Privacy Policy

This Privacy Policy (hereinafter, the “Policy”) is adopted by Sole Proprietor M. A. Kobzar (OGRN, INN, registered address: [to be filled]) (hereinafter, the “Company”) and applies to all information that the Company may receive about a visitor of the website https://kirtitiaga.com/ (hereinafter, the “Website”) from any device and through any form of communication with the Company.

By using the Website (viewing, reading content, submitting, or uploading information) and providing personal data, the visitor gives consent to the processing of personal data in accordance with this Policy.

Definitions and composition of personal data

Personal data – any information relating directly or indirectly to an identified or identifiable individual (data subject).

Processing of personal data – any action (operation) or set of actions performed with personal data, with or without the use of automation tools.

The Company processes personal data of Website visitors, including surname, name, patronymic, date of birth, contact phone number, ID document details, registration address, email address, delivery address, and other data. The Company performs processing through collection, systematization, accumulation, storage, updating (revision, modification), use, dissemination (including transfer), anonymization, blocking, and destruction.

Cookies

Cookies – small text files stored in visitors’ browsers.

The Website automatically collects the following anonymized statistical data from cookies, including but not limited to:

• type of action performed on the site (click, hover, etc.);
• date and time of the action;
• page URL;
• Referer;
• IP address (without access to IP management in analytics);
• User-Agent;
• ClientID (browser identifier from the cookie file);
• screen resolution;
• HTML element class clicked by the user;
• data about viewed, enabled, or disabled services, including identifiers, names, and connection fees;
• data on product card views, clicks, cart additions/removals, and product pricing;
• order details including content, cost, and fulfillment status;
• data on form submissions and related errors.

By using the Website, the visitor agrees that the Company may use statistical data and cookies for further processing by Google Analytics, Yandex.Metrica, Google Firebase, and may transfer data to third parties for research, service, or analysis purposes on behalf of the Company.

Visitors may manage cookie settings via their browser. Blocking cookies may result in limited access to some Website features.

By using the Website, including completing web forms, the visitor agrees to receive promotional materials and to the use of their data for marketing purposes, including direct communication by the Company.

Purposes of data collection and processing

The Company processes personal data solely for the purposes for which it was provided, including:

• identification of the Website visitor;
• registration in the personal account;
• execution of a sales contract;
• provision of information about the Company and its services;
• familiarization with legal documents of the Company and fulfillment of legal obligations;
• establishing feedback, including notifications and responses to inquiries;
• verification of the accuracy and completeness of personal data provided;
• other purposes with the visitor’s consent.

Once processing purposes are achieved, or in cases provided by applicable law, the visitor’s personal data will be destroyed.

Visitor rights

Website visitors may exercise their rights under the Russian Federation’s data protection laws, including but not limited to:

• updating, correcting, blocking, or deleting personal data;
• requesting a list of processed personal data, legal grounds, sources, processing and storage terms, and other related details.

The visitor grants consent for data processing for the period necessary to achieve the stated purposes. The visitor may withdraw consent at any time by sending a written request to info@kirtitiaga.com.

Data security

The Company guarantees adequate protection of personal data. Legal, organizational, and technical measures are applied to prevent unauthorized access, including:

• access control to information systems processing personal data;
• prevention of malware installation in systems handling personal data;
• firewall protection, access management, and network address translation to conceal system structure;
• intrusion detection in systems processing personal data;
• vulnerability analysis using specialized software tools.

Access to personal data is granted only to authorized Company employees.

Final provisions

The Company may amend or supplement this Policy as necessary or when required by data protection law of the Russian Federation.

The visitor can always view the current version of the Policy on the Website. Continued use of the Website confirms acceptance of any changes.