Personal Data Processing
Terms and consent for the processing of personal data on rbesolov.com under the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679).
REVISION OF 17 JUNE 2026Data controller
The controller of personal data is a private individual — Renat Besolov, owner of the website rbesolov.com (the «Website», the «Controller»). The Controller alone determines the purposes and means of processing personal data.
For data-related matters, contact us via the «Contacts» page. This document supplements the Privacy Policy and specifically governs the processing of data you submit through the Website's forms.
What this document covers
This document describes the processing of personal data you voluntarily provide when using the Website: when submitting the contact form, the review form, when subscribing to messages, and data collected automatically when you visit the Website (technical data).
By completing a form and ticking the relevant consent box, you confirm that you have read these terms and consent to the processing of your personal data for the purposes set out below.
What data is processed
Depending on the form you use, the following categories of data may be processed:
- identification and contact data: full name, phone number, email address;
- content of your request: the text of your message or review, and any files or images you attach;
- technical data: IP address, date and time of the request, browser and device information, collected automatically for security and spam prevention.
The Controller does not request special categories of data (health, political views, religion, etc.) within the meaning of Article 9 GDPR. Please do not include such information in free-text fields.
Purposes of processing
Personal data is processed to: handle your request and reply to you; publish a review (if you submitted one and consented to it); send you informational and marketing messages (only with separate consent); ensure the Website's security and prevent abuse and spam; and comply with applicable law.
Legal bases for processing
Processing is carried out on the following legal bases under Article 6(1) GDPR:
- consent — Art. 6(1)(a): to publish a review and for marketing messages;
- performance of a contract or pre-contractual steps — Art. 6(1)(b): to respond to a request you initiate;
- legitimate interests — Art. 6(1)(f): to keep the Website secure, prevent spam and conduct correspondence;
- legal obligation — Art. 6(1)(c): where retention is required by law.
Consent and its withdrawal
Where processing is based on your consent (Art. 6(1)(a), Art. 7 GDPR), you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
To withdraw consent, delete your data or restrict its processing, send a request via the «Contacts» page. Consent is voluntary; declining it may mean your request cannot be handled or a review cannot be published.
Recipients and transfers outside the EEA
The Controller has access to the data. To operate the Website, service providers (processors under Article 28 GDPR) are engaged: the hosting provider, an email-delivery service and similar technical services, acting on the Controller's instructions under data-processing agreements.
Some processors may be located outside the European Economic Area (e.g., the hosting provider). In such cases, transfers are made with appropriate safeguards under Chapter V GDPR (Articles 44–49), in particular Standard Contractual Clauses approved by the European Commission. The Controller does not sell personal data to third parties.
Retention period
Data is kept no longer than necessary for the purposes of processing: requests and correspondence — for the time reasonably needed to handle them and for follow-up; published reviews — while the review is displayed or until consent is withdrawn; marketing contacts — until consent is withdrawn. After that, data is deleted or anonymised unless retention is required by law (e.g., limitation periods).
Your data-subject rights
Under Articles 15–22 GDPR you have the right to: access your data; rectify inaccurate data; erasure («right to be forgotten»); restrict processing; data portability; object to processing based on legitimate interests or carried out for direct marketing; and withdraw previously given consent.
To exercise these rights, contact us via the «Contacts» page. You also have the right to lodge a complaint with the competent data-protection supervisory authority in your EU/EEA country of residence (Article 77 GDPR).
Automated decisions and security
The Controller does not take decisions producing legal effects concerning you based solely on automated processing and does not carry out profiling within the meaning of Article 22 GDPR.
The Controller applies reasonable technical and organisational measures to protect data (Article 32 GDPR), including encrypted connections (SSL/TLS) and access restrictions. The Website is not intended for persons under 16; data of such persons is not knowingly collected (Article 8 GDPR).
Changes to this document
The Controller may update this document. The current version is always published on this page with its date. Material changes affecting consent-based processing take effect after new consent is obtained, where required.
This document is informational, does not constitute legal advice and creates no contractual obligations. Where it conflicts with mandatory provisions of applicable law, those provisions prevail.