Experience
Services
Our team

DATA PROCESSING POLICY

FOR WEBSITE https://paul-bridge.com/


1. TERMS AND DEFINITIONS

«Automated processing of personal data» shall mean processing of personal data using computer technology.

«Controller» shall mean the person responsible for the processing and protection of the Personal Data of Users located in the EU within the meaning of the General Data Protection Regulation of April 27, 2016 (hereinafter the «GDRP»).

«Website» shall mean a set of graphic and information materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https:https://paul-bridge.com including all subdomains (referred to as the Website).

«Data Processing System»
shall mean the Website and all forms therein.

«Personal data»
shall mean a set of personal data and/or non-personalized information about the User provided by the Data Controller himself and/or automatically collected by the Data Controller and/or third parties.

«Policy»
shall mean this Privacy Policy, with all existing additions and changes.

«User»
shall mean a legal entity or an individual who has browsed the Website on a smartphone, tablet, watch or any other mobile device and/or has activated (i.e. completed the process of authorization, registration and other similar actions) on one of the specified devices, or any visitor to the Website.

«User Agreement» shall mean an agreement concluded between the Data Controller and the User regarding the procedure, rules and features of the User's usage of the Website. The User joins such an agreement and does not have the right to make and/or demand the introduction of any changes or additions to it.

«Processing of Personal data» shall mean any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion, destruction of personal data.

«Data Controller»
shall mean a state body, municipal body, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing of personal data, the content of personal data to be processed, actions (operations) performed with personal data. For the purposes of this Policy, the Data Controller or the Company shall mean PAULBRIDGE LIMITED.

«Data Processor»
shall mean a person who, in the understanding of the GDRP, on behalf of the Data
Controller, stores and/or processes Personal Data received from Users.

«Provision of Personal Data»
shall mean actions aimed at disclosing personal data to a certain person or a certain circle of persons.

«Dissemination of Personal Data»
shall mean any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at acquaintance with the personal data of an unlimited number of persons, including the disclosure of personal data in the media, posting in informational and telecommunication networks or providing access to personal data in any other way.

«Cross-border transfer of Personal Data»
shall mean the transfer of personal data to the territory of a foreign state to the authority of a foreign state, to a foreign individual or foreign legal entity.

«Destruction of Personal Data»
shall mean any actions as a result of which personal data are destroyed irrevocably with the impossibility of further restoring the content of personal data in the personal data information system and (or) the material carriers of personal data are destroyed.

«Cookies» shall mean small files sent by any mobile application or site and placed on smartphones, tablets, watches and other mobile devices of the User to improve the operation of such applications or sites, as well as the quality of the content posted therein.


2. GENERAL PROVISIONS

2.1. The Company collects, retains, and uses personal data, for the purpose of verifying the identity of individuals, who use or have used the Website and submitted their Personal Data. The Company recognizes the sensitivity of personal data and takes seriously its obligations to maintain the confidentiality and protect the security of data.

2.2. Purpose:
In accordance with the data protection laws, including GDPR et seq., and other laws and regulations, this Policy sets forth the Company’s procedures for disclosure, storage, and destruction of personal data.

2.3. This Policy regarding the processing of personal data (hereinafter – the «Policy») applies to all information that the Data Controller may receive about users of visitors to the Website.

2.4. User rights for the protection of personal data
In connection with the provision of Personal Data, the User automatically receives the following rights:
(1) receive data concerning their processing (the grounds and purposes of such processing, the processing methods used, information about the persons who have access to data or to whom data may be disclosed on the basis of an agreement or the Law).
(2) receive data on the location and identification data of persons who process Personal Data.
(3) receive data on the storage periods of Personal Data.
(4) receive data on the performed or expected cross-border transfer of Personal Data.
(5) receive information about the location and identification of data of persons who store Personal Data.
(6) appeal against the actions or inaction of the Data Controller to the authorized body for the protection of the rights of subjects of personal data or in court.
(7) exercise other rights in the field of personal data protection provided for by the laws or the provisions of this Policy.


3. LIST OF COLLECTED PERSONAL DATA

3.1. Non-personalized information about Users
In connection with the use of the Website, the Data Controller may automatically collect and process the following non-personalized information about the User:
(1) information about traffic, the possible number of clicks, logs and other data.
(2) information about the location of the User (geolocation).
(3) information about the device (identification number, mobile operator's network) from which log in is performed, operating system, platform, browser type and other information about the browser, IP address, used Wi-Fi networks.

3.2. Personal data about users
The User provides the Data Controller with the following personal data:
(1) surname, name, patronymic;
(2) email address.
(3) mobile phone number.
(4) a photograph of the User (if applicable).
(5) the data contained in the personal account (profile) of the User, all internal correspondence of the User within the Website, as well as other activity of the personal account (profile) of the User.
(6) payment information, including card details, other similar information (if applicable);
(7) data on purchases made by Users and/or received/paid services through the Website (if applicable);
(8) professional and employment-related information, including the name of the employing company, position, department, other information about the User's profession;
(9) information from the Email/Outlook Calendar, when using the respective integration and booking.
(10) device and usage information, including information about a computer or mobile device (device identifiers such as IP address, WiFi and Bluetooth MAC address), geolocation information (such as based on a GPS or WiFi signal of a mobile device depending on the settings of the latter).
(11) data and information obtained as a result of combining certain Personal data of a specific User, as well as data and information received data about the User received from third parties (partners, marketers, researchers);
(12) User's ID or other identifying document data (if applicable);

3.3. The User is the only person responsible for the completeness of the provided Personal data and is obliged to timely change them (update, check, correct) on a regular basis.

3.4. The Data Controller assumes that all Personal data provided by the User are reliable, and that the User maintains such information up to date.

3.5. Use of Cookies
The Website use certain tracking tools Cookies to store the IP address, User preferences or the type of device used in order to:
(1) keeping statistics of Website visits and traffic,
(2) personalization of the data displayed on the User's screen,
(3) storing data necessary to identify the User, including when accessing from different devices and respective preferences,
(4) displaying advertisements in accordance with the interests and preferences of the User.

3.6. The Website use the following Cookies:
(1) Technical (functional) Cookies, which are needed to control traffic and data transfer, to identify Users and provide the User with access to the content of the Website and without which the use of the Website is functionally limited, as well as to prevent the provision of recommendations that do not correspond to the interests of the User.
(2) Statistical Cookies, which are needed to track the frequency of visits to the Website by Users, to identify how the User uses the Website, as well as to identify the type and kind of content that is popular with or interesting for the User.
(3) Geolocation Cookies, which are needed to determine the location of the User to personalize the content displayed on the screen of his device in the Website.
(4) Cookies of third parties, which are installed by third parties with the permission of the User and are intended to conduct statistical research regarding the behavior of the User on the Internet and/or the sending of personalized advertising or marketing materials to the User and/or the provision of goods or services.

3.7. The User has the right to disable Cookies at any time in the Website by changing certain settings on the computer, smartphone, tablet, watch or other mobile device. Such disconnection may entail restriction or change of the User's access to the functionality of the Website and/or content.


4. PURPOSES OF COLLECTING AND PROCESSING OF PERSONAL DATA

4.1. Determination of the purposes of processing
The purpose of processing the User's personal data is the conclusion, execution and termination of civil contracts; providing the User with access to services, services, information and/or materials contained on the Website, as well as all subdomains of ________________

4.2. The collection and processing of Personal Data is carried out for the following purposes:
(1) to analyze the behavior of the User, as well as to identify the User's preferences for a certain type of content.
(2) for the prompt and correct operation of the Website, improving the functioning of the Website, improving the content of the Website, improving the internal architecture and functionality of the Website.
(3) to identify the User.
(4) to send personalized news and marketing materials to the specified email address and/or mobile phone of the User.
(5) to comply with legal and other applicable regulations.
(7) to determine the location of the User.
(8) for technical support of the Website, identifying problems in its operation and their elimination.
(9) to keep the communication with the User (communication).
(10) to fulfill other obligations of the Data Controller in respect to the User.
(11) for statistical research.
(12) to enforce contractual rights, comply with financial reporting requirements, court orders, requirements or subpoenas in accordance with applicable law.
(13) for any other purpose, subject to obtaining a separate consent from the User.

4.3. Anonymized data collected using Internet statistics services is used to collect information about the actions of Users on the site, improve the quality of the site and its content.

4.4. The processing of Personal Data is carried out on the basis of the principles of:

(1) legality of the purposes and methods of processing;
(2) good faith;
(3) compliance of the purposes of processing Personal Data with the purposes predetermined and declared in the collection of such Personal Data; and

(4) extent and nature of the processed Personal Data is consistent with the stated purposes of their processing.


4.5. Personal data processing conditions
Personal data processing is carried out in the following cases:
(1) obtaining consent from the User;
(2) achieving the goals stipulated by law;
(3) provision by the User of his personal data to an unlimited number of persons (via publication, Internet resources, etc.);
(4) fulfillment of other obligations of the Data Controller to the User, including, but not limited to, the provision of certain content to the User; or
(5) saving the life or health of the User, when consent to the processing of his Personal data cannot be obtained in advance.

4.6. By filling out the appropriate forms and/or sending personal data to the Data Controller, the User agrees with this Policy.

4.7. The Data Controller processes anonymized data about the User if it is allowed in the settings of the User's browser (the storage of cookies and the use of JavaScript technology are enabled).

4.8. In the case of anonymization of Personal Data, which does not directly or indirectly determine the User, the subsequent use and disclosure of such data to third parties is allowed and the rules of this Policy no longer apply to them.

4.9. The Data Controller takes all possible measures to protect the confidentiality of the received Personal Data, except for cases when the User has made such data publicly available.

4.10. The processing of Personal Data is carried out using automation tools and without using such automation tools.


5. ACCESS OF THIRD PARTIES TO PERSONAL DATA

5.1. Use of analytical platforms
The Data Controller uses analytical platforms such as Google Analytics, Sentry to
(1) track the frequency of visits to the site by Users; and
(2) tracking how the User uses the Website and / or its content; and
(3) identifying the type and type of content that is popular with Users; and
(4) determining the location of the User.
The User also gives his consent to the Data Controller for his use of the information received about the User using the specified analytical platforms, and also expresses his consent to the Privacy Policies of the analytical platforms Google Analytics, Sentry in their editions in effect at the time the Mobile Application is used by the User:
· Google Analytics Privacy Policy: https://policies.google.com/technologies/ads?hl=en; https://policies.google.com/privacy?hl=en (text and URL are subject to change at Google's discretion);
· Sentry's privacy policy: https://sentry.io/privacy/ (text and URL are subject to change at Sentry's discretion).

5.2. For these purposes, each analytical platform may collect data about the IP address, geolocation, actions of User, as well as User’s preferences and interests in relation to certain content.

5.3. Analytical platforms gain access to Personal Data in order to provide the Data Controller with an understanding of how effectively the Website works, what kind of content is popular, how effective is the placement of certain advertisements, as well as for the purposes of developing and/or improving the existing marketing strategy Data Controller.

5.4. By using the Website, the User agrees with the automatic installation of the corresponding Cookies on the User's device.

5.5. Disclosure of personal data to third parties
The Data Controller has the right to disclose Personal Data:
(1) to its affiliates, branches and representative offices opened both on the territory of the EU and on the territory of other states, subject to applicable law provisions;
(2) in order to fulfill legal obligations, including with the participation of auditors, lawyers, accountants and other consultants;
(3) as part of compliance with laws and responding to procedural notices or requests from government or law enforcement agencies;
(4) to detect, limit and prevent fraud or to confirm and enforce the policies governing the provision of the Services;
(5) the legal successors of the Data Controller who arose as a result of its liquidation, reorganization or bankruptcy, and who received exclusive rights to own the Data Processing System;
(6) to payment service providers or banking (financial) institutions, for conducting transactions of the User through the Website (if applicable);
(7) to third parties solely for the purpose of obtaining or accessing certain content by the User;
(8) to third parties, when the User has given consent to the disclosure, transfer or processing of his Personal Data, as well as in other cases expressly provided for by the Law or this Policy.

5.6. The Data Controller discloses Personal Data only if (1) is sure that third parties will comply with the terms of this Policy and take the same measures to protect the confidentiality of Personal Data that the Data Controller takes, and (2) consent to such disclosure has been previously expressed User and/or allowed by law.


6. PLACEMENT OF ADVERTISING

6.1. Distribution of news and marketing materials
The User automatically, upon registering on the Website, agrees with the Data Controller's right to send personalized news and marketing materials to the provided email address and/or mobile phone, as well as notifications related to the procedure for using the Website, and/or their content.


7. SENDING COMPLAINTS AND REQUESTS TO THE DATA CONTROLLER

7.1. Rights in relation to information: access, clarification, deletion and restriction
The User has the right to:
(i) request confirmation regarding the disclosure, storage, use or transfer of any Personal Data;
(ii) gain access to Personal Data or a copy of it;
(iii) restrict usage by Data Controller of Personal Data or object to certain uses as described above;
(iv) request correction of inaccurate, incorrect or incomplete Personal Data; or
(v) request the deletion of Personal Data stored by the Data Controller, subject to certain exceptions provided by law.

7.2. Request to terminate the processing of Personal Data
Each User has the right to express objection to the Data Controller against the processing and/or storage of Personal Data. Such an objection can be expressed by sending to Data Controller to the email address: ________________.
If the User provides consent to the Data Controller for the use of biometric information, the User has the right to withdraw his consent at any time in accordance with applicable law. Upon withdrawal of such consent, the Data Controller reserves the right to refuse to provide the User with all or part of the services.

7.3. Request for information about Personal Data
If the User has questions related to the procedure for applying or using this Policy, the procedure and/or method of processing Personal Data, the User can send such question to the email address: _______________.

7.4. Change (update, addition, correction) or deletion of personal data
The User has the right at any time to independently change or request to delete his Personal Data, unless such change or deletion may lead to (1) a violation of the rules of this Policy; or (2) a violation of the Law; (3) the nature of such Personal Data is evidence in any legal proceeding between the Data Controller and the User. To do this, the User needs to contact the Data Controller via email or the contact for on the Website with the respective request.

7.5. The Data Controller has the right at any time to delete the User's personal account/profile, as well as all Personal Data about the User if he has violated the terms of this Policy and/or the User Agreement.


8. TERMS AND PROCEDURE OF STORAGE OF PERSONAL DATA

8.1. The Data Controller stores Personal Data as long as the legal relationship between the User and the Data Controller continues and for a certain period after their termination. Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

8.2. In determining such retention period, we take into account the time during which such Personal data is required to:
o continue to develop, customize, modernize and improve Services;
o maintain business records for analysis and/or audit purposes;
o comply with the requirements for the storage of documents in accordance with the law;
o protect interests in connection with any existing or potential claims; or
o respond to any complaints about the services.

8.3. Notwithstanding the above provisions of this Section, the Data Controller will retain documents (including electronic documents) containing personal data:
(a) to the extent required to do so by law;
(b) if the documents may be relevant to any ongoing or prospective legal proceedings; and
(c) in order to establish, exercise or defend legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).

8.4. The Data Controller ensures the safety of personal data and takes all possible measures to exclude access to personal data of unauthorized persons.

8.5. Storage can be carried out by third parties on behalf of the Data Controller. The User gives his consent to the storage of his Personal Data by third parties on behalf of the Data Controller, provided that such third parties preserve the confidentiality of the received Personal Data.

8.6. The Data Controller can carry out the functions of storing Information independently, or they can be entrusted to another person (hereinafter referred to as the «Processor»). Since the person storing Personal Data may be located outside the territory of the European Union/European Economic Area, the User hereby gives his consent to the cross-border transfer of Personal Data and storage outside the EU/EEA.

8.7. Before starting the cross-border transfer of personal data, the Data Controller is obliged to make sure that the foreign state, to whose territory it is supposed to transfer personal data, provides reliable protection of the rights of subjects of personal data.

8.8. Cross-border transfer of Personal Data on the territory of foreign states that do not meet the above requirements can be carried out only if there is a written consent of the subject of personal data to the cross-border transfer of his Personal Data and/or the execution of an agreement to which the subject of personal data is a party.

8.9. Storage is carried out for the entire period necessary to achieve the stated purposes of processing Personal Data.

8.10. The Data Controller undertakes to destroy or depersonalize immediately after achieving the goals of processing Personal Data.


9. ACCESS OF MINORS TO THE DATA PROCESSING SYSTEM

9.1. The use of the Website is intended for persons over 18 years of age who access it only subject to prior consent to the processing of their Personal Data.

9.2. If the User is a minor, then he must immediately stop using the Website. If the Data Controller becomes aware that the User's age does not correspond to the permissible age for using the Website, then the Data Controller undertakes to immediately block such User's access to the Website.


10. PROCEDURE FOR PROTECTING PERSONAL DATA

10.1. Protecting the confidentiality of Personal Data is the primary and important task for the Data Controller. The Data Controller adheres to all required international standards, rules and recommendations for the protection of Personal Data.

10.2. The Data Controller has implemented a number of reasonable appropriate technical and organizational measures aimed at protecting Personal Data from disclosure or unauthorized access to them by third parties, including from unauthorized or illegal processing, accidental loss, destruction or damage. Despite the measures taken, the Data Controller cannot guarantee the security of any information, and the User transfers Personal Data at his own risk. The User is obliged to comply with the Data Controller's requirements in relation to security controls (using a strong password, refusing to transfer credentials to other users, logging out of the system, following other security recommendations).

10.3. To ensure the safety and confidentiality of the received Personal Data, the Data Controller uses the following protection measures:
(1) SSL (Security Sockets Layer) protocol;
(2) SET (Secure Electronic Transaction) protocol;
(3) Automatic saving of data;
(4) Firewalls;
(5) Web Application Firewall;
(6) Regular security audits of the Data Processing System.


11. USERS IN THE TERRITORY OF THE EUROPEAN UNION

11.1. General Provisions
Since the Website is available to users from the European Union, the Data Controller adheres to the provisions of the GDRP.

11.2. The controller in the understanding of this Policy is the Data Controller. The processor in the understanding of this Policy is the Processor in accordance with Article 8 of the Policy.
The Data Controller stores Personal Data for a reasonable period of time necessary to achieve the purposes of processing, but not less than the period established by the local legislation of the Member State of the European Union, on the territory of which the Website is available, for storing this or that type of Personal Data. Upon the expiration of the period established for storage, the Data Controller undertakes to immediately destroy or anonymize such data.

11.3. User rights in the field of Personal Data protection
According to Chapter 3 of the GDRP, Users located in the European Union have the following rights in the field of Personal Data protection:
(1) the right to receive information about their Personal Data ("the right to be informed"); and
(2) the right to access your Personal Data ("the right of access"); and
(3) the right to rectification of Personal Data ("the right to rectification"); and
(4) the right to erasure of Personal Data ("the right to erasure"); and
(5) the right to restrict the processing of Personal Data ("the right to restrict processing"); and
(6) the right to transfer Personal Data to third parties ("the right to data portability"); and
(7) the right to object ("the right to object").

12. FINAL PROVISIONS

12.1. Availability of Policy text for review
Users can familiarize themselves with the terms of this Policy at the following link: https://_________________

This Policy might be translated into a foreign language for those Users who access the Website. In case of discrepancy between the original text (English) and its translation, the original language shall prevail.

12.2. This version of the Policy is valid from July 01, 2023.

12.3. Changes and additions to the policy
Any information that is collected as part of the Services is governed by the Policy in effect at the time such information is collected. The Data Controller reserves the right to change, add or remove parts of this Policy at any time and at its sole discretion.

12.4. This Policy is subject to change from time to time. The Data Controller does not bear any responsibility to the User for changing the terms of this Policy without the permission and/or consent of the User.

12.5. The User himself undertakes to regularly check the provisions of this Policy for possible changes or additions. Your continued relationship with us upon posting or notifying you of any change to this Policy constitutes your agreement to be bound by the terms of any such change. Any changes to this Policy are effective at the time of publication or introduction by the Data Controller.

12.6. Applicable law
This Policy has been developed in accordance with the current legislation on the protection of personal data of the European Union, as well as the provisions of the General Data Protection Regulation dated April 27, 2016 GDRP.

12.7. Disclosure risk
Regardless of the measures taken by the Data Controller to protect the confidentiality of the personal data received, the User is hereby considered to be duly aware that any transfer of Personal Data on the Internet cannot be guaranteed safe, and therefore the User carries out such transfer at his own risk.




DATA PROCESSING CONSENT FORM


By clicking below, you indicate that you have read and understood how your personal data will be processed, your related rights, and that you consent to the processing of your data as provided in this document. In addition, you acknowledge that this information was explained to you, your questions have been answered, and that you wish to continue participating in the study. If any new questions arise, you can contact the team using the information provided above.

☐ I acknowledge that this new information was explained to me, my questions have been answered to my satisfaction, and I wish to proceed with provision of my personal and biometric data.