Privacy Policy

This Privacy Policy describes how Sferum (hereinafter referred to as "we," "us," or "our") collects, uses, and protects the information you provide when using our website (spherum.pro, bil.spherum.pro) and our services.

We value your privacy and are committed to protecting your personal data.

1. What Information Do We Collect?

We collect only the minimum necessary information required to provide and maintain our services:

Identifiable Information:
  • Email Address: We collect your email address for creating and managing your account, for logging in, and for communicating with you regarding account-related matters (e.g., password recovery, important service notifications).
  • Password: We collect your password for authentication and to protect your account. Important: We store your passwords only in an encrypted (hashed) format, meaning that no one, including us, has access to your password in plain text.
Automatically Collected Information:
  • Usage Data: We may automatically collect certain information about your device and your use of our services, such as IP address, browser type, operating system, access times, and pages you visited. This data is collected for security purposes, fraud prevention, and to improve the performance of our service.
  • Cookies: We use only essential (session) cookies to ensure the functionality of our website, for example, to maintain your login session. These cookies are deleted after you close your browser and are not used to track your online activity.

2. How Do We Use Your Information?

We use the collected information solely for the following purposes:

  • Service Provision and Management: To create and manage your account, provide access to our services, and ensure their proper functioning.
  • Authentication and Security: To verify your identity when logging in and to protect your account from unauthorized access.
  • Communication with You: To send important account-related notifications, such as registration confirmations or password reset links.
  • Service Improvement and Security: To monitor and analyze the use of our service to detect and prevent fraud, unauthorized access, or other abuses, and to improve overall performance and stability.

3. How Do We Share Your Information?

We do not sell, rent, or trade your personal information with third parties for marketing purposes. We may disclose your information only in the following cases:

  • Service Providers: We may share your information with trusted third-party service providers who assist us in operating our website and providing services (e.g., hosting providers, email delivery services). These service providers are obligated to maintain confidentiality and use your information only to perform services on our behalf.
  • Legal Obligations: We may disclose your information if required by law, by court order, or in response to a lawful request by government authorities.
  • Protection of Rights: We may disclose your information when we believe it is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or through a prominent notice on our website about any such transfer.

4. Security Measures to Protect Your Information

We implement comprehensive technical and organizational security measures to protect your personal information from unauthorized access, alteration, disclosure, destruction, or loss. These measures include:

  • Data Encryption: We use encryption (e.g., SSL/TLS) to protect your data when transmitted between your device and our servers. Where applicable, we also use encryption to protect data at rest.
  • Password Hashing: User passwords are stored in an irreversibly hashed form using modern cryptographic algorithms, which significantly hinders their recovery even in the event of unauthorized access to our databases.
  • Access Control: Access to personal data is strictly limited to only those employees, contractors, and agents who require this information to perform their job duties (e.g., for handling support requests) and who are bound by strict contractual confidentiality obligations.
  • Regular Security Reviews: We regularly review and update our data collection, storage, and processing procedures, as well as our security measures, to prevent unauthorized access, vulnerabilities, and incidents.
  • Staff Training: Our employees receive training on data privacy and security matters.
  • Incident Response Plan: We have procedures in place for promptly identifying, assessing, and responding to any potential data security breaches.

5. Your Rights Regarding Personal Data

You have the following rights concerning your personal data that we process:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You can review and update your email address and other account information through your account settings. If you find that any information is inaccurate or incomplete, you have the right to request its correction.
  • Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your account and associated personal data. To do so, please contact us at [Contact Email Address]. Please note that we may retain certain data in our records for a specific period in accordance with legal obligations (e.g., tax law, reporting requirements) or for legitimate business purposes (e.g., dispute resolution, fraud prevention, enforcing our agreements), as well as to protect our legitimate interests.
  • Right to Restriction of Processing: In certain circumstances, you have the right to request the restriction of processing your personal data.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance from us.
  • Right to Object: You have the right to object to the processing of your personal data in certain situations, for example, for direct marketing purposes.

To exercise any of these rights, please contact us using the contact information provided in Section 9.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with services. We may also retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements and policies. We periodically review our data retention periods and delete information that is no longer needed for the stated purposes.

7. Children's Privacy

Our services are not intended for use by individuals under the age of 18 years. We do not knowingly collect personal information from children under the age of [Specify the same age]. If we become aware that we have collected personal information from a child under the age of [Specify the same age] without verifiable parental consent, we will take prompt steps to remove that information from our servers.

8. Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of the document. In the event of significant changes that may materially affect your rights or the way we process your data, we may also provide more prominent notice (e.g., via email or through an in-service notification). You are advised to review this Privacy Policy periodically for any changes. Changes are effective when they are posted on this page, unless otherwise indicated.

9. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

  • By email: info@spherum.pro
  • Through our website's contact form.