Privacy policy

This Policy governs the manner in which the TUDA Service (hereinafter referred to as the “Service”) collects and processes personal data of individuals using automation tools via the Internet.

General Provisions

1. In this document, we use the terms as follows:

1.1. Personal Data – any information relating directly or indirectly to a specific or definable individual (subject of personal data).

1.2. Operator - TUDA service, a person who independently organizes the processing of personal data as well as determines the purposes of personal data processing, the composition of the personal data to be processed, the actions (operations) performed on personal data.

1.3. Client - an individual who intends to enter into a commercial concession contract (franchising contract) with the Operator.

1.4. Website - a set of electronic computer programs and other information contained in the information system, which is accessed via the Internet by domain names and (or) network addresses that allow identification of sites on the Internet, used by the Operator to advise the Client on the conclusion of the commercial concession contract (franchise contract) and acceptance of Applications. Website address: franquia.tu-da.com.

1.5. Application - an application sent by the Client to the Operator through the Website for a commercial concession contract (franchising contract).

1.6. Processing of personal data - any action (operation) or set of actions (operations) performed with or without the use of automation tools, with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, alteration), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.

1.7. Automated processing of personal data - processing of personal data using computer technology.

1.8. "Provision of personal data" - actions aimed at disclosing personal data to a specific person or a specific group of persons.

1.9. The blocking of personal data is a temporary suspension of the processing of personal data (unless the processing is necessary to clarify personal data).

1.10. Destruction of personal data - actions resulting in the impossibility of restoring the content of personal data in the personal data information system and (or) the destruction of material personal data carriers.

1.11. Personal data information system - a collection of personal data contained in databases and information technologies and technical means that ensure their processing.

1.12. Cookies are pieces of data sent by the website and stored on a computer, cell phone or other device from which the Client visits the website, used to store data about the Client's actions on the website.

2. By submitting an Application to the Operator through the Website, the Client agrees to the terms of this policy, including giving consent to the Operator to process his personal data, in cases where the provisions of current legislation require such consent.

Personal data

3. During the processing of personal data, the Client is entitled to:

3.1. Receive information about the processing of his/her personal data, including:

3.1.1. Confirmation of the fact of personal data processing;

3.1.2. Legal grounds and purposes for processing of personal data;

3.1.3. Purposes and methods applied to personal data processing;

3.1.4. Information about the name and location of the person who handles personal data, information about persons (excluding employees of the Operator) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the Operator or on the basis of applicable law;

3.1.5. Processed personal data relating to the relevant subject of the personal data, the source of its receipt, unless a different procedure for the provision of such data is provided for by applicable law;

3.1.6. Terms of personal data processing, including the terms of its storage;

3.1.7. The procedure for implementation by the Client of the rights provided for in the legislation in force;

3.1.8. Information on the cross-border data transfer performed or proposed;

3.1.9. Name or surname, first name, middle name and address of the person who processes the personal data on behalf of the Operator, if the processing is or will be entrusted to such a person;

3.1.10. Other information provided by the legislation in force.

3.2. Require the Operator to clarify his/her personal data, block or destroy it if the personal data is incomplete, outdated, inaccurate, unlawfully obtained, or not necessary for the stated purpose of processing, as well as to take legal measures to protect his/her rights.

3.3. To appeal the actions or omissions of the Service to an authorized body for the protection of the rights of subjects of personal data, or in court, in case the Client believes that the Service processes personal data in violation of the requirements of the current legislation or otherwise violates his/her rights and freedoms.

3.4. To the protection of his/her rights and legitimate interests, including compensation for damages and (or) compensation for moral damages in court.

4. During the processing of personal data, the Operator undertakes to:

4.1. Provide the Client, at his/her request, with the following information:

4.1.1. Confirmation of the fact of personal data processing;

4.1.2. Legal basis and purposes of the processing of personal data;

4.1.3. Purposes and methods of the processing of personal data;

4.1.4. Its title and location, information about the persons (except for employees) that have access to personal data or to which personal data may be disclosed based on a contract or based on a federal law;

4.1.5. Processed personal data of the Client, source of its receipt, unless a different procedure for the provision of such data is foreseen by applicable law;

4.1.6. Terms of personal data processing, including the terms of its storage;

4.1.7. The procedure for implementation by the Client of the rights provided for in the legislation in force;

4.1.8. Information on the cross-border data transfer performed or proposed;

4.1.9. Name or surname, first name, middle name and address of the person who processes the personal data on behalf of the Operator, if the processing is or will be entrusted to such a person;

4.1.10. Other information provided by the legislation in force.

4.2. Ensure that measures are taken to prevent unauthorized access to the Customer's personal data.

4.3. Publish or otherwise provide unrestricted access to the document defining the policy on the processing of personal data, as well as to the information about the requirements being implemented for the protection of personal data. 

5. The purpose of processing the Customer's personal data is to advise the Customer on entering into a commercial concession contract (franchise contract) and the conclusion of the said contract.

6. The Client's personal data is stored electronically and processed by means of automated systems for processing of personal data.

7. The Operator collects and processes the following personal data of the Client:

7.1. Full name

7.2. Phone number of the subscriber;

7.3. E-mail address.

8. The Client's personal data is destroyed by the Operator in the following cases:

8.1. Three years following the expiration date of the commercial concession contract (franchising contract) or three years following the date of the Customer's last application to the Operator (if the contract has not been concluded);

8.2. In case of withdrawal by the Customer of consent to the processing of his/her personal data.

9. The destruction of the Customer personal data is carried out without possibility of its further recovery.

10. Only persons directly related to advising the Customer on the conclusion of a commercial concession contract (franchise contract) and its execution have access to the Customer's personal data. In other cases, the Operator does not distribute the Customer's personal data, and also does not provide access to them to third parties without obtaining the Customer's prior consent, except in cases where the personal data are provided at the request of authorized state bodies in accordance with applicable law.

11. The Operator takes the following measures to prevent unauthorized access to the Client's personal data:

11.1. Appoints employees responsible for organizing the processing of personal data;

11.2. Applies organizational and technical measures to ensure the security of the Client's personal data, in particular:

11.2.1. Identifies security threats to personal data during processing in personal data information systems;

11.2.2. Organizes the system for guaranteeing the security of the facilities where the information system is located, preventing the possibility of uncontrolled entry or stay in these facilities by persons who are not allowed to have access to these facilities;

11.2.3. Ensures the security of personal data carriers;

11.2.4. Approves the list of persons with access to personal data necessary for the performance of their official (labor) duties;

11.2.5. Uses the necessary information security tools to prevent unauthorized access to personal data;

11.2.6. Evaluates the effectiveness of measures taken to ensure the security of personal data;

11.2.7. Ensures the detection of facts of unauthorized access to personal data and the adoption of measures;

11.2.8. Restores personal data modified or destroyed due to unauthorized access to them (if there is a technical possibility of such recovery);

11.2.9. Establishes the rules of access to personal data processed in the personal data information system

11.2.10. Controls the measures taken to ensure the security of personal data and the security level of the personal data information system.

12. The Client shall be entitled to require the Service to correct (update) his/her personal data, block or destroy it, in case the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing, as well as to withdraw his/her consent to the processing of personal data by sending the appropriate request to the Service and (or) demand in writing by registered mail with notification of delivery or personal delivery at the address of the Service. The addresses of the Service subdivisions are provided in the corresponding section of the Website. The specified request/demand shall include the number of the main identifying document of the Client or his/her representative, the date of issue of the specified document and the name of the issuing authority, the address of the Client’s place of residence, information confirming the Client’s relationship with the Service (number of the contract, date of conclusion of the contract, conditional verbal designation and (or) other information), or information that otherwise confirms the processing of personal data by the Service, request to correct, block or destroy the Client’s personal data, or notice of withdrawal of consent to the processing of personal data, signature of the Client or his/her representative. The Service shall give a reasoned response on the merits of the Client’s request/demand within 30 calendar days from the date of its receipt.

Cookies

13. The operator can use the following types of cookies:

13.1. Strictly necessary cookies. They are required to navigate the Website and use the requested services. Cookies of this type are used when the Client registers and logs in. Without them, the services requested by the Client are unavailable. These cookies are essential cookies and can be permanent or temporary. Without the use of this type of cookie, the Website will not function properly.

13.2. Performance cookies. They collect statistical data about the use of the Site. These files do not receive personal information from the Client. All information collected by these cookies is statistical and anonymous. Purposes for using these cookies are:

13.2.1. Obtaining site usage statistics;

13.2.2 Evaluating the effectiveness of advertising campaigns.

These cookies are either permanent or temporary and can be first and third-party cookies.

13.3. Functional Cookies. These are used to remember information provided by the Client (such as username, language or location). These files use anonymous information and do not track the Client's actions on other sites. Purposes for using these cookies:

13.3.1. To remember whether any services have been provided to the Client before;

13.3.2. Improve the quality of interaction with the Website as a whole, remembering the preferences selected by the Client.

These cookies are either permanent or temporary and can be first and third-party cookies.

13.4. Advertising Cookies. They are used to manage advertising materials on the site, limit the number of times a user sees ads and measure the effectiveness of advertising campaigns. Advertising cookies are placed by third parties, such as advertisers and their agents. These cookies are associated with advertisements on the site provided by third parties. They can be permanent or temporary.

14. The Client can use the settings of the browser used by him/her in order to block or delete cookies, as well as to limit their functioning.