Administration may exchange personal data with third parties in order to provide customized advertising to the User and analyze and control its effectiveness. For example, the Administration may use an encrypted email address to customize social media advertisements so as not to show advertisements to the persons who are already Users of the Website.

7.1. The Operator in the course of processing personal data does not carry out the cross-border transfer of personal data.

8.1. The User may obtain any explanations on questions of interest regarding the processing of their personal data by contacting the Operator through email at legal@tilda.cc.

8.2. The User can update, change, or delete the Personal Data they have provided in the Personal Account directly or by sending a corresponding request to the email address legal@tilda.cc. The same address may be used by the User to request the deletion of the Account. For technical reasons, the information may not be deleted immediately, but with a delay. It should also be taken into account that some information may be retained to the extent necessary to fulfill legal obligations, settle disputes, prevent fraud, and protect the legitimate interests of the Administration.

8.3. This document will reflect any changes in the personal data processing policy by the Operator. The Policy is valid indefinitely until it is replaced with a new version.

8.4. The updated version of the Policy is freely available on the Internet at https://tilda.education/en/privacy