@ captaindno.xyz
Home Blog Gallery Settings
English | Русский

Shared files

Github profile

Steam profile

@ captaindno.xyz

Privacy policy

I ("Owner", "Administrator", "Data Controller") respect Your privacy and do my best to comply with privacy laws around the world.
This privacy policy ("Privacy Policy") describes how Your data is collected, stored, used and/or shared ("processed") when You visit or in any other way engage with websites and/or other services at captaindno.xyz and all its subdomains ("Websites" and "Services").
In this Privacy Policy, by "personal information/data" ("Information", "Data") I mean everything that is defined as such by GDPR. This means, that even IP address is considered to be a personal information.

Note: Websites may contain links to other websites or services, that are not associated with Administrator in any way (e.g., GitHub). This Privacy Policy does not apply to them.

1. Why Your Information is processed?

1.1. Legal bases for processing Your Data

Your Information is only processed when there is a valid legal reason (i.e., legal basis) to do so under applicable law. You can see all legal bases that are used in this Privacy Policy below. In the section 3 you can find detailed information about each type of Information that is processed, reasons for processing such information and ways to opt out of processing.

  • Consent. Your Data may be processed if You have given explicit permission (i.e., consent) to use Your Information for a specific purpose. You can withdraw your consent at any time. See section 3 for more details.
  • Legitimate Interests. Your Information may be processed when Administrator believes it is necessary to achieve legitimate interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, your Information may be processed to grant You access to Websites and Services; diagnose problems with Websites and Services; deliver You notifications related to Websites and Services (after consent); improve performance and security of Websites and Services.
  • Legal obligations. Your Information may be processed when Administrator believes it is necessary for compliance with legal obligations, such as: to cooperate with a law enforcement body or regulatory agency, to exercise or defend Owner's legal rights, or disclose Your information as evidence in litigation in which Owner is involved.
  • Vital interests. Your Information may be processed where Administrator believes it is necessary to protect vital interests of any person, such as situations involving potential threats to the safety of this person.

1.2. Why Your Information may be processed?

Your Information may be processed for a variety of reasons listed below:

  • To provide You with access to Websites and Services. Your Information may be processed to maintain your access to use Websites and Services while allowing them to be protected from different threats.
  • To identify usage trends. Your Data may be processed to provide Owner with information on Websites and Services usage. This allows Owner to improve Websites and Services.
  • To protect individual's vital interests. Your Information may be processed when necessary to save or protect an individual's vital interest, such as to prevent harm.
  • To communicate with You. Your Information may be used to facilitate communication between Administrator and You (e.g., by email).
    After Your consent, Your information is used to send You push-notifications related to Websites and Services.

2. By whom and where Your Information is processed?

Your Information may be processed directly by Administrator for any purpose stated in section 1. This means that Administrator may view, edit, copy Your Information from any location in the world (almost always it is Russian Federation), on the condition that secure communication protocols are used. Administrator also obligates to not share Your Information with any third parties not listed in this Privacy Policy.

Your Data may be shared with third-party vendors, service providers, contractors, or agents ("third parties"), who perform services for Owner on Owner's behalf and require Information to do that work. This process may be regulated by:
(a) data processing agreement/addendum ("DPA");
(b) other contract between Data Controller and third party.
Sharing Data with third parties may involve sending it across country borders. All traffic is encrypted.
See detailed list of all (and only) third parties involved in processing of Your Information below:

  • Cloudflare, Inc. ("Cloudflare")

    Cloudflare is an American company that provides a variety of useful services, such as CDN, DNS, DDoS protection, email routing, WAF. Usually, You will be served by nearest Cloudflare servers, which may be located in Your own or neighboring countries.

    See DPA.

  • Avoro (dataforest GmbH)

    Websites and Services run on servers, rented from companies, mentioned above ("Hosts").
    Server locations: Germany.

    See Avoro website.

  • Firebase

    Firebase is a subsidiary of Google LLC ("Google"). They provide different cloud services, focused on ease of use for developers. Specifically website at captaindno.xyz or www.captaindno.xyz uses Firebase Cloud Messaging ("FCM").

    See DPA and Google's policy for data coming from partner sites.

  • Gmail

    Gmail is one of the largest email services in the world. Administrator uses Gmail as a primary mailbox for communications related to Websites and Services.

    See Google's DPA.

  • Brevo

    Brevo provides different services mostly related to email and marketing.

    See DPA

3. Details about processed Information, reasons for processing and third parties involved.

Different types of Information are processed when You use Websites and Services. You can find detailed information about each Data type that is processed, legal bases and other reasons for that, third parties involved and ways to opt out of processing.

Sensitive information

Some personal information may be considered especially "sensitive" (as defined by GDPR or Cal. Civ. Code § 1798.140(ae)).
Such information is not processed by any Website or Service, unless you include it into an email sent to any address at captaindno.xyz. In this case, Your emails are forwarded by Cloudflare Email Forwarding and delivered to Gmail mailbox. Administrator obligates to never share Your sensitive Information with any other third parties without Your consent. You may demand deletion of emails containing sensitive Information from Administrator's mailbox.

Data derived from incoming requests

Everything (except "sensitive" information, if it can be derived) that can be directly extracted or derived from decrypted incoming HTTPS requests (e.g., made by Your web browser) may be processed. This data may include, for example: Your IP address, browser and operating system name and version, preferred languages, referring website, location derived from IP address. This information is crucial for operation and security of Websites and Services.

When this data is processed? Always when You use Websites or Services online.

By whom data is processed? By Hosts and by Cloudflare.

What are the legal bases? Legitimate interest.

How to opt out? As this data is essential to provide you access to Websites and Services, Your only option is to stop using Websites and Services.

Data collected by Cloudflare Web Analytics

Websites may use Cloudflare Web Analytics to provide Owner with ways to monitor usage trends and performance to make informed decisions. Data is collected by JavaScript beacon, cookies are not used.

When this data is processed? Only after You give consent and until You revoke it.

By whom this data is processed? Cloudflare.

What are the legal bases? Consent and legitimate interests.

How to opt out? Revoke Your consent on the settings page at the www.captaindno.xyz.

Data collected by Firebase Cloud Messaging

Information processed by FCM and services it depends on may include: per-installation identifier (FID) that does not uniquely identify a user or physical device; information about browser and operating system; message delivery metrics. This data is used to facilitate delivery of push notifications related to Websites and Services to You (of course, only after Your consent).

When this data is processed? Only after You give consent and until You revoke it.

By whom this data is processed? Firebase and Hosts.

What are the legal bases? Consent and legitimate interests.

How to opt out? Revoke Your consent on the settings page at the www.captaindno.xyz.

Email

When You communicate with Administrator by sending and receiving emails, Your email address is processed along with any data, that You include in email.

When this data is processed? Only when You email any address at captaindno.xyz.

Кем обрабатываются эти данные? Gmail; Cloudflare Email Routing for emails sent to any address at captaindno.xyz; Brevo for emails sent from any address at captaindno.xyz.

Каковы законные основания? Consent (by sending an email to any address at captaindno.xyz, You give Your consent to data processing).

Как отказаться? Не отправляйте электронные письма на адреса на captaindno.xyz.

4. Tracking technologies and Cookies

Websites and Services use essential cookies set by Cloudflare. Websites may use beacons and other tracking technologies to gather analytical data after Your consent.

5. Is children's data processed?

Such Information is not processed (knowingly).

6. How Your information is kept safe?

Data Controller and all third parties involved in processing of Your Data have implemented appropriate security measures to ensure safety of Your data. Transmission of personal information to and from Websites and Services is at your own risk. You should only access the Websites and Services within a secure environment. In the event of security breach, Administrator shall notify You by posting appropriate notice on every page of website at captaindno.xyz / www.captaindno.xyz and sending push notification (if possible and permitted by law).

7. Data retention

Your Information is kept only for as long as necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). When there is no need to process Your information, it is deleted or anonymized. If this is no possible, Your Information will be securely stored and isolated from any further processing until deletion/anonymization is possible.

8. Controls for do-not-track ("DNT") features.

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting You can activate to signal Your privacy preference not to have data about your online browsing activities monitored and collected. As there is no officially standardized and/or widely supported way to detect DNT signals, such signals are ignored by Websites and Services. See section 3 instead to learn more about ways to manage what data is processed.

9. Your rights

This section of Privacy Policy contains information about Your rights under certain data protection laws, ways to exercise these rights and legitimate reasons for Administrator to deny Your requests.

9.1. What right do You have?

Under certain data protection laws, You may have rights concerning Your personal information and processing of it ("Rights"). However, these Rights are not absolute, and in certain cases, Administrator may decline Your request as permitted by law.
Rights may include:

  • Right to know whether Your personal information is processed and how;
  • Right to access Your personal information or details on how it has been processed;
  • Right to correct inaccuracies or delete Your personal information;
  • Right to withdraw Your consent to processing of Your personal information.

9.2. How You can exercise Your Rights?

You may exercise Your Rights by the following means:
a) freely read this Privacy Policy;
b) visit settings page to view or delete or stop processing of some types of Your information;
c) send Data Subject Access Request ("DSAR") to any contacts mentioned in section 11.

9.3. When Your DSAR may be declined?

There are circumstances in which Your DSAR may be partially or fully declined without breaking the law. Below You can see list of the most common reasons for not fulfilling Your DSAR. For complete list of such reasons, You should refer to applicable laws (if any).

  • You are not trying to exercise Your Rights by submitting the DSAR (e.g.: You request payment to cancel the submitted DSAR; You use DSAR to disrupt operations of Websites and Services or cause harm to the Administrator);
  • DSAR is excessive (takes unreasonable amount of resources to fulfill);
  • Reasonable amount of time has not yet passed after previous DSAR;
  • There are legal obligations which prevent Administrator from fulfilling Your DSAR (e.g., if You are investigated by law officials and try to hide the evidence by requesting the deletion of Your data);
  • Request may not be fulfilled without violating rights of others. For example, personal information of others may be exposed without their consent. This is applicable to data derived from incoming requests; FCM and analytical data, because there is no accurate way to confirm that such data was generated by You - so request to access, edit or delete this data cannot be fulfilled.

10. How this Privacy Policy is updated?

Owner may update this Privacy Policy from time to time. Owner shall notify You about new version of this Privacy Policy at least 30 days before it takes effect. To do this Owner shall post notice on website at www.captaindno.xyz / captaindno.xyz and (if possible) send push-notification.

11. Contacts

Email: [email protected]