This Personal Data Processing Policy (hereinafter — the Policy) has been developed in accordance with Federal Law of the Russian Federation No. 152-FZ dated 27.07.2006 “On Personal Data” (hereinafter — the Personal Data Law), as well as taking into account the amendments that entered into force on 01.03.2023 and 01.07.2025 concerning cross-border transfer and localization of personal data.

1. GENERAL PROVISIONS

1.1. This Policy defines the procedure and conditions for the processing of personal data when using the “AISMARTBOTS — YandexDirectSmartBot” service (hereinafter — the “Service”), which includes:
— the @YandexDirectSmartBot Telegram bot;
— web interfaces and pages on the domains aismartbots.ru and oauth.aismartbots.ru (including those used for authorization via Yandex, Google OAuth, and connecting Google Sheets);
— related Operator services, including the official website https://aismartbots.ru, the online support chat, and the Telegram channel.
The designation “AI SmartBot | Yandex Direct” may be used as a marketing synonym for the Service and is considered equivalent to the present name.

1.2. By using the Service, the User confirms that they have read this Policy, understand its provisions, and give their consent to the processing and cross-border transfer of their personal data under the conditions described below.

2. TERMS AND DEFINITIONS

“Operator” — Andrey Aleksandrovich Kapkov, TIN 381452517170, registered as a self-employed individual (NPD).
“User” — an individual who uses the Service.
“Personal Data (PD)” — any information relating to an identified or directly or indirectly identifiable individual.

3. OPERATOR AND CONTACT INFORMATION

3.1. Operator: Andrey Aleksandrovich Kapkov (TIN 381452517170).
3.2. Email address for personal data inquiries: support@aismartbots.ru.

4. COMPOSITION, CATEGORIES, AND TECHNICAL FEATURES OF PERSONAL DATA PROCESSING

4.1. Telegram Identifiers and WebApp Parameters
When using the Telegram bot and WebApp application, the Operator processes the following data:
— the user’s Telegram ID (chat_id, owner_id);
— Telegram username (if specified in the user’s profile);
— the name of a group or channel (title) if the bot is used in a group chat;
— values of WebApp state and session parameters (including owner_id, chat_id);
— WebApp session_id (a cookie file with HttpOnly, Secure, SameSite=Lax security parameters);
— Telegram client version, IP address, device type, date and time of interactions (stored in server logs);
— user action events (such as authorization or activation of AI monitoring), collected via Google Analytics 4 (Measurement Protocol).

4.2. External Service Account Data

Yandex.Direct:
— OAuth token (access_token), stored in the database in encrypted form (using the Fernet format: symmetric AES encryption with authentication and integrity control, cryptography library);
— advertising account login (used for display and account linking in the system).

4.2.1. Google OAuth and Google Sheets
To connect the User’s Google Sheets to the Service, the Operator processes the following Google data:
— the Google account email address (email scope for user identification);
— OAuth access and refresh tokens (access/refresh token) for Google API;
— identifiers and metadata of spreadsheets explicitly linked by the User to the Service (sheet ID, sheet name);
— cell values within the ranges specified by the User, required for generating and updating reports.

The list of requested permissions (scopes) is limited to the purposes of the Service and includes:
https://www.googleapis.com/auth/spreadsheets (read/write exclusively in linked spreadsheets), email.

The Service does not request access to Gmail, Google Drive as a whole, or other data not required for the reporting function.

Access is limited to specific spreadsheets/sheets explicitly linked by the User; arbitrary access to Google Drive is not requested.

4.3. Specifics of Data Processing When Using AI Functions
4.3.1. To analyze advertising campaign performance and generate AI reports and recommendations, the Operator uses OpenAI services and, on behalf of the User, processes and may transfer the following: advertising campaign IDs, their names, aggregated statistics (impressions, clicks, conversions, expenses, etc.), ad texts, keywords, target page URLs, and fragments of their content provided by the User.

4.3.2. Personal data of individuals as defined by Russian law (including but not limited to: full name, phone numbers, email and postal addresses, document details, payment data, messenger identifiers including Telegram ID, logins) are not transmitted and must not be transmitted to such services during AI functions. The Operator does not request the submission of such information in the fields listed in clause 4.3.1 and implements measures aimed at preventing their transfer.

4.3.3. The User is aware that the data listed in clause 4.3.1 may be automatically processed and transferred to OpenAI solely for generating AI reports and recommendations and undertakes not to include personal data of individuals in such data. Additional terms of processing and the composition of data transferred to OpenAI are defined in clause 4.8 of this Policy.

4.3.4. Generated AI Reports: during the formation of AI reports, the Service generates text or PDF files (including lists of YAN platforms). Such files are created dynamically in RAM and are not stored on the server after being delivered to the User and are not archived in the Operator’s database.

4.3.5. Keyword Generation from a URL
At the User’s request, the Service temporarily loads the public HTML content of the specified website, extracts visible text, and sends it to the OpenAI API to generate a list of keywords. The extracted text is not stored in the database and is deleted from RAM immediately after the result is produced. The AI response is returned to the User as a text file named generated_keywords.txt, created dynamically and not stored on the Operator’s server.

4.3.6. Analysis of Keywords and Ads
At the User’s request, the Service may transmit to the OpenAI API:
— lists of keywords obtained through the Yandex.Direct API from a campaign selected by the User or entered manually;
— ad texts (titles, descriptions, links) obtained similarly via the Yandex.Direct API;
— fragments of webpage text extracted from a URL specified by the User (for example, during keyword generation from a website).
These data are used exclusively to generate optimization recommendations and are not stored in the database.

4.4. Subscription and Payment Data (Telegram Stars)
When a subscription is purchased via Telegram Stars, the Operator receives and processes:
— the Telegram ID of the user who purchased the subscription;
— subscription level (plan);
— the number of remaining AI requests;
— the number of deducted Stars;
— the date and time of the transaction;
— the Telegram payment operation ID — telegram_payment_charge_id, transmitted in payment_details as technical information (does not contain personal data);
The data is stored in the database (payments_history table) on the territory of the Russian Federation (Timeweb Cloud) and is used exclusively to track subscriptions and control access to the Service features.
The Operator does not process bank details, card numbers, or other payment information — such data is not stored in the database and is not provided to the Operator by Telegram.

4.5. Anti-Fraud System Data
As part of the automatic analysis of advertising placements (anti-fraud), the Operator processes:
— the Yandex.Direct account ID and the list of connected campaigns;
— identifiers of campaigns in which suspicious placements were detected;
— information about blocked placements (list of domains/platforms in placements);
— the number of clicks from such placements;
— the amount of actual savings and projected savings (cost_saved, forecast_saved);
— analysis period (date_from – date_to);
— block history (antifraud_history table);
The information is used only for reporting and is not transferred to third parties.

4.6. Responsibility When Using Group Chats
The User may independently add the Telegram bot to groups and channels, including those with third-party participants. In such cases:
— the Operator does not control group chat membership;
— sending notifications and analytical reports to groups occurs only at the direct command of the User or on schedule;
— if notifications may disclose information about tasks, Metrica goals, or advertising accounts, the User is responsible for third-party access to such data.

4.7. Restrictions and Exceptions
The Operator does not collect or process special categories of personal data (health information, political views, religious beliefs, biometric data, etc.).
While using the Service (including the Jivo chat on https://aismartbots.ru), the User may voluntarily provide contact details (full name, email address, phone number). Such information is used exclusively for communication and support purposes.

4.8. Transfer of Data to OpenAI
4.8.1. To generate AI reports, text recommendations, and other analytical materials, the Service uses the API of OpenAI (OpenAI, L.L.C., USA and/or other affiliated entities). Within this interaction, the Operator transfers to OpenAI only the User’s advertising data necessary to generate these reports, specifically:
— internal technical identifiers of advertising campaigns (campaign IDs);
— campaign names;
— aggregated statistical indicators (for example, impressions, clicks, conversions, expenses, and placement effectiveness);
— for specific functions: textual materials related to advertising campaigns (ad texts, keywords, webpage fragments provided by the User).

4.8.2. When transmitting data to OpenAI, the Operator does not transfer and does not allow the transfer of personal data of individuals as defined by Russian personal data law. The transferred information does not include and must not include: full names, patronymics, passport details, insurance numbers, residential or registration addresses, phone numbers, email addresses, payment details, messenger identifiers (including Telegram ID), IP addresses, or any other information enabling direct or indirect identification of an individual.

4.8.3. The User undertakes not to include personal data of individuals in campaign names, ad texts, keywords, URLs, and other text fields processed by the Service and potentially transferred to OpenAI. If the User includes such data, they must immediately remove it or modify the corresponding names/texts to ensure they contain no personal data.

4.8.4. The Operator assumes that the information transferred to OpenAI under clause 4.8.1 pertains to advertising activity and placement effectiveness and is not intended to identify individuals. The Operator implements organizational and technical measures to prevent the transfer of personal data to OpenAI, including: limiting the set of fields transferred, not requesting personal data in these fields, and enforcing the User obligations described in clause 4.8.3.

4.8.5. OpenAI processes this information on behalf of the Operator exclusively to provide functionality for generating AI reports and recommendations. According to OpenAI’s publicly available privacy policy and terms of use, data transmitted via API is not used for training or fine-tuning global models and may be stored for a limited period necessary for service operation and abuse prevention.

4.8.6. If the Operator becomes aware that personal data has been transferred to OpenAI due to the User’s violation of clause 4.8.3, the Operator will take reasonable measures to stop such transfer and minimize consequences (including deleting/changing relevant names and texts in the Service). The User understands and agrees that they bear sole responsibility for entering personal data into fields not intended for such information.

4.9. When visiting https://aismartbots.ru, the Operator may process:
— technical information about visits (IP address, cookies, browser and device details, date and time of requests) in the amount necessary for site operation and analytics;
— messages sent by the User via the Jivo online chat (JivoSite LLC), including contact details provided and the message text;
— information about subscription to the Telegram channel (username and public Telegram profile data).
The site contains no application forms, and no other personal data (full name, phone number, email) is collected except for those voluntarily provided by the User via the support chat.

5. PURPOSES AND LEGAL BASES OF PROCESSING

5.1. Providing the User with personalized analytics of Yandex.Direct advertising campaigns.
5.2. Enabling access to the User’s Yandex.Direct account upon the User’s request.
5.3. Fulfilling subscription obligations, including crediting and debiting AI requests.
5.4. Sending notifications and reports via Telegram.
5.5. Preventing fraudulent activity (anti-fraud functions).
5.6. Identifying the user when transferring data between the Telegram bot and the Web application via the state parameter.
5.7. Ensuring personalized interaction with the user in the WebApp, including authorization, session state storage, and display of connected accounts.
5.8. Sending notifications and analytical reports to Telegram group chats upon explicit User action (for example, when the bot is added to a group and a command is executed).
5.9. Generating personalized analytical reports based on Yandex.Metrica goals selected by the User.
5.10. Automatically detecting and blocking ineffective advertising placements based on campaign statistics (anti-fraud functions).
5.11. Ensuring the operation of the website, performing anonymized traffic analytics, and providing online consultations via the Jivo chat.

5.12. Integration with Google Sheets.
Generating, updating, and storing the User’s reports in their Google Spreadsheets (creating columns/sheets, writing aggregated metrics and goal values, setting formulas and basic formatting).

Legal bases: performance of a contract (subparagraph 5, paragraph 1, Article 6 of the Personal Data Law), as well as the User’s consent expressed during Google OAuth authorization and linking of the spreadsheet in the Service interface.

6. TERRITORY, PRIMARY STORAGE, AND CROSS-BORDER TRANSFER

6.1. All personal data of Service Users is stored and processed in a database located within the territory of the Russian Federation (Timeweb Cloud, Moscow), including at the stage of initial collection. The code of the Web application and the Telegram bot may be hosted on the Heroku platform (USA); however, all data entered by the User is immediately transmitted to the database in the Russian Federation. No intermediate storage of personal data on servers outside the Russian Federation takes place.

6.2. Cross-border data transfer is carried out only for the following purposes:
— delivery of messages via the Telegram API (servers in Singapore/the Netherlands);
— OpenAI receives anonymized data that does not constitute personal data and does not allow direct or indirect identification of an individual;
— Google Sheets (report export). Only non-personal information is transferred to spreadsheets: numerical metrics, dates, goal names, and goal IDs. Personal data of Users is not transferred to or written into Google Sheets.

Personal data is not transferred to Google Sheets; only non-personal/anonymized information is sent to the User’s Google account to generate the report. Authentication is performed via Google OAuth; Google acts as an independent data controller. Access revocation: https://myaccount.google.com/permissions.

To assess user activity in the Telegram bot, Google Analytics 4 (GA4) may be used; in this case, events are transmitted only from the Operator’s server via the Measurement Protocol. No personal data is transmitted, IP addresses and other identifiers are not logged, and the username is pseudonymized using cryptographic hashing (SHA-256 + salt). Thus, the information transmitted to GA4 does not constitute personal data under the Russian Personal Data Law (No. 152-FZ), and identification of a personal data subject is fully excluded.

6.3. Information about the recipient countries and the protective measures applied is specified in Notification No. 2 confirmed by Roskomnadzor.

7. DATA RETENTION PERIODS AND DATA DELETION

7.1. Personal data is stored until the User withdraws consent or deactivates their account.

7.2. When the User selects “Disable account” in the Web App (“Settings → Disable account”), personal data is deleted immediately by an automated script; backup copies are destroyed during the next rotation (no later than 7 days).

7.3. api_audit logs (request metadata) are stored for 90 days and then deleted.

7.4. Data submitted through the Jivo chat is stored until the end of the consultation and for no longer than 1 year, after which it is deleted or anonymized.

8. PERSONAL DATA PROTECTION MEASURES

8.1. Sensitive data in the database is stored using symmetric encryption with the cryptography.Fernet library (AES-GCM algorithm with integrity control). The encrypted fields (EncryptedText type) store Yandex.Direct OAuth tokens. The encryption key is stored in the FERNET_KEY environment variable and is not included in the source code. Other data (such as logins, project_ids) may be stored unencrypted if this does not compromise their confidentiality.

8.2. Pseudonymization of the username using sha256(salt) for external requests.
8.3. Append-only access logs with integrity control.
8.4. Admin panel access via SSH key and Timeweb two-factor authentication.
8.5. Incident response plan and backup system with hot replication.

8.6. Google OAuth tokens are stored in encrypted form; access is strictly limited and used only for operations required to write reports. Requested permissions (scopes): spreadsheets, userinfo.email. Authorization domain: oauth.aismartbots.ru.

8.7. The Operator complies with the Google API Services User Data Policy (including Limited Use).

9. RIGHTS OF PERSONAL DATA SUBJECTS

9.1. The User has the right to:
— receive information regarding the processing of their data (via an email request);
— request clarification, blocking, or deletion of data;
— withdraw consent (using the “Disable account” function in the Web application: Settings → Disable account, or via an email request);
— appeal the actions or inaction of the Operator to Roskomnadzor or otherwise in accordance with the legislation of the Russian Federation.

9.2. The User may withdraw the bot’s access to their Google account at any time in the Google account settings (“Security” → “Third-party app access”): https://myaccount.google.com/permissions. Additionally, access to the spreadsheet can be revoked in the bot using the command /gs_unlink.

10. PROCEDURE FOR WITHDRAWING CONSENT

10.1. Consent may be withdrawn via the “Disable account” function in the Web application (Settings → Disable account) or by sending a request to andrei_kapkov88@mail.ru.

10.2. The Operator ceases processing and deletes the personal data within 10 calendar days from the moment the request is received.

Google (Google Ireland Limited / Google LLC) — independent controller
Purposes: authentication via Google OAuth and writing non-personal reporting data to the User’s Google Sheets.
Data received from Google: Google account email address, technical identifier (sub), OAuth tokens (access/refresh), list of granted permissions (scopes: spreadsheets, userinfo.email).

Data transferred to the User’s Google account: only non-personal information — aggregated advertising campaign metrics (impressions, clicks, CTR, expenses), calendar dates, names and identifiers of analytics goals. Personal data is not transferred to Google Sheets.

Legal basis: the User’s consent expressed during Google OAuth authorization and linking a spreadsheet in the Service interface.
Processing territory: EU/USA (Google Ireland Limited / Google LLC);
Access revocation: the User may revoke access at any time in Google’s “Third-party app access” settings — myaccount.google.com/permissions.
Service authorization domain: oauth.aismartbots.ru.

12. POLICY UPDATES

12.1. This Policy (the new version of the Policy) enters into force on the date it is published on the Operator’s Website at https://aismartbots.ru/privacy-policy, unless another date is specified in the Policy itself.

12.2. Significant changes (such as changes to the list of recipient countries) are accompanied by a notification to the User through the bot.

13. OPERATOR CONTACT INFORMATION
E-mail: support@aismartbots.ru (for personal data requests).

This Policy was approved by the Operator on November 11, 2025 and enters into force on November 11, 2025.