Blum Labs Inc. - independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data.
Website – the Company’s website located on the Internet at the address: https://blum.io
Policy – this Privacy Statement and the Rules for the processing of personal data.
Personal data is information recorded on a tangible medium about a specific person, identified with a specific person or which can be identified with a specific person, allowing the identification of that person directly or indirectly by reference to one or more factors specific to his biological, economic, cultural, civic or social identity. Personal data includes biographical and identifying data, personal characteristics, marital status, financial status, health status, etc.
Personal data subject is the individual to whom the relevant personal data relates.
Processing of personal data – any action (operation) or set of actions (operations) performed using automation tools or without the use of such means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
This Policy defines the principles, purposes and conditions for the processing of Personal Data, measures to protect Personal Data, as well as the responsibilities of the Company during their processing.
The use of personal data by the Subject of the Company Website means his/her familiarization with and acceptance of the Policy.
This Policy has been developed in accordance with the current legislation on personal data and regulatory and methodological documents of executive bodies of state power on issues of security of Personal data, including during their processing.
This Policy applies to all processes of collection, recording, systematization, accumulation, storage, clarification, extraction, use, transfer (distribution, provision, access), blocking, deletion, destruction of personal data, carried out using automation tools and without the use of such funds.
This Policy applies to relationships in the field of personal data processing that arose with the Company both before and after the approval of this Policy.
The purpose of this Policy is to establish the basic principles, conditions and approaches to processing and ensuring the security of personal data when processed by the Company, as well as compliance with the requirements of the law on personal data and other regulations adopted in accordance with it.
The company processes personal data for the following purposes:
carrying out activities provided for by the Company's Charter, including information support for the Company's activities.
Individuals: e-mail address.
The company takes all necessary legal, organizational and technical measures to protect Personal data from unauthorized or accidental access, modification, blocking, copying, provision, distribution of personal data, as well as from other unlawful actions in relation to personal data:
Prevents unauthorized persons from accessing equipment used for processing Personal Data;
Prevents unauthorized reading, copying, modification or removal of data media;
Prevents unauthorized recording of Personal Data and modification or destruction of recorded Personal Data and provides the possibility of establishing retroactively: when, by whom and what Personal Data were changed;
Ensures the security of data processing systems intended for the transfer of Personal Data, regardless of the means of data transmission;
Ensures control of employee access to received Personal Data;
Excludes unauthorized reading, copying, modification and destruction of Personal Data during the transfer and transportation of Personal Data;
Ensures the confidentiality of information obtained during the processing of Personal Data;
Ensures compliance with the protection of personal data during their processing in personal data information systems, the implementation of which ensures established levels of personal data security;
By using the Site and entering into legal relations with the Company, the Personal Data Subject gives his consent to the transfer of his Personal Data to third parties when this is necessary for the Company to properly fulfill its obligations in accordance with applicable law or fulfill obligations to the Personal Data Subject. The Company guarantees that when transferring personal data, it provides a similar level of security for the storage of Personal Data by these third parties.
The Company is not required to obtain the consent of the Personal Data Subject to transfer his Personal Data in cases provided for by law.
The subject of personal data has the right to know that the Company has personal data relating to him and to receive the following information from the Company:
confirmation of the fact of processing of Personal Data by the Company;
legal grounds and purposes of processing Personal Data;
the purposes and methods used for processing personal data;
processed Personal Data related to the relevant Personal Data Subject, the source of their receipt;
terms of processing of Personal data, including periods of their storage;
the procedure for the Personal Data Subject to exercise his rights;
information about completed or intended cross-border data transfers;
other information required by law.
The subject of personal data has the right to contact the Company with a request to delete his Personal Data. In this case, the Company deletes Personal Data except in cases where the obligation to store Personal Data is assigned to the Company in accordance with the law. After deletion of Personal Data, all existing obligations between the Company and the Personal Data Subject are fulfilled ahead of schedule, and new obligations are not accepted for execution.
The Company stores Personal Data for five years from the date of receipt from the Personal Data Subject, unless other periods are provided for by law or the nature of the relationship between the Company and the Personal Data Subject. The Company has the right to carry out indefinite storage (archiving) of Personal Data, if this does not contradict current legislation.
The Company has the right to use the Personal Data of the Personal Data Subject to send news, promotions and other information related to the products and services provided by the Company. The Company has the right to transfer Personal Data to third parties so that they can assist with marketing and advertising projects or send marketing mailings. By using the Site, the Personal Data Subject accepts this Policy and agrees to receive such marketing communications.
The subject of personal data has the right to refuse to receive such information by contacting the Company with a corresponding application.
The Company uses industry practice to place a small amount of data that will be stored in the browser of a person visiting the Site (cookies). Cookies may be stored on the computer or other devices used to visit the Site. This information is used to identify visitors and optimize the Company's services and improve the quality of work. The Company may use the information collected to ensure compliance with regulatory requirements and to detect irregular or suspicious activity on the part of the Company's customers.
The Company has the right to change this Policy at any time by publishing the changed text on the Site. Tracking changes to the Policy is carried out by the Personal Data Subject independently. All questions regarding the application of this Policy can be directed to the email address hi@blum.io