Privacy policy

Last update: 10\05\2021

Your privacy is important to us. By general definition, Personal Data is any informationrelating to an identifiable person who can be directly or indirectly identifiedusing that information. We want to emphasize that the data we process, whichhas been provided to us by the Partner, is information pertaining to an identifiableperson, which, however, can NOT beidentified directly or indirectly by the use of this information.  

This privacy policy:

  •  provides anoverview of how we collect and processes your personal data, and informs youabout your rights under the EU General Data Protection Regulation (“GDPR”)
  • containsimportant information about, among others, the collection and use of personaldata; the legal grounds for the processing of that data; disclosures of thatpersonal data to third parties

Please read this privacy policy carefully and make sure you fullyunderstand and agree with it, before you access or use any of our services.

Definitions and Interpretation

In this privacy, the following definitions are used:

“We”“Us” and “Our” means:

ThenGrow System (hereinafter also referred to as the “ nGrow ”) – it is a set ofcloud services, which includes server hardware and a software package, builtusing web technologies and ensuring popularization of the products and servicesby performing marketing activities, activities within the framework ofpersonalization and/ or customer lifecycle management, as well as othergenerated activities. The SaaS (Software as a Service) is a model for grantingaccess to the nGrow System to the commercial companies that have entered intoservice agreements with us (hereinafter referred to as "Partners") bybrowsers or other programs using web protocols. 

All rights for the nGrow belongs to Sergeev Alexander Dmitrievich registered in the Russian Federation,under registration number (PSRN) 320482700032192 as a Individual entrepreneur having its registered office at 398043,Russian Federation, Lipetsk, German Titov street, house 9, building 1,apartment 42 (Correspondence address: 117449, Russian Federation, Moscow,Shvernik street, house 13, building 3, apartment 14).

 “You”, “your” or “datasubject” means:

ThePartner’s Client is any individual or legal entity registered in the Partner’smobile application, which receives information about the Partner’s products/services and marketing activities using the Partner’s mobile application, orplaces an order for products/ services in the Partner’s mobile application, orparticipates in marketing activities, activities within the framework ofpersonalization and/ or customer lifecycle management, as well as otheractivities generated using the nGrow System.

Processing mean the handling of your personal data by us, including collecting,protecting and storing your personal data. We use only the data required fornGrow to work, the rest (redundant) data will be deleted and/or will not beinterpreted.

Our Data Protection Principles

We adhere to the principles relating to processing of personal dataset out in the GDPR which require personal data to be:

  • Processedlawfully, fairly and in a transparent manner (Lawfulness, Fairness andTransparency)
  • Collected onlyfor specified, explicit and legitimate purposes (Purpose Limitation)
  • Adequate,relevant and limited to what is necessary in relation to the purposes for whichit is Processed (Data Minimisation)
  • Accurate andwhere necessary kept up to date (Accuracy)
  • Not kept in aform which permits identification of data subjects for longer than is necessaryfor the purposes for which the data is Processed (Storage Limitation)
  • Processed in amanner that ensures its security using appropriate technical and organisationalmeasures to protect against unauthorised or unlawful processing and againstaccidental loss, destruction or damage (Security, Integrity andConfidentiality)
  • Not transferredto another country without appropriate safeguards being in place (TransferLimitation).
  • Made available todata subjects and data subjects allowed to exercise certain rights in relationto their Personal Data (Data Subject's Rights and Requests)
  • We areresponsible for and must be able to demonstrate compliance with the dataprotection principles listed above (Accountability)

1. Data Controller

1.1 This privacy policy applies where we are acting as a datacontroller with respect to your personal data and therefore determine thepurposes and means of the processing of that personal data.

2. How We Collect Your Personal Data

2.1 We obtain your personal data mainly through any informationprovided by third party (the Partner). Below is a list of ways in which wecollect your personal data.

Personal data collected via third parties including our businesspartners, contractors and/or vendors in a manner that is permitted.

Link to privacy policy of third party service providers used by the nGrow:

  • AppMetrica
  • Firebase
  • Devtodev
  • Amplitude
  • Mixpannel
  • Braze
  • OneSignal

3. Personal Data We Use, Purposes and Legal Grounds

We may collect the following personal data from you. We will onlyprocess your personal data when the law allows us to. Most commonly, we willuse your personal data in the following circumstances:

Type of information

Purpose

Legal basis of processing

Data about your use of Partner’s  products/ services and marketing activities using the Partner’s mobile  application, or places an order for products/ services in the Partner’s  mobile application, or participates in marketing activities, activities  within the framework of personalization and/ or customer lifecycle  management, as well as other activities generated using the nGrow System.

Geographical  location, app version, operating system, install source and timing, length of  visit, page views, app navigation paths, timing, frequency, pattern of your  service use.

To analyse the operation of Partner’s Service.

Performing the contract we have with a Partner.

Transaction data

The transaction  data and the order details.

To analyse the operation of Partner’s Service.

Performing the contract we have with a Partner.

Notification data

Notification  data, push notification sendings, opens, deliveries; APNs, FCM, HMS  push-tokens

The notification data may be processed for the  purposes of sending you the relevant notifications and/or newsletters.

Consent. Performing the contract we have with  you.

Any  of your personal data identified in this policy

Exercise or defence of legal claims, whether in  court proceedings or in an administrative or out-of-court procedure, the  protection and assertion of our legal rights, your legal rights and the legal  rights of others.

Our legitimate interests.

Any of your personal data identified in  this policy

The obtaining or maintaining insurance  coverage, managing risks, or obtaining professional advice.

Our legitimate interests.

4. Information We May Provide to ThirdParties

We may disclose your personal data to the third parties listed below.When we do so, we require those third parties to have appropriate technical andorganisational measures in place to protect your personal data. We will notshare any of your personal data for any purpose other than the purposesdescribed in this privacy policy, nor will we sell your personal data toanyone.

4.1 Any member of our group of companies (this means our subsidiaries,our ultimate holding company and all its subsidiaries) insofar as reasonablynecessary for the purposes, and on the legal bases, set out in this privacypolicy.

4.2 To our insurers and/or professional advisers insofar as reasonablynecessary for the purposes of managing risks, obtaining professional advice, orthe establishment, exercise or defence of legal claims, whether in courtproceedings or in an administrative or out-of-court procedure.

4.3 Governmental and regulatory bodies, including law enforcementauthorities, in connection with enquiries, proceedings or investigations bysuch parties or in order to enable nGrow tocomply with its legal and regulatory requirements.

5. Your Data Protection Rights

You have the following rights in terms of the personal data we holdabout you:

The right to be informed

nGrow is publishing this privacy policy to keep you  informed as to what we do with your personal data.

You can ask us for information regarding any  data of yours that we keep at any time. This information concerns, among  other things, the data categories we process, for what purposes we process  them, the origin of the data if we did not acquire them directly from you  and, if applicable, the recipients to whom we have sent your data.

The right to access

This enables you to receive a copy of the  personal data we hold about you and to check that we are lawfully processing  it. You can obtain a copy of your data from us free of charge. If you are  interested in other copies, we reserve the right to charge for the additional  copies.

The right to correction (rectification)

You can request that we correct your data. We  will initiate appropriate measures to keep the data of yours that we  continuously process correct, complete, and up to date, based the latest information  available to us

The right to erasure

(The right to be forgotten)

You can request that we delete your data  provided the legal requirements have been met. In accordance with Article 17  the GDPR, this can be the case if:

  • the data are no  longer required for the purposes they were acquired or otherwise processed
  • you revoke your  consent, which is the basis of the data processing, and there is no other  legal basis for the processing
  •  you object to  the processing of your data and there are no legitimate reasons for the  processing or you object to data processing for the purposes of direct  advertising
  • the data have  been processed illegally

Where the processing is not necessary:

  • To ensure  adherence to a legal obligation that requires us to process your data
  • In particular  with regard to legal retention periods
  • To assert,  exercise or defend against legal claims

The right to restrict processing

You can request that we restrict the processing  of your data if:

  • You dispute the  correctness of the data - for the period of time we need to check the  correctness of the data
  • The processing  is illegal but you do not wish to have your data deleted and request a  restriction of use instead
  • We no longer  need your data, but you need them to assert, exercise or defend against legal  claims
  • You have filed  an objection to the processing, though it has not yet been decided whether  our legitimate grounds outweigh yours

The right to data portability

At your request, we will transfer your data–  where technically possible – to another responsible entity.

However, this right only applies if the data  processing is based on your consent or is required to fulfill a contract.  Instead of receiving a copy of your data, you can ask us to send the data  directly to another responsible entity that you specify.

The right to object

You can object to the processing of your data  at any time for reasons that arise from your special situation provided the  data processing is based on your consent or our legitimate interest or that  of a third party. In this case, we will no longer process your data. The  latter does not apply if we are able to prove there are compelling,  defensible reasons for the processing that outweigh your interests or we  require your data to assert, exercise or defend against legal claims.

The right to withdraw consent

Withdraw the consent you gave us with regard to  the processing of your personal data for certain purposes, such as to allow  us to promote our products and services to you.

The right to complain

nGrow takes your rights very seriously. However, if  you are of the opinion that we have not dealt with your complaints  adequately, you have the right to submit a complaint to the data privacy  protection authorities responsible.

We endeavour to address all of your requests promptly. For moreinformation regarding your rights over Personal Data, you should contact maratz@ngrow.ai. In order to exercise your rights, you shouldsubmit a request to maratz@ngrow.ai.

6. International Transfers of YourPersonal Data

6.1 Disclosure ofyour Personal Data, as provided in section 4 of the Policy sometimes involvescross-border data transfers, for instance to the Russian Federation. nGrow we will impose the same data protectionsafeguards that we deploy inside the EEA to ensure that your personal data arealways protected, uses standard contract clauses approved by the EuropeanCommission or other suitable safeguard to permit data transfers from the EEA toother countries. Standard contractual clauses are commitments between companiestransferring personal data, binding them to protect the privacy and security ofClient’s Personal Data. The information that we request will be retainedon our server on address https://cloud.yandex.ru.

Their privacy policy: https://yandex.ru/legal/confidential.

7. Retaining and Deleting Personal Data

7.1 We will keep your personal data for as long as is necessary forthe purpose for which we initially collected them. Once such period has ended,we will keep your personal data for the longest of the 24 hours.

7.2 Once the retention period of your personal data lapses, we willensure that your personal data are securely destroyed.

8. Confidentiality and Security

8.1 We deploy various security measures such as encryption andauthentication tools in line with the current state of the art to protect andmaintain the security, integrity and availability of your personal data.

8.2 100% protection against unauthorised access in the case of datatransfers across the internet or a website cannot be guaranteed, but we and ourservice providers and business partners do our utmost to protect your personaldata in line with the prevailing data protection legislation by means ofphysical and electronic physical precautions. Among other things, we use thefollowing measures:

  • Strict criteriafor authorisation to access your personal data on a “need-to-know” basis onlyand exclusively for the specified purpose
  • Transfer ofacquired data in secured form
  • Storage ofconfidential data in secure server on address https://yandex.ru
  • Firewallsafeguarding of IT systems to provide protection against unauthorised access
  • Continuousmonitoring of access to IT systems to detect and prevent the misuse of personaldata

9. Changes to this privacy policy

9.1 We may update our Privacy Policy from time to time. Thus, you areadvised to review this page periodically for any changes. These changes areeffective immediately after they are posted on this page.

10 Contacts

11.1 If you have any questions or suggestions about our PrivacyPolicy, do not hesitate to contact us at maratz@ngrow.ai.

11. Children's Privacy

11.1. TheseServices do not address anyone under the age of ___. We do not knowinglycollect personally identifiable information from children under ___. In thecase we discover that a child under ___ has provided us with personalinformation, we immediately delete this from our servers.

11.2. If you are a parent or guardian and you are aware that yourchild has provided us with personal information, please contact us maratz@ngrow.ai so that we will be able to do necessary actions.

12. Service Providers

12.1 We may employ third-party companies and individuals due to thefollowing reasons:

  • To facilitate ourService
  • To provide theService on our behalf
  • To performService-related services
  •  To assist us inanalyzing how our Service is used

12.2 We want to inform you that these third parties have access toyour Personal Information. The reason is to perform the tasks assigned to themon our behalf. However, they are obligated not to disclose or use the informationfor any other purpose. This function is used by the Service using third-partyservices, such as Devtodev located at https://www.devtodev.com.

Tell us a few words about your project
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.