Privacy PolicyGeneral ProvisionsThis Privacy Policy outlines how Medfriends IT Solutions LLC (the "Operator") processes personal data in compliance with international standards such as GDPR and CCPA. It applies to all information collected from visitors to the friendly-doc.ru website, including health metrics integrated via third-party APIs.
The Operator prioritizes user rights, including privacy, data security, and control over personal information.
Key Definitions
- Personal Data: Any information relating to an identifiable individual, such as name, email, phone, date of birth, and health metrics (e.g., heart rate, sleep patterns).
- Processing: Any operation on personal data, including collection, storage, use, transfer, anonymization, or deletion.
- Controller: The Operator, responsible for determining processing purposes and means.
- User: Any website visitor or data subject.
Operator Rights and ObligationsThe Operator may collect accurate personal data for service provision and continue processing post-consent withdrawal if legally required. It must provide data access upon request, implement security measures, and delete data when purposes are fulfilled.
User Rights
Users can access, correct, block, or delete their data; withdraw consent; and challenge processing via
info@medfriends.ru. Complaints may be filed with relevant authorities.
Processing Principles
Processing is lawful, purpose-limited, accurate, and secure. Data is not kept longer than necessary and is minimized to fit stated goals.
Processing Purposes
- User identification and order fulfillment.
- Personalized site access and service notifications.
- Technical support and feedback.
Data Categories: Name, email, phone, birth details, health metrics.
Legal Bases: Consent, contract performance, legitimate interests.
Processing Types: Collection, storage, use, anonymization.
Processing ConditionsProcessing requires consent or other lawful bases like contract execution. Data is not shared with third parties except for service delivery with consent or legal mandates.
Data Security and StorageThe Operator uses technical, organizational, and legal measures to prevent unauthorized access. Users can update data via email. Storage duration aligns with purposes or legal requirements; consent withdrawal ends processing unless obligated otherwise.
Third-party services (e.g., payment processors) handle data per their policies; the Operator is not liable for them.
Data TransfersCross-border transfers comply with adequacy decisions or safeguards like Standard Contractual Clauses. Users are notified of such intentions.
Confidentiality and Termination
Data remains confidential unless disclosure is legally required. Processing ends upon purpose achievement, consent withdrawal, or unlawfulness detection.
Final Provisions
Contact info@medfriends.ru for inquiries. This policy may be updated and remains effective indefinitely until replaced.