Privacy Policy

At Charla, accessible from https://charla.io/, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by Charla and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us: welcome@charla.io.

1. Privacy Policy

This Privacy Policy (hereinafter referred to as the " Privacy Policy") defines the obligations of "Charla" (hereinafter referred to as the "Operator" ) for non-disclosure and ensuring the protection of personal data confidentiality provided by the User to the Website https://charla.io/ (hereinafter referred to as the "Website" ).

The Privacy Policy applies to all information that the Website may collect about the user while using the Website's services. By registering on the Website, the User agrees to all the terms of the Privacy Policy.

The Privacy Policy may be amended by the Operator without prior notice to the User. The current version of the Privacy Policy is always available on the Internet at: https://charla.io/.

2. Key concepts used in the Privacy Policy

2.1. Automated processing of personal data — processing of personal data using computer technology.

2.2. Blocking of personal data — temporary cessation of processing of personal data (except in cases where processing is necessary to clarify personal data).

2.3. Website — a collection of graphic and information materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https://charla.io/.

2.4. Personal data information system — a set of personal data contained in databases and information technologies and technical means ensuring their processing.

2.5. Anonymization of personal data — actions as a result of which it is impossible to determine without using additional information the affiliation of personal data to a specific User or another subject of personal data.

2.6. Processing of personal data — any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.

2.7. Operator — a state body, municipal body, legal or physical person, independently or jointly with other persons organizing and/or carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data.

2.8. Personal data — any information related directly or indirectly to a specific or identifiable User of the website https://charla.io/.

2.9. Personal data allowed by the subject of personal data for distribution — personal data to which access by an unlimited number of people is provided by the subject of personal data by giving consent to the processing of personal data allowed by the subject of personal data for distribution in the manner prescribed by the Law on Personal Data (hereinafter referred to as personal data allowed for distribution).

2.10. User — any visitor to the website https://charla.io/.

2.11. Provision of personal data — actions aimed at disclosing personal data to a certain person or a certain circle of persons.

2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or acquainting an unlimited number of persons with personal data, including public disclosure of personal data in the mass media, placement in information and telecommunication networks, or providing access to personal data in any other way.

2.13. Cross-border transfer of personal data — the transfer of personal data to the territory of a foreign state to a foreign state authority, a foreign individual, or a foreign legal entity.

2.14. Destruction of personal data — any actions as a result of which personal data are irretrievably destroyed with the impossibility of further restoration of the content of personal data in the personal data information system and/or the physical carriers of personal data are destroyed.

3. User Personal Data

3.1. General Provisions

Upon registration, the User provides the Operator with personal data, including first and last name, Telegram account, and email address. The Website may automatically or with the User's participation collect additional information, including IP address, browser version, country, language, utm parameters, partner tags, the address of the page from which the User navigated to the Website, and other technical data that may be used to identify the User without applying additional measures.

The User may be asked for permission to grant access to third-party Service accounts, including, but not limited to, public file storage, instant messaging service, social networks, etc., in order to use various Services of the Website. In this case, the Website may receive additional personal data from third parties, including, but not limited to, gender, location, user avatar (userpic), etc. All information accessible through a third-party service provider is processed and stored in accordance with the Privacy Policy.

3.2. Payment Policy

Payment for the Tariff, in accordance with which the User uses the Website's services, is made through one of the payment systems: Visa, MasterCard, Shopify Pay. These payment systems collect and store financial information in accordance with their User Agreement and Privacy Policy.

The Operator does not store full card details and does not process payments, receiving only a notification of successful payment from the payment system.

In the process of receiving payment for the Tariff, the Operator may collect additional information related to the payment made by the User, including, among others, the transaction number, transaction time, type and expiration date of the card used for payments, as well as the last four digits of the card number, cardholder name, and the country and city where the funds were debited from the card.

3.3. Personal Data Requested by Third-party Services

To use various services of the Website, the User may be required to provide access to accounts of third-party service providers, including, but not limited to, public file storage, instant messaging services, social networks, etc. In this case, the Operator may receive additional personal data from third parties. All information accessible through a third-party service provider is processed and stored in accordance with the User Agreement and Privacy Policy.

3.4. Activity Logging

For security purposes and to prevent fraudulent activities, the following user activities are logged in the personal account: the date and time of the authorization fact, the date and time of the request creation.

4. Methods of Collecting Personal Data

The main ways in which the Operator obtains personal data from the User:

a) The User provides personal data directly (for example, during registration or when using a payment system).
b) Personal data is collected automatically when the User views or uses the Website, for example, through the use of cookies (more details on this can be found in the Cookie Usage Policy).
c) The User may voluntarily provide personal data when connecting and using third-party services integrated into the Website.

5. Use of Personal Data

The Operator may use the personal data provided by the User for:

a) Creating a User Account and Personal Cabinet for working with the Website.
b) Providing customer service and technical support.
c) Sending mail notifications such as registration confirmation, reminders and warnings about upcoming or completed payments, activation of the trial period and notification of its expiration, notifications about significant changes in customer service.
d) Sending educational materials by mail on how to use the Website.
e) Providing a customized service.
f) Integrating third-party services that enable additional functions voluntarily and independently added by the User.
g) Sending notifications about payments made on the User's site.
h) Improving the operation of the Website and providing higher quality services.

6. How We Use Personal Information

We may use Personal Information for the following purposes:

• To provide, administer, maintain, and/or analyze our Services.
• To improve our Services and conduct research.
• To communicate with you, including sending you information about our Services and events.
• To develop new programs and services.
• To prevent fraud, criminal activity, or misuse of our Services, and to protect the security of our IT systems, architecture, and networks.
• To conduct business transactions.
• To comply with legal obligations and legal processes and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

Aggregated or De-identified Information. We may aggregate or de-identify Personal Information in such a way that it can no longer be used to identify you, and use such information for analyzing the effectiveness of our Services, improving and adding features to our Services, conducting research, and for other similar purposes. Additionally, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information, such as general user statistics, with third parties, publish such aggregated information, or make such aggregated information publicly available. We will retain and use de-identified information in an anonymous or de-identified form and will not attempt to re-identify the information, except as required by law.

As noted above, we may use the Content that you provide to us to improve our Services.

7. Transfer of Personal Data to Third Parties

Users may be asked for personal data and other information by third parties, for example, when it is necessary to make a payment or add additional features using third-party services integrated with the Website. The User voluntarily transmits personal data and other information. All personal data requested by third parties must be processed and stored in accordance with the User Agreement and Privacy Policy of said third parties.

The Operator may transfer personal data to suppliers who provide services on behalf of the Operator. For example, the Operator may engage third parties to provide customer support, manage ads on external resources, send marketing and other messages on behalf of the Operator, or assist in data storage. These third parties are prohibited from using the personal data of Users for advertising purposes.

The Operator may disclose User personal data within the framework of the law or to protect rights and interests if such disclosure is necessary to comply with the law or prevent fraud. In particular, the Operator may disclose User personal data in response to official requests from state authorities or in case of a complaint against the User related to the infringement of third-party rights and/or User Agreement on grounds provided by law.

The Operator may share personal data with third parties for the purpose of providing targeted advertising to the User, analyzing and monitoring its effectiveness. For example, the Operator may use an encrypted email address to set up advertising on a social network, so as not to show ads to people who are already Users of the Website.

8. Rights and Obligations of the Personal Data Subject

8.1. Depending on their location, individuals may have certain legal rights concerning their Personal Information. For example, you may have the right to:

• Access your Personal Information and information about how it is processed.
• Delete your Personal Information from our records.
• Correct or update your Personal Information.
• Transfer your Personal Information to a third party (right to data portability).
• Restrict how we process your Personal Information.
• Withdraw your consent – when we rely on consent as a lawful basis for processing at any time.
• Object to how we process your Personal Information.
• File a complaint with the local data protection authority.

You may exercise some of these rights through your account. If you cannot exercise your rights through your account, please send a request to welcome@charla.io.

8.2. Subjects of personal data are obliged to:

• Provide the Operator with accurate data about themselves.
• Inform the Operator about the specification (update, change) of their personal data.

9. Main Rights and Obligations of the Operator

9.1. The Operator has the right to:

• Receive accurate information and/or documents containing personal data from the subject of personal data.
• In case of withdrawal by the subject of personal data of consent to the processing of personal data, as well as when a request is made to stop processing personal data, the Operator is entitled to continue processing personal data without the consent of the subject of personal data if there are grounds specified in the Personal Data Law.
• Independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of the obligations provided by the Personal Data Law and the regulatory legal acts adopted in accordance with it unless otherwise provided by the Personal Data Law or other federal laws.

9.2. The Operator is obliged to:

• Provide the subject of personal data, upon his request, with information concerning the processing of his personal data.
• Organize the processing of personal data in the order established by the current legislation.
• Respond to appeals and requests of subjects of personal data and their legal representatives in accordance with the requirements of the Personal Data Law.
• Provide the authorized body for the protection of the rights of subjects of personal data with the necessary information upon the request of this body within 10 days from the date of receiving such a request.
• Publish or otherwise provide unrestricted access to this Policy regarding the processing of personal data.
• Take legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other illegal actions in relation to personal data.
• Terminate the transfer (distribution, provision, access) of personal data, stop processing and destroy personal data in the manner and cases provided by the Personal Data Law.
• Fulfill other obligations provided by the Personal Data Law.

10. Information Storage

The processing and storage of the User's personal data are carried out on lawful grounds for the duration of the existence of the User's account. In the event of account deletion, some information may be retained to the extent necessary to fulfill legal obligations, resolve disputes, prevent fraud, and protect the legitimate interests of the Operator.

The Operator takes all necessary technical and organizational precautions to protect the User's personal data from unauthorized or accidental access, deletion or alteration, blocking, copying, disclosure, or other unauthorized actions by third parties.

In the event of loss or disclosure of the User's personal data, the Operator informs the User about the fact of the loss or disclosure of his personal data.

11. Management of Personal Data

The User can update, modify, or delete Personal Data that they have provided or that have been collected on the User's site, directly in the Personal Cabinet, or by sending a corresponding request to the email address welcome@charla.io. This same address can be used by the User to request the deletion of their Account.

For technical reasons, information may not be deleted immediately but may be delayed. It is also necessary to consider that some information may be retained to the extent necessary to fulfill legal obligations, resolve disputes, prevent fraud, and protect the legitimate interests of the Operator.

12. Data Security and Storage

We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Information both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, data transmission over the Internet or via email is never completely secure or error-free. In particular, emails sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or email. Additionally, we are not responsible for circumvention of any privacy settings or security measures contained in the Service or on third-party websites.

We will store your Personal Information only for as long as necessary to provide you with our Services or for other legitimate business purposes, such as resolving disputes, ensuring security, or fulfilling our legal obligations. The duration for which we store Personal Information will depend on a number of factors, such as the amount, nature, and confidentiality of the information, the potential risk of harm from unauthorized use or disclosure, our purpose for processing the information, and any legal requirements.

While we strive to comply with all applicable laws and regulations regarding data protection and privacy in each region where we provide our services, it should be noted that data protection laws can significantly vary across different countries and regions. Therefore, it is important to understand that certain aspects of our Privacy Policy may be adapted to meet the specific requirements of a particular region or country.

The following sections describe additional terms and rules applicable to users from specific regions, including Europe and various states of the USA. However, these conditions provide a general overview and may not cover all nuances of local legislation. We encourage users to familiarize themselves with local data protection and privacy laws that may apply to them.

Europe

If you are located in the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“UK”), our legal basis for collecting and using the Personal Data described in this Policy will depend on the relevant Personal Data and the specific context in which we collect it. However, as a general rule, we collect your personal data only when we have your consent to do so, when the personal data is needed for us to perform a contract with you, or when the processing serves our legitimate interests and does not override your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect your personal data.

Charla may transfer information within the company or to third parties, as further described in this Policy. When we transfer Personal Data of individuals in the EEA, Switzerland, or the UK to third parties, we use various legal mechanisms to protect the transfer, including the standard contractual clauses approved by the European Commission, as well as additional safeguards where appropriate. Inquiries regarding data protection can be directed to welcome@charla.io.

California

For residents of California or individuals whose data was collected in California, we provide data protection in accordance with the California Consumer Privacy Act (CCPA). Our approach to data processing and user rights aligns with this law but may differ in some aspects. You have the right to access your data, have it corrected or deleted, and to request information about the collection and distribution of your personal data. To exercise your rights or for additional information, please contact us at welcome@charla.io.

USA (Excluding California)

For residents of the USA, excluding the state of California, we ensure data protection and confidentiality in accordance with US federal legislation and applicable state laws. Our procedures in collecting, using, and disclosing personal data conform to widely accepted standards and regulatory requirements. If you have questions or concerns related to your personal data, please contact us at welcome@charla.io. We are committed to maintaining high standards of privacy and data protection for all our users, regardless of their location.

Please note that this information is provided for educational and informational purposes only and should not be considered legal advice. If you have specific questions or concerns about the processing of your personal data, please contact us at welcome@charla.io.

You can contact us at welcome@charla.io with questions related to the processing of personal data.

14. Log Files

Charla follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

15. Cookies and Web Beacons

Like any other website, Charla uses "cookies". These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.

16. Children's Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

Charla does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.

17. Contacts

If you have any questions, comments, or complaints regarding this Privacy Policy, please contact us by sending an email to welcome@charla.io. A response will be sent within the time period established for considering inquiries.