Tilda Publishing
Privacy Policy
1. Privacy Policy
This Privacy Policy (hereinafter — Privacy Policy) determines the Administration's responsibilities towards non-disclosure and protection of the confidentiality of personal provided by the User on the Administration's request when register on the Platform (hereinafter — the Platform).

Privacy Policy refers to all information that the Platform can collect about a User while they are using the service. By registering on this Platform, the User consents to all terms of this Privacy Policy.

This Privacy Policy may be modified by the Administration without preliminary notice. The current Privacy Policy can always be found at: https://tilda.cc/privacy
2. User's personal data
2.1. Key terms

When registering a User provides the Administration with personal data including name, surname and e-mail address. When registering and /or the Service using the Platform may automatically or with the participation of a User collect additional personal information, including IP-address, browser version, country, language, utm parameters, partner's tags, address of a page's referrer and other technical data, which can be used for identification of the User without carrying additional measures.

A User may be required to provide access to accounts of third-parties service providers including, inter alia, public file storage, instant messages service, social networks and etc in order to use different Services. In this case the Administration may receive from the third party provider additional personal data including, inter alia, sex, location, userpic and etc. All information accessed through the third party service provider shall be processed and stored in accordance with The User Agreement and Privacy Policy.


2.2. Payment Policy

The Platform tariff payment shall be made via one of the payment systems such as Stripe.com, PayPal, CloudPayments. These payment systems collect and retain financial information in accordance with their User Agreement and Privacy Policy.

The Administration does not store full card details. It is not a Payment Controller, as it only receives notifications about successful payments.

It is understood, however, that when receiving payment for the Tariff, the Administration may collect additional information including, inter alia, transaction number, transaction time, type and expiration date of the card used for payments as well as the last four digits of the card number, the cardholder's name, country and city where card has been charged.


2.3. Personal Data requested by third party services

The User may be required to provide access to accounts of third party service providers including, inter alia, public file storage, instant messaging service, social networks, etc in order to use different Services. In this case the Administration may receive from the third party provider additional personal data including, inter alia, gender, location, userpic, etc. All information accessed through the third party service provider shall be processed and stored in accordance with the User Agreement and Privacy Policy.


2.4. Activity Data Tracking

While the User is logged into their Account, for the purposes of security and fraud prevention, the following activities are logged: date and time of signing in, date and time when the project was created, date and time when the project was deleted; date and time the password and email were changed, date and time the project and webpage were transferred to another account.


2.5. Personal Data required during domains registration

The User has the option of registering a domain name in this personal account on the Platform. This service is provided by the domain name registrar LLC Domains Registrar REG.RU. All personal data required for domain registration shall be processed and stored in accordance with their User Agreement and Privacy Policy. The Platform does not process this requested data; it solely provides the user interface for transferring personal data to the domain registrar.
3. The way Personal Data is collected
The main ways of receiving personal information from Users:

a) User provides personal information directly (e.g., when registering on the Platform or using a payment system);
b) Personal Data is collected automatically when the User looks through or uses the Platform, for example with the help of cookie files (see more in the Cookie Policy);
c) A user can provide Personal Data on their own accord why they sign into and use third party services integrated wilfully while they assign and use of third-parties services that are integrated into the Platform.
4. Personal Data Use
The Administration may use Personal Data provided to it by the User to:

a) Create an Account and Personal account in order to use the Platform;
b) Provide client service and technical support;
c) Send notices by email, such as confirmation of registration, a reminder and a notice about a forthcoming or completed payment, activation of the trial period and notification of its termination, complaints about the Site created within the Account, notices about significant changes in client service. These messages are mandatory from technical point of view and cannot be canceled for an active account.
d) Email educational materials regarding using the Platform and monthly newsletters containing news connected with the Platform's functions. To opt out from receiving these messages, the User must follow the unsubscribe instruction which is contained in every message they receive.
e) Provide tailored service. For example, location and language detected by the browser are used to set the language of the Platform's interface.
f) Send promotional materials and advertising. Depending on how the User engages with the Platform, they may be sent individual marketing messages about products and services. Also the information about user interaction with the Platform allows it to recalibrate advertising campaigns, for example, avoid showing social ads to the Platform's users.
g) Integrate third party services that provide additional functionalities to the User's website that have been added by the use voluntarily and on their own accord.
h) Sending notifications of payments made on the User's website.
i) Improve the function of the Platform and provide better services. Statistics and analysis about the use of the Platform's functions allows us to determine the priorities for further development. As a result, for this purpose anonymous generalized information is used.
5. Transfer of personal data to third parties
The User may be required to provide Personal Data by third party services, for example, to make a transaction or integrate third-party services that give additional features to the User's website. The User provides this information voluntarily and on their own accord. All personal data required by third party services shall be processed and stored in accordance with their User Agreement and Privacy Policy.

The Administration can share personal data with service providers that perform services on the Administration's behalf. For example, the Administration can use third parties to help it provide customer support, manage advertising, send notifications and newsletters on the Administration's behalf. These third parties are prohibited from using the Users' personal data for promotional purposes.

The Administration can disclose personal data if required by within the limits of the law or to protect rights and interests if this disclosure is reasonably needed to comply with the law or to prevent fraud. In particular, the Administration can disclose the User's data if it is lawfully requested by state authorities or if it receives a justified claim addressed to the User about the violation of the Third parties' rights and/or the User Agreement.

The Administration can share the User's personal data with third parties to provide the User with targeted advertising, and also to measure and control its effectiveness. For example, the Administration can use encrypted emails to adjust advertising in social networks to avoid showing these ads to current Platform users.
6. Storage of data
The processing and storage of the User's personal data will be carried out lawfully during the time that the account exists. In the event that the account is deleted, some data may be stored insofar as it is necessary for fulfilling legal obligations, settling disputes, preventing fraud and protecting the interests of the Administration.

The Administration takes all necessary technical and organizational precautions to protect User's personal data against unauthorized or accidental access, deletion or alteration, blocking, copying, disclosure or other unauthorized actions of third parties.

In case of loss or disclosure of User's personal data the Administration notices the User about the fact of his personal data loss or disclosure.
7. Personal Data collected by Users on their websites
6.1. General provisions

The Administration does not process personal data collected by the User on websites, and only provides the computing capacity that could be used for data collection. The Administration is not a 'Controller' but a 'Processor', according to the terminology defined in the European Union General Data Protection Regulation.

Data collected on the User's website is kept in their personal account for 30 days. This function is included by default and is aimed at improving user experience. The User is free to switch off this function at any time, change the amount of time their data is retained, change or delete data either in part or in full, and also to export data.

In the event the User uses an online payment system, the Administration may receive partial data about a successful payment in order to facilitate cooperation between the website and payment system.

The function of logging and retaining partial information about a successful payment is included by default. This function can be set by the User in their personal account. The User may change the length of time their data is kept or turn off this function.


6.2. Responsibility of the User

Should the User process third party data, the User is solely liable for taking appropriate measures for the protection of personal data, according to the General Data Protection Regulation (GDPR) and other laws and regulations, including obtaining appropriate permits and posting the necessary documentation and information to their website.

The Administration does not have the right to provide legal assistance to Users, although we recommend that the Users who process personal data, add a User Agreement to their website, as well as the confidentiality agreement and in the data collection form add links to these documents and a special field that will show that the User has read and given consent to these rules. Read more about this in the Help section of our Platform: help.tilda.ws/gdpr-compliance

The site created by the User uses cookie files by default. In case if the User has no plans to use this function or work with personal data, they must disable the use of cookies in the site settings.
8. Cookie Policy
Cookies are small text files sent by the server to the user's device. Cookies perform many functions, for example, they allow to save the settings made by the user, allow the user to move between pages after signing in and, on the whole, make working on a website easier.

Here's how we are using cookie files:
а) Identification — cookie files allow website providers to recognise your advice and your Account so they don't have to request your login details and password every time you go to another page;
b) Analytics — cookie files allow us to obtain information about the viewing how many times this or that page was viewed.

The user has the right to set the browser to refuse cookies but this will substantially limit their ability to the Platform.
9. Managing personal data
The User can review, change or delete Personal data that was provided by the User or that was collected from the User's website, in their personal account or by sending a relevant query by emailing legal@tilda.cc.The User may use the same email address should the User request for their online Account to be deleted.

For technical reasons, the information may not be deleted straight away, but after a delay. Please note that we may retain some of the information to the extent that is necessary for fulfilling legal obligations, resolving disputes, preventing fraud and protecting the legitimate interests of the Administration.
10. User's obligations
In relation of the User to the Administration, the User provides their personal data and keeps it current.

The User shall independently manage relationships with their Users in relation to the data collected on the User's website.
11. Administration obligations
The Administration undertakes to:

a) Use the information provided exclusively for the purposes set out in the Clause 4 of the present Privacy Policy;
b) Keep personal information confidential; not to disclosure the User's personal information without prior written permission from the User; not to sell, exchange, publish or disclose it by any other means, except for the means indicated in the Clause 5 of the present Privacy Policy.
c) Take measures to protect the confidentiality of User's personal information according to standard procedures.
d) Block the User's personal immediately after receiving a request from the User or their legal representative or a relevant authority for the protection of the User's personal data white it is being checked in case invalid data or unauthorized activities are detected.

The Administration may share the User's personal data with the authorities in the relevant jurisdiction solely on the grounds and according to the legislation of the Russian Federation.
12. Liabilities of the Parties
In case of a failure to perform its obligations, the Administration accepts liability for any losses, but no more than the cost of the Tariff incurred by the User as a result of the unauthorized use of their personal data, in accordance with the legislation of the Russian Federation, except for the cases when personal data:

a) Was shared with authorities of the corresponding jurisdiction;
b) Was disclosed by the third party after it was shared by the Administration, with the User's consent;
c) Became public before it was lost or disclosed;
d) Was received from a third party before it was provided to the Administration;
e) Was disclosed with the User's consent;
f) Was disclosed as a result of a force majeure event;
g) Was disclosed as a result of a justified claim addressed to the User about the violation of the Third parties' rights and/or the User Agreement.
13. Contacts
If you have any questions, comments or complaints about this Privacy Policy, please contact us as follows: you may email us at legal@tilda.cc. We will respond within a reasonable amount time.
Made on
Tilda