Smurfarium

1. Terms and Definitions

Personal Data means any information relating to an identified or identifiable natural person (data subject), e.g., name, phone number, email, etc.

Processing of Personal Data means any operation or set of operations performed on personal data, including collection, recording, systematization, accumulation, storage, updating (modification), retrieval, use, transfer (disclosure, provision, access), anonymization, blocking, deletion, destruction.

Confidentiality of Personal Data means the obligation to handle personal data properly and not disclose it without the subject’s consent or another lawful basis.

Use of Personal Data means actions aimed at identifying the User, providing access to the Service, and verifying submitted information.

Information means data/messages regardless of the form of presentation.

Publicly Available Personal Data means personal data made publicly accessible by the subject or otherwise under law.

Operator means Smurfarium, which determines the purposes of processing, the scope of data, and the storage/destruction procedures.

User means a visitor and/or a registered user of the Service.

Dissemination of Personal Data means actions aimed at disclosure of personal data to an indefinite number of persons or making it available to the general public.

Destruction of Personal Data means actions that irreversibly destroy personal data and/or physical media.

2. Rights and Obligations

2.1. Operator’s rights:

Request accurate information and documents from the data subject.
Continue processing without consent if lawful grounds exist after consent withdrawal.
Define measures to ensure compliance with data-protection laws.

2.2. Operator’s obligations:

Organize processing as required by applicable law.
Respond to data-subject requests and inquiries.
Cease transfer/processing and destroy data in cases prescribed by law.

2.3. Users’ rights:

Obtain information about the processing of their personal data.
Request rectification, blocking, or deletion if data is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purposes.
Seek protection of their rights as provided by law.

2.4. Users’ obligations:

Provide accurate personal data to the Operator.
Notify the Operator of any updates/changes to their personal data.

3. Principles of Processing

Processing is lawful and fair.
Processing is limited to pre-defined legitimate purposes.
Merging databases with incompatible purposes is not allowed.
Only data relevant to the purposes is processed.
The volume of data is proportionate — no excess data.
The Operator ensures accuracy, sufficiency, and, where necessary, updates or removes incomplete/inaccurate data.
Storage period does not exceed what is necessary for the purposes unless otherwise required by law. Upon achieving the purposes or no longer needing the data, it is destroyed or anonymized.

4. Purposes of Processing

4.1. Core purposes:

User information.
Providing access to the Service.
Operating services/features, payments, and support.

4.2. Marketing and notifications:

The Operator may send notices about new products, services, special offers, and events.
The User may opt out of informational/marketing messages by emailing the Operator.

5. Confidentiality

The Operator and any persons with access to personal data must not disclose it to third parties without the subject’s consent unless required by law.

6. Final Provisions

The User may request clarifications regarding processing of their personal data via the email provided on the Service.
This document is effective indefinitely until replaced by a new version.
The Operator may amend this Policy; the new version is published on the website and becomes effective upon publication or as otherwise specified therein.