<h2 id="1-general-provisions">1. General Provisions</h2>
<p><strong>Data Policy (hereafter «the Policy»)</strong> is the present document, describing Virtual Users’ User Data processing order, carried out by the Company during rendering services on fraud risk and other operational risks identification for the purpose of financial, reputational and other losses reduction for Customer’s and Licensee’s businesses and services, carried out online via the Internet. It also describes the Company’s policy towards Personal Data Processing and discloses the information about the measures taken in the Company in order to ensure Personal Data security for protection of human and civil rights and liberties during one’s Personal Data Processing, including protection of rights to privacy and private life.</p>
<p>The Policy is valid from April 27, 2024.</p>
<p>If there is no interpretation of the term used in “Terms and Definitions” section, the interpretation of the term, if necessary, is carried out in accordance with the Legislation.</p>
<p><strong>Policy application and limitation of liability of the Company</strong></p>
<p>This Policy applies to the Company software use released in the last 6 (six) months for front-end/data collection and testing libraries and 36 (thirty-six) months for back-end/scoring libraries. We constantly notify Customers/Licensees of the necessary updates and provide all necessary materials and assistance, including automatic update mechanisms for front-end libraries.<br>We reserve the right to modify the present Policy anytime.<br>We kindly ask you to look through all the updates of our Policy on a regular basis.</p>


1. General Provisions

<h2 id="2-terms-and-definitions">2. Terms and Definitions</h2>
<ul>
<li><p><strong>Authentication</strong> is a process of Virtual User or/and Virtual User Device probabilistic fingerprinting (digital ID) via analysis of User Data and comparison of User Device data and/or Virtual User with a set of different attributes and characteristics in order to identify fraud or other operational risk, which may lead to financial, reputational or other losses of the Customer or Licensee, without the use of Direct Identifiers and with the identifiers, which does not allow to identify the Virtual User.</p>
</li>
<li><p><strong>Company</strong> (LLC «Juicy Labs», we) is a legal entity registered in accordance with the legislation of the Russian Federation, MSRN 1157746624826.</p>
</li>
<li><p><strong>Company’s Feedback Form</strong> is an application form placed on Company’s Web Site designed for sending the requests to the Company from legal and natural persons regarding different cooperation issues.</p>
</li>
<li><p><strong>Company’s Web Site</strong> is a web site generally available through the link <a href="https://juicyscore.online/">https://juicyscore.online/</a>, rights to the web site belong to the Company. The web site is used for the posting of content about Company’s products and services for informational and other purposes.</p>
</li>
<li><p><strong>Cookie</strong> is a file, which usually consists of letters and numbers, located on the Device and/or transmitted from server and loaded to the browser’s memory in the moment of submission or/and processing of the web site content. Cookie files allow the web site to identify the device of site visitor.<br>Customer or Licensee are legal entities or individual entrepreneurs, to whom the Company provides services under the contract and/or provides the license for the Service.</p>
</li>
<li><p><strong>Data Subject</strong> is directly or indirectly identified or identifiable natural person.<br>Device is a mobile or stationary device with an Internet access used by a Virtual User to enter Web Resource.</p>
</li>
<li><p><strong>Direct Identifier</strong> is a unique data attribute related to the Data Subject, which allows setting a univocal correspondence between the attribute and natural person.</p>
</li>
<li><p><strong>Do Not Track</strong> is a HTTP-headline, which notifies whether a Virtual User informs about one’s willing/denial of tracking or monitoring of his actions on web sites or mobile application.</p>
</li>
<li><p><strong>Identification</strong> is a processing of natural person’s Personal Data in order to identify the attributes, which individually or collectively let to identify this natural person clearly and unambiguously.</p>
</li>
<li><p><strong>Irreversibly Changed Value</strong> means a value obtained by irreversibly removing part of the original information and then hashing the rest of the information before analytical processing to avoid the possibility of restoring the original value.</p>
</li>
<li><p><strong>JavaScript</strong> for the purposes of the present Policy is a software, based on the relevant programming language and included to the Service for User Data collection via Web Resource.</p>
</li>
<li><p><strong>Legislation</strong> means a body of laws in force and applicable on the territory of the Russian Federation, which determines the cases and special aspects of the Personal Data and other data processing, as well as establishes requirements for the processing of Personal Data and other data.</p>
</li>
<li><p><strong>Modified Value</strong> is a value altered on Device by adding of dynamic variable alphanumeric character set and hashing; all alterations are performed before value processing by the Company software.</p>
</li>
<li><p><strong>Natural Non-Randomness</strong> is a nonzero probability of randomly guessing a natural person. </p>
</li>
<li><p><strong>Personal Account</strong> is a functionality within the secured part of the Services which is created for the Customer by the Contractor and allows receiving various technical information, statistics, and monitoring requests processing.</p>
</li>
<li><p><strong>Personal Data</strong> is any information relating to an identified or identifiable natural person (Data Subject).</p>
</li>
<li><p><strong>Personal Data Processing</strong> means any operation or set of operations which is performed on Personal Data, whether or not by automated means, including collection, recording, systematization, accumulation, storage, validation (update or alteration), retrieval, use, transmission (distribution, submission, access), anonymization, blocking, erasure or destruction.</p>
</li>
<li><p><strong>SDK</strong> in the present Policy means a software, based on the relevant programming language and included to the Service for User Data collection from iOS and Android-family Devices via native mobile application of a Customer or a Licensee, as well as via mobile application JS App — Device Risk Analytics.</p>
</li>
<li><p><strong>Service</strong> means combined elements of the infrastructure, server hardware and software of the Company, which allow to estimate the risk of fraud or other operational risks of a Customer’s or a Licensee’s User formalized actions on the basis of User Data that do not allow to identify the User directly or indirectly.</p>
</li>
<li><p><strong>Session (or JuicySession)</strong> is a unique identifier of Internet-session (which is not Direct Identifier), registered on a Web Resource which is formed on the Company’s servers and which is practically an enhanced token and does not contain Personal Data.</p>
</li>
<li><p><strong>Soliciting Activity</strong> means measures aimed at receiving and processing of consumers’ requests for obtaining goods and services.</p>
</li>
<li><p><strong>Unrecoverable Value</strong> means the value obtained by irreversibly removing of a part of the original information and further hashing of the rest of information before analytical processing to avoid the possibility of restoring the original value.</p>
</li>
<li><p><strong>User Data</strong> is a Web Resource Virtual Users’ data, collected by means of program modules, which neither contain Direct Identifiers, nor allow to identify a natural person directly or indirectly without the use of data not collected using Service main functionality.</p>
</li>
<li><p><strong>Virtual User (User)</strong> is a user of Web Resource of a Customer or a Licensee, which User Data is collected from correspondent Web Resource.</p>
</li>
<li><p><strong>Web Resource</strong> is a website, mobile application or any other resource of a Customer or a Licensee, which Virtual User may have access via the Internet.</p>
</li>
</ul>


2. Terms and Definitions

3. User Data Processing

<h2 id="4-personal-data-processing">4. Personal Data Processing</h2>
<h3 id="41-purposes-of-personal-data-processing">4.1. Purposes of Personal Data Processing</h3>
<p>The Company is an Operator with respect to Personal Data of Data Subjects specified in clause 4.2 herein.<br>Personal Data Processing is limited by achievement of specified, explicit and legitimate purposes.<br>The content and scope of the processed Personal Data correspond to the stated purposes of processing. The Personal Data shall be adequate, relevant and comply with the stated purposes of processing.<br>Personal Data Processing incompatible with the purposes of Personal Data collection is not allowed.<br>The Company does not process Personal Data during service rendering to a Customer or during the license providing to a Licensee.<br>The Company processes Personal Data for the following purposes:</p>
<ul>
<li>Signing a contract with Data Subject and its further performance;</li>
<li>Conducting Company’s personnel management and record keeping;</li>
<li>Corporate documentation and records maintenance in accordance with the legislation of Singapore, recruitment;</li>
<li>Conducting economic and administrative activities; </li>
<li>Contact with the representatives of legal entity which is a potential user of Company’s services, advice on services, rendered by the Company; </li>
<li>Entering into and performance of the service agreement or license agreement; </li>
<li>Other legitimate purposes, provided for by applicable law.</li>
</ul>
<h3 id="42-data-subjects">4.2 Data Subjects</h3>
<p>The Company processes Personal Data of the following categories of Data Subjects:</p>
<ul>
<li>Natural persons, who are job candidates;</li>
<li>Natural persons, who are Company’s founders or employees;</li>
<li>Natural persons, who are dismissed employees;</li>
<li>Natural persons, carrying out work under a contract with the Company;</li>
<li>Natural persons, who left one’s request in a feedback form on the Company’s Web Site;</li>
<li>Natural persons, who are contact persons of the companies – parties of the contracts executed;</li>
<li>Any other natural persons, provided consent for Personal Data Processing by the Company.</li>
</ul>
<h3 id="43-legal-basis-of-personal-data-processing">4.3. Legal Basis of Personal Data Processing</h3>
<p>The Company processes Personal Data in strict compliance with the applicable law.<br>Personal Data Processing shall be lawful only if and to the extent that at least one of the following applies:</p>
<ul>
<li>the Data Subject has given expressed consent to the Personal Data Processing for one or more specific purposes;</li>
<li>Personal Data Processing is necessary for the performance of a contract to which the Data Subject is a party, or a beneficiary, or a guarantor as well as for execution of a contract initiated by Data Subject or a contract under which Data Subject will be the beneficiary or guarantor. The contract concluded with Data Subject shall not contain provisions restricting the rights and freedoms of Data Subject, establishing the cases of processing minors’ personal data of minors, unless otherwise provided by the Legislation, as well as provisions that allow Data Subject omission as a condition of the conclusion of the contract;</li>
<li>Personal Data Processing is necessary for compliance with a legal obligation to which the Company is subject;</li>
<li>Personal Data Processing is necessary for the purposes of the legitimate interests pursued by the Company or by a third party, or to achieve socially significant goals subject to non-infringement of fundamental rights and freedoms of Data Subject.</li>
</ul>
<h3 id="44-data-subject-rights">4.4. Data Subject Rights</h3>
<p>The Data Subject has the right to:</p>
<ul>
<li>Obtain the information related to one’s Personal Data Processing in order, form and terms set by Personal Data regulations;</li>
<li>Require: rectification of Personal Data; blocking or erasure of Personal Data if such Personal Data are incomplete, outdated, unreliable, illegally received, not necessary for the purpose they were collected for or used for purposes not stated at the moment of Data Subject content;</li>
<li>Take the measures prescribed by law in order to protect one’s rights;</li>
<li>Withdraw a consent to Personal Data Processing;</li>
<li>Exercise any other rights provided for by the personal data legislation.</li>
</ul>
<h3 id="45-personal-data-erasure">4.5. Personal Data Erasure</h3>
<p>Personal data Erasure is available through application submitted:</p>
<ul>
<li>Via feedback form on the Company’s Web Site (<a href="http://www.juicyscore.online/en">www.juicyscore.online/en</a>) in English;</li>
<li>Via the request in written form, send to the address 15A, Leninskiy Avenue, Moscow 119071, Russia.<br>The Company commits to take all possible measures in order to implement the received applications to delete the Personal Data. The Company shall erase such Personal Data during the term not exceeding 7 (seven) business days from the date of submission by the Data Subject or his/her representative of information confirming that such Personal Data are illegally obtained or are not necessary for the stated purpose of processing. The Company is obliged to notify Data Subject or his/her representative of the changes made and the measures taken and take reasonable measures to notify third parties to whom the Personal Data of such Data Subject were transferred.<br>Personal Data is to be erased upon reaching the purposes of Personal Data Processing or in case of Data Subject consent withdrawal of Personal Data Processing, provided that:</li>
<li>It has not been otherwise agreed in the contract, a party and beneficiary and guarantor of which is the Data Subject;</li>
<li>The Company has no right to process Personal Data without the Data Subject consent pursuant to national personal data legislation;</li>
<li>It has not been otherwise stated by any other agreement between the Company and Data Subject.</li>
</ul>


4. Personal Data Processing

<h2 id="5-tracking-technologies">5. Tracking Technologies</h2>
<h3 id="51-technologies-used-on-companys-website">5.1. Technologies used on Company’s Website</h3>
<p>We use various tracking technologies on Company’s Web Site, such as scripts for collection and processing of information related to Web Site visitors while they stay on the Web Site, such as IP address, location (country or city), type and version of Device operating system, type and version of Device browser, type and resolution of the display, source of traffic, operating system and browser language and others.<br>Cookies are not used on the Company’s Web Site in the meaning of files, stored in the relevant section Document.Cookies, LocalStorage, SessionStorage of browser database. Alternative tracking technologies are not used on the Company’s Web Site, such as persistent sessions in IndexedDB, Device Fingerprinting, ETag marks.<br>We may use a variety of online analytics products that use Cookies to help us analyze how Users use the Web Site and Services and enhance your experience when you use the Site and Services.<br>Types of tracking technologies used on the Company’s Web Site:</p>
<ul>
<li>IndexedDB, storage period is constantly. This method of persistent sessions use is set up on the feedback form in order to enable data deletion upon request;</li>
<li>Device Fingerprinting, storage period is 3 months. Device Fingerprinting mechanism is set up on the feedback form in order to enable data deletion upon request. In the SDK settings, it is possible to disable Device Fingerprinting tools that are based on graphics and media and are different from the basic ones accepted in the financial sector, as well as to disable different types of Device Fingerprinting formed on the Virtual User’s Device (for a more detailed description, please refer to the Company’s technical documentation provided during the execution of the agreement concluded with the Customer/Licensee).<br>Please note that the use of User Data solely to identify the risk of fraud or other operational risks in order to reduce financial, reputational or other losses for the businesses and services of the Customer or the Licensee, as well as for security purposes, is not regarded by the Company as tracking, therefore the value of the Do Not Track flag is not taken into account during the operation of Sessions and data collection software modules running on the Web Resource.<br>If the storage of constant session (persistent session) in browser memory of User’s Device infringes requirements of personal data legislation established in legal jurisdiction of a Customer or a Licensee, this technology may be disabled.</li>
</ul>
<h3 id="52-technologies-used-for-customers-licensees-personal-account-functionality">5.2. Technologies used for Customer’s/ Licensee’s Personal Account functionality</h3>
<p>The Company uses Cookies to maintain the operation of the Customer/Licensee&#39;s Personal Account, created for interaction with the Customer/Licensee under the concluded agreement. At the same time, the Customer/Licensee is required to obtain the consent of individuals whose contact details are indicated in agreement with a Customer / Licensee and who interact with the Company through the Personal Account to process personal data and transfer such data to the Company in order to fulfill obligations under concluded contracts.<br>For Customer’s / Licensee’s Personal Account protection persistent sessions (IndexDB and Device Fingerprinting) are applied, application instructions are described in clause 5.1 herein. </p>
<h3 id="53-how-to-delete-cookies-from-your-browser">5.3 How to delete Cookies from your browser?</h3>
<p>You can withdraw your consent to Cookies storage by changing your browser settings.<br>You can find the instructions about Cookies management, published by providers of Microsoft Edge, Google Chrome, Safari (for computers, mobile devices), Firefox, respectively.</p>
<h3 id="53-how-to-delete-cookies-from-your-browser-1">5.3 How to delete Cookies from your browser?</h3>


5. Tracking Technologies

<h2 id="6-data-storage-and-protection">6. Data Storage and Protection</h2>
<h3 id="61-personal-data-andor-user-data-protection-measures">6.1. Personal Data and/or User Data Protection Measures</h3>
<p>The Company takes all the necessary legal, organizational and technical measures in order to protect data collected from unauthorized, illegal or accidental access, deletion, changing, blocking, copying, providing, distribution of data, to which may refer:</p>
<ul>
<li>Limitation and regulation of the staff, who has access to the Personal Data and/or User Data via the Feedback form on the Company’s Web Site;</li>
<li>Designation of a person responsible for organization of Personal Data and/or User Data Processing; designation of a person responsible for security of Personal Data or/and User Data;</li>
<li>Familiarization of employees who are directly in charge of Personal and/or User Data processing with the provisions of the applicable legislation and this Policy; </li>
<li>Organization of accounting, storage and circulation of media, which contain the information about Personal and/or User Data;</li>
<li>Identification of threats to Personal Data security during its processing, threat models developing;</li>
<li>Personal Data protection system development on the basis of threat models;</li>
<li>Testing of readiness and effectiveness of the information security tools use;</li>
<li>Separate access of users to the informational resources, software and hardware information processing tools;</li>
<li>Registration and accounting of information systems users’ activities;</li>
<li>Information system access password protection;</li>
<li>Physical division of Personal Data and User Data storage and processing systems and preventing of combined storage, processing or/and any other activities; </li>
<li>Application of instruments for control of access to communicational ports, output information devices, removable media as well as external memories;</li>
<li>Antivirus control; application of firewall; information backups;</li>
<li>Provision of data recovery, modified or deleted in the result of illegal access.</li>
</ul>
<h3 id="62-personal-data-and-user-data-storage">6.2. Personal Data and User Data Storage</h3>
<p>Personal Data storage is carried out in a manner that allows to identify the Data Subject and for a period no longer than it is required for the purposes of Personal Data Processing unless otherwise provided for by applicable personal data legislation. The terms of Personal Data storage are established subject to compliance with requirements of personal data legislation or provisions of a contract, party and beneficiary or guarantor of which is the Data Subject. Personal Data is to be deleted after the expiration of the storage period.<br>User Data collected from Web Resource, in respect of which there was NO request to the Service for User risk assessment from a Customer or a Licensee, is stored for not more than 30 (thirty) days from the moment of collection.<br>User Data collected from the Web Resource in respect of which there was a request from a Customer or Licensee for User risk assessment, is stored for not more than 2 (two) years from the moment of collection.<br>All the raw data, including User Data, are localized in the regions of the use of Service (determined on the basis of Virtual User IP address location) in order to comply with applicable legislation or/and current business practices and regulations. For data storage the Company uses physical infrastructure, situated in the regions of the Service use. Localization is set by default taking into account proximity of Virtual User IP-address to data storage physical infrastructure, if other localization set is not forced by a Customer of a Licensee.<br>The Company is not the owner of User Data, processed in Company’s IT-systems and provides its secure storage basing on the service contract, signed with a Customer or license contract signed with a Licensee.</p>


6. Data Storage and Protection

<h2 id="7-contact-us">7. Contact Us</h2>
<p>LLC «Juicy Labs» (MSRN 1157746624826, TIN 7717294300)<br>Registered and mailing address:  15A, Leninskiy Avenue, Intracity Territory Municipal District Donskoy, Moscow 119071, Russia.<br>E-mail address for messages on Personal Data Processing and User Data issues: <a href="mailto:info@juicyscore.com">info@juicyscore.com</a>.<br>Phone: +7 (495) 532 3999.</p>


7. Contact Us

JuicyScore data policy

We will make your business more safe, let’s discuss how!

contac_us_block_image.svg

GIVE US A TRY

Contact us

<script>(function(d,u,ac){var s=d.createElement(‘script’);s.type=‘text/javascript’;s.src=’https://a.omappapi.com/app/js/api.min.js';s.async=true;s.dataset.user=u;s.dataset.account=ac;d.getElementsByTagName('head')[0].appendChild(s);})(document,309689,328263);</script>

1. General Provisions

The company

Products

Rules