Privacy Policy

The privacy of our Website visitors (“Users”) is very important to MatreshQA. We at MatreshQA are fully committed to meet the GDPR and CCPA standards with reference to your privacy and security rights.

We have developed this Privacy Policy to help User understand how MatreshQA collects, process, uses, stores and discloses your personal information. The Website is available only to individuals who are at least 16 years old. This Policy also explains our use of cookies.

Please read this Policy carefully before browsing this Website. We will process your data only as described in this Policy.

We might update this Policy in the future, so please make sure to read it from time to time. If any updates and modifications are not acceptable to user, the user shall stop using the Website.

Should you have any questions or comments as for this Policy, please contact us at (email).

1. The Scope of the Privacy Policy

The company in its daily activities uses data about employees (current, former, future), customers and users of the site. The company undertakes to comply with laws and regulations regarding the protection of this personal data in force in the countries where the organization operates.

The Privacy Policy is required for all employees of the company (full-time and freelance), as well as for all structural units of the organization, including individual ones. The requirements of the Policy also apply to other persons if their participation in the processing of personal data by the organization is necessary, as well as in cases where personal data is transmitted to them on the basis of agreements and contracts.

The policy is developed based on and in accordance with the requirements of:

European Regulation on the Protection of Personal Data — REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the freemovement of such data, and repealing Directive 95/46 / EC (General Data Protection Regulation, GDPR).
California Consumer Privacy Act of 2018 [1798.100 — 1798.199].

2. Terms and Definitions

Terms	Definitions
Personal data	means any information relating to an identified or identifiable natural person (data subject)
An identifiable natural person	one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
Data subject	an identified or identifiable natural person
Processing	any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Restriction of processing	the marking of stored personal data with the aim of limiting their processing in the future
Controller	the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data
Filing system	any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis
Processor	a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller
‘Consent’ of the data subject	any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her
Special categories of personal data	personal data showing race or ethnicity, political views, religious or philosophical beliefs, union membership, health status, intimate life, sexual orientation, genetic data, or biometric data, when used to identify an individual
GDPR	General Data Protection Regulation
CCPA	California Consumer Privacy Act
Pseudonymisation	the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person
Consumer (CCPA)	a natural person who is a California resident
Personal information (CCPA)	information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household

3. Information We Collect About You

MatreshQA is a controller and a processor of the personal data (personal information (CCPA)) submitted through this Website and collected in other ways. We only collect information about you that is necessary for us to allow you to use the Website or contact us, and only to the extent specifically provided in this Policy. The types of information we collect about you depends on your use of our products, services and the ways that you interact with us.

3.1. Personal Data (Information) We Obtain from You

When you contact us via email, phone, online via the contact form or otherwise you provide us your name, phone number, e-mail address, communication content and data associated with the communication. This is the data that you affirmatively choose to submit to us.

Other personal data we can collect can include the following:

Employment information such as your job title and other business or company information.
Web form information you provide in our web forms (forms that you choose to complete will indicate whether the information requested is mandatory or voluntary);
Account history information related to services you purchase, and the activities associated with your account.
Feedback and ratings information you provide to us such as customer survey feedback and product reviews you write.

We do not collect personal data from your visit to our Sites, unless you intentionally send it to us via contact form or subscription form in our blog, and give us your explicit consent. In this case, we collect the personal data identified above to respond to your query and send you emails for promotional or informational purposes. Should you wish not to receive such emails, the option to unsubscribe will be included in the message.

3.2. Non-Personal Data We Obtain from Your Use of Our Websites

When you visit our Websites we may collect the following non-personal data about you:

information about your device(s), in particular, hardware model, version of the operating system;
information about your visits to and use of this Website, including your IP address, geographical location, browser type and version, referral source, page views, Website navigation paths and other statistics;
cookies. For more information on the cookies being used on the Website and how you can opt out, please visit the section 10 of this Policy.

Non-personal data is used only for statistical analysis purposes and then the data is removed from the system.

3.3. Miscellaneous Data Collection

We also obtain data from third party sources. We protect data obtained from third parties according to the privacy practices as described in this Privacy Policy. These third party sources vary over time and may include:

Partners with which we offer co-branded products or services, or engage in joint marketing activities.

4. Lawfulness of Processing

We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for. We keep reasonable, documented evidence of the legitimacy of the processing of personal data, in part of our activities as a controller, and provide them where necessary. We process personal data as a processor only on the basis of documented orders of the controller defined by the contract or other legal act that determines the subject and duration of processing, the nature and purpose of processing, the type of personal data and the category of data subjects, as well as the duties and rights of the controller. In this case, the validity of the processing is determined by the controller. We may process your personal data because:

You have given consent to the processing of your personal data for one or more specific purposes.
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. This clause applies in cases where the contract cannot be completed without the relevant personal data.

If you are a representative of our current or potential client, vendor or business partner, we may process your personal data to organize the approval, processing and signing of contracts, acts, invoices and other contractual documentation; to promote our new products, works and services; to confirm the high level of our works and services; to invite you to the meetings and events or organize them.

Processing is necessary for compliance with a legal obligation to which the controller is subject.
Processing is necessary in order to protect the vital interests of the data subject or of another natural person.
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

If you are a visitor of this website, we may process your personal data to keep this website secure, prevent fraud, protect rights and interests of QA and third parties, protect intellectual property rights.

We use and share your information to:

Deliver and maintain our products and services.
Establish and maintain your account.
Provide our activity related services and information.
To improve and personalize our products and services.
Better predict content and marketing offers that may interest you, which includes sending promotional communications, targeting advertising, and presenting you with relevant offers.
Detect and prevent fraud.
Manage and protect our networks, services and customers.
Meet our legal obligations and doing research.

6. Data Retention and Information Security

The Company will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means. Your personal data may be used to the extent necessary to comply with the Company’s legal obligations (laws), resolve disputes, and enforce legal agreements. Your usage data will be retained for internal analysis purposes. When we no longer need your personal data, we will securely delete or destroy it.

Your personal data is securely stored by MatreshQA on its servers, and on the servers of the cloud-based database management services that MatreshQA engages.

At MatreshQA we are committed to the security of your personal data. We have adopted technical and organizational measures in order to prevent unauthorized or accidental access to user’s personal data, its alteration, destruction or loss, unauthorized transmission, other unauthorized processing, as well as other misuse of personal data.

These measures include:

documenting your personal data processing activities;
conclusion of written contracts with processors who process personal data on behalf of the organization (all relationships related to the processing of personal data in which the organization is involved are governed by documented contracts, which include certain information and conditions required by law);
any transfer of personal data which are undergoing processing or are intended for processing after transfer to a third country or to an international organisation take place only if the requirements of the legislation of the countries, where the data subjects are located, are complied with by the controller and processor, including for onward transfers of personal data from the third country or an international organisation to another third country or to another international organisation;
we, acting as a controller, carry out an assessment of the impact on the protection of personal data, when the processing of personal data can lead to a high risk for individuals;
notification of violations of personal data;
compliance with codes of conduct and certification systems;
data protection by design and by default;
implementation of appropriate security measures.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do its best to protect personal data, it cannot guarantee the security of user data transmitted through the Website; any provision of personal data by user is therefore voluntary and at user’s own risk.

7. Disclosure of Data

MatreshQA doesn’t and will not sell, share, or rent your data, for commercial or non-commercial purposes, to any person or organization. It is disclosed strictly to company employees on as needed basis in order to process it on company behalf or to provide the services to company customers, and these employees have agreed not to disclose this data to the others.

However, under certain circumstances, the company may be legally required to disclose your personal data if necessary to do so according to the applicable laws or by a request from public authorities (such as a court or a government agency). Such actions may be necessary in the following cases:

To comply with a legal obligation
To resolve disputes
To protect the rights of MatreshQA.
To prevent a wrongdoing in connection with the Sites and the company’s services
To protect the personal safety of users.

We shall disclose your personal data where required to do so by law or subpoena, if such action is necessary to comply with the law and the reasonable requests of law enforcement, or to protect the security and integrity of our Sites.

If the company is involved in a merger, acquisition or asset sale, your personal data may be transferred. We will provide the notice on our Sites before your personal data is transferred and becomes a subject to a different Privacy Policy.

8. Rights of the Data Subject

If your personal information is protected under EU laws, GDPR gives you various rights in connection with our processing of your personal data.

You have the right to receive information about the collection and use of your personal data (name and contact details of the controller and, if necessary, his representative; contact details of the personal data protection inspector, if applicable; the purposes for which personal data is processed, as well as the legal basis for processing; categories of relevant personal data; legitimate interests pursued by the controller or by a third party; recipients or categories of recipients of personal data, if any; where appropriate, the controller’s intention to transfer personal data to a third country or international organization; the period of storage of personal data, or if this is not possible, the criteria for determining such a period; if personal data is not obtained from the data subject, any available information about their source).
Right to access your personal data: you have the right to obtain a copy of your personal information. For any further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs.
Right to correct data. Individuals have the right to demand the correction of their personal data if they are inaccurate, or replenishment if they are incomplete.
Right to delete data (“the right to be forgotten”). You have the right to demand the deletion without undue delay your personal data. Reasons for deletion: personal data are no longer required for the purposes for which they were collected or otherwise processed; the data subject withdraws his consent on the basis of which the processing is carried out, and if there is no other legal basis for processing; personal data was processed illegally; personal data must be destroyed in fulfillment of a legal obligation in accordance with the law.
Right to restriction of processing. You have the right to demand restriction or suppression of the processing of your personal data.
Right to data portability. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided. The data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
Right to object. You have the right to object to the processing of your personal data. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Automated individual decision-making, including profiling. The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

MatreshQA supports each of these rights with appropriate procedures that allow you to take the necessary measures within the time frames indicated in the table.

Data subject request	Timeline
Right to receive information	When data is collected (if provided by the data subject) or within one month (if not provided by the data subject)
Right of access	One month
Right to correct	One month
Right to delete	Without undue delay
Right to restriction of processing	Without undue delay
Right to data portability	One month
Right to object	Upon receipt of an objection
Automated Decision Making and Profiling	Undefined

8.2. California Consumer Protection Act (CCPA)

Without being discriminated against for exercising these rights, California law gives its residents the right to request that we disclose what personal information we collect from you, to delete that information, and to opt-out of the sale of your personal information, subject to certain restrictions. This section describes how to exercise those rights and our process for handling those requests.

1.Right to know. If you are a California resident, you may submit, free of charge, a verifiable request for the following information:

The specific pieces of personal information we have about you;
The categories of personal information we collected or disclosed for a business purpose about you within the last 12 months;
The categories of sources from which the personal information was collected;
The purposes for which the information was collected; and
The categories of parties to whom the information was disclosed for a business purpose, or otherwise shared.

If we need additional information to verify your identity, we will contact you to request that information, which may include personal information about you or information about your past purchases or use of Company’s products or services. If we deny your request, even if only in part, we will explain the reason in our response.

2. Right to data portability.

3. Right to Delete. If you are a California resident, you may submit a verifiable request for us to delete the personal information we have collected about you.

4. Right to Opt-Out. We take your privacy very seriously. We have not sold, shared, or rented your data, for commercial or non-commercial purposes, to any person or organization and currently have no plans to do so in the future. However, we support the CCPA by allowing California residents to opt out of any future sale of their personal information. If you would like to record your preference that Company shall not sell your data in the future, please contact us.

5. Authorized Agents. If you would like to designate an authorized agent to make a request on your behalf, please be sure the agent can:

demonstrate you have provided written permission for the agent to submit the request on your behalf, and
provide proof of his or her own identity.

If the agent does not satisfy these requirements, we will deny the request.

MatreshQA supports each of these rights with appropriate procedures that allow you to take the necessary measures within the time frames indicated in the table.

Data subject request	Timeline
Right to know	45 days
Right to data portability	45 days
Right to delete	10 days (response to how the request will be processed)and 45 days (deletion)
Right to Opt-Out	15 days

9. Children’s Privacy

We understand the importance of taking extra precautions to protect the privacy and safety of children. Our Sites are not intended for use by anyone under the age of sixteen and don’t address users under the age of sixteen. We do not knowingly collect any personal data from users under the age of sixteen and we delete any personal data of such users if we discover that such data has been shared with us.

If you are a parent or guardian and are aware a child under the age of thirteen has disclosed personal data to us, please contact us. We will delete any personal data immediately if we discover that a user younger than the age of thirteen has provided it to us.

10. Cookies

When you visit the MatreshQA websites, we may place cookies and similar analytical codes (collectively, “Cookies”) on your device, browser or the webpage you are viewing, in order to personalize your experience, understand usage patterns and provide, improve, and secure the MatreshQA websites. Cookies are simple computer files made of text. Cookies do not typically contain any information that personally identifies someone, but personal data that we store about you may be linked to the information obtained from cookies.

Our websites use different types of Cookies for different reasons, as follows:

Functional cookies — these Cookies are essential to enable you to move around the MatreshQA websites and use their features. These Cookies make sure you can view the websites and use them in a proper way. They also give you access to secured parts of the MatreshQA websites.
Analytical cookies — these Cookies help us improve all our websites, collect anonymous information about how visitors use our websites, collect information about the most visited pages and tell us whether and how many error messages were displayed.
Third-party cookies — these Cookies help third parties to help track and manage the effectiveness of, for example, their websites, ads, number of visitors. More information about these Cookies may be available on the relevant third party’s website. Links to detailed information about the use of cookies by third parties: Google, Facebook, Google Analytics, Yandex Metrica.

How long do Cookies last?

How long do the Cookies stay on your device depends on type of the Cookies: Permanent or Session.

«Session» cookies will only exist until you close your browser.
«Permanent» cookies remain in effect until the set expiration date of the cookie or until the moment you delete them (for example, by deleting your browsing history or by purposefully deleting them though browser settings).

The lifespan of our Permanent Cookies is not more than 6 months from the date of the last visit to the Website.

The lifespan of third parties Cookies is defined in the links below. The lifespan of certain third parties Cookies may last up to 10 years. Third parties can improve their products, change lifespan period and the functionality of Cookies to some extent.

Cookies disclaimer

Most web browsers automatically accept cookies but also provide controls that allow you to block or delete them.

It is also possible to manage browser settings to allow certain Cookies or notify you when you’ve received a new Cookie so you can decide whether accept it or not. There are different resources to set up rules for the Cookies. Please also check your browser’s help menu for more information.

Here are links to the Cookies documentation of popular browsers: Microsoft Internet Explorer, Google Chrome, Safari, Safari (mobile), Firefox, Android Browser, Opera, Opera (mobile).

You can also restrict or delete objects similar to Cookies, for example, flash cookies, by managing the settings of your browser. Because our Cookies allow you to access some of the features of our Website, we recommend you to keep them. Without certain cookies, some functionality of our Service may be restricted.

Cookies collected through the Website interface

These cookies are strictly necessary to provide you Website and Service and to use some of its features, such as access to secure areas. Because these cookies are strictly necessary, you cannot refuse them otherwise our Website or Service may not operate correctly. You can block or delete them by changing your browser settings.

ANALYTICS COOKIES

These cookies collect information to help us understand how our Website and Service are being used, how effective our marketing campaigns are, or to help us customize our Website and Service for you.

Yandex collects information that allows us to understand your interaction with our Website, track attendance rates, so we can improve user characteristics.
Google Analytics gathers information allowing us to understand interactions with our Website and Service and ultimately refine that experience to better serve you.

ADVERTISING (TARGETING) COOKIES

These cookies are used to show you more relevant ads. They also perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed, and in some cases selecting advertisements that are based on your interests.

Google. These cookies are used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.
Facebook. Cookies are used by Facebook to run advertising campaigns in the social network Facebook.

If you want to receive more information about the cookies we use, please contact us.

You can adjust your browser settings to delete some of our cookies or cookies set by third parties. You may also adjust your browser settings to prevent websites from setting cookies or third-party cookies altogether. If you prevent us from setting specific cookies, you may find that some functions are not available or that certain parts of the website will not load.

11. Links to Other Websites

Our Sites may contain links to third party websites that are not operated by us. By clicking on such a third party link, you will be directed to that third party’s website. Therefore, MatreshQA cannot be responsible for the protection and privacy of any information which user provides whilst visiting such sites and such sites are not governed by this Privacy Policy. We strongly advise you to review the Privacy Policy of every site you visit.

12. Contact Us

For any requests regarding this Privacy Policy please contact us:

By submitting a letter to MatreshQA: Nauchnyy proyezd, d. 17, et. 11, pom. IV, kom. 11, Moscow, 117246, Russia.

By visiting the Contact Us section of our website.

By sending an email at ask@matreshqa.com.

By calling: +7-953-672-99-75.

Effective Date: April 1, 2020.