PRIVACY POLICY

 

1. General provisions

This Privacy Policy (hereinafter the “Policy”) is issued by Eco-Vector LLC (OGRN 1099847039907; INN/KPP 7806423692/784101001), having its registered office at: 3 Aptekarskiy Per., Litera A, Office 1H, Saint Petersburg, 191181; registered in the Register of Personal Data Operators under No. 78-19-006480 (hereinafter the “Operator”). This Policy is intended to inform individuals regarding the Operator’s practices concerning the processing of personal data of the users of the Operator’s websites (hereinafter the “User,” or collectively, the “Data Subjects”).

This Policy has been developed and published by the Operator in accordance with Paragraph 2, Part 1, Article 18.1 of Federal Law No. 152-FZ On Personal Data, dated July 27, 2006, as amended by Federal Laws No. 233-FZ dated August 8, 2024; No. 519-FZ dated December 28, 2024; No. 121-FZ dated May 23, 2025; and No. 156-FZ dated June 24, 2025, effective as of September 1, 2025 (hereinafter the “Personal Data Law”).

This Policy has been developed to implement the requirements of legislation governing the processing and protection of personal data, and is intended to ensure the protection of the rights and freedoms of individuals in connection with the processing of their personal data, including the right to privacy and the protection of personal and family secrets.

This Policy contains information required to be disclosed pursuant to Part 1 of Article 14 of the Personal Data Law, constitutes a publicly available document, and is available at: https://journals.eco-vector.com/index/legal/privacyPolicy.

To maintain the accuracy and currency of documents governing the Operator’s policy regarding the processing of personal data, the Operator reserves the right to amend this Policy at any time by publishing the corresponding revisions. This Policy may not be amended except by publishing the revised document on the Website.

For the purposes of this document, the following terms and definitions shall have the following meanings:

User shall mean any visitor to the Website.

Personal Data shall mean:

  • Any personal information that the User provides voluntarily when creating an account or registering on the Website;
  • Any data that is automatically transmitted to the Website’s services during their use through software installed on the User’s device, including but not limited to: IP address, cookie data, information regarding the User’s browser (or other software used to access the Website), technical specifications of the hardware and software used by the User, the date and time of access to the Website, and the URLs of the requested pages.

User Registration shall mean the process by which a Data Subject submits the information requested by the Website and is subsequently issued a username (login) and password to access their personal account.

User Account shall mean the password-protected section of the Website where the User’s personal information is stored. Through the User Account, the User may manage profile settings, track the status of their manuscript, save preferences, receive recommendations and important notifications. Access to the User Account is secured by a password.

Processing of Personal Data (hereinafter the “Processing”) shall mean any operation or set of operations performed upon Personal Data, whether by automated means or otherwise, including but not limited to: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available (sharing), alignment or combination, restriction, erasure, or destruction of Personal Data.

Data Controller (or Operator) shall mean the legal entity which, alone or jointly with others, determines the purposes and means of the Processing, and which organizes and/or performs the Processing, including determining the scope of Personal Data to be processed and the operations to be performed upon such data.

Personal Data Information System (hereinafter “PDIS”) shall mean the set of Personal Data contained in databases, as well as the information technologies and technical means used to process such data.

Confidentiality of Personal Data shall mean the obligation of the Data Controller and any other persons who have gained access to Personal Data to maintain the confidentiality of such data and not to disclose or disseminate them to third parties without the consent of the Data Subject, unless otherwise provided by applicable law.

Depersonalization shall mean actions resulting in the inability to attribute Personal Data to a specific Data Subject without the use of additional information.

Disclosure of Personal Data shall mean actions aimed at disclosing Personal Data to a specific person or a specific group of persons.

Dissemination of Personal Data shall mean actions aimed at disclosing Personal Data to an indefinite circle of persons.

Destruction of Personal Data shall mean actions resulting in the impossibility to restore the content of Personal Data in the PDIS and/or resulting in the destruction of the physical media containing Personal Data.

Cross-border Transfer of Personal Data shall mean the transfer of Personal Data to a foreign legal entity (or a foreign individual) located in the jurisdiction of a foreign state.

 

Preamble

Before using this Website, the User is obliged to read and acknowledge this Privacy Policy. By accessing or using this Website at any time, the User acknowledges and agrees to be bound by the version of the Privacy Policy in effect at the time of each such visit.

The User’s access to and use of this Website constitutes the User’s unconditional consent to this Privacy Policy and the terms of Processing contained herein. If the User does not agree with this Privacy Policy, the User must immediately exit and cease using this Website. By continuing to use the Website, the User assumes all potential risks associated with the Processing.

Registration of a User on the Website shall also constitute the User’s unconditional consent to this Privacy Policy and the terms of the Processing provided herein. If the User does not agree with this Privacy Policy, the User must delete their profile and immediately cease using the Website.

This Policy applies solely to the Website. The Operator does not control and is not responsible for the websites of third parties to which the User may navigate via links available on the Website.

This Policy applies to all information that the Operator collects or may collect about Users of the Website.

 

PURPOSES OF PERSONAL DATA PROCESSING

The Operator processes Users’ information for the purpose of fulfilling the Operator’s obligations under copyright agreements, civil law contracts, as well as for purposes related to the use of the Website and its services.

General Purposes of Personal Data Processing

  1. User Identification: To identify the User for the purpose of granting access to the Website and its services.
  2. Support of Creative Activity: To enable the User’s scientific, literary, or other creative activities.
  3. Communication and Feedback: To establish communication with the User, including sending notifications and responding to requests, inquiries, and applications regarding the use of the Website or the User Account.
  4. Information Updates: To notify the User about new information posted on the Website or within the User Account, provided that the User has granted consent to receive such notifications.
  5. Technical Support: To provide the User with technical assistance in the event of issues related to the use of the Website.
  6. Analytical Research: To conduct analytical research and statistical analysis.
  7. Compliance with Legal Obligations: To fulfill any other purposes established by the legislation of the Russian Federation.

Personal Data Information Systems

  1. For the purpose of performing the legitimate activities of a mass media outlet, the Website Administration processes the Personal Data of Users registered on the Operator’s portal for scientific journals. The processed Personal Data includes the User’s full name (surname, first name, and patronymic), email address, phone number, educational background, user identifiers stored in cookies, ORCID ID, SPIN-code, Scopus Author ID, ResearcherID, Mendeley profile, Publons profile, as well as information regarding the User’s employer, academic title, and professional position. The Processing is performed based on the informed and voluntary consent of the Data Subject.
  2. For the purpose of promoting goods, works, and services, the Website Administration processes the Personal Data of Users registered in the Operator’s online store or those who have submitted a request via the feedback form. The processed Personal Data includes the User’s full name (surname, first name, and patronymic) and email address. The processing of such Personal Data is performed based on the informed and voluntary consent of the Data Subject.
  3. For the purpose of performing educational activities, the Website Administration processes and transfers the Personal Data of Users to the Eco-Vector Academy (registry entry No. 78-22-052978). The processed Personal Data includes full name (surname, first name, and patronymic), date of birth (year, month, and day), address, educational background, profession, email address, mobile phone number, organizational phone number, gender, field of activity, VK ID, job title, place of work or study, and the website of the organization.

 

INFORMATION ON THE ORGANIZATION OF PERSONAL DATA PROCESSING AND SECURITY MEASURES

Employees of the Operator and invited experts who have been granted access to Personal Data are strictly prohibited from disclosing or disseminating such data to third parties without the consent of the Data Subject, unless otherwise provided by federal law.

To protect Personal Data from unauthorized actions, including but not limited to unlawful or accidental access, destruction, alteration, blocking, copying, provision, or dissemination, the Operator implements a comprehensive set of legal, organizational, and technical security measures forming the Operator’s Personal Data protection system.

The application of these security measures ensures an appropriate level of Personal Data protection during their processing within the Operator’s information system.

 

PROCEDURE FOR PERSONAL DATA PROCESSING

The processing of Data Subjects’ Personal Data is performed within the PDIS designated by the Operator’s Order approving the list of PDISs.

The classification of the Operator’s PDISs is performed in accordance with the procedure established by the legislation of the Russian Federation.

Employees of the Operator and engaged experts authorized to process Personal Data within the PDIS are required to sign a Non-Disclosure Agreement Regarding Personal Data, in the form approved by the Operator. Such employees and engaged experts shall be assigned a unique login and password for access to the respective PDIS. Access to specific application subsystems is granted strictly in accordance with the roles and functions defined by the employee’s job description.

The security of Personal Data processed within the PDISs is ensured by preventing unauthorized, including accidental, access to Personal Data, as well as by implementing comprehensive security measures.

 

RETENTION AND STORAGE PERIODS FOR PERSONAL DATA

The Operator processes Personal Data until the purposes of such processing are achieved, unless otherwise provided for by the legislation of the Russian Federation.

Personal Data shall be stored in a form that allows for the identification of a Data Subject for no longer than is required by the purposes of the Processing, unless a specific storage period is established by federal law or by an agreement to which the Data Subject is a party, beneficiary, or guarantor. Upon fulfilment of the processing purposes or in the event that the need to achieve such purposes ceases to exist, the processed Personal Data shall be destroyed or anonymized, unless otherwise provided for by the Personal Data Law.

 

RIGHTS OF DATA SUBJECTS

The Data Subject has the right to:

  1. Access their Personal Data and information regarding its Processing.
  2. Request the correction, blocking, or destruction of their Personal Data if the data is incomplete, outdated, inaccurate, obtained unlawfully, or is not necessary for the stated purposes of Processing.
  3. Withdraw their consent to the Processing at any time.
  4. Protect their rights and legitimate interests, including claiming damages and compensation for moral harm in court.
  5. Appeal against the actions or omissions of the Operator to the authorized body for the protection of the rights of Data Subjects (the supervisory authority) or in court.

To exercise their rights and legitimate interests, Data Subjects may contact the Operator in person or through an authorized representative. Such requests must contain the information specified in Part 3 of Article 14 of the Personal Data Law, No. 152-FZ.

 

USE OF INTERNET ANALYTICS SERVICES

The Website utilizes the Yandex.Metrica web analytics service provided by Yandex LLC (registered address: 16 L. Tolstogo St., Moscow, 119021, Russian Federation). The Yandex.Metrica service is used to collect information regarding the use of the Website, such as the frequency of visits, pages visited, and the websites from which Users were redirected to the Website. Yandex.Metrica collects only the IP addresses assigned to Users on the date of their visit to the Website, and does not collect names or other personally identifiable information.

Yandex.Metrica places a persistent cookie file in the User’s web browser to identify them as a unique user upon their next visit to the Website. This cookie file cannot be used by anyone other than Yandex LLC. The information collected through this cookie file will be transmitted to and stored by Yandex LLC on its servers.

The Operator uses the information obtained through Yandex.Metrica solely for the purpose of improving the Website’s performance and operations. The Operator does not combine the information obtained through Yandex.Metrica with any Personal Data.

The ability of Yandex LLC to use and share information collected by Yandex.Metrica regarding User visits to the Website is restricted by the Yandex Privacy Policy. Users may prevent Yandex.Metrica from recognizing them on subsequent visits to the Website by disabling cookies in their browser settings.

 

TERMS OF PERSONAL DATA PROCESSING AND DISCLOSURE TO THIRD PARTIES

The Operator maintains the confidentiality of the User’s personal information. This obligation does not extend to cases where the User voluntarily makes their information available to the public at large (e.g., public comments or posts).

The Operator may transfer the User’s personal information to third-party individuals or legal entities in the following cases:

  • Consent: The User has expressed consent to such actions;
  • Service Provision and Contractual Obligations: The transfer is necessary for the User to utilize a specific service, or is required for the execution of an agreement between the Operator and the User and/or third parties;
  • Legal Requirements: The transfer is mandated by the legislation of the Russian Federation within the framework of procedures established by law.

The Processing is performed using automation tools.

In the event of a loss or unauthorized disclosure of Personal Data, the Operator shall inform the User of such loss or disclosure.

The Operator implements necessary organizational and technical measures to protect the User’s personal information from unauthorized or accidental access, destruction, alteration, blocking, copying, distribution, and other unlawful actions by third parties.

The Operator and the User shall jointly take all necessary measures to prevent damages or other adverse consequences caused by the loss or disclosure of the User’s Personal Data.

Upon receipt of a notification from the User regarding the withdrawal of consent for Processing, the Operator shall cease the Processing within no more than 10 (ten) business days from the date of receipt of such notification.

Notice of Withdrawal of Consent for Personal Data Processing

The notification of withdrawal of consent for Processing must be sent to the Operator either:

  1. Via email to: [info@eco-vector.com] with the subject line: “Withdrawal of consent for personal data processing”;
  2. In writing to the following address: 3 Aptekarsky per., lit. A, office 1H, Saint Petersburg, 191181.

The Operator reserves the right to continue Processing after the withdrawal of consent in cases permitted by the applicable legislation of the Russian Federation.

The Operator reserves the right to disclose the User’s Personal Data to investigative and law enforcement authorities, as well as other authorized bodies, based on and in the manner prescribed by the applicable legislation of the Russian Federation.

 

LIMITATION OF LIABILITY

The Operator shall not be liable for the disclosure, dissemination, or unauthorized use of the User’s personal information by other Users of the Website, third parties, or other Internet users, provided that such parties gained access to said information as a result of the privacy settings, visibility levels, or sharing configurations selected and/or maintained by the User within the Website’s services.

The Operator shall not be responsible for the security or privacy of any information collected by third-party websites or services.

In the event of the loss or disclosure of confidential information, the Operator shall not be held liable if such information:

  • was already in the public domain prior to its loss or disclosure;
  • was obtained by the Operator from a third party prior to the time of its receipt from the User;
  • was disclosed with the User’s consent or by the User’s own actions.

 

DISPUTE RESOLUTION

Before filing a lawsuit regarding any disputes arising from the relationship between the User and the Operator, it is mandatory to submit a claim (a written proposal for the voluntary settlement of the dispute).

The recipient of the claim shall, within 30 (thirty) calendar days from the date of its receipt, notify the claimant in writing of the results of the claim review.

If an agreement is not reached, the dispute shall be referred to the competent court for resolution in accordance with the applicable legislation of the Russian Federation.

 

FINAL PROVISIONS

The User is required to comply with the terms of this Policy and the Website’s User Agreement.

In the event of any conflict or inconsistency between the terms of this Policy and the User Agreement regarding the Processing or other information, the terms of this Policy shall prevail.

The Operator reserves the right to amend and supplement this Policy at any time without prior notice to the User. The User undertakes to independently and regularly review the current version of the Policy.

This Policy is valid indefinitely until a new version is approved by the Operator.

The new version of the Policy enters into force from the moment it is posted on the Website, unless otherwise provided by the new version of the Policy.

All suggestions or questions regarding this Policy should be directed to: info@eco-vector.com.

This Policy shall be governed by and construed in accordance with the legislation of the Russian Federation. Any matters not regulated by this Policy shall be resolved in accordance with the legislation of the Russian Federation.

 

This Policy is effective as of June 2, 2026.