PERSONAL DATA PROCESSING POLICY
Resource name: https://askbox.site
Effective date: May 9, 2026
Place of publication: https://askbox.site/en/privacy
Notice: This is an unofficial English translation provided for convenience. The original Russian-language version is the legally binding document. In case of any discrepancy, the Russian text shall prevail.
1. OPERATOR INFORMATION
1.1.The Personal Data Operator is the individual - owner of the askbox service.
1.2.Contact email address for inquiries from Personal Data Subjects: n.ogorodniy@askbox.by.
2. LEGAL GROUNDS FOR PROCESSING
2.1.This Policy is developed in accordance with the requirements of Article 17 of the Law of the Republic of Belarus dated 07.05.2021 No. 99-Z "On the Protection of Personal Data".
2.2.Processing of personal data is carried out on the basis of:
- consent of the Personal Data Subject;
- agreement concluded with the Personal Data Subject (Terms of Service);
- legislative acts establishing the Operator's obligation to retain information (including Presidential Decree of the Republic of Belarus dated 01.02.2010 No. 60).
3. PURPOSES OF PROCESSING PERSONAL DATA
3.1.User registration and authentication on the askbox platform.
3.2.Operation of the program interface for generating responses using artificial intelligence models.
3.3.Provision of technical support and processing of inquiries.
3.4.Optimization of service operation and analysis of software errors.
4. CATEGORIES OF DATA PROCESSED
4.1.Identification data: email address.
4.2.Data provided during use of the service: content of text queries and commands submitted to the system interface.
4.3.Technical data: IP address, information about the browser used, cookies.
5. CROSS-BORDER DATA TRANSFER
5.1.In order to deliver the service's functionality, the Operator carries out cross-border transfer of data (text queries) to the servers of the following organizations:
- OpenAI Inc. (USA);
- Anthropic PBC (USA);
- Google LLC (USA);
- Microsoft Corporation (USA);
- DeepSeek-AI (PRC);
- Baidu Inc. (PRC).
5.2.The specified foreign states do not provide an adequate level of protection of the rights of Personal Data Subjects.
5.3.Risks associated with cross-border transfer to countries with inadequate protection level:
- absence of a specialized authority for the protection of Personal Data Subjects' rights;
- risk of unauthorized access to data by government authorities of foreign states;
- limited legal remedies for the subject in foreign jurisdictions.
5.4.Consent to cross-border transfer is free, unambiguous, and informed.
6. RIGHTS OF THE PERSONAL DATA SUBJECT
6.1.The Personal Data Subject has the right:
- to withdraw their consent (Article 10 of the Law);
- to receive information regarding the processing of their personal data (Article 11 of the Law);
- to modify their personal data (Article 12 of the Law);
- to receive information about the disclosure of personal data to third parties (Article 12 of the Law);
- to demand cessation of personal data processing and/or its deletion (Article 13 of the Law);
- to appeal the Operator's actions (inaction) and decisions to the authorized body for the protection of Personal Data Subjects' rights (Article 15 of the Law).
7. PROCEDURE FOR EXERCISING RIGHTS
7.1.To exercise the rights stipulated in Section 6 of this Policy, the subject sends a request to the Operator in electronic form to: n.ogorodniy@askbox.by.
7.2.The request must contain: full name, email address used during registration, essence of the requirement.
7.3.The request review period shall be no more than 15 calendar days.
8. DATA RETENTION PERIODS
8.1.Personal data of the account is stored during the term of the agreement (the service usage period).
8.2.After agreement termination, data is stored for 3 years to protect the Operator's interests within the statute of limitations.
8.3.Technical logs are stored for the period prescribed by the legislation of the Republic of Belarus for owners of internet resources.
9. FINAL PROVISIONS
9.1.Ticking the corresponding checkbox on the website https://askbox.site constitutes the subject's unambiguous consent to the terms of this Policy.
9.2.The Operator takes the necessary legal, organizational, and technical measures to protect personal data from unauthorized access, modification, blocking, or deletion.