Privacy Policy

Ruguen.com Privacy Policy
Effective Date: March 2025
Last Updated: March 2025

At DOO "RUGUEN" PODGORICA ("Ruguen.com", "We", "Our Company"), protecting your personal data is our top priority. This privacy policy explains how your personal data is collected, used, and protected when using the www.ruguen.com platform.

1. DATA CONTROLLER

Data Controller Information:
Company Name: DOO "RUGUEN" PODGORICA
Address: Hercegovačka br. 60, Podgorica, Montenegro
Phone: +382 67 021 683
Email: uguraltunbas@ruguen.com
Registrar No: 5-1291593/001

2. PERSONAL DATA COLLECTED

2.1 Account Registration Data

First and last name
Email address
Phone number
Date of birth
Gender (optional)

2.2 Seller Information

Company name/trade name
Tax number
Trade registry details
Bank account information
Signature circular
Identification documents

2.3 Shopping Information

Order history
Payment information (card numbers encrypted)
Delivery addresses
Billing information
Return/exchange requests

2.4 Technical Data

IP address
Cookie data
Device information
Browser details
Platform usage logs

2.5 Communication Data

Customer service correspondence
In-platform message logs
Complaints and suggestions
Phone call recordings (if applicable)

3. METHODS OF DATA COLLECTION

3.1 Direct Collection

Account registration forms
Profile updates
Order processes
Contact forms

3.2 Automatic Collection

Cookies
Web beacons
Log files
Analytics tools

3.3 Third-Party Sources

Social media integrations
Payment providers
Shipping companies
Verification services

4. PURPOSES OF DATA USE

4.1 Service Provision

Account management and identity verification
Order processing and delivery
Payment transactions and invoicing
Customer support services

4.2 Platform Development

Improving user experience
Troubleshooting technical issues
Security measures
Performance analysis

4.3 Marketing and Communication

Product and service promotions
Campaign announcements
Newsletter delivery
Personalized recommendations

4.4 Legal Obligations

Accounting records
Tax declarations
Legal reporting
Audit processes

5. DATA SHARING

5.1 Internal Sharing

Authorized personnel
Technical support team
Accounting department
Legal affairs department

5.2 Third-Party Sharing

Payment Providers: For secure transactions
Shipping Companies: For delivery processes
Analytics Providers: For platform performance analysis
Legal Authorities: When legally required

5.3 Sharing Principles

Minimum data sharing principle
Protection via confidentiality agreements
Secure data transfer protocols
Regular audits and controls

6. DATA SECURITY

6.1 Technical Security Measures

SSL/TLS encryption (256-bit)
Secure server infrastructure
Regular security updates
Access control systems

6.2 Administrative Security Measures

Staff privacy training
Access authorization systems
Regular security audits
Data breach response plans

6.3 Physical Security

Secure data center
Restricted access areas
Backup systems
Disaster recovery plans

7. COOKIE POLICY

7.1 Types of Cookies

Essential Cookies: Required for platform operation
Performance Cookies: Site performance analysis
Functional Cookies: Remembering user preferences
Marketing Cookies: Personalized advertisements

7.2 Cookie Management

Manage via cookie preferences center
Control through browser settings
Option to change at any time
Options to delete cookies

8. YOUR RIGHTS (GDPR & LOCAL LAWS)

8.1 Right to Information

Learn what data is processed
Understand the purposes of processing
Know the data retention periods

8.2 Right to Rectification

Correct inaccurate data
Complete incomplete data
Request updates

8.3 Right to Erasure ("Right to be Forgotten")

Request data deletion
When processing purposes no longer exist
After legal retention periods expire

8.4 Right to Object

Object to certain processing activities
Opt out of marketing communications
Object to profiling activities

8.5 Right to Data Portability

Transfer your data to other platforms
Receive in machine-readable format
Request direct transfer

8.6 Right to Lodge a Complaint

File complaints with data protection authorities
Use internal complaint mechanisms
Seek legal remedies

9. DATA RETENTION PERIODS

9.1 Account Data

Active accounts: As long as the account remains open
Inactive accounts: Deleted 2 years after last activity
Closed accounts: Stored according to legal obligations

9.2 Transaction Data

Order records: 5 years (accounting obligation)
Payment records: 5 years (tax obligation)
Return records: 2 years (consumer rights)

9.3 Communication Data

Customer service records: 3 years
Marketing consents: Until revoked
Complaint records: 5 years

10. CHILDREN’S PRIVACY

10.1 Age Restriction

Our platform is not intended for individuals under the age of 18. We do not knowingly collect data from users under 18.

10.2 Upon Discovery

If a user under 18 is identified, the account will be immediately closed, and data will be deleted.

11. INTERNATIONAL DATA TRANSFERS

11.1 Transfer Conditions

Countries with adequate protection levels
Appropriate security safeguards
Explicit consent from data subjects

11.2 Security Guarantees

Standard contractual clauses
Certified security programs
Regular compliance audits

12. POLICY UPDATES

12.1 Update Notifications

Notification via email
Announcement on the platform
30 days advance notice

12.2 Significant Changes

Requirement to re-consent
Detailed explanation provided
Option to reject changes

13. CONTACT & REQUESTS

For any questions about your privacy rights:

Email: uguraltunbas@ruguen.com
Phone: +382 67 021 683
Address: Hercegovačka br. 60, Podgorica, Montenegro
Platform: Through the Communication Module

Your inquiries will be answered within 30 days.