Privacy Policy

1. General Provisions

1.1. This personal data processing policy has been compiled in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 "On Personal Data" and defines the procedure for processing personal data and measures to ensure the security of personal data taken by the Administration of the TDS.SO Website (hereinafter - the Administration).

1.2. The Administration considers its most important goal and condition for carrying out its activities to be the observance of human and civil rights and freedoms in the processing of personal data, including the protection of the rights to privacy, personal and family secrets.

1.3. This Administration policy regarding the processing of personal data (hereinafter - the Policy) applies to all information that the Administration can obtain about visitors to the website https://tds.so.

2. Basic Concepts

2.1. Automated processing of personal data - processing of personal data using computer technology.

2.2. Blocking of personal data - temporary termination of processing of personal data (except for cases where processing is necessary to clarify personal data).

2.3. Website - a set of graphic and information materials, as well as computer programs and databases that ensure their availability on the Internet at the network address https://tds.so.

3. Personal Data Being Processed

3.1. The Administration processes the following personal data of the User:

  • E-Mail address
  • Phone number (for Telegram integration)
  • IP address
  • Geolocation (country, city)
  • Payment information (without full card details)
  • History of created domains and redirects
  • Cookie file data
  • Browser and device information
  • Access timestamps
  • Requested page addresses
  • Traffic indicators and system usage
  • AI generation usage data

3.2. The site collects and processes anonymized data about visitors (including "cookie" files) using Internet statistics services (Google Analytics, Yandex.Metrica, ClickHouse).

3.3. Personal data retention periods:

3.3.1. Account data: for the duration of the contract + 3 years

3.3.2. Access and activity logs: 6 months

3.3.3. Payment data: 5 years (requirement of Federal Law No. 115 "On Countering the Legalization of Income")

3.3.4. Marketing data: until consent is withdrawn

3.3.5. Statistical data: 3 years

4. Purposes of Personal Data Processing

4.1. The purposes of processing the User's personal data:

  • Providing access to site services
  • Establishing feedback with the User
  • Confirming the accuracy and completeness of the data provided
  • Providing effective customer support
  • Carrying out advertising activities with the User's consent
  • Conducting statistical and other research

5. Legal Basis for Personal Data Processing

5.1. The Administration processes the User's personal data only if they are provided by the User and exclusively for the purposes specified in section 4 of this Policy.

5.2. Personal data processing is carried out on the following legal grounds:

  • Performance of a contract (Art. 6(1)(b) GDPR) — to provide access to services
  • Legitimate interests (Art. 6(1)(f) GDPR) — to ensure security and prevent fraud
  • Consent (Art. 6(1)(a) GDPR) — for marketing communications
  • Legal obligations (Art. 6(1)(c) GDPR) — to comply with the requirements of Federal Law No. 115, tax legislation
  • Federal Law No. 152-FZ of July 27, 2006 "On Personal Data"

6. Procedure and Conditions for Personal Data Processing

6.1. Personal data processing is carried out in compliance with the principles and rules provided for by the Federal Law "On Personal Data".

6.2. Personal data processing is carried out by:

  • Receiving personal data in electronic form through the site
  • Entering personal data into the Administration's databases
  • Using personal data in accordance with the stated purposes

7. Cross-Border Transfer of Personal Data

7.1. Personal data may be transferred to the following countries:

7.1.1. European Economic Area (EEA) countries — adequate level of protection under GDPR

7.1.2. USA — based on Standard Contractual Clauses

7.1.3. Russian Federation — in accordance with Federal Law No. 152

7.2. We use the following mechanisms to ensure security:

7.2.1. Data encryption during transfer

7.2.2. Data Processing Agreements (DPA)

7.2.3. Risk assessment for data transfers

8. Rights of Personal Data Subjects

8.1. In accordance with Federal Law No. 152 and GDPR, you have the following rights:

8.1.1. Basic rights:

  • Right of access to your data (GDPR Art. 15) — receive a copy of your data
  • Right to rectification (GDPR Art. 16) — correct inaccurate data
  • Right to erasure (GDPR Art. 17) — "right to be forgotten"
  • Right to restriction of processing (GDPR Art. 18)
  • Right to data portability (GDPR Art. 20) — receive data in a structured format
  • Right to object (GDPR Art. 21) — object to processing
  • Right to withdraw consent at any time

8.1.2. How to exercise your rights:

• Send a request to privacy@tds.so

• Specify your email and describe your request

• We will respond within 30 days

• We may request additional information for your identification

8.2. Limitations of rights:

8.2.1. We may refuse to delete data if it is required for legal compliance

8.2.2. Some data is necessary for contract performance

8.2.3. Anonymized data cannot be restored

9. Security Measures

9.1. We take the following measures to protect your data:

9.1.1. Technical measures:

  • SSL/TLS encryption for all connections
  • Database encryption
  • Two-factor authentication
  • Regular backups
  • 24/7 security monitoring
  • DDoS protection through Cloudflare

9.1.2. Organizational measures:

  • Limited data access
  • Employee training
  • Non-disclosure agreements (NDA)
  • Security audits

9.2. Breach notification:

9.2.1. We undertake to notify you within 72 hours of any data breach

9.2.2. The notification will contain information about the nature of the breach and measures taken

9.2.3. We will report to Roskomnadzor in cases provided for by law

10. GDPR Compliance

10.1. Additional GDPR requirements apply to users from the European Union.

10.2. Data Controller:

Name: TDS.SO Limited

Email: legal@tds.so

Address: [to be specified after company registration]

10.3. Data Protection Officer (DPO):

Email: dpo@tds.so

Feedback form: tds.so/privacy-request

10.4. Right to lodge a complaint:

10.4.1. You have the right to lodge a complaint with the supervisory authority of your country

10.4.2. For Russia — Roskomnadzor (rkn.gov.ru)

10.4.3. List of EU supervisory authorities: edpb.europa.eu

11. Cookies and Analytics

11.1. We use cookies in accordance with our Cookie Policy.

11.2. Analytics services used:

  • Google Analytics — traffic and behavior analysis
  • Yandex.Metrica — web analytics
  • ClickHouse — internal traffic analytics

11.3. You can opt out of analytical cookies through the cookie settings on the site.

12. Final Provisions

12.1. The User can receive any clarifications on issues of personal data processing:

General inquiries: privacy@tds.so

GDPR requests: dpo@tds.so

Legal matters: legal@tds.so

12.2. Policy changes:

12.2.1. We will notify you of significant changes via email and site notification

12.2.2. Changes take effect 30 days after publication

12.3. The current version of the Policy is always available at tds.so/docs-privacy.

12.4. Applicable law: the legislation of the Russian Federation and GDPR (for EU residents).

12.5. Policy language: Russian is the primary language. In case of discrepancies between versions, the Russian version takes priority.

Last updated: 20.07.2025