Privacy Policy

Last updated: 16 June 2026

The Service is operated by a private individual (the data controller). Contact e-mail: baliprimerealty@gmail.com.

1. Who we are

PASYAKIN SYSTEM (the “Service”, available at probatumsystem.com) is operated by a private individual acting as the data controller, not by a company. No payments are processed through the Service. This Policy explains what personal data we process, why, on what legal basis, and the rights you have under the EU General Data Protection Regulation (GDPR).

2. Personal data we process

  • Registered masters and administrators. E-mail address, name, workshop name, location, short biography, password (stored only as a salted hash), the date and IP address of sign-ins, and the sign-in count.
  • Visitors using record verification (TRACE). Verification is anonymous: you do not need an account, and we do not collect or store personal data (such as your IP address) when you check a registry record. The registry index you enter is not personal data and is not linked to you.

We do not process special categories of data (Art. 9 GDPR) or biometric data, and we do not carry out profiling or automated decision-making with legal effects.

3. Purposes and legal bases

  • Operating master/administrator accounts and authentication — performance of a contract (Art. 6(1)(b)) and your consent (Art. 6(1)(a)).
  • Maintaining the object registry and publishing related entries — your consent and our legitimate interest in running the registry (Art. 6(1)(f)).
  • Security and abuse prevention (including sign-in records of account holders) — our legitimate interest in protecting the Service (Art. 6(1)(f)).
  • Responding to enquiries sent to our contact e-mail — our legitimate interest in handling your request (Art. 6(1)(f)).

4. Cookies and analytics

We use only strictly necessary cookies: a technical session cookie and a cookie that remembers your chosen interface language. These do not require consent under the ePrivacy rules and are not used for tracking or profiling.

Website statistics are collected with a self-hosted, cookieless analytics tool running on our own server. It does not set cookies, does not identify individual visitors, and does not share data with third parties.

5. Retention

Account data of masters and administrators is kept for as long as the account is active and is deleted or anonymised when the account is removed or the purpose no longer applies. Verification logs are kept only for the limited period needed for security purposes and are then deleted.

6. Recipients

We do not sell your personal data. We use a hosting provider that stores the data on our behalf as a processor and is bound to keep it confidential. We disclose data to other third parties only where required by law.

7. International data transfer

Our servers are currently located in the Russian Federation, which is outside the European Economic Area (EEA) and has not received an EU adequacy decision. Using the Service may therefore involve a transfer of personal data outside the EEA. We minimise the data we collect, transmit it over an encrypted (HTTPS) connection, and never pass it to third parties for their own purposes.

For registered masters and administrators, accounts are set up individually by the operator, and the person’s explicit, informed consent to this transfer is obtained at that time (Art. 49(1)(a) GDPR). Such consent can be withdrawn at any time as described below.

Visitors who only verify records do not provide personal data, so this transfer does not concern them.

8. Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you;
  • have inaccurate or incomplete data rectified;
  • have your data erased (“right to be forgotten”);
  • restrict or object to processing based on legitimate interest;
  • receive your data in a portable, machine-readable format;
  • withdraw any consent at any time, without affecting prior processing;
  • lodge a complaint with your local data protection supervisory authority.

9. Withdrawing consent and deleting data

To exercise any of the rights above, or to withdraw consent and request deletion, write to the contact e-mail at the top of this Policy. We will respond and act within one month of receiving your request, as required by Art. 12(3) GDPR.

10. Security

We take appropriate technical and organisational measures to protect your data against unauthorised access, alteration or disclosure: passwords are stored hashed, data is transmitted over HTTPS, and access to the data is restricted.

11. Changes to this Policy

We may update this Policy from time to time. The current version is always available at probatumsystem.com/privacy, with the date of the latest revision shown at the top.