Logo

Privacy Policy for Personal Data of Website Users

1. General Provisions

1.1. This Privacy Policy for Personal Data of website users (hereinafter referred to as the Policy) has been developed in compliance with the requirements of Article 18.1 of Federal Law No. 152-FZ dated 27 July 2006 “On Personal Data”, as well as other regulatory legal acts of the Russian Federation in the field of protection and processing of personal data.

1.2. Individual Entrepreneur Yusifov Yusif Arif Ogly (TIN: 290220717981, OGRNIP: 312293211700027, address: Russia, Leningrad Region, Vsevolozhsky Municipal District, Murino Rural Settlement, Shuvalova Street, house No. 23, apartment 716) (hereinafter referred to as the Operator) ensures protection of the personal data being processed against unauthorized access and disclosure, unlawful use, or loss in accordance with the requirements of Federal Law No. 152-FZ dated 27 July 2006 “On Personal Data”.

1.3. The Policy is a publicly available document and applies exclusively to the website located on the Internet information and telecommunications network at https://qoople.com (hereinafter referred to as the Website).

1.4. This Policy does not apply to third-party websites that a personal data subject may access through the Website.

1.5. The Policy establishes general requirements and rules mandatory for the Operator’s employees involved in personal data processing when working with all types of information carriers containing personal data of personal data subjects using the Website.

1.6. This Policy does not apply to matters related to ensuring the security of personal data classified as information constituting a state secret of the Russian Federation.

1.7. The terms defined in Article 3 of the Law on Personal Data are used in this Policy with the same meaning.

1.8. The following terms are also used in this Policy:

Personal Data Subject, User / Website Visitor – any individual who visits the Website and uses the information, materials, and services of the Website.

Website – a combination of software and hardware tools for computers that ensure the publication of information and data for public access, united by a common purpose, through technical means used for communication between computers on the Internet.

Confidentiality of Personal Data – a mandatory requirement for the Operator or any other person who has obtained access to personal data not to disclose to third parties or disseminate personal data without the consent of the personal data subject or other lawful grounds provided by federal law.

1.9. Basic rights and obligations of the Operator.

1.9.1. The Operator has the right to:

  • independently determine the composition and list of measures necessary and sufficient to ensure fulfillment of the obligations stipulated by the Law on Personal Data and regulatory legal acts adopted pursuant thereto, unless otherwise provided by this law or other federal laws;
  • entrust the processing of personal data to another person with the consent of the personal data subject, unless otherwise provided by federal law, on the basis of a contract concluded with such person. A person processing personal data on behalf of the Operator shall comply with the principles and rules of personal data processing established by the Law on Personal Data, ensure confidentiality of personal data, and take the necessary measures aimed at fulfilling the obligations stipulated by said law;
  • obtain from the User reliable information and/or documents containing personal data for the processing purposes specified in clause 2.3 of the Policy;
  • in the event the User withdraws consent to the processing of personal data or submits a request demanding termination of personal data processing, continue processing personal data without the consent of the personal data subject only if the grounds specified in the Law on Personal Data exist.

1.9.2. The Operator is obliged to:

  • organize the processing of personal data exclusively for the purposes specified in clause 2.3 of the Policy, in the manner established by the current legislation of the Russian Federation;
  • provide the User, upon request, with information relating to the processing of the User’s personal data;
  • respond to requests and inquiries of the User and the User’s legal representative in accordance with the requirements of the Law on Personal Data;
  • provide the authorized body for the protection of the rights of personal data subjects, upon its request, with the necessary information within the time limits established by law;
  • take legal, organizational, and technical measures to protect personal data against unlawful or accidental access thereto, destruction, modification, blocking, copying, provision, dissemination, as well as other unlawful actions in relation to personal data;
  • cease transfer (dissemination, provision, access) of personal data, terminate processing, and destroy personal data in the manner and cases provided by the Law on Personal Data;
  • perform other obligations stipulated by the Law on Personal Data.

1.10. Basic rights and obligations of the User.

1.10.1. The User has the right to:

  • obtain information relating to the processing of the User’s personal data, including information about the Operator, confirmation of the fact of processing, as well as the right to access the User’s personal data, except in cases provided by the legislation of the Russian Federation;
  • require the Operator to rectify, block, or destroy the User’s personal data if such personal data are incomplete, outdated, inaccurate, unlawfully obtained, or not necessary for the stated processing purpose, as well as to take measures provided by law to protect the User’s rights;
  • withdraw consent to the processing of personal data and submit a request demanding termination of personal data processing;
  • appeal actions or inaction of the Operator to the authorized body for the protection of the rights of personal data subjects or to a court if the User believes that the Operator processes the User’s personal data in violation of Federal Law No. 152-FZ dated 27 July 2006 “On Personal Data” or otherwise violates the User’s rights and freedoms;
  • exercise other rights provided by the legislation of the Russian Federation.

1.10.2. The User is obliged to:

  • ensure the accuracy of personal data provided to the Operator as necessary for the processing purposes specified in clause 2.3 of the Policy;
  • notify the Operator of any update or change to the User’s personal data.

1.11. Liability for violation of the requirements of the legislation of the Russian Federation and the Operator’s regulatory acts in the field of processing and protection of personal data shall be determined in accordance with the legislation of the Russian Federation.

2. Purposes and Legal Grounds for Personal Data Processing

2.1. Personal data processing shall be limited to the achievement of specific, predetermined, and lawful purposes. Processing of personal data that is incompatible with the purposes of personal data collection is not permitted.

2.2. Only personal data that correspond to the purposes of their processing shall be subject to processing.

2.3. The Operator processes personal data on the Website for the following purposes:

·        identification of the User and provision of access to the Website functionality, including registration, authorization, and use of the personal account of an owner, investor, tenant, or partner;

·        processing inquiries and establishing feedback, including consultations, responses to requests, and provision of customer and technical support;

·        registration, confirmation, and support of real estate reservations;

·        preparation, conclusion, performance, and support of civil law contracts;

·        provision of real estate management services, including settlements, reporting, interaction with government authorities, and fulfillment of obligations to property owners;

·        execution of settlements and financial transactions, including invoicing, preparation of reports, accounting of payments, and fulfillment of tax and accounting obligations;

·        sending informational and service notifications related to service provision, reservation status, contracts, changes in terms, and operation of the service;

·        sending advertising and marketing materials regarding the Operator’s products and services, special offers, and company news, subject to the consent of the personal data subject;

·        promotion of goods, works, and services on the market;

·        collection and analysis of statistical information on Website operation and user behavior in order to improve functionality, service quality, and Website security;

·        compliance with the requirements of the legislation of the Russian Federation, the Republic of Turkey, and other applicable jurisdictions;

·        other purposes provided for by the current legislation of the Russian Federation.

2.4. Regulatory legal acts pursuant to which and in accordance with which the Operator processes personal data:

·        the Constitution of the Russian Federation;

·        the Civil Code of the Russian Federation;

·        the Law of the Russian Federation No. 2300-I dated 07 February 1992 “On Consumer Rights Protection”;

·        Federal Law No. 109-FZ dated 18 July 2006 “On Migration Registration of Foreign Citizens and Stateless Persons in the Russian Federation”;

·        Federal Law No. 149-FZ dated 27 July 2006 “On Information, Information Technologies and Information Protection”;

·        Federal Law No. 152-FZ dated 27 July 2006 “On Personal Data”;

·        Federal Law No. 294-FZ dated 26 December 2008 “On Protection of the Rights of Legal Entities and Individual Entrepreneurs in the Exercise of State Control (Supervision) and Municipal Control”;

·        Decree of the President of the Russian Federation No. 188 dated 06 March 1997 “On Approval of the List of Confidential Information”;

·        Decree of the Government of the Russian Federation No. 1119 dated 01 November 2012 “On Approval of Requirements for the Protection of Personal Data during Processing in Personal Data Information Systems”;

·        Order of the Federal Service for Technical and Export Control of Russia No. 21 dated 18 February 2013 “On Approval of the Composition and Content of Organizational and Technical Measures to Ensure Personal Data Security during Processing in Personal Data Information Systems”;

·        other regulatory legal acts governing relations related to the Operator’s activities.

2.5. The legal grounds for personal data processing also include:

·        processing of personal data based on the consent of the personal data subject;

·        processing of personal data necessary to achieve purposes stipulated by an international treaty of the Russian Federation or by law, and to perform the functions, powers, and obligations imposed on the Operator by the legislation of the Russian Federation;

·        processing of personal data necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, as well as for entering into a contract at the initiative of the personal data subject or a contract under which the personal data subject will be a beneficiary or guarantor. Such a contract may not contain provisions restricting the rights and freedoms of the personal data subject, establishing cases of processing personal data of minors unless otherwise provided by the legislation of the Russian Federation, or provisions allowing the personal data subject’s inaction as a condition for contract conclusion;

·        processing of personal data necessary for the exercise of the rights and legitimate interests of the Operator or third parties.

3. Scope and Categories of Personal Data Processed, Categories of Personal Data Subjects

3.1. The content and scope of the personal data processed shall correspond to the stated processing purposes set out in Section 2 of this Policy. Personal data processed shall not be excessive in relation to the stated purposes of their processing.

3.2. The Operator may process personal data of the following categories of personal data subjects:

3.2.1. Website visitors – for the purpose of identifying the User and providing access to the Website functionality, including registration, authorization, and use of the personal account of an owner, investor, tenant, or partner:

·        surname, first name, patronymic;

·        email address;

·        phone number.

3.2.2. Website visitors – for the purpose of processing inquiries and establishing feedback, including consultations, responses to requests, and provision of customer and technical support:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.2.3. Website visitors, clients, counterparties – for the purpose of registration, confirmation, and support of real estate reservations:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.2.4. Clients, counterparties, website visitors – for the purpose of preparation, conclusion, performance, and support of civil law contracts:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.2.5. Clients, counterparties, website visitors – for the purpose of providing real estate management services, including settlements, reporting, interaction with government authorities, and fulfillment of obligations to property owners:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.2.6. Clients, counterparties, website visitors – for the purpose of carrying out settlements and financial transactions, including invoicing, preparation of reports, accounting of payments, and fulfillment of tax and accounting obligations:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.2.7. Clients, counterparties, website visitors – for the purpose of sending informational and service notifications related to service provision, reservation status, contracts, changes in terms, and operation of the service:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.2.8. Clients, counterparties, mailing list recipients – for the purpose of sending advertising and marketing materials regarding the Operator’s products and services, special offers, and company news, subject to the consent of the personal data subject:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.2.9. Website visitors, clients, counterparties, mailing list recipients – for the purpose of promoting goods, works, and services on the market:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        data collected through metric and analytics tools.

3.2.10. Website visitors – for the purpose of collecting and analyzing statistical data to improve the operation of the Operator’s Website:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        data collected through metric and analytics tools.

3.2.11. Website visitors – for the purpose of compliance with the requirements of the legislation of the Russian Federation, the Republic of Turkey, and other applicable jurisdictions:

·        surname, first name, patronymic;

·        email address;

·        phone number;

·        other personal data provided by the personal data subject.

3.3. The Operator does not process biometric personal data (data characterizing physiological and biological features of a person that allow identification of their identity), nor special categories of personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, health status, or intimate life, except in cases provided for by the legislation of the Russian Federation.

3.4. All personal data shall be obtained directly from the User. Where consent for personal data processing is obtained from the User’s representative, the representative’s authority must be duly confirmed in accordance with the procedure established by law.

4. Procedure and Conditions for Personal Data Processing

4.1. Personal data shall be processed by the Operator in accordance with the requirements of the legislation of the Russian Federation using the following methods:

·        non-automated processing of personal data;

·        automated processing of personal data with or without transmission of the obtained information via information and telecommunications networks;

·        mixed processing of personal data.

4.2. The list of actions performed by the Operator with respect to the personal data of personal data subjects for the purposes specified in clause 2.3 of this Policy includes:

·        collection;

·        recording;

·        systematization;

·        accumulation;

·        storage;

·        clarification (updating, modification);

·        retrieval;

·        use;

·        transfer (provision, access);

·        blocking;

·        deletion;

·        destruction.

4.3. Personal data shall be processed by the Operator on the basis of the consent of personal data subjects to the processing of their personal data, as well as without such consent in cases provided for by the legislation of the Russian Federation.

4.4. Access to personal data shall be granted only to those employees of the Operator whose official duties involve the processing of personal data. The list of such employees shall be determined by the Operator’s internal regulatory acts and approved by an order of the Operator.

4.5. Disclosure to third parties and dissemination of personal data without the User’s consent shall not be permitted, unless otherwise provided for by federal law. Consent to the processing of personal data permitted by the User for dissemination shall be executed separately from other consents to the processing of personal data. Requirements for the content of consent to the processing of personal data permitted by the personal data subject for dissemination are approved by Order of Roskomnadzor No. 18 dated 24 February 2021 “On Approval of the Requirements for the Content of Consent to the Processing of Personal Data Permitted by the Personal Data Subject for Dissemination”.

4.6. Transfer of personal data to state authorities, local self-government bodies, and other authorized bodies shall be carried out in fulfillment of the requirements of the legislation of the Russian Federation and subject to mandatory verification of the legality and validity of such requests.

4.7. The Operator guarantees the confidentiality of the User’s personal data obtained. In processing personal data, the Operator shall take, or ensure the adoption of, the necessary legal, organizational, and technical measures to protect personal data against unlawful or accidental access thereto, destruction, modification, blocking, copying, provision, dissemination, as well as other unlawful actions in relation to personal data.

4.7.1. Personal data security shall be ensured by the following measures:

·        identification of threats to personal data security during processing in personal data information systems;

·        application of organizational and technical measures to ensure personal data security during processing in personal data information systems necessary to meet personal data protection requirements;

·        use of information security tools that have undergone conformity assessment in the established manner;

·        adoption of internal regulatory acts and other documents governing relations in the field of personal data processing and protection;

·        appointment of a person responsible for organizing personal data processing;

·        assessment of the effectiveness of the measures applied to ensure personal data security;

·        accounting of machine-readable personal data storage media;

·        detection of facts of unauthorized access to personal data and adoption of appropriate measures;

·        restoration of personal data modified or destroyed as a result of unauthorized access;

·        establishment of access rules to personal data processed in personal data information systems and ensuring registration and recording of all actions performed with personal data in such systems;

·        continuous monitoring of the measures taken and the level of security of personal data information systems;

·        training of the Operator’s employees directly involved in personal data processing in the requirements of the legislation of the Russian Federation.

4.8. The Operator shall store personal data in a form that allows identification of the personal data subject for no longer than required by each specific purpose of personal data processing, unless a longer storage period is established by federal law or by a contract.

4.8.1. Where documents containing personal data generated in the course of the Operator’s activities constitute archival documents, the storage period thereof may be determined in accordance with Order of the Federal Archival Agency of the Russian Federation No. 236 dated 20 December 2019 “On Approval of the List of Standard Administrative Archival Documents Generated in the Course of Activities of State Authorities, Local Self-Government Bodies, and Organizations, with Indication of Storage Periods”.

4.8.2. The storage period of personal data processed in personal data information systems shall correspond to the storage period of personal data on paper media.

4.9. The period of personal data processing shall be determined by achievement of the purposes for which such data were collected, unless a different period is provided for by a contract or agreement with the User or by applicable legislation.

4.9.1. Grounds for termination of personal data processing may include achievement of the processing purposes or loss of necessity to achieve such purposes, expiration of the consent validity period or withdrawal of consent to personal data processing (where no other legal grounds for processing exist under applicable legislation), identification of unlawful personal data processing, as well as termination of the Operator’s activities.

4.10. Upon receipt by the Operator of a User’s request to terminate personal data processing, such processing shall be terminated within a period not exceeding ten business days from the date of receipt of the relevant request, except in cases provided for by law. This period may be extended by no more than five business days, provided that the Operator sends the User a reasoned notice specifying the reasons for the extension.

4.11. When collecting personal data via the Internet information and telecommunications network, the Operator shall ensure recording, systematization, accumulation, storage, clarification (updating, modification), and retrieval of personal data of citizens of the Russian Federation using databases located within the territory of the Russian Federation, except in cases provided for by the Law on Personal Data.

4.12. The Operator shall ensure the confidentiality and security of personal data during processing in accordance with the requirements of the Operator’s internal regulatory acts and applicable legislation.

4.13. The User has the right to refuse to receive informational mailings by sending the Operator a written request to the email address specified in clause 6.3 of this Policy requesting termination of processing of the User’s personal data for such purposes. From the moment the Operator receives such a request, the User’s personal data shall be immediately excluded from the mailing list.

4.14. The Operator carries out cross-border transfer of personal data.

4.15. For the purposes of analyzing User behavior on the Website, improving the quality of its operation and content, as well as targeting advertising materials, the Website uses metric and web analytics services.

4.15.1. By using the Website, the User consents to the automated processing of data transmitted by the User’s browser through such services, including the IP address, cookie data, browser information, technical characteristics of hardware and software, date and time of access, addresses of requested pages, and other similar information.

4.15.2. The following metric services are used on the Website:
Yandex.Metrica. Data processing is carried out in accordance with the Privacy Policy of Yandex LLC available at: https://yandex.ru/legal/confidential/.

4.15.3. Metric services collect aggregated statistical information that does not identify a specific User and is not used to establish the User’s identity. The data obtained are intended to provide information on how Users interact with the Website and to assist the Operator in improving its functionality and content.

4.15.4. The User may prohibit the collection of data by metric services by disabling cookies in the browser settings or by using special software tools to block such services.

4.15.5. Disabling metric services may result in deterioration of the quality of the Website’s operation and limitation of availability of certain functions.

4.16. The Operator transfers personal data to the following third parties:

Limited Liability Company “Yandex”, TIN: 7736207543;
Address: 16 Leo Tolstoy Street, Moscow, 119021, Russian Federation;
Purpose of data transfer: collection and analysis of statistical data to improve the operation of the Operator’s Website.

Limited Liability Company “Beget”, TIN: 7801451618;
Address: 8B Karl Fabergé Square, Office 726A, Saint Petersburg, 195112, Russian Federation;
Purpose of data transfer: provision of Website hosting services to the Operator.

4.17. Persons processing Users’ personal data on behalf of the Operator shall be obliged to comply with the principles and rules of personal data processing established by the legislation of the Russian Federation.

5. Updating, Rectification, Deletion and Destruction of Personal Data, Responses to Requests of Personal Data Subjects for Access to Personal Data

5.1. Procedure for granting access to personal data based on an application (request).

5.1.1. The information specified in Part 7 of Article 14 of the Law on Personal Data shall be provided to the User within ten business days from the date the Operator receives the request. This period may be extended by no more than five business days, provided that the Operator sends the User a reasoned notice.

5.1.2. The Operator shall provide the requested information to the User or the User’s representative in the form in which the relevant application or request was submitted, unless otherwise specified in the application or request itself. If the application (request) does not contain all the information required in accordance with Part 3 of Article 14 of the Law on Personal Data, or if the personal data subject does not have the right to access the requested information, the Operator shall send a reasoned refusal.

5.1.3. The User’s right to access their personal data may be restricted in accordance with Part 8 of Article 14 of the Law on Personal Data, including where access to such personal data would violate the rights and lawful interests of third parties.

5.2. Procedure for updating and rectifying personal data.

5.2.1. If inaccurate personal data are identified upon an application by the User or the User’s representative, upon their request, or upon a request of the authorized authority for the protection of the rights of personal data subjects, the Operator shall block the personal data relating to such User from the moment of receipt of the application or request for the duration of the verification period, provided that such blocking does not violate the rights and lawful interests of the User or third parties.

5.2.2. Where the inaccuracy of personal data is confirmed, the Operator shall, on the basis of information provided by the User, the User’s representative, or the authorized authority for the protection of the rights of personal data subjects, or other necessary documents, rectify the personal data within seven business days from the date such information is provided and remove the blocking of the personal data.

5.3. Procedure for termination of unlawful processing of personal data.

5.3.1. If unlawful processing of personal data is identified upon an application (request) by the User, the User’s representative, or the authorized authority for the protection of the rights of personal data subjects, the Operator shall block the unlawfully processed personal data relating to such User from the moment of receipt of the application or request for the duration of the verification period.

5.3.2. Where the fact of unlawful processing of personal data is confirmed, the Operator shall, within a period not exceeding three business days from the date of such identification, terminate the unlawful processing of personal data or ensure the termination thereof. Where it is impossible to ensure lawful processing of personal data, the Operator shall, within a period not exceeding ten business days from the date of identification of the unlawful processing, destroy such personal data or ensure their destruction.

5.4. Deletion of personal data from the Website shall be carried out on the basis of a written application by the User (or the User’s representative) or by the authorized authority for the protection of the rights of personal data subjects, including in the form of an electronic document signed with an electronic signature in accordance with the legislation of the Russian Federation.

5.5. Procedure for destruction of personal data by the Operator.

5.5.1. The Operator shall destroy personal data in the following cases and within the established time limits:

  • upon achievement of the purpose of personal data processing or loss of necessity to achieve such purpose – within thirty days;
  • at the request of the User (or the User’s representative), provided confirmation is submitted that the personal data were obtained unlawfully or are not necessary for the stated purpose of processing – within seven business days;
  • upon withdrawal by the User of consent to the processing of personal data, where retention of such data is no longer required for the purposes of processing – within thirty days;
  • upon expiration of the storage periods for documents containing personal data – within thirty days.

5.5.2. Upon achievement of the purpose of personal data processing, as well as upon withdrawal by the User of consent to the processing of personal data, such personal data shall be subject to destruction, unless otherwise provided for by a contract or other agreement with the User, or unless the Operator is entitled to process personal data without the User’s consent on the grounds provided for by the Law on Personal Data or other federal laws.

5.5.3. Destruction of personal data shall be carried out by a commission established by an order of the Operator.

5.5.4. Methods for destruction of personal data shall be determined by the Operator’s internal regulatory acts.

6. Final Provisions

6.1. This Policy was approved by Order of the Individual Entrepreneur No. 7-PDn dated 25 December 2025 and shall remain in force indefinitely until a new version of the Policy enters into force.

6.2. In the event of amendments to the legislation of the Russian Federation in the field of personal data protection, the Operator shall adopt a new version of the Policy taking such amendments into account. Until such time, the Policy shall apply to the extent that it does not contradict the applicable legislation of the Russian Federation.

6.3. The following contact details may be used to communicate with the Operator:
Phone: +7 981 555-55-57;
Email: info@qoople.com;
Postal address: Apartment 716, Building No. 23, Shuvalova Street, Murino Rural Settlement, Vsevolozhsky Municipal District, Leningrad Region, 188662, Russian Federation.

25.12.2025 г.