POLICY ON PERSONAL DATA PROCESSING 1. General Provisions This personal data processing policy is compiled in accordance with international standards and legislation, including, but not limited to, personal data protection laws applicable in the United States of America, Latin American countries and the Russian Federation. This policy defines the procedure of personal data processing and measures to ensure their security taken by Insight LLC (hereinafter referred to as the Operator). 1.1 Observance of human and civil rights and freedoms The Operator sets as its most important goal and condition of its activity the observance of rights and freedoms of all subjects of personal data regardless of their citizenship and place of residence. This includes protection of the rights to privacy, personal and family secrecy, as well as the rights provided for by international standards and legislation in the field of personal data protection. 1.2 Application of the Policy This Operator's policy regarding the processing of personal data applies to all information that the Operator may obtain about visitors to the https://pixlvox.com website, including data from users in the United States of America and Latin American countries. This means complying with the relevant local data protection laws in these regions, along with Russian law. 2.1 Automated processing of personal data Automated processing of personal data means the processing of personal data by means of computer technology, including digital technologies, artificial intelligence algorithms and machine learning. 2.2 Blocking of personal data Blocking of personal data means the temporary cessation of personal data processing (except where the processing is necessary for the purpose of correcting or updating the data), carried out to protect the rights of the data subject. 2.3 Website Website - a set of graphic and informational materials, as well as computer programs and databases, ensuring the availability of these data on the Internet at the network address https://pixlvox.com, including all its subdomains and sections available to users from different countries. 2.4 Personal data information system Personal data information system is a set of personal data contained in databases and information technologies and technical means used for their processing. This includes systems used to collect, store, transmit and analyze data available to the Operator. 2.5. Personal data depersonalization Personal data depersonalization is a process of personal data processing, as a result of which the possibility of direct or indirect determination of the identity of the data subject without the use of additional information is eliminated. 2.6 Processing of personal data Processing of personal data - any action (operation) or set of actions (operations) performed with or without the use of means of automation with personal data. This includes collection, recording, systematization, accumulation, storage, clarification (update, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data. All these actions are carried out in accordance with applicable international standards and data protection laws applicable in the USA, Latin American countries and the Russian Federation. 2.7 Operator Operator is a state authority, municipal authority, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out processing of personal data, as well as determining the purposes of personal data processing, composition of personal data subject to processing, actions (operations) performed with personal data. The Operator shall comply with the requirements of international and Russian Federation legislation in the field of personal data protection, including but not limited to the requirements of GDPR (for users from the EU), CCPA (for users from California, USA) and relevant laws of Latin America. 2.8 Personal Data Personal Data is any information relating directly or indirectly to a specific or identifiable User of https://pixlvox.com. This includes, but is not limited to, name, surname, contact details, educational data, occupation, and any other information that can be used to identify the identity of the data subject in accordance with international standards and data protection legislation. 2.9 Personal data authorized for dissemination by the data subject Personal data authorized by the subject of personal data for dissemination means personal data accessed by the subject of personal data by giving consent to its processing and dissemination. The operator is obliged to comply with the conditions to which the data subject has given his or her consent, in accordance with international and national laws on the protection of personal data. 2.10. User User - any visitor to the https://pixlvox.com website, including users from the United States of America, Latin American countries and other countries. Users are granted rights and obligations under international and local data protection laws, as well as this Policy. 2.11. Provision of personal data Provision of personal data - actions aimed at disclosure of personal data to a certain person or a certain circle of persons. Includes the transfer of data within the framework of compliance with international and national data protection laws, as well as taking into account the consent of the personal data subject. 2.12. Dissemination of personal data Dissemination of personal data means actions aimed at disclosure of personal data to an indefinite number of persons. This includes the disclosure of personal data in mass media, on the Internet or by other means, in accordance with international and national data protection laws and the consent of the data subject. 2.13. Destruction of personal data Destruction of personal data means actions, as a result of which personal data are irretrievably destroyed with the impossibility of further recovery of the content of personal data in the personal data information system and/or material carriers. Destruction shall be carried out with observance of security and confidentiality measures in accordance with international and national data protection laws. 3. Basic rights and obligations of the Operator 3.1 Rights of the Operator The Operator has the right to: Receive from the subject of personal data reliable information and/or documents containing personal data. In case the personal data subject revokes his/her consent to the processing of personal data, the Operator has the right to continue the processing of personal data without the consent of the personal data subject if there are grounds specified in applicable international and national data protection laws. To independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations stipulated by international and national laws on personal data protection, as well as regulatory legal acts adopted in accordance with them, unless otherwise stipulated by these laws. 3.2 Operator's obligations The Operator is obliged to: Provide the personal data subject, upon his/her request, with information regarding the processing of his/her personal data. This information shall be provided in an accessible form and shall not violate the rights and freedoms of other personal data subjects. To organize the processing of personal data in accordance with applicable international and Russian Federation laws. To respond to appeals and requests of personal data subjects and their legal representatives in accordance with the requirements of international and national laws on personal data protection. To inform the authorized body for the protection of the rights of personal data subjects, upon the request of this body, the necessary information within the established time limits. To publish or otherwise provide unrestricted access to this Policy on personal data processing. To take legal, organizational and technical measures to protect personal data from unlawful or accidental access to them, their destruction, modification, blocking, copying, provision, distribution, as well as from other unlawful actions in relation to personal data. To stop transfer (dissemination, provision, access) of personal data, stop processing and destroy personal data in the manner and cases provided for by international and national legislation on personal data protection. To fulfill other obligations stipulated by the international and national legislation on personal data protection. 4. basic rights and obligations of personal data subjects 4.1 Rights of personal data subjects Personal data subjects have the right to: To receive information regarding the processing of their personal data, including the purposes of processing, processing methods, data retention periods and third parties having access to the data. This information shall be provided in a clear and accessible form. Request the Operator to clarify, block or destroy their personal data if it is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing. To impose conditions of prior consent when processing personal data for marketing purposes, including the promotion of goods and services on the market. Withdraw consent to the processing of personal data at any time, provided that such withdrawal does not contravene legal requirements for the retention of certain data for legitimate purposes. Complain about the actions or inaction of the Operator in the processing of their personal data to the authorized bodies for the protection of the rights of personal data subjects or in court. Exercise other rights provided by international standards and national legislation on personal data protection. 4.2 Obligations of personal data subjects Personal data subjects are obliged to: Provide the Operator with accurate data about themselves. This includes ensuring the relevance, completeness and accuracy of the provided data. Notify the Operator about clarification (update, change) of their personal data to ensure its relevance and accuracy. 4.3 Responsibility for providing unreliable data Persons who provided the Operator with inaccurate information about themselves or other personal data subject without the latter's consent shall be held liable in accordance with international and national legislation. In case of providing such data, the Operator has the right to take measures for their correction or deletion, as well as to apply other necessary measures in accordance with the legislation. 5. The Operator may process the following personal data of the User 5.1 Surname, first name, patronymic Surname, first name, patronymic (if any) of the User or similar identifiers used in international practice. 5.2 Contact data E-mail address, telephone numbers and other contact details of the User necessary for communication or identification. 5.3 Education and profession data Information about the User's education, profession, specialty and qualifications, including details of educational documents. 5.4 Location data and IP address Information about the User's location and IP address necessary for the provision of personalized services and compliance with local legislation. 5.5 Information about visits to the website Information about the User's interaction with the website, including data on the use of services, pages viewed and collected through cookies and similar technologies to improve the user experience. 5.6 Special categories of data Special categories of personal data concerning racial or national origin, political opinions, religious or philosophical beliefs, intimate life are not processed unless required by law or with the User's consent. 5.7 Data authorized for dissemination The processing of personal data authorized by the User for dissemination, including but not limited to social networks and forums, is carried out in accordance with the consent given and in compliance with applicable international and national laws. 5.8 Processing of personal data of special categories Processing of special category personal data, including data on racial or ethnic origin, political opinions, religious or philosophical beliefs, is only carried out in cases provided for by applicable international and national laws and only with the explicit consent of the data subject or where there are legitimate grounds for such processing. 5.9 Consent to the processing of personal data The User's consent to the processing of personal data, including their transfer to third parties or use for specific purposes (e.g. for marketing communications), is formalized separately from other consents to the processing of their personal data. All consents must be explicit, informed and given voluntarily, subject to the conditions stipulated by international and national laws on the protection of personal data. 5.9.1 Provision of consent Consent to the processing of personal data authorized for dissemination is provided directly by the User to the Operator. This consent must be explicit, informed and voluntarily given, with a clear indication of the data to be processed and the purposes of processing. 5.9.2 Publication of consent The Operator is obliged, within three working days from the receipt of the User's consent, to publish information about the conditions of processing, the existence of prohibitions and conditions for the processing of personal data authorized for dissemination, in accordance with applicable international and national laws. 5.9.3 Termination of data processing The transmission (dissemination, provision, access) of personal data authorized by the data subject for dissemination shall be terminated at any time at the request of the data subject. The data subject must provide the Operator with sufficient information to identify his or her personal data in order to terminate processing. 5.9.4 Termination of consent Consent to the processing of personal data authorized for dissemination shall be terminated from the moment the Operator receives a corresponding request from the personal data subject. The Operator shall take all necessary measures to immediately terminate the processing of such data. 6. Principles of personal data processing 6.1 Legality and fairness Processing of personal data shall be carried out on a lawful and fair basis. The Operator shall comply with applicable international standards and legislation in the field of personal data protection, taking into account the principles of transparency and fairness to data subjects. 6.2 Limitation of processing purposes The processing of personal data is limited to the achievement of specific, predetermined and legitimate purposes. Processing of personal data for purposes incompatible with those originally stated when the data was collected is not permitted. 6.3 Incompatibility of purposes It is not allowed to merge databases containing personal data processed for purposes incompatible with each other, in accordance with international standards and national data protection legislation. 6.4 Data reliability Only personal data that are accurate and relevant to the purposes of their processing shall be processed. The Operator is obliged to take the necessary measures to ensure the accuracy, sufficiency and relevance of the data, including by providing data subjects with the possibility to update and correct their data. 6.5 Compliance of the content and scope of data with the purposes of processing The content and scope of personal data processed must correspond to the stated purposes of processing. The processing of redundant data that does not correspond to the stated purposes is prohibited. The operator must regularly check the data to ensure that it is up-to-date and necessary to achieve the purposes of processing. 6.6 Data accuracy When processing personal data, it is necessary to ensure its accuracy, sufficiency and relevance in relation to the purposes of processing. The operator is obliged to take measures to delete or clarify incomplete or inaccurate data. 6.7 Data storage Personal data shall be stored in a form that allows identification of the personal data subject and for no longer than required by the purposes of personal data processing. If the period of storage of personal data is established by law, contract to which the data subject is a party or beneficiary, storage is carried out in accordance with these periods. Upon achievement of the purposes of processing or upon expiration of these periods, the data shall be destroyed or anonymized. 7. Purposes of personal data processing 7.1 Main purpose of processing The main purpose of the processing of the User's personal data is to provide access to the services offered on the website, including but not limited to information services, communication functions and personalized content, as well as to comply with relevant legal requirements and regulations. 7.2 Additional processing purposes Additionally, the Operator may process the User's personal data for the following purposes: Sending notifications about new products and services, special offers and various events, provided that the User consents to such processing. Collection of anonymized data for statistical research and analytics aimed at improving the quality of the services and content of the site. 7.3 Consent to processing for marketing purposes The User can always opt out of receiving marketing messages by sending the Operator a relevant notice or using the unsubscribe function in electronic messages. The Operator shall immediately cease processing the User's personal data for marketing purposes upon receipt of such a request. 8. Legal grounds for processing of personal data 8.1 Legal grounds for data processing The legal grounds for processing of personal data by the Operator are: Applicable federal laws and international regulations, including, but not limited to, the Federal Law "On Information, Information Technologies and Information Protection", as well as relevant international data protection standards and regulations. Users' consent to the processing of their personal data, including the processing of personal data authorized for dissemination. 8.2 Independent filling in and sending of data by the User The Operator processes the User's personal data only if it is filled in and/or sent by the User through special forms located on https://pixlvox.com or sent to the Operator by e-mail. By filling in the relevant forms and/or sending his/her personal data to the Operator, the User confirms his/her agreement with this Policy and gives explicit consent to the processing of his/her data in accordance with the stated purposes. 8.3 Processing of anonymized data The Operator processes anonymized data about the User, including data collected through cookies, browser settings, and other similar technologies, if it is allowed by the User's browser settings (cookies and JavaScript technology enabled). This data is used to improve the quality of the website and the services provided, as well as for statistical and analytical studies. 8.4 Voluntary and informed consent of the data subject The data subject decides on his/her own to provide his/her personal data and gives consent freely, of his/her own free will and in his/her own interest. Before providing the data, the data subject shall be provided with complete and understandable information about the processing of his/her personal data, including the purposes of processing, methods of processing, expected storage periods of the data and third parties to whom the data may be transferred. 9. Conditions of personal data processing 9.1 Consent of the personal data subject Personal data processing is carried out with the consent of the personal data subject to the processing of his/her personal data, except in cases provided for by international and national legislation. The consent must be explicit, informed and voluntary. 9.2 Processing of data for the fulfillment of the contract and legitimate interests The processing of personal data is necessary for the performance of a contract to which the personal data subject is a party, beneficiary or guarantor, as well as for the fulfillment of the legitimate interests of the Operator or third parties, provided that this does not violate the rights and freedoms of the data subject. 9.3 Processing for the fulfillment of legal requirements Processing of personal data is necessary for the fulfillment of legal requirements, for the exercise of functions, powers and duties imposed by law, as well as for the protection of life, health or other important interests of the personal data subject or other persons, if obtaining consent is impossible due to factual circumstances. 9.4 Processing for the protection of justice The processing of personal data is necessary for the administration of justice, the execution of a judicial act, an act of another authority or an official subject to execution in accordance with Russian and international law, provided that the rights and freedoms of the data subject are respected. 9.5 Protection of the rights and interests of third parties The processing of personal data is necessary for the protection of the rights and legitimate interests of the Operator, third parties or the public at large, provided that this does not infringe the rights and freedoms of the data subject. 9.6 Access to publicly available data Processing of personal data, access to which is granted by the personal data subject to an unlimited number of persons or at his/her request (publicly available personal data), in accordance with the consent granted and international standards, is carried out. 9.7 Processing of data as required by law Processing of personal data subject to publication or mandatory disclosure in accordance with federal law and international legal requirements is carried out. 10. Procedure for collection, storage, transfer and other types of personal data processing The security of personal data processed by the Operator is ensured by implementing a set of legal, organizational and technical measures necessary for full compliance with the requirements of international and national legislation in the field of personal data protection. The Operator shall take all necessary measures to protect personal data from unauthorized access, modification, disclosure, blocking, copying, provision or dissemination, as well as from other unauthorized actions with regard to personal data. This includes, but is not limited to, developing internal control procedures, auditing the effectiveness of the measures taken, training personnel and applying modern data protection technologies and methods. The Operator is also obliged to ensure confidentiality of personal data and take all necessary measures to prevent leaks, unauthorized use or loss of information. 10.1 Preservation of personal data The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized persons from accessing personal data. This includes application of modern encryption methods, use of secure data transmission channels and control over physical access to data. 10.2 Non-disclosure of personal data The User's personal data will never, under any circumstances, be disclosed to third parties without the explicit consent of the User, except in cases required by international and national law or when such disclosure is necessary for the fulfillment of obligations under a contract with the User. 10.3 Updating and correction of data In case of identification of inaccuracies in personal data, the User has the right to update them independently, by sending a notice to the Operator with the necessary corrections. The Operator is obliged to verify and make the necessary changes to the personal data within a reasonable period of time from the receipt of such notification. 10.4 Data processing terms The period of personal data processing is determined on the basis of the purposes for which the data were collected, taking into account the requirements of applicable international and national legislation. Once these purposes have been achieved or after the expiry of the said periods, the data shall be destroyed or depersonalized, unless otherwise provided for by law. 10.5 Processing of data by third parties All information collected and processed by third party services, including payment systems and communication services, is subject to processing in accordance with the privacy policies and user agreements of these parties. The Operator is not responsible for the actions of third parties, including service providers, but strives to cooperate only with those organizations that maintain an adequate level of personal data protection in accordance with international standards. 10.6 Exemptions for data transfer The prohibitions on transfer (except for granting access) and conditions of processing (except for obtaining access) of personal data authorized for dissemination established by the subject of personal data shall not apply in cases where the processing of data is necessary in the state, public and other public interest, as defined by the legislation of the Russian Federation and relevant international norms. 10.7. Confidentiality during data processing The Operator shall ensure the confidentiality of personal data when processing personal data. This includes taking measures aimed at preventing unauthorized or accidental access to personal data, their disclosure, as well as other actions that may violate data confidentiality, in accordance with international standards and legislation. 10.8 Storage and destruction of data The Operator shall store personal data in a form that allows identification of the personal data subject for no longer than the purposes of personal data processing required by law or contract. Upon achievement of the purposes of processing or upon expiration of the storage period, personal data shall be destroyed or depersonalized, subject to the necessary precautions to protect the confidentiality of such data. 10.9 Termination of data processing Termination of personal data processing may occur upon achievement of the purposes of processing, expiration of the personal data subject's consent, at the request of the data subject for withdrawal of consent, as well as in case of detection of unlawful data processing. In such cases, the Operator shall take measures to immediately cease processing and destroy or depersonalize the relevant data. 11. List of actions performed by the Operator with the received personal data 11.1 Actions with personal data The Operator performs the following actions (operations) with personal data: collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion and destruction, performed in compliance with the requirements of international and national legislation in the field of personal data protection. 11.2 Automated processing The Operator carries out automated processing of personal data, including with or without the use of information and telecommunication networks. All automated processing is carried out in accordance with the established legislative norms and standards of data protection, ensuring the protection of the rights and freedoms of personal data subjects. 12. cross-border transfer of personal data 12.1 Verification in case of cross-border transfer Before commencing a cross-border transfer of personal data, the Operator is obliged to ensure that the foreign country to whose territory the transfer is intended ensures an adequate level of personal data protection. This includes compliance with international treaties, standards and legal requirements in the field of personal data protection. 12.2 Conditions for cross-border transfer The cross-border transfer of personal data to the territory of foreign states that ensure a reliable protection of the rights of personal data subjects may be carried out only if the personal data subject consents in writing to such transfer and/or if there are grounds provided for by international and national laws. 13. Confidentiality of personal data The operator and all persons who have access to personal data are obliged to keep such data confidential and not to disclose them to third parties without the explicit consent of the personal data subject, unless otherwise provided for by international and national laws. This obligation remains even after the completion of personal data processing, except in cases where disclosure of data is required by law, where there are legitimate grounds for such disclosure, or where the data are publicly available. The Operator shall ensure that there are appropriate contractual obligations or privacy policies governing the processing and protection of personal data by all parties involved, including employees, contractors and third parties. 14. Final provisions 14.1 Obtaining explanations on data processing Users may obtain clarifications on issues of interest regarding the processing of their personal data by contacting the Operator via e-mail or other available communication channels. The Operator undertakes to provide the necessary information within a reasonable time and in an understandable form. 14.2 Making changes to the policy This document may reflect any changes to the Operator's personal data processing policy. The Policy is subject to periodic review and update in accordance with changes in international and national laws, as well as due to changes in the Operator's data processing processes and practices. The latest version of the Policy is always available on the Operator's website. 14.3 Availability of the Policy The up-to-date version of the Personal Data Processing Policy is freely available on the Internet at https://pixlvox.com/privacy-policy and is available upon request of any interested party. The Operator undertakes to ensure easy access to the Policy for familiarization by all interested parties.