APPROVED
Sole Proprietor
Evgeny Alekseevich Golovanov
July “01,” 2026
PRIVACY POLICY
1. General Provisions1.1. This Personal Data Processing Policy (hereinafter referred to as the “Policy”) sets forth the procedures for processing personal data and the measures to ensure the security of personal data implemented by Sole Proprietor Evgeny Alekseevich Golovanov (TIN 362103080174, OGRNIP 326508100307513, address: 140150, Moscow, Moscow Region, Ramensky Municipal District, Bykovo Township, Aeroportovskaya Street, 1, Office 15) (hereinafter referred to as the “Operator”).1.2. This Policy has been developed in accordance with Federal Law No. 152-FZ of July 27, 2006, “On Personal Data,” and other regulatory legal acts of the Russian Federation governing the processing of personal data.1.3. This Policy applies to all personal data that the Operator may collect about users of the mildway.ru website.2. Key Terms Used in the Policy2.1. Personal data—any information relating, directly or indirectly, to an identified or identifiable natural person (data subject).2.2. Processing of personal data—any action (operation) or set of actions (operations) involving personal data, whether performed using automated means or without such means.3. List of Personal Data Processed3.1. The Operator processes the following personal data of Users:- last name, first name, middle name;
- contact phone number;
- email address;
- IP address;
- data provided when filling out forms on the Website;
- Information about the User's activities on the Site (using cookies and web analytics services).
3.2. The operator does not process special categories of personal data relating to race, national origin, political opinions, religious or philosophical beliefs, health, or sex life.4. Principles Governing the Processing of Personal Data4.1. The processing of personal data is carried out in accordance with the following principles:- legality and justice;
- limiting the processing of personal data to the achievement of specific, predetermined, and legitimate purposes;
- preventing the processing of personal data in a manner inconsistent with the purposes for which the personal data was collected;
- the accuracy, adequacy, and timeliness of personal data;
- Personal data shall be stored in a form that allows for the identification of the data subject for no longer than is necessary to fulfill the purposes of the processing.
5. Purposes of Personal Data Processing5.1. The Operator processes Users’ personal data for the following purposes:- providing information about products, services, and special offers;
- processing user requests and inquiries;
- entering into and performing contracts with Users;
- conducting advertising and marketing activities (with consent);
- to improve the quality of the Website and conduct statistical research.
6. Timeframes for the Processing and Storage of Personal Data6.1. The period for which personal data is processed is determined by the achievement of the purposes for which it was collected, unless a different period is specified in a contract or by law.6.2. Personal data is retained only for as long as necessary to fulfill the purposes of its processing, but no longer than 5 years from the date of the last interaction with the User.6.3. Upon expiration of the retention period or when other legal grounds arise, personal data shall be destroyed or anonymized.7. Procedure for the Destruction of Personal Data7.1. The destruction of personal data is carried out by a commission appointed by the Operator. The destruction is documented in a Personal Data Destruction Report.7.2. The methods for destroying personal data are determined based on the type of data storage medium:- Paper documents are destroyed by shredding or incineration;
- Electronic media are destroyed by erasing the information or physically destroying the media.
7.3. Personal data processed in information systems is destroyed by deleting records from databases in a manner that makes them irrecoverable.8. Measures to Ensure the Security of Personal Data8.1. The Operator shall take the necessary legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, disclosure, or dissemination, as well as from other unlawful actions.8.2. Security measures include:- appointing individuals responsible for organizing the processing of personal data;
- implementation of organizational and technical security measures;
- the use of information security measures that have undergone conformity assessment;
- monitoring of the security measures being implemented.
9. Rights of Data Subjects9.1. The user has the right to:- to receive information regarding the processing of his or her personal data;
- to correct, block, or delete their personal data;
- withdrawal of consent to the processing of personal data;
- to file a complaint regarding the Operator’s actions or inaction with the authorized body responsible for protecting the rights of data subjects or through the courts.
9.2. To exercise their rights, Users may submit a written request to the Operator at the following address: 111401, Moscow, Russia, Metallurgov Street, Office 168, or by email at mail@mildway.ru.10. Contact Information10.1. For any questions regarding the processing of personal data, Users may contact the Operator:Sole Proprietor Yevgeny Alekseevich GolovanovMailing Address: 111401, Russia, Moscow, Metallurgov Street, Office 168Email: mail@mildway.ruPhone: +7 495 741-98-08© 2026 E.A. Golovanov, Sole Proprietor. All rights reserved.