1. Introduction
This Privacy Policy (“Policy”) describes how NYMF, operated by Dmitry Dubnitskiy as an individual entrepreneur (“Author”) and represented in the European Union by RomanSoft OÜ, an Estonian company responsible for marketing, payment processing, and ensuring compliance with EU regulations, collects, uses, and processes your personal data when you access our mobile applications, websites, or other services (“Platform”). The Platform includes, but is not limited to, the NYMF mobile app for iOS and Android, as well as our official websites: https://nymf.com and related subdomains.
By using the Platform, you acknowledge and agree to the practices described in this Policy. If you do not agree to this Policy, you must discontinue using the Platform.
This Policy applies to all personal data collected through your use of the Platform, whether collected directly from you, through automated means, or from third parties authorized to share your information with us.
2. Important Information and Who We Are
Purpose of this Privacy Policy
This Privacy Policy aims to provide you with information on how NYMF collects, processes, and protects your personal data. It explains the types of data we collect, how we use it, your rights concerning your data, and how you can contact us if you have any questions or concerns.
Controller
NYMF is operated by Dmitry Dubnitskiy as an individual entrepreneur and is represented within the European Union by RomanSoft OÜ, an Estonian company responsible for marketing, payment processing, and ensuring compliance with EU regulations.
– Full name of the legal entity: Dmitry Dubnitskiy, operating as an individual entrepreneur.
– EU Representative: RomanSoft OÜ
– Email Address: [email protected]
– Website: https://nymf.com
If you reside within the European Economic Area (EEA) or the United Kingdom (UK), you have the right to make a complaint at any time to your local data protection authority. We would, however, appreciate the chance to deal with your concerns before you approach your supervisory authority, so please contact us in the first instance.
Changes to the Privacy Policy and Your Duty to Inform Us of Changes
We keep our Privacy Policy under regular review. This version was last updated on 06 Apr 2025. You are encouraged to review this Policy periodically to stay informed of our practices. Continued use of the Platform following the posting of updates constitutes your acceptance of the changes.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
3. The Data We Collect About You
We collect various types of personal data through our mobile application and websites. The information we collect depends on how you interact with the Platform and the permissions you grant us.
Personal Data You Provide Directly
– Identity Data: Name, email address.
– Device Tokens: Device token, account token, push notification token.
– Support Tickets: Data you provide when contacting our support team or submitting a support ticket.
– Subscription Data: Information related to your subscriptions, including status, type, and duration.
– Payment Data: Payment details provided when making purchases through the website (such as transaction ID, payment method, but not full credit card details, which are handled by third-party payment processors).
Automatically Collected Data
– Device Information: Device ID, operating system, device type, model, language, and other related technical data.
– Analytics Data: Anonymous data collected through third-party analytics services (such as Firebase, Appsflyer, Crashlytics, Apple Analytics, Google Analytics).
– Cookies: Data collected via cookies and similar tracking technologies on our websites. This includes browsing data, preferences, and interaction history.
– Advertising Identifiers: Provided by your device if you have granted permission (e.g., Apple IDFA or Google Advertising ID).
– Push Notification Token: Used for sending personalized notifications and updates.
– IP Addresses: Collected for technical, security, and analytics purposes.
– Web Request Headers: Collected to ensure the proper functioning of the Platform.
– Favorites and Preferences: Information related to your saved favorites, personalized settings, and anonymized usage preferences.
– Content Viewing History: Anonymized data about content you have viewed or saved on the Platform.
Data Collected Through Third-Party Services
We use several analytics and tracking tools to improve our services, understand user interactions, and optimize our content. These include:
– Firebase: User engagement tracking, analytics, crash reporting. Privacy Policy: Firebase Privacy Policy.
– Appsflyer: Mobile attribution and marketing analytics. Privacy Policy: Appsflyer Privacy Policy.
– Crashlytics: Application performance monitoring and crash reporting. Privacy Policy: Crashlytics Privacy Policy.
– Apple Analytics: App performance and user engagement analytics. Privacy Policy: Apple Privacy Policy.
– Google Analytics: Website analytics for visitor interaction analysis. Privacy Policy: Google Privacy Policy.
Data We Do Not Collect
– Passwords: We do not collect or store your passwords. Authentication and login are handled through secure third-party systems.
– Search History: We do not store explicit search histories linked to individual users. Data is anonymized for analytics purposes only.
Purpose of Data Collection
We collect your personal data to:
– Provide and improve our services.
– Process payments and manage subscriptions.
– Monitor and analyze usage to improve user experience.
– Ensure the security of the Platform.
– Comply with legal requirements and protect our legal rights.
4. How We Use Your Personal Data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
– Where it is necessary to perform the contract we are about to enter into or have entered into with you (such as providing access to the NYMF Platform, managing your subscriptions, and delivering purchased content).
– Where you have provided your consent for us to use your personal data for specific purposes (such as marketing communications, providing personalized recommendations, or collecting certain analytics data).
– Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
– Where we need to comply with a legal obligation (such as data retention requirements, responding to lawful requests by public authorities, and fulfilling regulatory obligations).
Purposes for Which We Will Use Your Personal Data
We have set out below a description of all the ways we plan to use your personal data, and the legal bases we rely on to do so. Where appropriate, we have also identified what our legitimate interests are.
| Purpose/Activity | Type of Data | Lawful Basis for Processing |
|---|---|---|
| To register you as a new user | Identity, Device Tokens | Performance of a contract with you |
| To provide and manage our services and Platform | Identity, Device Tokens, Analytics Data, IP Addresses, Web Request Headers, Payment Data | Performance of a contract with you; Legitimate interest (improvement and maintenance of Platform functionality) |
| To process your purchases, subscriptions, and transactions | Payment Data, Subscription Data | Performance of a contract with you |
| To provide customer support and resolve issues | Identity, Support Tickets, Device Information | Performance of a contract with you; Legitimate interest (user satisfaction) |
| To personalize your user experience | Favorites, Preferences, Push Tokens, Device Information, Analytics Data | Legitimate interest (enhancing user experience) |
| To provide targeted advertising and promotions | Advertising Identifiers, Analytics Data | Legitimate interest (marketing and revenue generation) |
| To collect feedback and conduct research | Identity, Support Tickets, Preferences | Legitimate interest (improving our Platform) |
| To improve our Platform, products, services, and marketing strategies | Analytics Data, Device Information | Legitimate interest (enhancement of Platform) |
| To comply with legal and regulatory obligations | All applicable data categories | Compliance with a legal obligation |
| To detect, prevent, and respond to fraud, abuse, or security issues | All applicable data categories | Legitimate interest (protecting the Platform and its users) |
5. Disclosures of Your Personal Data
We do not sell or trade your personal data. However, we may share your personal data with third parties for the purposes described in this Policy.
Sharing with Service Providers
We use the following trusted third-party service providers to process your personal data on our behalf:
– Firebase (Google LLC): Analytics, crash reporting, authentication services.
– Privacy Policy: Firebase Privacy Policy
– Appsflyer: Mobile attribution and marketing analytics.
– Privacy Policy: Appsflyer Privacy Policy
– Crashlytics (Google LLC): Application performance monitoring and crash reporting.
– Privacy Policy: Crashlytics Privacy Policy
– Apple Analytics: App performance and user engagement analytics.
– Privacy Policy: Apple Privacy Policy
– Google Analytics: Website analytics for visitor interaction analysis.
– Privacy Policy: Google Privacy Policy
– RomanSoft OÜ: Responsible for marketing, payment processing, and ensuring compliance with EU regulations.
Sharing for Legal Reasons
We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (such as court orders or subpoenas). This includes sharing data to:
• Comply with applicable laws, regulations, and legal processes.
• Enforce our terms of service and other agreements, including investigation of potential violations.
• Protect the rights, property, or safety of NYMF, its users, or others.
Third-Party Links
Our Platform may contain links to third-party websites, plugins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Platform, we encourage you to read the privacy policy of every website you visit.
6. International Transfers
Your personal data may be transferred to, and processed in, countries other than the country in which you are resident. This may include transferring your data to third parties that operate in countries outside the European Economic Area (EEA), the United States, or other jurisdictions with differing data protection standards.
Data Transfers Outside of the EEA
If you are located within the EEA, your personal data may be transferred to third-party service providers in countries outside the EEA. Where we transfer your personal data to a third party in a country that is not subject to an adequacy decision by the European Commission, we implement appropriate safeguards to ensure your personal data remains protected in accordance with this Privacy Policy.
These safeguards may include:
– Standard Contractual Clauses (SCCs): Ensuring that the third party is bound by contractual obligations to protect your data to the same standard as required within the EEA.
– Data Processing Agreements: Ensuring third parties handle your data in compliance with applicable data protection laws.
Data Storage
We store your personal data on secure servers located in the European Union and other jurisdictions, depending on the service provider.
7. Data Security
We are committed to ensuring the security of your personal data. We use appropriate technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction.
Security Measures Implemented
– Encryption: We use encryption technologies (such as SSL/TLS) to protect your data during transmission between your device and our servers.
– Access Control: Only authorized employees, contractors, and agents who need to know personal data to operate, develop, or improve our services are given access to your data.
– Data Minimization: We limit the collection of personal data to what is necessary for the purposes described in this Privacy Policy.
– Regular Security Assessments: We conduct periodic security reviews and tests to ensure our infrastructure and systems are secure and functioning correctly.
– Anonymization & Pseudonymization: Where possible, we anonymize or pseudonymize personal data to reduce the risk to your privacy.
– Backup & Recovery: We maintain data backups and disaster recovery plans to protect against data loss.
Despite our efforts to maintain a high level of security, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we strive to protect your data as effectively as possible.
8. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Retention Periods
| Type of Data | Retention Period |
|---|---|
| Account Information (Name, Email, Device Tokens) | As long as your account remains active or until deletion is requested by the user. |
| Advertising Identifiers, Analytics Data | Retained indefinitely for analysis unless you request deletion. |
| Support Tickets | Retained for up to 3 years to ensure continuity of service and for auditing purposes. |
| Subscription and Payment Data | Retained for the duration of the subscription period and up to 7 years thereafter to comply with tax and legal obligations. |
| IP Addresses and Web Request Headers | Retained for up to 1 year for security and troubleshooting purposes. |
| Cookies | Retention period varies based on the type of cookie (session or persistent). Persistent cookies are typically retained for up to 2 years unless deleted by the user. |
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
If you choose to delete your account, we will delete or anonymize your personal data unless we are required by law to retain certain information or have a legitimate business interest to do so (such as resolving disputes or enforcing our agreements).
9. Accessing and Correcting Your Personal Data
We are committed to providing you with control over your personal data. You have the right to access, update, and delete your personal data at any time.
Your Rights
Depending on your jurisdiction, you may have the following rights:
1. Right of Access: You can request a copy of your personal data that we hold.
2. Right to Rectification: You can request correction of any inaccurate or incomplete personal data.
3. Right to Erasure: You can request the deletion of your personal data, subject to certain exceptions (e.g., ongoing legitimate business needs or legal requirements).
4. Right to Restrict Processing: You can request that we suspend the processing of your personal data in certain scenarios.
5. Right to Data Portability: You can request the transfer of your personal data to you or a third party in a structured, commonly used, and machine-readable format.
6. Right to Object: You can object to the processing of your personal data for specific purposes, such as direct marketing.
7. Right to Withdraw Consent: Where we rely on your consent to process your data, you can withdraw it at any time.
How to Exercise Your Rights
You can exercise your rights by contacting us at:
Email: [email protected]
We will respond to your request within one month of receiving it. In some cases, it may take us longer if your request is particularly complex or if you have made multiple requests. In such a case, we will notify you and keep you updated on the progress.
Identity Verification
To protect your privacy and ensure security, we may need to request specific information from you to confirm your identity before we process your request. This is a security measure to ensure that personal data is not disclosed to any unauthorized person.
10. Withdrawing Your Consent
If you have provided your consent for the processing of your personal data, you have the right to withdraw your consent at any time. However, please note that withdrawing your consent will not affect the legality of any processing conducted prior to your withdrawal.
How to Withdraw Your Consent
You can withdraw your consent by contacting us at:
Email: [email protected]
Upon receipt of your request, we will stop processing your personal data for the specific purpose(s) you initially agreed to, unless we have another legal basis for continuing the processing (such as legal obligations or legitimate business interests).
Please note that withdrawing your consent may result in limited functionality of certain features of the NYMF platform or may prevent you from accessing specific services altogether.
11. Your California Privacy Rights
Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their personal data. If you are a California resident, you have the following rights:
Your Rights Under CCPA
1. Right to Know: You have the right to request that we disclose the following information collected over the past 12 months:
– The categories of personal data we have collected about you.
– The categories of sources from which your personal data was collected.
– The business or commercial purpose for collecting or selling your personal data.
– The categories of third parties with whom we share your personal data.
– The specific pieces of personal data we have collected about you.
2. Right to Delete: You have the right to request the deletion of your personal data that we have collected from you, subject to certain exceptions.
3. Right to Opt-Out: We do not sell your personal data. However, if we ever decide to sell personal data, you will have the right to opt-out of such sales.
4. Right to Non-Discrimination: You have the right to not be discriminated against for exercising your privacy rights under CCPA.
Submitting Requests
To exercise your rights, please contact us via:
Email: [email protected]
We will respond to your request within 45 days of receiving it. If we require more time (up to 90 days), we will inform you of the reason and the extension period in writing.
12. Your EEA/UK Legal Rights
If you are located in the European Economic Area (EEA) or the United Kingdom (UK), you have rights under the General Data Protection Regulation (GDPR) and the UK GDPR. These rights include:
Your Rights Under GDPR
1. Right to Access: You can request a copy of your personal data that we hold and verify how we are using it.
2. Right to Rectification: You can request that we correct any inaccuracies or complete any incomplete data.
3. Right to Erasure (Right to be Forgotten): You can request that we delete your personal data, subject to certain legal obligations.
4. Right to Restrict Processing: You can request that we limit the processing of your personal data in specific circumstances.
5. Right to Data Portability: You can request the transfer of your personal data to you or another organization in a structured, commonly used, and machine-readable format.
6. Right to Object: You can object to the processing of your personal data if you believe your rights outweigh our legitimate interests.
7. Right to Withdraw Consent: If we rely on your consent to process your data, you can withdraw it at any time.
8. Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in your country of residence or where an alleged infringement of data protection laws occurred.
Submitting Requests
You can exercise your GDPR rights by contacting us at:
Email: [email protected]
We will respond to your request within one month of receiving it. If your request is particularly complex or if you have made multiple requests, we may need more time (up to two additional months). We will notify you if this is the case and provide a reason for the delay.
13. Your Brazilian Privacy Rights
Under the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados – LGPD), users in Brazil have the following rights:
1. Right to Access: You have the right to confirm the existence of data processing and access your personal data.
2. Right to Rectification: You can request the correction of incomplete, inaccurate, or outdated data.
3. Right to Anonymization, Blocking, or Deletion: You can request anonymization, blocking, or deletion of unnecessary or excessive data.
4. Right to Data Portability: You can request the transfer of your personal data to another service provider.
5. Right to Information: You have the right to know which entities your personal data has been shared with.
6. Right to Revoke Consent: You can withdraw your consent at any time for the processing of your personal data.
7. Right to Complain: You have the right to submit a complaint to the National Data Protection Authority (ANPD) if you believe your data rights have been violated.
Submitting Requests
To exercise your LGPD rights, please contact us at:
Email: [email protected]
We will respond to your request within 15 days of receiving it.
14. Your Turkish Privacy Rights
Under the Personal Data Protection Act No. 6698 (DPL) of Turkey, data subjects located in Turkey have the following rights:
Your Rights Under DPL
1. Right to Be Informed: You have the right to be informed about how your personal data is processed.
2. Right to Access: You can request information about whether your personal data has been processed and obtain a copy of your personal data.
3. Right to Rectification: You can request the correction of inaccurate or incomplete personal data.
4. Right to Erasure: You can request the deletion or destruction of your personal data under certain conditions.
5. Right to Restriction: You can request that we restrict the processing of your personal data in certain situations.
6. Right to Data Portability: You can request the transfer of your personal data to another data controller.
7. Right to Object: You can object to the processing of your personal data, particularly if processed for direct marketing purposes or based on legitimate interests.
8. Right to Complain: You have the right to lodge a complaint with the Personal Data Protection Authority (KVKK) if you believe your data rights have been violated.
Submitting Requests
You can exercise your DPL rights by contacting us at:
Email: [email protected]
We will respond to your request within 30 days of receiving it. If we require more time, we will inform you of the reason for the delay.
15. Your Canadian Privacy Rights
Under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), users in Canada have the following rights:
Your Rights Under PIPEDA
1. Right to Access: You can request to access the personal data we hold about you.
2. Right to Correction: You can request that we correct any inaccuracies or update your personal data.
3. Right to Withdraw Consent: You can withdraw your consent for the processing of your personal data at any time.
4. Right to File a Complaint: You have the right to file a complaint with the Office of the Privacy Commissioner of Canada (OPC) if you believe your data rights have been violated.
5. Right to Know: You have the right to know how your personal data is collected, used, or disclosed.
Submitting Requests
You can exercise your PIPEDA rights by contacting us at:
Email: [email protected]
We will respond to your request within 30 days of receiving it. If we need more time, we will inform you and provide an explanation for the delay.
16. Other Jurisdictions
If you are located in a jurisdiction not explicitly mentioned above, you may still have rights under applicable local privacy laws. We will endeavor to comply with those rights in accordance with the relevant laws and regulations.
Submitting Requests
Please contact us via:
Email: [email protected]
We will respond to your request as required by applicable law.
17. Data Security
We take the security of your personal data seriously and have implemented appropriate technical and organizational measures to protect your data from unauthorized access, disclosure, alteration, or destruction. However, no method of data transmission over the Internet or method of electronic storage is completely secure. Therefore, while we strive to protect your personal data, we cannot guarantee its absolute security.
Security Measures Implemented
1. Encryption: All data transmitted through our services is encrypted using SSL/TLS protocols to prevent unauthorized access during data transfer.
2. Access Control: Access to your personal data is limited to authorized employees, contractors, and third-party service providers who need access to perform specific tasks related to the operation and improvement of our services.
3. Data Anonymization: Where applicable, we anonymize or pseudonymize personal data to enhance security and privacy.
4. Data Minimization: We collect and process only the necessary amount of data required for the intended purposes.
5. Monitoring and Logging: We implement security monitoring and logging to detect, prevent, and respond to potential security incidents.
6. Regular Security Audits: We conduct regular security assessments and audits to ensure our systems and processes comply with industry standards and regulatory requirements.
Data Breach Notification
In the event of a data breach that may compromise your personal data, we will notify you and the appropriate regulatory authorities in accordance with applicable legal requirements. Notifications will be made promptly and will include relevant details about the breach, potential impact, and measures taken to mitigate harm.
18. Data Retention
We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, including for the purpose of complying with legal, regulatory, tax, accounting, or reporting requirements.
Retention Periods
– User Account Information: Retained as long as your account remains active. If your account is deleted, we will retain your personal data for a period of up to 5 years to comply with legal obligations and for legitimate business purposes.
– Analytical Data: Retained for up to 2 years for improving our services and understanding user preferences. Aggregated data that does not identify a specific individual may be retained indefinitely.
– Support Tickets: Retained for 5 years to assist with customer inquiries and maintain accurate records of user interactions.
– Payment Data: Retained for 7 years in accordance with applicable financial and tax laws.
– Push Tokens & Device Tokens: Retained only as long as necessary to deliver notifications and ensure service functionality.
– Cookies and Web Data: Retained in accordance with our Cookie Policy.
If you request the deletion of your personal data, we will take reasonable steps to delete or anonymize that data, unless we are required by law to retain it or have a legitimate reason to retain it for record-keeping or other lawful purposes.
19. International Data Transfers
Your personal data may be stored and processed in countries outside your jurisdiction, including countries that may have data protection laws that differ from those in your country. By using our services, you acknowledge and agree to the transfer of your personal data to these countries.
Transfers Outside the EEA/UK
When transferring personal data outside of the European Economic Area (EEA) or the United Kingdom (UK), we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses (SCCs): Approved by the European Commission and UK Information Commissioner’s Office (ICO) for ensuring adequate protection of personal data.
– Data Processing Agreements (DPAs): Ensuring third-party service providers comply with applicable data protection regulations.
– Adequacy Decisions: Transferring data to countries deemed to have adequate levels of protection by the European Commission or other regulatory authorities.
If you have any questions about the international transfer of your personal data or wish to obtain a copy of the safeguards applied, please contact us at [email protected].
20. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect information about your activity on our website and mobile applications. Cookies are small text files that are placed on your device to collect information about your interactions with our services.
Types of Cookies We Use
1. Essential Cookies: Necessary for the operation of our website and services. These cookies do not collect personal data and cannot be disabled.
2. Analytical Cookies: Used to collect information about how you use our services, allowing us to improve user experience and optimize our platform. These include tools such as:
– Google Analytics (Privacy Policy: https://policies.google.com/privacy)
– Firebase Analytics (Privacy Policy: https://firebase.google.com/support/privacy)
– Appsflyer (Privacy Policy: https://www.appsflyer.com/legal/privacy-policy/)
3. Advertising Cookies: Used to display relevant advertisements based on your interests. These cookies are only placed if you provide explicit consent.
4. Functional Cookies: Remember your preferences and enhance your user experience on our website and applications.
Managing Cookies
You can control or disable cookies through your browser settings. However, disabling essential cookies may affect the functionality of our services. For more information on managing cookies, please refer to our Cookie Policy.
21. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will:
– Post the updated Privacy Policy on our website.
– Update the “Effective Date” at the top of this Privacy Policy.
– Notify you of any significant changes via email or through our services.
Your continued use of our services after any changes to this Privacy Policy indicates your acceptance of the updated terms.
22. International Transfers
The NYMF platform is accessible globally. As part of providing our services, your personal data may be transferred, stored, and processed outside of your country of residence, including in countries that may have different or less stringent data protection laws than those of your home country.
We primarily process your personal data within the European Union (EU) and Ukraine. However, the third-party services we use for analytics, payment processing, customer support, and advertising may involve transferring your personal data to countries outside the European Economic Area (EEA).
We utilize the following third-party services that may involve international transfers:
– Firebase (Google LLC) — Used for analytics, cloud messaging, and database management. Data may be processed in the United States and other countries where Google maintains data processing infrastructure. Privacy Policy: https://policies.google.com/privacy
– AppsFlyer (AppsFlyer Ltd.) — Used for user acquisition analytics, attribution tracking, and marketing analytics. Data may be processed globally. Privacy Policy: https://www.appsflyer.com/legal/privacy-policy/
– Crashlytics (Google LLC) — Used for crash reporting and diagnostics to improve the app’s performance. Data may be processed in the United States. Privacy Policy: https://firebase.google.com/support/privacy
– Google Analytics (Google LLC) — Used for website analytics. Data may be processed in the United States and other countries where Google maintains infrastructure. Privacy Policy: https://policies.google.com/privacy
– Apple (Apple Inc.) — Data related to payments made through the Apple App Store is processed by Apple and may be stored in the United States or other jurisdictions. Privacy Policy: https://www.apple.com/legal/privacy/
We take steps to ensure that your data is protected wherever it is processed. When we transfer your personal data outside of the EEA or Ukraine, we ensure a similar degree of protection by implementing the following safeguards:
– Using Standard Contractual Clauses (SCCs) approved by the European Commission which provide appropriate safeguards for personal data transferred outside the EEA.
– Ensuring that data processors and third-party service providers are compliant with GDPR requirements and provide adequate levels of data protection.
– Implementing additional safeguards such as data encryption, anonymization, or pseudonymization where applicable.
By using the NYMF platform, you acknowledge and agree that your personal data may be transferred to and processed in countries outside of your residence, including the United States, Ukraine, and other countries where our service providers operate.
If you wish to learn more about our international data transfer practices or require details about the specific safeguards we use, you can contact us at [email protected].
23. Glossary
– Personal Data: Any information relating to an identified or identifiable natural person (the “data subject”). This may include names, email addresses, IP addresses, device information, preferences, and other information that can directly or indirectly identify you.
– Processing: Any operation or set of operations performed on personal data, including collection, recording, storage, modification, use, disclosure, and deletion.
– GDPR: General Data Protection Regulation (EU) 2016/679, a comprehensive data protection law governing the processing of personal data of individuals within the European Economic Area (EEA).
– Data Controller: The entity that determines the purposes and means of processing personal data. For the purposes of this policy, the data controller is Dmitry Dubnitskiy, the owner of NYMF.
– Data Processor: An entity that processes personal data on behalf of the Data Controller. This includes third-party service providers such as Google, Apple, Firebase, AppsFlyer, and others.
– Standard Contractual Clauses (SCCs): Legal contracts developed by the European Commission to ensure that personal data transferred outside of the EEA is protected to the same standard as required by GDPR.
– Consent: A freely given, specific, informed, and unambiguous indication of the data subject’s agreement to the processing of their personal data.
– Cookies: Small files that are stored on your device to collect information about your usage of the website or app, often used for analytics, personalization, and improving user experience.
24. Deletion of Account and User Information
NYMF Users can always delete their accounts at any time. To initiate account deletion, Users must follow the procedures described on the Account Deletion page: https://nymf.com/info/account-deletion.
Upon deletion, the following conditions apply:
– User Data Removal: All personal data associated with the account will be deleted unless retention is required by law, legitimate business purposes, or contractual obligations. This includes email addresses, device tokens, account tokens, advertising identifiers, support tickets, subscriptions, preferences, and analytics data.
– Irreversibility: Account deletion is irreversible. Once completed, the User will lose access to all purchased content, subscriptions, and other benefits associated with their account.
– No Refunds: Refunds are not provided upon account deletion unless explicitly stated otherwise in the Refund/Return Policy.
– Cookies and Analytical Data: While account-specific data will be deleted, certain anonymous analytics and aggregated data may be retained for statistical purposes.
– Backup Data: Due to our backup systems, deleted data may persist in backup storage for a limited period but will not be accessible or used by NYMF.
By proceeding with account deletion, the User acknowledges and accepts these terms.
25. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://nymf.com
We will respond to your inquiries within 5 business days, although response times may occasionally be longer due to high inquiry volumes or other unforeseen circumstances. Urgent issues related to privacy or data security will be prioritized whenever possible.