NOTICE! BY REGISTERING IN THE F DATE&EAT APPLICATION, YOU HEREBY ACCEPT THIS POLICY OF THE LIMITED LIABILITY COMPANY “SOULMATE” REGARDING THE PROCESSING OF PERSONAL DATA AND CONFIRM YOUR AGREEMENT WITH ALL OF ITS TERMS WITHOUT ANY RESTRICTIONS.

Policy of the Limited Liability Company “Soulmate” on the processing of personal data of users (licensees) of the dating service – the F DATE&EAT mobile application.

1. General Provisions1.1. This Policy of the Limited Liability Company “Soulmate” (hereinafter – the “Policy”) regarding the processing of personal data is developed in accordance with Paragraph 2, Part 1, Article 18.1 of Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter – the “Personal Data Law”) for the purpose of ensuring the protection of the rights and freedoms of individuals during the processing of their personal data, including protection of the right to privacy, personal and family secrets.
LLC “Soulmate”, OGRN: 1247700681360, INN: 9714061206, Legal address: 125167, Moscow, Aeroporta proezd, building 8, structure 9, room 3/1.
1.2. This Policy regulates the relationship concerning the provision and processing of personal data between LLC “Soulmate” and any individual who voluntarily and independently provides their personal data during the use of the dating service – the F DATE&EAT mobile application, or otherwise transfers their personal information to LLC “Soulmate” (hereinafter – the “User”).
1.3. The Policy applies to all personal data of users of the dating service – the F DATE&EAT mobile application – processed by LLC “Soulmate” (hereinafter – the “Operator”), on the basis of consent received from individuals who are subjects of personal data.
1.4. Use of the dating service constitutes the User’s unconditional consent to this Policy and the terms outlined herein for processing their personal information. If the User disagrees with these terms, they must refrain from using the dating service – the F DATE&EAT mobile application.
1.5. The Policy applies to personal data processing relationships arising both before and after its approval by the Operator.
1.6. A key condition of the Operator’s activity is to ensure an adequate level of information security, which includes the protection of personal data and the processes within which it is processed. The protection of personal data of Users of the F DATE&EAT mobile application is one of the top priorities of LLC “Soulmate”.
1.7. The exact period of processing, including storage, of personal data is not predetermined and is valid until the User revokes their consent to the processing of personal data or until the actual cessation of the use of personal data for the purposes set out in the relevant section of this Policy. Upon expiration of the processing/storage period, the personal data shall be destroyed or anonymized.
1.8. Pursuant to Part 2, Article 18.1 of the Personal Data Law, this Policy is published in open access on the Operator’s website on the Internet. Any personal data subject has access to this Policy.
1.9. Responsibility for violating the legislation of the Russian Federation and the internal regulations of the Company regarding personal data protection is determined in accordance with the laws of the Russian Federation.
1.10. Key terms used in this Policy:

• Personal data – any information relating to an identified or identifiable individual (subject of personal data);
• Personal data operator (operator) – a legal entity that, independently or jointly with others, organizes and/or carries out personal data processing, and determines the purposes, scope, and processing actions (operations);
• User – an individual registered in the F DATE&EAT mobile application;
• Personal data processing – any action (operation) or combination of actions performed with personal data, whether automated or not. Processing includes: collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer, provision, access, anonymization, blocking, deletion, and destruction;
• Automated processing – data processing using computing technology;
• Dissemination – actions aimed at disclosure of personal data to an indefinite number of persons;
• Provision – actions aimed at disclosure of personal data to a specific person or group;
• Blocking – temporary suspension of data processing (unless needed for data clarification);
• Destruction – actions making it impossible to restore personal data content in the system or destroying physical media;
• Anonymization – actions making it impossible to identify the data subject without additional information;
• Information system of personal data – a set of personal data stored in databases and processed using IT and technical tools.

1.11. Main Rights and Obligations of the Operator
1.11.1. The Operator has the right to:

• Independently determine the composition and list of measures necessary and sufficient to fulfill the obligations under the Personal Data Law and related regulations, unless otherwise provided by the law;
• Delegate personal data processing to another party with the subject’s consent, unless otherwise stipulated by federal law, based on a contract with that party. A party processing personal data on behalf of the Operator must comply with the principles and rules of the Personal Data Law, maintain data confidentiality, and take necessary measures to ensure compliance with legal obligations;
• Continue processing personal data without the subject’s consent in cases specified in the Personal Data Law, even after the subject revokes consent.

1.11.2. The Operator must:

• Organize the processing of personal data in accordance with the Personal Data Law;
• Respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the law;
• Provide requested information to the authorized authority for the protection of personal data subjects’ rights (Federal Service for Supervision of Communications, Information Technology, and Mass Media – Roskomnadzor) within 10 business days. This period may be extended for up to 5 business days upon submission of a reasoned notification;
• Ensure cooperation with the state system for detecting, preventing, and eliminating the consequences of computer attacks on Russia’s information resources, including reporting personal data breaches.

1.12. Rights of the Personal Data SubjectA personal data subject has the right to:

• Receive information concerning the processing of their personal data, except in cases specified by law. The Operator shall provide such information in an accessible form and without disclosing third-party personal data, unless legally permitted. The list of such information and the procedure for its provision are established by law;
• Request that the Operator clarify, block, or delete their personal data if it is incomplete, outdated, inaccurate, obtained unlawfully, or unnecessary for the declared processing purpose, and take measures to protect their rights;
• Give prior consent to the processing of personal data for marketing purposes;
• Appeal to Roskomnadzor or the courts against illegal actions or inaction by the Operator in processing their personal data.

1.13. Monitoring and ComplianceMonitoring compliance with this Policy is carried out by an authorized person responsible for organizing personal data processing at the Operator.

2. Purposes of Collecting Personal Data
2.1. Processing of personal data is limited to the achievement of specific, pre-defined, and lawful objectives. Processing incompatible with these purposes is not permitted.
2.2. Only personal data relevant to the stated purposes shall be processed.
2.3. The Operator processes personal data for the following purposes:

• Providing user profile information within the F DATE&EAT dating application;
• Verifying the information posted by the user within the application;
• Informational support for persons using the Operator’s internal information services;
• Handling inquiries (complaints, claims, applications, etc.) under contracts (including from users of online services) or as required by Russian law;
• Fulfilling the license agreement and other contractual obligations between the Operator and the User.

2.4. The processing of user personal data shall be strictly limited to the purposes stated in this Policy and tied to their interaction with the F DATE&EAT dating service operated by the Operator.

3. Legal Grounds for Personal Data Processing
3.1. The legal grounds for processing personal data are the collection of regulatory legal acts in accordance with which the Operator performs personal data processing, including but not limited to:

• The Constitution of the Russian Federation;
• The Civil Code of the Russian Federation;
• The Tax Code of the Russian Federation;
• Federal Law No. 208-FZ of December 26, 1995 “On Joint-Stock Companies”;
• Federal Law No. 152-FZ of July 27, 2006 “On Personal Data”;
• Federal Law No. 402-FZ of December 6, 2011 “On Accounting”;
• Other regulatory legal acts related to the Operator’s activities.

3.2. Additional legal grounds for the processing of personal data include:

• The License Agreement;
• Internal local acts of the Operator, including those concerning the processing of personal data;
• The consent of the personal data subjects to the processing and dissemination of their personal data;
• Other license agreements related to the use of the F DATE&EAT mobile application.

4. Scope and Categories of Processed Personal Data, Categories of Subjects
4.1. The content and volume of processed personal data must correspond to the declared purposes of processing as outlined in Section 2 of this Policy. The data must not exceed what is necessary for achieving these purposes.
4.2. The Operator may process personal data (as well as non-personal data) of the following categories of data subjects:
4.2.1. Users of the F DATE&EAT mobile application – individuals registering in the application and voluntarily providing the following data:

• Last name, first name, patronymic;
• Gender;
• Date of birth (age);
• Location (coordinates);
• Photo;
• Video;
• Email address;
• Phone number;
• Data provided by the User in their profile and personal page in the F DATE&EAT application;
• Data included in complaints, claims, or applications submitted by the User to the Operator.

4.2.2. Any individuals (in addition to the data above):

• Data transmitted automatically depending on the software settings of the user, including but not limited to: referral sources, page views, session parameters, timestamps, IP address, cookies, user analytics, data about the software and hardware used to access the Internet. This data is not classified as personal.

4.3. The Operator has the right to define which elements of personal information are required for the use of its services. If certain data is not marked as required, providing it is at the User’s discretion.
4.4. The Operator does not verify the accuracy of submitted personal data, assuming that the User acts in good faith. However, the Operator may verify photos submitted by the User using personal data lawfully obtained.
By using the dating service, the User agrees to the processing of their personal data and to receiving information messages from the Operator both within the application and via communication networks (e.g., email). By giving such consent, the User affirms they are acting voluntarily, in their own interest, and that the data provided is accurate.
4.5. Personal data is obtained directly from the User with their consent, except when they register in the application using third-party accounts such as Apple ID or Google. In this case, the User consents to the transfer of personal data through those services. Users may also create personal data (e.g., photos) using the F DATE&EAT application. By taking the actions described in this clause, the User agrees to abide by this Policy and consents to the processing of their personal data.
4.6. The Operator does not process special categories of personal data related to race, political opinions, religious or philosophical beliefs, health status, or sex life.
4.7. The Operator does not process biometric personal data.

5. Consent to the Processing of Personal Data for the Purpose of Information Provision
5.1. The Operator may process personal and other data of the following categories of subjects to provide information about a person on the Operator’s Internet resources:
5.1.1. A user of the F DATE&EAT mobile application – an individual registering in the application – may provide:

• Last name, first name, patronymic;
• Gender;
• Date of birth (age);
• Location (coordinates);
• Photo;
• Video;
• Email address;
• Phone number;
• Information provided by the User in their profile and on their personal page in the F DATE&EAT application;
• Data included in complaints, claims, and statements submitted to the Operator.

5.2. By using the F DATE&EAT mobile application, the User gives their consent to the processing of their personal data (and other data) specified in clause 5.1.1 of this Policy for the purpose of providing information about them in the F DATE&EAT application, in accordance with this Policy.

6. Consent to the Processing of Personal Data for the Purpose of Verifying Information Provided by the User
6.1. The Operator may process personal and other data to verify the accuracy of the information posted by the User in the F DATE&EAT application.
6.2. By using the dating service – the F DATE&EAT mobile application – the User consents to the processing of their personal data for the purpose of verifying their identity and information within the application by the Operator.
6.3. The User has the right to voluntarily undergo a verification procedure of their profile by providing access to the mobile device's camera and allowing a photo to be taken for comparison with the images on their profile.
Such an image is used exclusively for verification purposes and is not published. The User expressly consents to the processing of their facial image using a verification algorithm.

7. Consent to the Processing of Personal Data for the Purpose of Informational Support of Individuals Using the Operator’s Internal Information Services
7.1. The Operator may process personal data for the purpose of informational support of individuals using the Operator’s internal information services:
7.1.1. A user of the dating service – an individual using the F DATE&EAT mobile application – may provide:

• Last name, first name, patronymic;
• Photo;
• Email address;
• Phone number.

7.2. By using the F DATE&EAT mobile application, the User consents to the processing of their personal data specified in clause 7.1.1 of this Policy for the purpose of informational support of individuals using the Operator’s internal services, in accordance with this Policy.

8. Consent to the Processing of Personal Data for the Purpose of Handling Inquiries (Complaints, Claims, Applications, etc.) under Concluded Agreements or in Accordance with Applicable Law
8.1. The Operator may process data (including personal data) of the following categories of data subjects for the purpose of handling inquiries (complaints, claims, applications, etc.) related to concluded agreements (including from users) or in accordance with Russian law:
8.1.1. A user of the F DATE&EAT mobile application – an individual using the dating service – may provide:

• Last name, first name, patronymic;
• Location (coordinates);
• Email address;
• Phone number;
• Information provided in complaints, claims, or applications submitted to the Operator.

8.1.2. Any individuals (third parties, data subjects) wishing to submit a complaint, claim, or application to the Operator may provide:

• Information submitted in complaints, claims, or applications.

8.2. By submitting a complaint, claim, or application to the Operator, the User consents to the processing of their personal and other data specified in clause 8.1.1 of this Policy for the purpose of handling such inquiries under agreements or in accordance with Russian law, as outlined in this Policy.
8.3. By submitting a complaint, claim, or application to the Operator, a visitor to the F DATE&EAT application consents to the processing of their data (including personal data) specified in clause 8.1.2 for the same purpose.
8.4. By submitting a complaint, claim, or application to the Operator, any individual (third party or data subject) consents to the processing of their data (including personal data) specified in clause 8.1.3 (typo in source text; logically refers to 8.1.2) for the purpose of handling such inquiries under concluded agreements or applicable Russian law, in accordance with this Policy.

9. Procedure and Conditions for Personal Data Processing
9.1. The processing of personal data by the Operator is carried out in accordance with the legislation of the Russian Federation.
9.2. Personal data may be processed with the consent of the data subjects, as well as without such consent in cases provided for by Russian law.
9.3. Disclosure to third parties and dissemination of personal data without the subject’s consent is not permitted unless otherwise provided by federal law. Consent for the processing of personal data allowed by the data subject for dissemination must be issued separately from other types of consent.
9.4. The Operator processes personal data for each specific purpose by the following means:

• Automated processing, including transmission over information and telecommunication networks or without such transmission;
• Non-automated processing;
• Combined processing (both automated and manual).

9.5. Employees of the Operator who are authorized and whose job responsibilities include personal data processing are permitted access to the processing.
9.6. For each purpose listed in this Policy, personal data processing may include:

• Receiving data directly from the data subjects via the F DATE&EAT mobile application;
• Entering data into the Operator’s information systems (databases);
• Applying other processing methods, including but not limited to systematization, accumulation, retrieval, anonymization, blocking, deletion, and destruction.

9.7. The User of the F DATE&EAT mobile application provides the Operator with separate consent to disseminate their personal data by granting access to an unlimited number of persons for the purpose of providing profile information on the Operator’s online resources, in accordance with Article 10.1 of the Personal Data Law. Consent is given by performing an action—authorizing and/or using the dating service.
9.8. The User independently decides which personal data they wish to make available for dissemination by the Operator.
9.9. If the data subject discloses personal data to an unlimited group of persons without providing the Operator with consent as required by the Personal Data Law, the burden of proving the legality of subsequent dissemination or other processing of such personal data lies with each person who carried out such dissemination or processing.
9.10. The data subject has the right to request any party processing their personal data to cease its dissemination, provision, or access if the Personal Data Law is violated or to submit such a request in court. The Operator must stop the dissemination (provision, access) of the personal data within 3 business days from receipt of such a request or as specified in a court ruling. If no deadline is set in the ruling, the action must be completed within 3 business days of the ruling taking legal effect.
9.11. The User’s consent to personal data processing is considered granted once the User completes the registration process in the F DATE&EAT mobile application.
9.12. The User’s consent is deemed valid until the User submits a written request to terminate processing, deletes their account, or removes the application.
9.13. The User agrees that the Operator may transfer personal data to third parties in the following cases:

• When required for the User to access functions and services of the F DATE&EAT application;
• When third-party software used within the application collects and processes user data;
• When required by investigative, judicial, or other authorized government bodies as part of legally established procedures;
• To protect the rights and lawful interests of the Operator in cases of breach of the License Agreement or other agreements;
• To financial institutions (banks) handling payments to the Operator, exclusively for dispute resolution or inquiries related to such transactions, or as required by law.

9.14. Personal data may be transferred to investigative bodies, the Federal Tax Service, and other executive authorities in accordance with Russian law.
9.15. The Operator implements legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, dissemination, and other unlawful actions. This includes:

• Identifying data security threats;
• Establishing internal regulatory and legal documents;
• Appointing responsible persons;
• Creating proper conditions for data processing;
• Organizing workflows in systems where data is stored;
• Ensuring secure storage conditions and preventing unauthorized access;
• Conducting staff training.

9.16. Personal data is stored in a form that allows the identification of the subject only for as long as necessary to fulfill the processing purpose unless otherwise required by law, a contract, or this Policy.
9.17. Paper-based personal data is stored in accordance with legally established retention periods for documents.
9.18. Personal data stored in information systems is subject to the same retention periods as paper documents.
9.19. The Operator ceases processing personal data under the following circumstances:

• If unlawful processing is discovered – within 3 business days of identification;
• When the purpose of processing is achieved;
• When the consent expires or is withdrawn, and further processing is not legally permitted without consent.

9.20. Upon achieving the purpose of data processing or withdrawal of consent, processing must cease unless:

• Otherwise stipulated by a contract involving the data subject;
• The Operator is legally authorized to continue processing without consent;
• A separate agreement exists between the Operator and the data subject.

9.21. Upon receiving a request from the data subject to cease data processing, the Operator must comply within 10 business days, unless otherwise stated by law. This period may be extended by up to 5 business days with justification.
9.22. When collecting personal data through the Internet, the Operator ensures storage, systematization, and processing of data belonging to Russian citizens in databases located in the Russian Federation, except in cases outlined in the Personal Data Law.
9.23. Due to technical specifics of server infrastructure, the Operator may transfer personal data to foreign jurisdictions where data is stored confidentially. Such transfers are exclusively for the purposes of service operation, analytics, storage, and user support.

10. Updating, Correction, Deletion, Destruction of Personal Data, and Responses to Subject Requests for Access
10.1. Confirmation of personal data processing by the Operator, legal grounds and purposes of such processing, and other information specified in Part 7 of Article 14 of the Personal Data Law, shall be provided by the Operator to the data subject or their representative within 10 business days from the date of the request.
This period may be extended by up to 5 business days with a justified notice indicating the reason for the delay.
Disclosed information shall not contain data about other subjects, except when legally permitted.
The request must include:

• The number of the identity document of the data subject or their representative, issue date, and issuing authority;
• Information confirming the subject's relationship with the Operator (contract number, date, etc.) or proof of data processing by the Operator;
• The signature of the subject or representative.

The request may be sent electronically and signed with a digital signature.
The Operator provides the information in the same format in which the request was received, unless otherwise specified.
If the request lacks required information or access rights, a reasoned refusal is issued.
The subject’s right to access may be limited in accordance with Part 8 of Article 14 if it violates the rights of others.
10.2. If inaccurate data is identified, the Operator blocks the relevant personal data upon the subject’s or Roskomnadzor’s request for the verification period, provided that such blocking does not infringe the subject's or third parties’ rights.
Upon confirmation of inaccuracies, the Operator updates the data within 7 business days and lifts the block.
10.3. If illegal processing is identified, the Operator blocks the data from the moment of request or detection.
10.4. If the Operator, Roskomnadzor, or any third party detects unlawful or accidental disclosure of personal data, leading to rights violations, the Operator must:

• Within 24 hours: Notify Roskomnadzor of the incident, the presumed causes and consequences, and measures taken, including contact information for the responsible person;
• Within 72 hours: Provide Roskomnadzor with the results of an internal investigation, including identities of those responsible (if applicable).

10.5. Destruction of Personal Data:
10.5.1. Conditions and timeframes for destruction:

• Purpose of processing achieved or no longer relevant – within 30 days;
• Expiry of legally established retention periods – within 30 days;
• Subject provides evidence that the data was unlawfully obtained or is unnecessary – within 7 business days;
• Consent withdrawn and further retention is not needed – within 30 days.

10.5.2. Personal data must be destroyed unless:

• Otherwise required by a contract involving the subject;
• The Operator has other legal grounds to retain the data;
• Another agreement exists with the subject.

10.5.3. The Operator independently determines the method of destruction.
10.6. The Operator allows Users to update or withdraw their consent at any time by sending a written request to the Operator's address:
125167, Moscow, Aeroporta proezd, building 8, structure 9, room 3/1.
Recipient: LLC “Soulmate”.
10.7. The User may also contact the Operator at the address above to request information regarding the processing of their personal data in accordance with Federal Law No. 152-FZ of July 27, 2006 “On Personal Data”.

11. Final Provisions
11.1. Any rights and obligations not governed by this Policy are regulated by applicable Russian law, including Federal Law No. 152-FZ “On Personal Data”.
11.2. By using the F DATE&EAT mobile application, the data subject accepts the terms of this Policy and the procedure for processing the personal data they provide.
11.3. The User confirms that they have fully read and understood this Policy and agree with all of its provisions.
11.4. LLC “Soulmate” reserves the right to unilaterally amend this Policy at any time without prior notice to the User.
11.5. The User is advised to independently monitor changes to this Policy in the F DATE&EAT mobile application.
11.6. Continued use of the F DATE&EAT application after changes or additions to this Policy constitutes the User’s acceptance of such changes and/or additions.