Nagovori
Legal information

Privacy Policy and Personal Data Processing

Last updated: February 11, 2026

This Privacy and Personal Data Processing Policy establishes the procedure for processing and protecting the personal data of users of the Nagovori service. The Policy is developed in accordance with Russian Federal Law No. 152-FZ of 27.07.2006 On Personal Data and other applicable regulations.

1. Data Operator

  • Entity: ИНДИВИДУАЛЬНЫЙ ПРЕДПРИНИМАТЕЛЬ КОРНАЧУК МАРК ВСЕВОЛОДОВИЧ
  • INN (Tax ID): 772461035002
  • OGRN/OGRNIP: 325774600026938
  • Contact email for personal data matters: support@nagovori.ru
  • RKN Personal Data Operators Registry No.: 62833/77

The Operator independently and/or jointly with authorized persons organizes and carries out the processing of personal data, determines the purposes of processing personal data, the composition of personal data subject to processing, and the actions (operations) performed with personal data.

2. Key Definitions

  • Personal data — any information relating directly or indirectly to an identified or identifiable natural person (data subject).
  • Processing of personal data — any action (operation) or set of actions performed with personal data: collection, recording, organisation, accumulation, storage, clarification, retrieval, use, transfer, depersonalisation, blocking, deletion, destruction.
  • Data subject (User) — a natural person who has registered and/or is using the Service.
  • Operator — a person who independently or jointly with others organises and/or carries out the processing of personal data.

3. Legal Bases for Processing

Personal data is processed on the following legal bases:

  • Consent of the data subject (Article 6(1)(1) and Article 9 of 152-FZ) — upon registration the User gives explicit consent to processing.
  • Performance of a contract (Article 6(1)(5) of 152-FZ) — processing is necessary to provide services to the User under the Terms of Service.
  • Compliance with legal obligations under Russian law (Article 6(1)(2) of 152-FZ).
  • Legitimate interests of the Operator (Article 6(1)(7) of 152-FZ) — for fraud prevention, security and service improvement, where these do not override the rights of data subjects.

4. Categories of Personal Data Processed

The Operator processes the following categories of personal data:

  • Identification data: email address, username, unique account identifier.
  • User content: audio files uploaded for transcription and the resulting transcription text.
  • Technical data: IP address, browser type and version, device type, operating system, time of access to the Service, request and error logs.
  • Payment data: transaction identifiers, payment status, amount, date. The Operator does not receive or store payment card data — it is processed exclusively by payment providers.
  • Analytics data: interface interaction events (clicks, navigation) in anonymised or pseudonymised form for service improvement.

The Operator does not process special categories of personal data (racial or ethnic origin, political views, religious beliefs, health status, biometric data) without separate explicit consent.

5. Purposes of Processing

  • Registration, identification and authentication of the User in the Service.
  • Providing audio transcription services and other Service functionality.
  • Accounting for Service usage: deduction of minutes, balance and package management.
  • Payment processing, invoicing and accounting for financial transactions.
  • Technical support for users and responding to enquiries.
  • Ensuring the security of the Service, detecting and preventing fraudulent and other unlawful actions.
  • Improving the quality of the Service based on aggregated and/or anonymised analytics.
  • Compliance with the requirements of Russian Federation legislation.

6. Procedure and Conditions of Processing

  • Processing is carried out both using automated means and without such means.
  • Processing of personal data is carried out to the extent necessary to achieve the stated purposes, in compliance with the data minimisation principle.
  • The Operator takes necessary and sufficient legal, organisational and technical measures to protect personal data from unlawful access, destruction, modification, blocking, copying, dissemination and other unlawful actions.
  • Only authorised employees who have given a confidentiality undertaking are permitted to process personal data.

7. Data Retention Periods

  • Account data (email, identifier) — retained throughout the lifetime of the account and for 3 years after deletion (for fulfilment of obligations and legal compliance).
  • Audio files and transcription results — retained until deleted by the User or until the account is closed.
  • Payment data (transaction identifiers, payment history) — 5 years from the date of payment in accordance with accounting legislation requirements.
  • Access and security logs — no more than 1 year from the date the record was created.
  • Upon expiry of retention periods, personal data is destroyed or anonymised.

8. Transfer of Personal Data to Third Parties

The Operator may transfer personal data to the following categories of recipients solely for the purpose of providing the Service:

  • Hosting and cloud computing providers — for hosting the Service infrastructure.
  • Authentication providers — for secure user identification.
  • Payment providers — for processing payments (CloudPayments, Alfa-Bank/AlfaPay). These providers are independently responsible for processing payment data.
  • Monitoring and analytics systems — for error diagnostics and Service performance evaluation.

Personal data is transferred to third parties only on the basis of data processing agreements and/or the data subject's consent. All third parties are required to maintain confidentiality and comply with personal data protection legislation.

All data of Russian users is primarily stored on servers located in the Russian Federation, in accordance with Article 18.1(5) of Federal Law No. 152-FZ.

9. Cookies and Analytics

The Service uses cookies — small text files stored by the user's browser. Cookies are used for the following purposes:

  • Technically necessary cookies: ensuring authentication, storing language preferences, maintaining the session. Without them the Service cannot function.
  • Analytical cookies: collecting statistics on visits and interaction with the Service (Yandex.Metrica, PostHog). Set only with consent.

Consent to the use of analytical cookies is requested on the first visit via a banner. You may decline the use of analytical cookies — this will not affect the main functionality of the Service. Cookie management is available through browser settings.

10. Security Measures

  • Encryption of transmitted data using the TLS protocol.
  • Access control for personal data (least-privilege principle).
  • Logging of actions with personal data and security incident monitoring.
  • Regular software updates and vulnerability remediation.
  • Data backup to ensure integrity and availability.
  • Training of employees on personal data processing and protection.

11. Rights of Data Subjects

In accordance with the requirements of 152-FZ, the User has the right to:

  • Obtain information about the processing of their personal data (Article 14 of 152-FZ).
  • Demand clarification, blocking or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained or not necessary for the stated purpose (Article 14 of 152-FZ).
  • Withdraw consent to the processing of personal data (Article 9 of 152-FZ). Withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal.
  • Lodge a complaint against the Operator's actions or inaction with the supervisory authority — the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor).
  • Claim damages and/or compensation for non-material harm through the courts.

To exercise your rights, send a request to: support@nagovori.ru. We will consider your request within 30 days of receipt.

12. Changes to this Policy

The Operator has the right to make changes to this Policy. When changes are made, the date of the last update is indicated. The new version of the Policy takes effect from the moment it is published on the Service website. Continued use of the Service after publication of a new version constitutes the User's agreement to the changes.

13. Contact Information

For all questions related to the processing of personal data, please contact: support@nagovori.ru.