Luxury real estate agency
Presnenskaya Embankment, 6c2,
Empire Tower,
3rd entrance, office 4315
Moscow region,
Rublyovo-Uspenskoe highway, Usovo, 100, RC "Residence on Rublyovka", Block G
+7 (495) 255-01-61 +7 (499) 877-49-39
Online
Policy on processing personal data and cookies

Terms and their definitions

  1. Policy- This Processing of Personal Data and Cookies Policy, available on the Internet at: https://whitewill.ru/privacy.  
  2. We,Us,Our , etc., as well asOperator- Limited Liability Company "WHITEVILLE", TIN: 5032309922, OGRN: 1195081051846, address: 143084, Moscow region, Usovo village, Odintsovo, pp. 100, room. 13, e-mail: info@whitewill.ru.
  3. You,Your,Your , etc., as well asPersonal Data Subject- our counterparty under the User Agreement, which may be a natural person who uses the Site, in the manner and on the terms and conditions set forth in the Agreement.
  4. User Agreement- An offer governing the use of the Site by Users, and posted at: https://whitewill.ru/user-agreement.
  5. Personal data- Any information that relates to an identified or identifiable natural person. An identifiable natural person is a person who can be identified directly or indirectly, in particular by reference to identifiers such as name, identification number, location data, network identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  6. Processing of personal data- any action (operation) or set of actions (operations) performed with or without the use of means of automation with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data. Processing of personal data is carried out by mixed (including automated) processing method.
  7. Automated processing of personal data- Processing of personal data by means of computing equipment.
  8. Confidentiality of personal data- A requirement binding Us or any other person who has access to Personal Data not to allow its dissemination without the consent of the Personal Data Subject or other lawful basis.
  9. De-identification of personal data- actions as a result of which it becomes impossible to determine, without the use of additional information, the belonging of personal data to a particular subject of personal data.
  10. Website- Our websitehttps://whitewill.ru.  
  11. Cookies- a small text file placed by the Site on your computer or device when you, for example, visit certain areas of the Site and/or when you use certain features of the Site.
  12. Federal Law No. 152-FZ - Federal Law of the Russian Federation of 27.07.2006 № 152-FZ "On Personal Data".
  13. GDPR or Regulation- EU General Data Protection Regulation 2016/679, of the European Parliament and of the European Council of April 27, 2016 on the protection of natural persons with regard to the processing of their Personal Data and on the free movement of such data, repealing Directive 95/46/EC as amended, modified and supplemented, as applied from time to time and transposed into national law in the Member States.
  14. California State Online Privacy Protection Act or CalOPPA- California Online Privacy Protection Act.
  15. California Consumer Privacy Act or CCPA- The first comprehensive privacy law in the United States, passed in late June 2018, representing various privacy rights for California consumers.
  16. US Privacy Act of 1974 or UPA- The Privacy Protection Act, which governs the handling of personal information of US citizens or US domiciled persons.
  17. PECR- Privacy and Electronic Communications (EC Directive) Regulations 2003;
  18. UAE data protection and privacy laws- All and any laws and regulations governing the Processing of Personal Data, including but not limited to: (1) the Dubai Emirate Data Protection and Privacy Law, (2) the Federal Data Protection Law (Law No. 45 of 2021), effective January 2, 2022, (3) the Constitution of the United Arab Emirates (UAE), (Federal Law No. 1 of 1971); (4) the Crimes and Penalties Law (Federal Law No. 31 of 2021, repealing Federal Law No. 3 of 1987); (5) Cybercrime Law (Federal Law No. 5 of 2012. "Combating Information Technology Crimes") (as amended by Federal Law No. 12 of 2016 and Federal Decree-Law No. 2 of 2018); (6) Telecommunications Regulation Law (Federal Law pursuant to Decree 3 of 2003, as amended), including regulations/policies issued by the State Telecommunications and Digital Regulatory Authority (TDRA) regarding the protection of telecommunications consumer data in the UAE.

Subject matter and grounds of the Processing of Personal Data

  1. Subject of the Policy. The provisions of this Policy apply to the relationship between Us and You related to the Processing of personal data within the framework of the relationship arising between Us on the use of the Site, formed as a result of Your acceptance of the terms of the User Agreement.
  2. Basis of Processing. The basis for the Processing of your personal data is always your consent. Without your consent to the terms of this Policy, we will not be able to fully enforce our obligations under the contracts we enter into with you (including, but not limited to, the User Agreement).

Acceptance of the terms of the Policy

  1. In this section you can learn about the actions, the performance of which signifies your consent to the Processing of your personal data (hereinafter referred to as "Consent to the Processing of Personal Data").
  2. Contents of the Consent to the Processing of Personal Data. By submitting the Consent for processing of PII, you confirm that you have fully read and agree with theUser Agreement,Personal Data and Cookie Policy,, and provide specific, subject, informed, conscious and unambiguousConsent to the processing of your personal data.
  3. Please note that Consent to the Processing of Personal Data means that you, among other things, express your consent to the Automated, as well as without the use of automation tools, Processing of your Personal Data, under the conditions specified in the Policy as well as in the Consent to Processing of Personal Data.
  4. Order a callback. If you order a callback by using the relevant functionality of the Site, you are deemed to have provided Consent to the processing of Personal Data at the moment you click on the "Order a Call" button (or analog).
  5. Making an outgoing call. By making a call to the Operator and continuing the conversation with an employee of the Operator, you provide Consent to the processing of Personal Data.
  6. Messenger messaging. If You send a message to Us via messenger, including using the corresponding functionality of the Website, Your Consent to the processing of Personal Data shall be deemed to have been granted at the moment of sending the first message to Us.
  7. Familiarizing yourself with the content of the Site. If You are simply browsing the Site, You are deemed to have given Us Consent to the processing of Personal Data to the extent set out in this Policy (technical data, Cookies (unless a different consent procedure in relation to the processing of Cookies is implemented on the Site).
  8. Storage of consent information. Please note that We may retain data about Your actions (by means of a logging system for Your actions, or an analog) evidencing Your Consent to the PII as set forth in this section of the Policy for a period of three (3) years after Your expression of consent to the Policy, unless a different period is required by law.

Period of policy and processing of personal data

  1. Term of the Policy. Once the terms of the Policy have been accepted, the Policy is valid indefinitely. However, this does not affect the period of Processing of your personal data - it is set by this Policy.
  2. Period of Personal Data Processing. As a general rule, We process your Personal Data until the moment of contacting you on your request, as well as for 3 (Three) years after the said event, unless the period of personal data retention is set by the applicable law, User Agreement, or other contract, in one way or another related to the use of the Site or the Processing of your Personal Data, to which you are a party. In other cases, We will stop processing Your Personal Data if You object to such processing or if You have withdrawn Your previously given consent to the processing, in accordance with the terms of this Policy and the provisions of law. However, in doing so, We may be unable to fulfill obligations under contracts with You.
  3. Change. The Policy may be changed by Us at any time. This may include changes to Our business processes, the impact of external factors and other reasons. Once changes are made, We will immediately post the amended Policy on the Site so that You have the opportunity to review the revised Policy. In the event that you continue to use the Site after the Policy has been amended, we will unconditionally deem you to be in agreement with the terms of the revised Policy.

Basis for development, objectives, principles of the Policy

  1. Basis of Development. The Policy is developed to fulfill the requirements of: a) GDPR; b) CalOPPA; c) CCPA; d) PECR; e) Federal Law No. 152-FZ; f) GDPR; g) UAE Data Protection and Privacy Laws, h) as well as other laws and bylaws that determine the cases and specifics of processing of personal data of the Personal Data Subject.
  2. Purposes. The policy pursues the following objectives: (1) ensuring the requirements of protection of human and civil rights and freedoms in the processing of personal data, including the protection of the rights to privacy, personal and family secrecy, (2) excluding unauthorized actions (unlawful or accidental access) of any third parties to your Personal Data, as well as the destruction, modification, blocking, copying and dissemination of personal data, (3)  ensuring the legal and regulatory regime of confidentiality and control of your Personal Data, (3)  ensuring the legal and regulatory regime of confidentiality and control of your Personal Data.

    Thus, the primary purpose of the Policy is to provide you with a full and transparent understanding regarding: the legal basis for collecting and processing your Personal Data; the categories of Personal Data we may collect about you; what happens to the Personal Data we collect; where we process your Personal Data; how long we store your Personal Data; to whom we may share your Personal Data; and to explain your rights as a subject of Personal Data.

  3. Principles. We pursue the following principles of Personal Data Processing: (1) processing of Personal Data must be carried out on a lawful and fair basis, (2) processing of Personal Data must be limited to the achievement of specific, predetermined and legitimate purposes; processing of Personal Data incompatible with the purposes of personal data collection is not allowed, (3) the content and scope of processed Personal Data must be consistent with the stated purposes of processing; processed Personal Data must not be redundant with respect to the purpose of processing

Composition of Personal Data to be collected

  1. Ordering a Callback. You have the opportunity to order a callback from us. To do this, you need to leave the following data by entering information in a special form on our website: (1) Mobile phone number, (2) Name. Please note that by providing third party data, you agree to honor the guarantees set forth in this Policy. Please also note that you may give any Name by entering the relevant information in the form, including one that does not correspond to your own name. However, in such a case, please note that the Name entered must be ethical and moral.
  2. Data about messengers. On our Website you can write to Us in What's App, Telegram, or other messenger (if available). In this case, the Site has special URL - links (of the type https://messenger-bot.whitewill.ru/web/... and (or) analog), when you go there, you will be able to send us a message in the selected messenger. When sending such a message, We will receive data about the address of your account in the corresponding messenger, and such other data that you have specified in such account and made publicly available.
  3. Technical Data. During your use of the Site, We automatically collect some of your Personal Data. Such data includes, for example, technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, information about your visit to websites, etc.
  4. Other data. In exceptional circumstances We may ask You to provide additional Personal Data. We will certainly warn You in advance and ask You to provide additional consent for the Processing of additional Personal Data.
  5. Personal Data of third parties. Please note that if you provide us with Personal Data of third parties, you warrant that you have obtained from such persons all necessary consents (including consent to transfer personal data), other documents necessary to implement the provisions of this Policy in full, executed by them in the form and in accordance with their personal applicable law (Third Party Consent), and if you are the operator of personal data of such persons, you also warrant that you ensure the procedure of transfer and protection of their personal data. At the same time, the consent of third parties must be executed by them in writing, the original of which must be provided by you within 7 (Seven) calendar days from the date of sending the relevant request from the Operator. Provision of Personal Data to third parties without complying with this warranty is unacceptable and you fully assume all responsibility for breach of this warranty.

Rights of the Personal Data Subject

  1. Obtaining information. You have the right to obtain information about Us, Our location, whether We hold Your Personal Data, and to review such Personal Data.
  2. Clarification. You have the right to request Us to clarify your Personal Data, block or destroy it if the Personal Data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing, as well as to take measures provided for by law to protect your rights.
  3. Submission Form. Information about Our holdings of Personal Data will be provided to You in an accessible form and will not contain Personal Data relating to other Data Subjects.
  4. Access Procedures. You (or your legal representative) may access your Personal Data either in person or by submitting a written request. In this case, the request must contain the number of the main document certifying your or your legal representative's identity, information about the date of issue of the said document and the issuing authority, and a handwritten signature. Your request may be submitted electronically. We must respond to your request within thirty (30) days from the date of receipt, which may be extended up to sixty (60) days, taking into account the complexity and number of requests.
  5. Content of Response. In a request for access to Personal Data, You have the right to request that We provide You with information relating to the Processing of Your Personal Data, including information containing: (1) confirmation of the fact of processing of Personal Data, as well as the purpose of such processing, (2) methods of processing of Personal Data, (3) name and location of the Operator, information about persons who have access to Personal Data or to whom such access may be granted, (4) list of Personal Data being processed and the source of their receipt, (5) terms of processing of Personal Data, including the terms of their storage, (6) information about what legal consequences for the Personal Data Subject may result from the Processing of his/her Personal Data
  6. Withdrawal of consent. You have the right to withdraw consent to the processing of Personal Data, to restrict the ways and forms of processing Personal Data, to prohibit the dissemination of Personal Data without your consent.
  7. Right to appeal. You have the right to appeal Our actions or inactions to the authorized authority for the protection of the rights of Personal Data Subjects or in court.
  8. Right to Defense. You have the right to protect your rights and legitimate interests, including compensation for losses and compensation for moral harm in court.

Rights of the Data Subject (GDPR)

If you are a national of a member state of the European Economic Area or the United Kingdom (or you lawfully provide us with Personal Data of such a person), you are also afforded the rights set out below. You may exercise them by sending the relevant email to Our Contact Details.

  1. The right to be informed(Art. 12-14 of the Regulation). You have the right to be informed about the collection and use of your Personal Data, in particular about the purposes of the processing of this Personal Data, the retention periods and to whom it will be transferred. This information must be provided at the time we collect your Personal Data. If we obtain Personal Data from other sources, we will notify you within a reasonable time after receiving the data and no later than one month, unless you already have such information and it would require disproportionate effort to provide it. The information must be concise, transparent, understandable, easily accessible and expressed in clear and understandable language, so we endeavor to explain our data processing policy in detail. We will make you aware of any new use of your Personal Data before we start processing it.

  2. Right of access(Art. 15 of the Regulations). You have the right to obtain from the Operator confirmation whether Personal Data concerning you are being processed and, if necessary, access to the Personal Data and the following information: the purposes of the processing; the categories of Personal Data concerned; the recipients or categories of recipients to whom the Personal Data have been or will be disclosed, in particular recipients from third countries or international organizations; if possible, the prescribed period for which the Personal Data will be stored or, if this is not possible, the criteria for the retention of the Personal Data. If Personal Data is transferred to a third country or international organization, you have the right to be informed about the available safeguards related to such transfer. Upon request, the Operator will also provide a copy of the Personal Data being processed. For all additional copies requested by the Personal Data subject, the Operator may charge a reasonable fee based on administrative costs. If you make a request by electronic means, and unless otherwise required, the information must be provided in a generally accepted electronic form.

  3. Right of correction(Art. 16 of the Regulations). You have the right to have incorrect or inaccurate information regarding Personal Data corrected upon request for correction made orally or in writing. The Operator has one calendar month to respond to the Personal Data subject's request.

  4. Right to erasure ("right to be forgotten")(Art.17 of the Regulation) The Regulation grants individuals the right to have personal data erased. You can make a request for erasure by contacting our Personal Data Protection Officer, who has one month to respond to your request. Please note that this right is not absolute and only applies in certain circumstances provided for in Article 17 of the Regulation.

  5. The right to restrict processing(Art. 18 of the Regulation). You have the right to request the restriction or termination of the processing of your Personal Data. If the processing has been restricted, such Personal Data, except for storage, shall only be processed with the consent of the data subject or for the basis, exercise or maintenance of legal claims, or for the protection of the rights of another natural or legal person, or for the protection of the public interest of the Union or a Member State. Note that this right is not absolute and only applies in certain circumstances provided for in Article 18 of the Regulation.

  6. Right to data portability(Art. 20 of the Regulation). The right to data portability allows you to obtain and reuse your Personal Data for your own purposes across different services. It allows you to easily move, copy or transfer Personal Data from one IT environment to another in a safe and secure manner without affecting the usability of the Personal Data. Please note that you have the right to transfer Personal Data directly from one Operator to another, where technically feasible.

  7. Right to object(Art. 21 of the Regulations). You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation. We will not process your Personal Data any further unless we have compelling legitimate grounds for the processing which are more important than the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims. If your Personal Data is processed for direct marketing purposes, you have the right to object to the processing of Personal Data relating to you for the purposes of said marketing, including profiling insofar as it relates to direct marketing.

  8. Rights related to automated decision-making, including profiling(Art. 22 of the Regulation). You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal consequences in relation to him or her or significantly affects him or her. Please note that this right is not absolute and only applies in certain circumstances provided for in Article 22 of the Regulation. You may withdraw your consent to the processing of Personal Data at any time. Please remember that withdrawal of consent extends only to the future. Any processing activities carried out prior to such withdrawal are not affected by it.

Transmission of Personal Data

  1. Transfer of Personal Data. In order to achieve the purposes of the Personal Data Processing, we may need to share your Personal Data with our counterparties, including but not limited to Amotsrm, TIN: 7709477879, OGRN: 5157746087681. Your Personal Data may also be shared with public authorities, in particular executive authorities, based on their request.
  2. Mandatory and optional transfers. The transfer of information may be mandatory, e.g. in terms of information about user equipment: IP address, OS, geographical data, ID/type of equipment, channel used: browser/application, payment authorization, identification/verification, or optional, e.g. in terms of information about address match indicators, account information, etc.

Storage of Personal Data

  1. Localization of Personal Data. If you are a citizen of the Russian Federation, We store your data on servers located in the Russian Federation. If you are a citizen of a member state of the European Economic Area, the United Kingdom, or another country whose personal data laws require Personal Data to be Processed in such country, your Personal Data is collected and Processed in the European Economic Area or such country, respectively.

Personal Data Protection Principles and Measures

  1. Defense Principles. We employ legal, organizational, administrative, technical, and physical measures to protect Personal Data- to ensure the protection of your Personal Data.
  2. Security Measures. Measures to ensure the security of Personal Data during its processing are planned and implemented to ensure compliance with the requirements of Personal Data legislation and the regulations adopted in accordance with it. We ensure the security of your Personal Data by, among other things, the following means: (1) limiting and specifying the number of Operator's employees who have access to Personal Data, (2) appointing a person responsible for organizing the processing of Personal Data, (3) developing and implementing local regulations on the processing of Personal Data, (4) identifying threats to the security of Personal Data during their processing in the information systems of Personal Data, (5) applying organizational and technical measures to ensure the security of Personal Data

Cookies

  1. Use of Cookies. The Site uses cookies. When you visit the Site, your Internet browser transmits certain information to Our server: (1) date and time of visit, (2) browser type, (3) language settings, (4) operating system. This information is stored in connection logs for a limited period of time (from a session to a year) to ensure the security and proper operation of the Site and to gather statistical information.
  2. Functions of Cookies. There are different groups of Cookies that are used on the Site.The first group is functional and technical Cookies. The main function of these cookies is to allow the server of the Site to obtain information about your session, language used, browser, etc., and to ensure the full operation of the Site. These files are necessary to recognize you when you access the Site again. This allows us to personalize the content of the Site to your needs, to remember your preferences. The second group are analytical cookies, they allow us to evaluate and count the number of visitors and understand how they move around the Site as they interact with it. This helps us to make improvements to the Site, for example, by optimizing the search for relevant sections, making it easier and more efficient. You have the right to refuse the use of analytics cookies by making the appropriate settings in your web browser.
  3. Cookiesstorage time. Cookies are categorized into Persistent Cookies and Session Cookies based on how long they are stored on users' devices: "Session Cookies" are cookies that are stored on your device until you close your browser. "Persistent Cookies" are stored on your device until they expire or until you delete them.
  4. Disabling Cookies. You have the option to accept or reject all cookies on all sites you visit by changing the settings in your web browser. For example, when you are using Internet Explorer version 11.0 you should do the following: (1) select "Settings", then "Browser Properties", (2) click on the "Privacy" tab, (3) using your mouse, select your preferred settings. You must use different settings for each browser to modify and delete cookies. Please note that certain functionality of the Site may not be available if you disable Cookies. To learn more about how to adjust or change your browser settings, please refer to your browser's instructions or atwww.aboutcookies.orgorwww.allaboutcookies.org. If you use different devices to access the Site (e.g. smartphone, tablet, computer, etc.), you should take care to ensure that each browser on each device is configured according to your cookie preferences.

Addresses for exchanging legally relevant messages

  1. Details of the Parties. In the course of performing obligations under this Policy and/or other obligations as a Personal Data Operator,  there may be (and in some cases must be) an exchange of legally significant communications between Us. Such exchange shall take place through official contacts of the Parties, either in writing or electronically (equally). A separate agreement on the use of electronic document management is not required. Our details are provided in the Legal Notice (at the bottom of the document) and your details are provided by you at the time of leaving a callback request, by messenger message or other communication channels. Please be aware that you bear all risks that your data for legally relevant messaging is no longer relevant.
  2. Correspondence exchange. Correspondence may only be exchanged using the Parties' data as defined in accordance with the rules of this Policy.

Final Provisions

  1. Divisibility clause. In case one or more of the provisions of the Policy are held to be invalid / irreconcilable etc., such provisions shall be deemed to be replaced by valid provisions as near as possible. However, the Policy shall not be held invalid in its entirety under any circumstances.

Official Notice

Wytheville Limited Liability Company

TIN: 5032309922, OGRN: 1195081051846

Address: 143084, Moscow region, Usovo village, Odintsovo, pp. 100, room. 13

E-mail: info@whitewill.ru  

Email (Personal Data questions): privacy@whitewill.ru  

THE CONTACTS LISTED ARE THE ONLY OFFICIAL SOURCES OF CONTACT WITH US. PLEASE PAY ATTENTION!

Document reference:https://whitewill.ru/privacy

The Policy is published in free access in the information and telecommunication network of the Internet on the Operator's Website