Privacy Policy

Give a Ring — Mobile VoIP Calling Application

Effective: May 12, 2026 iOS (App Store)

1 Data Controllers

This Privacy Policy is issued jointly by LLC "Information Systems" ("Principal" / "Data Controller") and LLC "NORD Plus" ("Agent" / "Data Processor"), for the Give A Ring mobile VoIP application.

The Principal — LLC "Information Systems" — acts as the Data Controller responsible for determining the purposes and means of personal data processing. The Agent — LLC "NORD Plus" — processes personal data as a data processor acting under the Controller's written instructions pursuant to an agency agreement between the parties.

Both entities are registered in the Russian Federation and comply with applicable Russian data protection legislation (Federal Law No. 152-FZ "On Personal Data") as well as applicable international standards.

2 Data We Collect

The following categories correspond to App Store Privacy Nutrition Label disclosures. All categories below are disclosed.

Data Category Data Elements Linked to User / Purpose
Contact Information Mobile phone number Linked — Registration & account management
Identifiers User Account ID, device identifier Linked — App functionality
Sensitive Information Biometric data (facial image / selfie holding passport); Government ID data: full name, date of birth, passport series/number, issue date, issuing authority, registration address, passport scan Linked — Identity verification (required by law)
Financial Information Account balance, transaction history, payment method type Linked — Billing & payment processing
Usage Data Call logs (duration, destination number, timestamp), feature interaction data Linked — Service provision, billing, dispute resolution
Diagnostics Crash reports, performance data, network quality metrics Not linked to user — App performance & bug fixes

Data Not Collected: We do not collect precise location, browsing history, search history, health data, communications content, or sensitive user characteristics not listed above. We do not use data to track users across third-party apps or websites.

3 Legal Basis for Processing

Personal data is processed on the following legal grounds:

  • User's consent — expressed by accepting the Terms of Service and this Privacy Policy (electronic consent for all data categories including biometric data; acceptance is logged with date and time stamp);
  • Performance of the service agreement — processing is necessary to provide the telecommunications services the User has requested;
  • Legal obligation — identity verification of telecom subscribers is required by Russian Federal Law No. 126-FZ "On Communications" (Art. 44.1);
  • Agent's instructions from the Data Controller pursuant to the agency agreement.

The Terms of Service and this Privacy Policy together constitute the User's written electronic consent to biometric data processing. Acceptance is recorded in the system with date and timestamp. The User may withdraw consent at any time, which will result in suspension of full-access services.

4 Purposes of Processing

Personal data is processed solely for the following purposes:

  • Registration and identity verification as required under applicable telecommunications law;
  • Provision of VoIP telecommunications services, including call routing, billing, and account management;
  • Payment processing by the Agent on behalf of the Principal;
  • Compliance with mandatory legal requirements under applicable laws;
  • Protection of the rights and legitimate interests of the Service Provider and Users.

Personal data is not processed for marketing, advertising, or profiling purposes without the User's separate explicit consent.

5 Data Retention

Data Category Retention Period
Registration data (phone number) Duration of agreement + 3 years
Passport / identity data Duration of agreement + 5 years (statutory accounting / telecom requirements)
Biometric data (selfie) Until withdrawal of consent or termination + 1 year
Financial / payment data 5 years (statutory accounting requirements)

6 Data Sharing and Disclosure

We do not sell, rent, or share personal data for commercial purposes. Personal data may be disclosed only in the following circumstances:

  • To the Agent (LLC "NORD Plus") acting under the Principal's instructions pursuant to the agency agreement, for service provision, payment processing, and identity verification;
  • To competent government authorities upon a lawful request as required by applicable law;
  • To technical service providers (hosting, infrastructure) acting as sub-processors under appropriate data processing agreements.

Cross-Border Transfers: Personal data is stored and processed exclusively on servers located within the Russian Federation. Personal data is not transferred to foreign countries without the User's separate consent.

7 Automated Processing and Decisions

Identity verification using biometric data (selfie) is processed in automated mode. The User has the right to:

  • Request an explanation of the automated decision;
  • Challenge the result of identity verification by contacting support.

Challenges are reviewed within 10 (ten) business days.

8 Your Privacy Rights

Subject to applicable law, you have the following rights:

Right of Access

Obtain confirmation of whether your data is processed and receive a copy.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of data, subject to legal retention obligations.

Right to Restriction

Request restriction of processing in certain circumstances.

Right to Withdraw Consent

Withdraw consent at any time; may result in service suspension.

Right to Object to Automated Decisions

Challenge automated identity verification outcomes.

Supervisory Authority: You have the right to lodge a complaint with the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) at rkn.gov.ru.

To exercise any of the above rights, please contact us through the channels listed in the Give A Ring application. We will respond within 30 (thirty) calendar days.

9 Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Role-based access control (principle of least privilege);
  • Encryption of data in transit (TLS) and at rest (AES-256);
  • Anti-malware and intrusion detection systems;
  • Regular security audits and access reviews;
  • Employee training on data protection.

Data Breach Notification: In the event of a personal data breach, the Data Controller will notify Roskomnadzor within 24 hours of detecting the incident and within 72 hours regarding causes and remediation measures. Users will be notified without undue delay through the application or other available channels.

10 Children's Privacy

The Give A Ring application is not directed at children under 17 years of age and is not rated for users under 17 in the App Store. We do not knowingly collect personal data from children under 13 (or under 16 where applicable). If we discover that we have collected personal data from a child without verified parental consent, we will delete such data promptly.

11 Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Users will be notified of material changes at least 10 (ten) days before they take effect via push notification or in-app message. Continued use of the application following the effective date of changes constitutes acceptance of the revised Policy.

This Policy is effective from the date it is published on the Service Provider's website and in the Give A Ring application.

12 Contact Us

For privacy-related inquiries, requests to exercise your rights, or concerns:

Data Controller

LLC "Information Systems"

  • 109147, Moscow, Russia
    Vorontsovskaya str., 35B/2
  • 1ats.ru
  • TIN: 7709833076
  • OGRN: 1097746402742
Data Processor (Agent)

LLC "NORD Plus"

  • 143085, Moscow Region, Russia
    Odintsovsky district, RP Zarech'ye
  • givaring.com
  • TIN: 7736550616
  • OGRN: 1067760448111