Privacy Policy
How we collect, use, and protect your personal data when you use SKIUS.
Last updated: May 17, 2026
This Privacy Policy explains how SKIUS ("we", "us", or "our") processes personal data when you visit skius.ru, create an account, or use our cloud ERP platform and related services (the "Service"). We are committed to protecting your privacy and handling data in accordance with applicable laws, including the Federal Law of the Russian Federation No. 152-FZ "On Personal Data" and, where applicable, the EU General Data Protection Regulation (GDPR).
1. Data Controller
SKIUS is the data controller for personal data collected through the public website, account registration, and operation of the Service, unless otherwise stated in a separate data processing agreement with your organization.
For privacy-related inquiries, contact us at info@skius.ru or via the contact details in Section 17.
2. Scope of This Policy
This Policy applies to visitors of skius.ru, registered users, account administrators, and Authorized Users invited to a customer workspace. It does not apply to third-party websites or services linked from the Service; those are governed by their own privacy policies.
If you use the Service on behalf of a company, your organization may act as an independent controller of business data entered into the platform. In such cases, we process personal data as a processor on your organization's instructions, as described in Section 14.
3. Personal Data We Collect
Depending on how you interact with the Service, we may collect the following categories of personal data:
- Identity and contact data: name, email address, phone number, company name, job title;
- Account and authentication data: username, hashed password, login history, session tokens, two-factor settings;
- Billing data: subscription plan, payment status, billing address, transaction references (payment card details are processed by payment providers, not stored by us);
- Usage and technical data: IP address, browser type, device identifiers, operating system, pages viewed, feature usage, timestamps, and log files;
- Customer business data: information you or your users enter into the ERP modules (orders, inventory, contacts, etc.), which may contain personal data of your employees, customers, or suppliers;
- Communications: support requests, feedback, and correspondence with our team;
- Marketing preferences: newsletter opt-in status and campaign interaction, where applicable.
You are responsible for ensuring that personal data you upload about third parties is collected lawfully and that appropriate notices and consents are in place.
4. How We Collect Data
We collect personal data when you register an account, subscribe to a plan, use the Service, contact support, subscribe to communications, or interact with our website.
We also collect data automatically through cookies, server logs, and similar technologies as described in Section 6.
We may receive data from identity providers if you choose social or enterprise login options, and from payment processors when you complete a purchase.
5. Purposes and Legal Bases for Processing
We process personal data for the following purposes:
- Providing and operating the Service, including account creation, authentication, and tenant workspaces (performance of a contract);
- Processing subscriptions, invoicing, and payments (performance of a contract and legal obligations);
- Customer support, troubleshooting, and service communications (legitimate interests / contract);
- Security monitoring, fraud prevention, and abuse detection (legitimate interests / legal obligations);
- Improving the Service, analytics, and product development using aggregated or de-identified data where possible (legitimate interests);
- Sending service-related notices and, with your consent where required, marketing communications (contract / consent);
- Complying with legal obligations, court orders, and regulatory requests (legal obligation);
- Establishing, exercising, or defending legal claims (legitimate interests / legal obligation).
6. Cookies and Similar Technologies
We use cookies and similar technologies to operate the website, remember your language preference, maintain login sessions, and analyze usage.
- Essential cookies: required for authentication, security, and core functionality (e.g., session, locale);
- Preference cookies: store settings such as language (app_locale) and interface choices;
- Analytics cookies: help us understand how visitors use the site and improve performance, where enabled.
You can control cookies through your browser settings. Disabling essential cookies may affect your ability to use the Service. Where required by law, we will request consent before placing non-essential cookies.
7. Sharing and Disclosure of Data
We do not sell your personal data. We may share personal data with:
- Service providers (processors) who host infrastructure, provide email delivery, payment processing, analytics, or customer support tools, under contractual confidentiality and data protection obligations;
- Professional advisers (lawyers, auditors) where necessary and subject to confidentiality;
- Authorities or third parties when required by law, court order, or to protect rights, safety, and security;
- Successors in the event of a merger, acquisition, or asset sale, subject to this Policy or equivalent protections.
We require processors to process data only on our instructions and implement appropriate security measures.
8. International Data Transfers
Personal data may be stored and processed in the Russian Federation and, where we use cloud providers with facilities abroad, in other countries. When transferring data outside your jurisdiction, we implement safeguards required by applicable law, such as standard contractual clauses or adequacy decisions, where applicable.
9. Data Retention
We retain personal data for as long as necessary to provide the Service, fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements.
Account data is generally retained for the duration of your Subscription and for a reasonable period thereafter to allow export and comply with legal requirements. Log and security data may be retained for a shorter or longer period depending on operational and legal needs.
You may request deletion subject to Section 11 and applicable retention obligations.
10. Security
We implement technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include access controls, encryption in transit (HTTPS/TLS), secure authentication, regular backups, and restricted access for personnel.
No method of transmission or storage is completely secure. You are responsible for safeguarding your credentials and configuring appropriate access permissions within your organization's workspace.
11. Your Rights
Depending on your location and applicable law, you may have the following rights regarding your personal data:
- Access: request a copy of personal data we hold about you;
- Rectification: request correction of inaccurate or incomplete data;
- Erasure: request deletion where there is no overriding legal basis to retain data;
- Restriction: request limitation of processing in certain circumstances;
- Portability: receive data in a structured, commonly used format where technically feasible;
- Objection: object to processing based on legitimate interests, including direct marketing;
- Withdraw consent: where processing is based on consent, without affecting prior lawful processing;
- Complaint: lodge a complaint with a supervisory authority (in Russia, Roskomnadzor).
To exercise your rights, contact info@skius.ru. We may need to verify your identity before responding. We will respond within the timeframe required by applicable law (typically 30 days).
12. Children's Privacy
The Service is intended for business use and is not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, contact us and we will take steps to delete it.
13. Third-Party Links and Integrations
The Service may contain links to third-party websites or integrations (e.g., payment gateways, OAuth providers). We are not responsible for the privacy practices of those third parties. We encourage you to review their policies before providing personal data.
14. Controller and Processor Roles
For account registration and website operations, SKIUS acts as a data controller.
For Customer Data entered by your organization into the ERP platform (including personal data of your employees, customers, or partners), your organization is typically the data controller and SKIUS acts as a data processor, processing data on your documented instructions to provide the Service.
Enterprise customers may request a Data Processing Agreement (DPA) describing processor obligations, subprocessors, and security measures by contacting info@skius.ru.
15. Automated Decision-Making
We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects on individuals, except for basic security and fraud-prevention measures (e.g., blocking suspicious login attempts).
16. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be posted at skius.ru/privacy with a revised "Last updated" date. Material changes will be communicated via email or in-product notice where appropriate.
Continued use of the Service after changes take effect constitutes acceptance of the updated Policy, unless otherwise required by law.
17. Contact Us
For questions, requests, or complaints regarding this Privacy Policy or our data practices, contact:
SKIUS — Privacy inquiries — info@skius.ru — https://skius.ru
For terms governing use of the Service, see our Terms of Service at skius.ru/terms.