Privacy Policy

Last updated: January 1, 2026

This Privacy Policy explains how Individual Entrepreneur Aivazov Said Sabirovich (“OneCatalog”, “we”) collects, uses, stores and protects the personal data of users of the OneCatalog B2B platform and related sites (onecatalog.net and the application domains).

The Policy is prepared in accordance with Federal Law No. 152-FZ “On Personal Data” and other applicable legislation of the Russian Federation. The Russian-language version of this Policy is the legally binding text; translations are provided for convenience.

1. Data controller

The operator of personal data is Individual Entrepreneur Aivazov Said Sabirovich (INN: —, OGRNIP: —).

For any questions regarding the processing of your personal data, contact us at hello@onecatalog.net.

2. What data we collect

Depending on how you use the service, we may process the following categories of data:

  • Unregistered visitors: IP address (anonymized to the /24 network), browser User-Agent, cookie and session identifiers, page view history.
  • Registered users: email address, password hash, display name, avatar, API keys and their usage statistics, payment history, notification preferences.
  • Legal entities: company name, taxpayer identification numbers, legal address, bank details and authorized signatory information.

3. Purposes of processing

We process personal data for the following purposes:

  • providing access to the service and identifying users;
  • billing for API usage and issuing invoices;
  • technical communication and service notifications;
  • improving and securing the service;
  • complying with legal obligations.

4. Storage and localization

Personal data of citizens of the Russian Federation is recorded, systematized and stored using databases located in the Russian Federation. We do not perform cross-border transfer of such data.

Retention periods: account data is stored while the account is active and for 3 years after its deletion; payment records — 5 years; technical logs are anonymized within 6 months.

5. Your rights

You have the right to:

  • obtain information about the processing of your data;
  • request correction of inaccurate data;
  • withdraw your consent to processing;
  • request deletion of your data or a copy of it;
  • file a complaint with Roskomnadzor.

Requests are processed within 30 days after confirmation of your identity.

6. Security

We apply organizational and technical measures to protect personal data, including:

  • data transmission over HTTPS (TLS 1.2+);
  • password hashing (bcrypt);
  • restricted employee access to data;
  • encrypted backups;
  • action logging and regular vulnerability scanning.

7. Changes to this Policy

We may update this Policy. The current version is always available on this page; the effective date is shown above.

8. Contact

For questions related to personal data, contact us at hello@onecatalog.net.