1. General Provisions
This Personal Data Processing Policy is issued in accordance with Federal Law No. 152‑FZ “On Personal Data” dated July 27, 2006 (“Personal Data Law”) and outlines how CPA.LIVE (“Operator”) collects, stores, processes, and protects personal data of users of https://cpa.live/en.
1.1. Ensuring the rights and freedoms of individuals—particularly the right to privacy and confidentiality of personal and family life—is a primary objective of the Operator.
1.2. This Policy applies to all personal data obtained by the Operator from visitors of https://cpa.live/en.
1.3. In compliance with Russian data localization requirements, storage and processing of personal data of Russian citizens are conducted using databases located within the Russian Federation.
2. Definitions
2.1. Automated processing — processing performed using computing hardware.
2.2. Blocking of personal data — temporary suspension of processing (unless needed to clarify data).
2.3. Website — collection of graphical and informational materials, software, and databases at https://cpa.live/en.
2.4. Personal data information system — databases containing personal data and tools for their processing.
2.5. Anonymization — actions rendering personal data incapable of identifying an individual.
2.6. Personal data processing — any operation performed on personal data (collection, storage, use, transmission, etc.).
2.7. Operator — party determining purposes and means of personal data processing.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable individual.
2.9. Public personal data — data that the User has consented to make publicly available.
2.10. User — any visitor to https://cpa.live/en.
2.11. Providing personal data — disclosing personal data to a specific person or group.
2.12. Distribution — disclosing personal data to an indefinite number of persons.
2.13. Cross-border transfer — transfer of personal data to foreign recipients.
2.14. Destruction — irreversible deletion of personal data from the information system.
3. Rights and Obligations of the Operator
3.1. The Operator has the right to:
- Request accurate personal data from Users.
- Continue processing after withdrawal of consent when permitted by law.
- Independently implement necessary measures to comply with the Personal Data Law.
3.2. The Operator is obliged to:
- Provide Users with information about their personal data upon request.
- Process data in accordance with current Russian legislation.
- Respond to User requests within statutory deadlines.
- Notify authorities upon request within 10 days.
- Publish and ensure access to this Policy.
- Protect personal data from unauthorized access or disclosure.
- Cease processing and destroy or anonymize data when required.
- Fulfill all other obligations under the Personal Data Law.
4. Rights and Obligations of Users
4.1. Users have the right to:
- Obtain information about the processing of their personal data.
- Require correction, blocking, or deletion of their data.
- Withdraw consent at any time.
- Opt-in to marketing processing in advance.
- Challenge Operator actions in court or with authorities.
- Exercise other rights as provided by law.
4.2. Users are obliged to:
- Provide accurate personal data.
- Notify the Operator of updates or changes to their data.
4.3. Providing false personal data or third-party data without consent creates liability under Russian law.
5. Processing Principles
5.1. Processing must be lawful and fair.
5.2. Data is processed only for specific, declared, and lawful purposes.
5.3. Databases must not be merged in a way that violates processing purposes.
5.4. Only necessary data can be processed.
5.5. Data content and scope must match processing purposes.
5.6. Data must be accurate, sufficient, and up‑to‑date.
5.7. Data is stored only as long as necessary and then destroyed or anonymized.
6. Purposes of Processing
| Purpose | Personal Data Types Collected | Legal Basis |
|---|---|---|
| Access to site services and materials | Full name, email, phone number, date/place of birth, photos | Federal Law No. 149‑FZ on Information |
| Communication related to newsletters or updates | Email address |
7. Processing Conditions
7.1. Processing is based on User consent.
7.2. Processing may occur to fulfill legal obligations or contracts.
7.3–7.5. Processing is also permitted for public interest, legal claims, or User’s consent to make data public.
8. Data Handling Procedures
8.1. Operator ensures security and prevents unauthorized access.
8.2. Personal data is never disclosed except as required by law or with explicit consent.
8.3. Users may correct inaccuracies via email to admin@cpa.live.
8.4. Processing ceases when purposes are met, consent is withdrawn, or storage period expires.
8.5. Third-party services handle data under their own policies; Operator is not responsible.
8.6. Restrictions on data do not apply when processing is required by law or in public interest.
8.7. Confidentiality is maintained at all stages.
8.8. Data is stored only as long as necessary.
8.9. Processing ends upon consent withdrawal or completion of processing.
8.10. Consent is collected via checkbox; submission is blocked if not given.
9. Data Processing Actions
9.1. Operator collects, records, systematizes, stores, updates, retrieves, uses, transfers, anonymizes, blocks, deletes, and destroys personal data.
9.2. Processing may be automated or manual.
10. Cross-border Transfer
10.1. Operator notifies authorities before cross-border data transfer.
10.2. Operator obtains necessary permissions from foreign entities before transfer.
11. Confidentiality
All individuals with access to personal data must maintain confidentiality and cannot disclose data without consent, unless required by law.
12. Final Provisions
12.1. Inquiries can be directed to admin@cpa.live.
12.2. This Policy may be updated; the current version is posted at https://cpa.live/en/personal-data-processing-policy/.
12.3. Last updated May 9, 2025.
12.4. Contact: admin@cpa.live; Telegram: @d_medvedko
13. Cookies and Analytics
13.1. Cookie and analytics usage (e.g., Yandex.Metrica) complies with Russian law for site functionality, user behavior analysis, and content improvement.
13.2. Only analytics that process data on Russian territory are used.
13.3. On first visit, Users may give or refuse consent; categories include technical, analytics, marketing cookies.
13.4. Refusal does not restrict access to main site content.
