Privacy Policy

This Privacy Policy (the “Privacy Policy”) is designed to provide data subjects with information on the processing of their personal data (any information relating to them) in the context of usage of Yandex services, software and mobile applications listed in Section 2 below(“Service” or “Services”) under the relevant Terms of Use (“Agreement”) by those who use the Service (“Users”).

This Privacy Policy is based on the provisions of data protection laws, which may be applicable in the country of your residence.

1. Controller

Data controller with regard to personal data processed under this Policy is Büyük Reklam Çözümleri Limited Şirketi (Halaskargazi Mah. Halaskargazi Cd. No:38-66/E İç Kapı No:215 Şişli/ İstanbul) (“Controller”).

Data subjects can contact us on any questions relating to the processing of their personal data under this Privacy Policy by either of the following methods:

Email: ­­­­­­­­­­­­­­­­­­­­­­gdpr@yandex-team.com­.

Postal address: Halaskargazi Mah. Halaskargazi Cd. No:38-66/E İç Kapı No:215 Şişli/ İstanbul.

2. Categories of processed personal data

We may process User’s personal data collected in connection with use of the following services, software and mobile applications:

  • Yandex Search; Yandex Browser; Yandex Merchant Center; Yandex Webmaster; Yandex Translator; Yandex Metrica and AppMetrica
  • Yandex Search App; Yandex Keyboard App

We may process the following personal data depending on the circumstances of our interaction with data subjects. The table below sets out the categories of personal data we process.

Category of data

Description

User data required to create an account in Service or to use the Service (User data)

Surname, name, e-mail address, login, UID

Service usage data

Data related to usage of the Service by Users, such as: time, query, host, clicks, user ID, cookies; browsing history, bookmarks, feature usage data and other data depending on the specifics of the service

Automatically collected information

Cookies, type of the User's device operating system, User's device IP address, version and identifier of the application, statistics on the use of the applications’ features, geolocation data, information about the SIM card, list of applications installed on the User's device, statistics on the usage, installation, and removal of applications, and other technical information.

Data provided directly to us through support requests

E-mail address and other information voluntarily submitted to us

We process your personal data only when we have one of the legal bases mentioned below:

3.1. Performance of the Agreement. We may process your personal data in order to provide you the Service under the relevant Agreement.

3.2. Legitimate Interest. We may process your personal data when we (or a third party) have an interest in using your personal data in a certain way, which is necessary and justified in light of the possible risks.

3.3. Consent. Where required by applicable laws, we will process your personal data based on your consent.

3.4. Legal Obligations. When we must process your personal data to comply with applicable laws.

3.5. Other. We can also process your personal data to exercise our legal rights or on the other legal bases provided by applicable law.

The table below sets out:

  • Service’s purpose for processing your personal data;
  • Service’s legal basis for each purpose under applicable law;
  • categories of personal data which Service uses for each purpose.

Purpose for processing Your data

Legal basis

Categories of personal data used for the purpose

To provide the Service

Agreement

User data, Service usage data, Automatically collected information.

To improve the Service

Legitimate interest

User data, Service usage data, Automatically collected information.

To market, promote, and advertise

Consent, legitimate interest

User data, Automatically collected information

To comply with legal obligations and law enforcement requests

Legal obligation, legitimate interest

All data

To establish, exercise, or defend legal claims

Legitimate interest

All data

To detect and prevent fraud

Legitimate interest

All data

To provide security

Legitimate interest

All data

To conduct research, contests, surveys

Agreement, Legitimate interest, Consent

User data, Automatically collected information

We do not process your personal data for other purposes that are not covered by this Privacy Policy.

4. Recipients and sources of personal data

4.1. We disclose certain personal data to the following recipients to the extent required or permitted by applicable law and/or based on their legitimate and reasonable requests:

  • our Partners to the extent necessary to provide Services to data subjects;
  • affiliate entities of the Controller which are a part of the same group of companies;
  • partners providing sales and marketing services;
  • partners assisting us in gathering statistical and aggregated information about interactions with the Service;
  • partners otherwise assisting in provision of the Service and achievement of other purposes mentioned in the section 3 of this Privacy Policy;
  • various state and municipal authorities if strictly required to respond to their legitimate formal inquiries;
  • their legitimate formal inquiries; other third parties when it is required for compliance with applicable laws.

4.2. We obtain personal data through any information you provide directly to us or through information provided by third parties. Below is a list of ways in which we collect your personal data.

Personal data collected directly from you, including:

  • when you complete our registration forms;
  • when you use our Services;
  • when you contact us for any enquiries, complaints or for any other reason.

Personal data collected from other sources, including:

  • via third parties including our Partners in a manner that is permitted;
  • through tags in websites data subjects use and/or manage or control.

5. Transfers to third countries

We may transfer personal data of the data subjects to third countries, including Russia and other third countries that do not provide the same level of data protection as in the country of your residence. When doing so, we ensure implementation of security measures aimed at protection of your personal data in an appropriate manner. This may include, but not limited to, entering into Standard Contractual Clauses for international data transfers in the form approved by relevant supervisory authority.

The data subjects can get more information on the mechanisms of transfers to third countries by sending a request with the use of contact details specified in section 1 of this Privacy Policy.

6. Storage periods

We store personal data as long as it is required to achieve the purposes of the processing specified in section 3 of this Privacy Policy, unless there are specific periods defined in applicable laws.

If you wish to have any personal data removed from our databases, please contact us by sending a request with the use of contact details specified in section 1 of this Privacy Policy.

7. Basic rights of data subjects

Please see your rights and their descriptions in this table. The list of rights of personal data subjects available to you may differ depending on which legislation applies to the relationship between you and Services.

Right

Description

Access

You can ask us to confirm whether or not we process your personal data. If so, you can access these personal data and ask us to explain certain details of the processing, including information about the purpose for the data processing and whether the data was used for this purpose or information about the identities of natural or legal persons whom the data is transferred to (if applicable).

Rectification

You can ask us to correct inaccurate personal data concerning you. If it complies with the purposes of the processing, you can ask us to rectify incomplete or inaccurate personal data. If data is transferred, you can ask us to advise the recipient about the correction of the personal data.

Erasure (“right to be forgotten”)

You can ask us to erase personal data concerning you under applicable law. For example, this applies if (1) the personal data are no longer necessary in relation to the purposes for which they were processed; (2) you withdraw consent to the processing and there is no other legal ground for the processing; (3) the personal data have been unlawfully processed. If data is transferred, you can ask us to advise the recipient about the erasure or removal of the personal data.

Restriction on processing

You can ask us to mark the stored personal data with the aim to limit their processing in the future under applicable law. This applies if (1) you contest the accuracy of the personal data; (2) you ask to restrict the use of the personal data when their processing is unlawful; (3) you need personal data to protect your rights when our services no longer needs the personal data; (4) you have objected the processing based on the legitimate interests pursued by us or by a third party.

Objection to processing (if applicable)

You can object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on the legitimate interests pursued by Controller or by a third party. We shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

To exercise their rights, you can contact us with the use of contact details specified in section 1 of this Privacy Policy.

9. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority in the area of data protection in the country of your residence.

10. Cookies

We use "cookies" to help personalize and optimize your online experience and time online, including for general improvement of our services. A cookie is a small file placed on your device. Cookies store bits of information that we use to help make our Services work and enable us to personalize your experience in line with your settings. They can’t run any code and don’t contain viruses.

We use the following types of cookies:

Technical (strictly necessary) cookies: These cookies are necessary for the website/app to function and cannot be switched off in our systems. They are usually only set in response to actions made by visitors which amount to a request for services, such as setting privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but this may cause parts of the site/app to not work properly. These cookies do not store any personal data.

Marketing cookies: Marketing cookies are necessary to track visitors across the website/app and display ads that are relevant.

Analytical cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our services. They help us to know which pages are the most and least popular and see how visitors move around the site/app. If these cookies are disabled, we will not know when a user like yourself has visited our site/app or be able to monitor the site’s/app's performance.

Most browsers allow you to control cookies through their setting preferences. Limiting the ability of websites to set cookies, however, may deteriorate the overall user experience or deactivate features that you wished to utilize.

You may also change the interest based advertising settings or opt-out of such advertising via special tool located at https://yandex.com/tune/adv.

11. Children’s privacy

We do not knowingly or intentionally collect personal data through our services from children under eighteen (18) years of age. If you are under eighteen (18) years of age / other age, recognized in your jurisdiction as sufficient for your use of our services, do not attempt to register for or use of our services (for example, as Publisher), do not provide us any personal data about yourself unless you have the requisite parental consent. If you are a parent or guardian and you are aware that your child has violated this Privacy Policy and provided us personal data, please contact with the use of contact details specified in section 1 of this Privacy Policy. If we become aware that a minor has provided us personal data or we otherwise process his personal data in violation of the Privacy Policy, we will take steps to remove that information.

12. Changes to this Privacy Policy

We may change this Privacy Policy from time to time at our sole discretion. If so, we may notify the data subjects about these changes by an appropriate method. If there is no explicit notification, the data subjects may always review the up-to-date version of this Privacy Policy.