1. General Provisions
1.1. This Personal Data Processing Policy defines the procedure for processing and protecting the personal data of users of the Onvibe service and has been prepared in accordance with Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data". The personal data operator is Individual Entrepreneur Kirill Sergeevich Bekichev, TIN 262810847515, OGRN 325265100031062.
1.2. This Policy applies to information received by the Operator when users interact with https://onvibe.fun, the Onvibe personal account, related subdomains, feedback forms, authentication flows, support tools, analytics, financial sections, and other platform features.
2. Key Terms
2.1. Automated processing of personal data — processing of personal data using computer equipment, software, and network infrastructure.
2.2. Blocking of personal data — temporary suspension of personal data processing except where processing is necessary to clarify such data.
2.3. Service / website — the Onvibe information resource, including the website, personal account, subdomains, interfaces, forms, legal pages, and other digital sections available to the user.
2.4. Personal data information system — the aggregate of personal data contained in databases, as well as the information technologies and technical means used for their processing.
2.5. Depersonalization of personal data — actions that make it impossible to identify a specific user without additional information.
2.6. Processing of personal data — any action or set of actions with personal data, including collection, recording, systematization, storage, updating, use, transfer, blocking, and destruction.
2.7. Operator — a person that independently or jointly with others organizes and carries out the processing of personal data of Onvibe users.
2.8. Personal data — any information directly or indirectly relating to an identified or identifiable user of the Service.
2.9. User — any individual, legal entity, representative thereof, or visitor using the website, personal account, or other Onvibe features.
2.10. Provision of personal data — disclosure of personal data to a specific person or circle of persons to the extent necessary to achieve a lawful processing purpose.
2.11. Dissemination of personal data — disclosure of personal data to an indefinite circle of persons where permitted by the user or required by law.
2.12. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state, to a foreign person, or to a foreign organization.
2.13. Destruction of personal data — actions resulting in permanent deletion of personal data without the possibility of further recovery, unless retention is required by law.
3. What Data We Process
3.1. The Operator may process the following categories of data: the user's name and contact details, email address, authentication and session data, profile details, information about releases, tracks, cover artwork, artists, and other materials, support communications, subscription, payment, and payout details, as well as any other information voluntarily provided by the user while working with the Service.
3.2. The Operator may also collect technical and anonymized data, including IP address, cookies, browser and device details, interface language, service usage events, visit statistics, and actions performed in the personal account, including data obtained through analytics and measurement tools.
4. Purposes of Personal Data Processing
4.1. Personal data is processed to register and identify the user, provide access to the personal account and Service features, place and maintain releases, moderate content, interact with music platforms and partners, and perform the Operator's obligations to the user.
4.2. The Operator may use data to process requests and appeals, provide support, analytics, financial services, subscriptions, smart links, release status notifications, service messages, and send news or commercial offers where the user has not opted out of such communications.
4.3. Anonymized and technical data is used to ensure Service security, prevent abuse, improve interfaces, analyze user behavior, evaluate product quality, and plan further development of the platform.
5. Legal Grounds for Personal Data Processing
5.1. The legal grounds for processing are: the user's consent to personal data processing, the need to perform the public offer and provide Service functionality, the Operator's obligations under the legislation of the Russian Federation, and the Operator's legitimate interests in ensuring the operability and security of the platform.
5.2. Technical and anonymized data, including cookies and analytics data, is processed when the website and personal account are used if such processing is allowed by the user's device and browser settings and is necessary for the proper functioning of the Service.
6. Procedure for Processing Personal Data
6.1. The Operator takes the necessary legal, organizational, and technical measures to protect personal data against unlawful access, modification, disclosure, deletion, or any other unlawful use. Access to data is granted only to authorized persons and contractors to the extent required for their tasks.
6.2. Personal data may be transferred to third parties and service partners only to the extent necessary for operation of the platform and provision of services to the user, including hosting providers, analytics providers, authentication tools, payment infrastructure, technical support, as well as music platforms and other counterparties involved in release placement and maintenance.
6.3. The user has the right to obtain information about the processing of their data and to request its clarification, update, blocking, or deletion, unless otherwise follows from law, the need to perform services, or the need to retain data to protect the rights and legitimate interests of the Operator.
6.4. Personal data is processed for as long as necessary to achieve the processing purposes, maintain contractual relations, comply with legal requirements, and resolve possible disputes. Withdrawal of consent is possible by contacting the Operator, but such withdrawal may limit access to certain Service functions.
7. Cross-Border Transfer of Personal Data
7.1. Due to the nature of the Onvibe Service and its interaction with foreign digital platforms, infrastructure partners, and analytics providers, the Operator may carry out cross-border transfer of personal data to the extent necessary for operation of the Service, release publication, analytics, support, and execution of user requests.
7.2. Before such transfer, the Operator takes reasonable steps to verify the recipient's data processing conditions and ensures transfer on legal grounds permitted by applicable law, including the user's consent or the necessity to perform a contract.
8. Final Provisions
8.1. For questions related to personal data processing, the user may contact the Operator via email at onvibefun@gmail.com or through the support channels available in the Service.
8.2. The Operator may amend this Policy. A new version becomes effective from the moment it is published on the website unless another effective date is expressly stated. Continued use of the Service after publication of a new version means the user agrees to the current version of the document.
8.3. The current version of this Policy is available on the Internet at https://onvibe.fun/docs/privacy.