Current revisionVersion 1.0Effective from April 29, 2026

Privacy policy

Revision dated: 29 April 2026 Version: 1.0

The Russian-language original is the legally binding version of this document. This English translation is provided for convenience only; in case of any discrepancy the Russian version prevails.

1. General provisions

1.1. This Privacy policy (the "Policy") sets out how personal data of users (the "User", the "Personal Data Subject") is processed and protected when collected by the Operator through the website at https://kinderdev.tech (the "Website") and the related services and products of the Operator, including mobile applications and individual product web dashboards.

1.2. Personal data Operator (the "Operator"):

Vitaly Vitalievich Posadnev. Status: self-employed (payer of the professional income tax). Russian Tax ID (INN): 482305143464. Contact email: info@kinderdev.tech. The current status and details of the Operator are listed on the "Legal details" page of the Website: https://kinderdev.tech/requisites

1.3. This Policy has been prepared in accordance with:

  • the Constitution of the Russian Federation;
  • the Civil Code of the Russian Federation;
  • Russian Federal Law No. 152-FZ of 27 July 2006 "On personal data" (the "Personal Data Law");
  • Russian Federal Law No. 149-FZ of 27 July 2006 "On information, information technologies and information protection";
  • Russian Government Decree No. 1119 of 1 November 2012 "On approving requirements for the protection of personal data when processed in personal data information systems";
  • Order No. 21 of the Federal Service for Technical and Export Control (FSTEC) of 18 February 2013 "On approving the composition and content of organizational and technical measures to ensure the security of personal data when processed in personal data information systems";
  • other regulatory acts of the Russian Federation in the field of personal data.

1.4. By using the Website, submitting data through the Operator's forms, registering in the Operator's products, or placing an order within the Operator's products, the User agrees to the terms of this Policy. If the User does not agree with the terms of the Policy, the User must stop using the Website and the Operator's products.

1.5. The Operator does not verify the accuracy of personal data provided by the User and is not in a position to assess the User's legal capacity. The Operator assumes that the User provides accurate and sufficient personal data and keeps it up to date.

1.6. This Policy applies only to the Website and the Operator's products. The Operator does not control and is not responsible for the collection or processing of personal data by third parties whose websites the User may visit through links available on the Website or in the Operator's products.

1.7. The Operator may amend this Policy. The current revision of the Policy is published on the Website at https://kinderdev.tech/privacy. A new revision takes effect from the moment it is published on the Website unless the new revision states otherwise. The Operator recommends that the User review the terms of this Policy regularly for changes.

1.8. Previous revisions of the Policy are available in the archive at https://kinderdev.tech/privacy/archive.

2. Terms and definitions

2.1. The following terms are used in this Policy:

Personal data — any information directly or indirectly relating to a defined or identifiable natural person (the personal data subject).

Processing of personal data — any action (operation) or set of actions (operations) performed with personal data, with or without automation, including collection, recording, systematization, accumulation, storage, refinement (update, change), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction.

Automated processing of personal data — processing of personal data using computing tools.

Operator — a natural person who, alone or together with others, organizes and/or carries out the processing of personal data and determines the purposes of processing, the composition of personal data to be processed, and the actions (operations) performed with personal data.

Personal Data Subject — the natural person to whom the processed personal data relates.

Distribution of personal data — actions aimed at disclosing personal data to an indefinite circle of persons.

Provision of personal data — actions aimed at disclosing personal data to a specific person or to a specific circle of persons.

Blocking of personal data — temporary suspension of the processing of personal data (except where processing is necessary to refine the personal data).

Destruction of personal data — actions resulting in the impossibility of restoring the content of personal data in a personal data information system and/or actions resulting in the destruction of the physical media of personal data.

Depersonalization of personal data — actions resulting in the impossibility of determining, without additional information, the attribution of personal data to a specific Personal Data Subject.

Personal Data Information System (PDIS) — a set of personal data contained in databases together with the information technologies and technical means that ensure their processing.

Cross-border transfer of personal data — the transfer of personal data to the territory of a foreign state, to a foreign state authority, or to a foreign natural or legal person.

Cookies — files or pieces of information stored in the User's browser or device when visiting the Website, used to record actions taken by the User and to preserve user preferences.

Confidentiality of personal data — a mandatory requirement for the Operator or any other person who has obtained access to personal data not to allow its distribution without the consent of the Personal Data Subject or another lawful basis.

3. Purposes of personal data processing

3.1. The Operator processes the User's personal data for the following purposes:

a) Registration and authentication of the User in the Operator's products, creation and management of an account, providing access to product functionality.

b) Performance of contractual obligations to the User within the Operator's products that include paid functionality, including providing access to paid products and services, processing payments, refunds, sending payment confirmation documents.

c) Communication with the User, including sending notices, requests and information related to the use of the Website and the Operator's products, handling User requests and queries, providing technical support.

d) Sending informational and advertising messages (subject to the User's separate consent) — newsletters, marketing materials, notifications about promotions, new products and services of the Operator.

e) Improving the quality of the Website and the Operator's products, conducting statistical and analytical research, analyzing user behavior on the Website to optimize the user experience.

f) Ensuring the security of the Website and the Operator's products, preventing fraudulent activity and unauthorized access to User accounts.

g) Compliance with the requirements of Russian law, including tax and accounting legislation.

h) Targeting of advertising materials (subject to the User's separate consent) — personalization of advertising using third-party advertising platforms and retargeting services.

4. List of processed personal data

4.1. The Operator may process the following User personal data. The specific composition of the data collected depends on the product and the form used. On the Website itself (the kinderdev.tech landing page), the Operator collects only the data listed in the "Data collected automatically" block — there are no registration, account or order forms on the landing page.

Data provided by the User directly:

When filling in a registration form in the Operator's products:

  • email address;
  • password (in encrypted form).

When filling in or editing a profile (personal account) in the Operator's products:

  • last name, first name, patronymic;
  • phone number;
  • other data voluntarily provided by the User.

When filling in a contact / technical-support form:

  • name;
  • email address;
  • content of the request.

When placing an order (purchasing a plan) in the Operator's products:

  • last name, first name, patronymic;
  • email address;
  • phone number.

Data collected automatically when using the Website and the Operator's products:

  • IP address;
  • cookie data;
  • browser and operating system information;
  • device information (type, model, screen resolution);
  • date and time of access to the Website;
  • requested page URLs;
  • the source of the visit to the Website (referrer);
  • data on User actions on the Website (pages viewed, clicks, session duration);
  • geolocation data (country/city level, derived from the IP address).

Payment data:

  • When using products with paid functionality, bank-card data and other payment details are processed exclusively by the payment service provider (for example, YooKassa) in accordance with PCI DSS. The Operator does not receive, store, or process full bank-card data of Users.

4.2. The Operator does not process special categories of personal data concerning racial or ethnic origin, political views, religious or philosophical beliefs, health, or intimate life.

4.3. The Operator does not process biometric personal data.

5. Legal grounds for processing personal data

5.1. The Operator processes the User's personal data on the following legal grounds:

a) Consent of the Personal Data Subject (Article 6(1)(1) of the Personal Data Law) — for the purposes set out in clauses 3.1 (a), (d), (e), (h) of this Policy.

b) Performance of a contract to which the Personal Data Subject is a party (Article 6(1)(5) of the Personal Data Law) — for the purposes set out in clauses 3.1 (b), (c) of this Policy. The contract is the user agreement (offer) of the relevant Operator product, published on the product page or inside the application.

c) Performance of obligations imposed on the Operator by Russian law (Article 6(1)(2) of the Personal Data Law) — for the purposes set out in clause 3.1 (g) of this Policy.

d) Legitimate interests of the Operator (Article 6(1)(7) of the Personal Data Law) — for the purposes set out in clause 3.1 (f) of this Policy, provided that the rights and freedoms of the Personal Data Subject are not violated.

5.2. The Operator processes anonymized data about the User if such processing is enabled in the User's browser settings (cookies and JavaScript are enabled).

6. Procedure and conditions for processing personal data

6.1. Personal data is processed by the following means:

  • collection;
  • recording;
  • systematization;
  • accumulation;
  • storage;
  • refinement (update, change);
  • retrieval;
  • use;
  • transfer (provision, access);
  • depersonalization;
  • blocking;
  • deletion;
  • destruction.

6.2. Personal data is processed both with the use of automation in the personal data information systems used by the Operator and without the use of automation.

6.3. The carriers of personal data during automated processing are the servers (hard drives of server hardware) located on the territory of the Russian Federation that host the information systems used by the Operator.

6.4. Processing of personal data starts when the data is received by the Operator and ends when the purposes of processing are achieved, the need to achieve those purposes is lost, the Personal Data Subject withdraws consent, or the Operator ceases its activity.

7. Personal data protection measures

7.1. The Operator takes the necessary and sufficient organizational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, distribution, and other unlawful actions by third parties.

7.2. The level of personal data protection complies with Russian Government Decree No. 1119 of 1 November 2012.

7.3. The composition and content of organizational and technical measures to ensure personal data security are determined in accordance with FSTEC Order No. 21 of 18 February 2013.

7.4. In particular, the Operator has implemented the following protection measures:

  • SSL/TLS encryption is used to transfer data between the Website and the User's browser;
  • User passwords are stored in hashed form;
  • access to personal data is restricted and granted only to authorized persons;
  • information protection tools are regularly checked and updated;
  • data backups are made to prevent loss.

8. Transfer of personal data to third parties

8.1. The Operator may transfer the User's personal data to third parties in the following cases:

a) Payment systems — when using products with paid functionality, the Operator transfers data necessary to process payments to the payment service provider (for example, YooKassa, JSC YooMoney).

b) Analytics services — anonymized or pseudonymized data may be transferred to web-analytics services to analyze visits and improve the Website. In particular:

c) Advertising and retargeting services (subject to the User's consent) — data may be transferred to advertising platforms to show personalized ads.

d) Hosting provider — personal data is stored on the servers of the hosting provider that runs the Website. The servers are located on the territory of the Russian Federation.

e) As required by law — data may be transferred to state authorities (tax, law-enforcement and others) in cases and in the manner provided for by Russian law.

f) In the event of reorganization or transfer of business — if the Operator's business is sold or otherwise transferred (in whole or in part), personal data may be transferred to the acquirer. The acquirer takes on all obligations to comply with this Policy with respect to the personal data received.

g) Other third parties — only with the prior consent of the User, except in cases expressly provided for by Russian law.

8.2. The Operator obliges third parties receiving personal data to keep it confidential and to ensure its protection in accordance with the requirements of Russian law.

8.3. In the event of loss or disclosure of personal data, the Operator notifies the User and informs the authorized body for the protection of the rights of personal data subjects (Roskomnadzor) in accordance with Russian law.

9. Cross-border transfer of personal data

9.1. Before initiating a cross-border transfer of personal data, the Operator must ensure that the foreign state to whose territory the data is transferred provides adequate protection of the rights of personal data subjects.

9.2. Cross-border transfer of personal data to the territory of foreign states that do not meet the above requirements may be carried out only with the written consent of the Personal Data Subject to such transfer and/or for the performance of a contract to which the Personal Data Subject is a party.

9.3. When using analytics services and advertising platforms whose servers may be located outside the Russian Federation, anonymized data may be transferred cross-border. The Operator takes measures to minimize the volume of transferred data and to ensure its anonymization.

9.4. Initial processing and storage of personal data of citizens of the Russian Federation is carried out on servers located on the territory of the Russian Federation, in accordance with the requirements of part 5 of Article 18 of the Personal Data Law.

10. Use of cookies

10.1. The Website uses cookies — small text files placed on the User's device — to ensure the Website works correctly, to improve the user experience, and to collect statistics and analytics.

10.2. The Website uses the following types of cookies:

Strictly necessary (functional) — ensure Website operation, User authentication, security, preservation of user preferences. Without them the Website cannot function. Set in response to User actions. Legal basis: legitimate interest of the Operator and performance of a contract.

Statistical — store the history of visits to Website pages to improve the quality of its operation and identify the most and least popular pages. Legal basis: User consent.

Analytical and marketing — analyze the effectiveness of the Website with web-analytics tools, collect anonymized information about traffic sources and Website visits, and evaluate advertising effectiveness. Includes Yandex.Metrica and similar services. Legal basis: User consent.

Advertising — used to display personalized advertising and for retargeting. Legal basis: User consent.

10.3. On the first visit to the Website, the User is shown a notice about the use of cookies with the option to accept or decline the use of optional (statistical, analytical, advertising) cookies.

10.4. The User can manage cookies through browser settings, including deleting already-set cookies and disallowing them in the future. Detailed information on cookie management is available in the documentation of the User's browser. Disabling cookies may limit Website functionality.

11. Personal data retention periods

11.1. Personal data is processed for the following periods:

a) Account data (full name, email, phone, login) — for the entire lifetime of the User's account in the Operator's products and for one (1) year after deletion (for restoration after accidental deletion and to perform obligations to the User).

b) Data related to payments and service delivery — for five (5) years from completion of the service or the last payment (per Russian tax and accounting legislation).

c) Cookie and analytics data — for the period set by the relevant analytics services, but no more than two (2) years from the User's last visit to the Website.

d) Data processed on the basis of consent — until the User withdraws consent (unless other grounds for processing exist).

11.2. After the periods expire or the purposes of processing are achieved, personal data is destroyed or anonymized within thirty (30) days.

12. Operator's obligations

12.1. The Operator is obliged:

a) to provide the User, upon request, with information regarding the processing of their personal data, to the extent provided for by Article 14 of the Personal Data Law;

b) to inform the User of the existence of personal data relating to that User and to provide free-of-charge access to that data within ten (10) business days from receipt of the request;

c) within seven (7) business days, to make the necessary changes to personal data when the User provides information confirming that the data is incomplete, inaccurate, or out of date, and to notify the User of the changes;

d) within seven (7) business days, to destroy personal data when the User provides information confirming that such data was unlawfully obtained or is not needed for the stated purpose of processing, and to notify the User of the actions taken;

e) to block unlawfully processed or inaccurate personal data when the User asks for it, or upon their request, if unlawful processing or inaccurate data is identified;

f) if unlawful processing of personal data is identified, to stop the unlawful processing within three (3) business days from identification. If the violations cannot be fixed, to destroy the personal data within three (3) business days;

g) when the purpose of processing is achieved, to stop processing and destroy the personal data within thirty (30) days from achieving the purpose;

h) when the User withdraws consent, to stop processing within thirty (30) days of receiving the withdrawal (unless there are other lawful grounds for processing);

i) in the event of loss or disclosure of personal data, to inform the User of the loss or disclosure;

j) to notify Roskomnadzor of an incident involving personal data leakage within the timeframes set by Russian law;

k) to notify the User in writing or electronically when the violations are fixed or the personal data is destroyed.

13. Operator's rights

13.1. The Operator is entitled to:

a) defend its interests in court;

b) provide User personal data to third parties when this is provided for by applicable law (tax, law-enforcement and other authorities);

c) refuse to provide personal data in cases provided for by law;

d) use the User's personal data without consent in cases provided for by Russian law.

14. Rights of the Personal Data Subject

14.1. The User has the right to:

a) obtain information about the processing of their personal data, including: confirmation of processing, legal grounds and purposes, methods of processing, name and location of the Operator, list of persons with access to personal data, list of processed data and its source, processing and storage periods, and the procedure for exercising the rights of the subject;

b) request refinement of their personal data, its blocking or destruction if the data is incomplete, outdated, inaccurate, unlawfully obtained, or not needed for the stated purpose of processing;

c) withdraw consent to the processing of personal data;

d) request deletion of personal data;

e) appeal the actions or omissions of the Operator to the authorized body for the protection of the rights of personal data subjects (Roskomnadzor) or in court;

f) defend their rights and lawful interests, including by way of compensation for losses and/or moral damage in court;

g) opt out of receiving advertising and marketing messages at any time by clicking the "Unsubscribe" link in the message or by sending a corresponding request to the Operator.

14.2. To exercise their rights, the User can send a request to the Operator at: info@kinderdev.tech, including in the request: full name, the email address linked to the account, and the substance of the request.

14.3. The Operator undertakes to consider the User's request within ten (10) business days from receipt and send a substantiated reply.

14.4. The User can delete their account (profile) in an Operator's product and all data in it through the product's account settings or by sending a request to the Operator.

14.5. Withdrawal of consent to the processing of personal data necessary for the performance of the contract (the user agreement of the relevant Operator product) may make further use of the Operator's products impossible.

15. Liability

15.1. If the Operator fails to perform its obligations, the Operator is liable for losses incurred by the User in connection with unlawful use of personal data, in accordance with Russian law, except for the cases set out in clause 15.2 of this Policy.

15.2. The Operator is not liable for the loss or disclosure of personal data if such personal data:

a) became publicly available (was published by the User or with their consent) before its loss or disclosure;

b) was received from third parties before being received by the Operator;

c) was disclosed with the User's consent;

d) was disclosed as a result of the User's own actions (including by the User sharing their account credentials with third parties).

16. Incident response

16.1. If unlawful actions with personal data are identified, the Operator promptly — but no later than three (3) business days from identification — fixes the violations.

16.2. If the violations cannot be fixed within that period, the relevant personal data is destroyed.

16.3. The Operator notifies the User in writing or electronically when the violations are fixed or the personal data is destroyed.

16.4. The Operator notifies the authorized body for the protection of the rights of personal data subjects (Roskomnadzor) about incidents involving leakage or unauthorized access to personal data within the timeframes and in the manner set by Russian law.

17. Processing of personal data of minors

17.1. The Website and the Operator's products are not intended for persons under 18 years of age. The Operator does not knowingly collect personal data of minors.

17.2. If the Operator becomes aware that personal data has been provided by a person under 18 without the consent of a legal representative, such data will be deleted as soon as possible.

18. Final provisions

18.1. This Policy is a publicly available document and is published on the Website at https://kinderdev.tech/privacy.

18.2. All questions and requests related to the processing of personal data may be sent to the Operator at: info@kinderdev.tech.

18.3. On all matters not regulated by this Policy, the Operator and the User are governed by the applicable law of the Russian Federation.

Personal data Operator: Vitaly Vitalievich Posadnev, Russian Tax ID (INN) 482305143464. Status: self-employed (payer of the professional income tax).

The current status and full details of the Operator are available at: https://kinderdev.tech/requisites

Date this revision was published: 29 April 2026

All policy revisions

Browse the change history and previous revisions of the Privacy policy.