1. DEFINITION OF TERMS I. The current personal data privacy policy (hereinafter referred to as the Privacy Policy) works with the following concepts: or) processing of personal data received by him. To perform these duties, they must clearly understand why the information is being processed, what information should be processed, what actions (operations) should be performed with the information received. 2. "Personal data" - information that is directly or indirectly related to a specific or identifiable natural person (also called the subject of personal data). 3. "Processing of personal data" - any operation (action) or a combination of those that the Administration performs with personal data. They can be collected, recorded, systematized, accumulated, stored, specified (if necessary, updated or changed), retrieved, used, transferred (distributed, provided, made available to them), depersonalized, blocked, deleted and even destroyed. These operations (actions) can be performed both automatically and manually. 4. "Confidentiality of personal data" - a mandatory requirement for the Operator or other official working with the User's data to keep the information received in secret without revealing it to outsiders, if the User who provided the personal data did not express his consent, and there is no legal basis for disclosure. 5. "User of the website of the online store" (hereinafter referred to as the User)" - a person who has visited the website of the online store, as well as using its programs and products. 6. "Cookies" - a short piece of data sent by a web browser or web client to a web server in an HTTP request, whenever the User tries to open the page of the Online Store. The fragment is stored on the User's computer. 7. "IP-address" - a unique network address of a node in a computer network built using the TCP / IP protocol.

2. GENERAL PROVISIONS Browsing the site, as well as using its programs and products, implies automatic acceptance of the Privacy Policy adopted there, which implies that the User provides personal data for processing. I. If the User does not accept the existing Privacy Policy, the User must leave the site. II. The current Privacy Policy applies only to the site. If, through the links posted on the site, the User enters the resources of third parties, the Site is not responsible for his actions. III. Verification of the accuracy of personal data that the User who has accepted the Privacy Policy has decided to provide is not the responsibility of the Site Administration.

3. SUBJECT OF THE PRIVACY POLICY According to the current Privacy Policy, the Administration is obliged not to disclose personal data provided by Users registering on the site or placing an order for the purchase of goods, and also to ensure absolute confidentiality of this data. I. To provide personal data, the User fills out electronic forms located on the site. The User's personal data, which are subject to processing, are: 1. his last name, first name, patronymic; 2. his contact number; 3. his electronic address (e-mail); II. The protection of data automatically transmitted when viewing ad units and visiting pages with statistical system scripts (pixels) installed on them is carried out by the site. Here is a list of these data: IP address; information from cookies; information about the browser (or other program through which advertising becomes available); time of visiting the site; the address of the page on which the ad block is located; referrer (address of the previous page). III. Disabling cookies may result in the inability to access parts of the site that require authorization. IV. Any other personal information not specified above (about when and what purchases were made, what browser was used, what operating system was installed, etc.) is securely stored and not distributed. The existing Privacy Policy provides for an exception for the cases described in paragraphs. 5.2 and 5.3.

4. PURPOSES OF COLLECTING THE USER'S PERSONAL INFORMATION Collection of the User's personal data by the Administration of the online store is carried out in order to: 1. Identify the User who has completed the registration procedure on the site in order to place an order and (or) purchase a product or service of this site remotely. 2. Provide the User with access to the personalized resources of this site. 3. Establish feedback with the User, which means, in particular, sending requests and notifications regarding the use of the site, processing user requests and applications, and providing other services. 4. Locate the User in order to secure payments and prevent fraud. 5. Confirm that the data provided by the User is complete and correct. 6. Process and receive payments, confirm tax or tax credits, dispute a payment, determine whether it is appropriate to provide a particular User with a line of credit. 7. Provide the User with the fastest possible solution to problems encountered when using the site, through effective customer and technical support. 8. Timely inform the User about the updated products, acquaint him with unique offers, new prices, news about the activities of the site or its partners and other information, if the User expresses his consent to this. 9. Advertise the products of the site, if the User expresses his consent to this. 10. Provide the User with access to the sites or services of the site, thereby helping him to receive products, updates and services.

5. METHODS AND TERMS OF PROCESSING PERSONAL INFORMATION The term of processing the User's personal data is unlimited. The processing procedure can be carried out in any way prescribed by law. In particular, with the help of personal data information systems that can be maintained automatically or without automation tools. I. The personal data of the User processed by the Site Administration may be transferred to third parties, including courier services, postal organizations, and telecommunication operators. This is done in order to fulfill the User's order left by him on the site and deliver the goods to the address. The User's consent to such a transfer is provided for by the site's policy rules. II. Also, personal data processed by the Site Administration may be transferred to authorized state authorities of the Russian Federation, if this is carried out legally and in the manner prescribed by Russian law. III. If personal data is lost or disclosed, the User is notified of this by the Site Administration. IV. All actions of the Site Administration are aimed at preventing third parties from accessing the User's personal data (with the exception of clauses 5.2, 5.3). This information should not be available to the latter even by accident, so that they do not destroy it, do not change or block it, do not copy and distribute it, and do not commit other illegal actions. To protect user data, the Administration has a set of organizational and technical measures. V. If personal data is lost or disclosed, the Site Administration, together with the User, is ready to take all possible measures in order to prevent losses and other negative consequences caused by this situation.

6. OBLIGATIONS OF THE PARTIES The User's obligations include: 1. Providing information about himself that meets the requirements of the site. 2. Updating and supplementing the information provided by him in case of any change. I. The duties of the Site Administration include: 1. The use of the information received solely for the purposes indicated in paragraph 4 of the existing Privacy Policy. 2. Ensuring the confidentiality of information received from the User. They must not be disclosed unless the User gives written permission. Also, the Administration does not have the right to sell, exchange, publish or disclose in other ways the personal data transferred by the User, excluding clauses. 5.2 and 5.3 of the existing Privacy Policy. 3. Taking precautions so that the User's personal data remains strictly confidential, just as such information remains confidential in modern business practice. 4. Blocking of personal user data from the moment from which the User or his legal representative makes a corresponding request. The right to make a request for blocking is also granted to the body authorized to protect the rights of the User who provided the Site Administration with his data for the period of verification, in case of detection of inaccuracy of the reported personal data or illegal actions.

7. RESPONSIBILITY OF THE PARTIES In the event that the Site Administration fails to fulfill its own obligations and, as a result, the User's losses incurred due to the misuse of the information provided by him, the responsibility lies with it. This, in particular, is confirmed by Russian legislation. The currently existing Privacy Policy makes an exception for the cases reflected in p.p. 5.2, 5.3 and 7.2. I. But there are a number of cases when the Site Administration is not responsible if user data is lost or disclosed. This happens when they: 1. Became public before they were lost or disclosed. 2. Were provided by third parties before they were received by the Site Administration. 3. Disclosed with the consent of the User.

8. DISPUTES RESOLUTION If the User is dissatisfied with the actions of the Site Administration and intends to defend his rights in court, before filing a lawsuit, he must file a claim without fail (offer in writing to resolve the conflict voluntarily). I. The Administration that received the claim is obliged, within 30 calendar days from the date of its receipt, to notify the User in writing about its consideration and the measures taken. II. If both parties have not been able to agree, the dispute is referred to the judicial authority, where it must be considered in accordance with the current Russian legislation. III. Regulation of relations between the User and the Site Administration in the Privacy Policy is carried out in accordance with the current Russian legislation.

9. ADDITIONAL TERMS The site administration has the right to change the currently existing Privacy Policy without asking the consent of the User. I. The entry into force of the new Privacy Policy begins after information about it is posted on the site, unless the changed Policy implies a different placement option. II. All suggestions, wishes, requirements or questions regarding this Privacy Policy should be reported to the feedback section located at: https://albagrouprus.ru/. Or by sending an email to (albagroup@mail.ru) III. You can read about the existing Privacy Policy by going to the page at https://albagrouprus.ru/ Updated October 15, 2022.