alekhin-dev.com
← На главнуюBack home

Юридический документ Legal document

scheda.me — Privacy Policy

ОбновленоUpdated  06/11/2026 Применимо к Applies to  scheda.me

Last updated: 2026-06-11 · Effective: 2026-06-07

This Privacy Policy describes how Scheda (“we”, “us”, “our”) collects, uses, and shares information when you use the Scheda website (scheda.me) and our products, including the scheda.me mobile application (collectively, the “Services”).

Scheda is operated by Индивидуальный предприниматель Алёхин Роман Сергеевич (sole proprietor Roman Sergeevich Alekhin), registered in the Russian Federation, ИНН (INN) 713005978740, ОГРНИП (OGRNIP) 326710000026194 (“Operator”). For Russian-language disclosures required under Federal Law No. 152-FZ, see also Политика обработки персональных данных.

Information we collect

Information you provide:

  • Account information. Email address, name, and password (hashed) when you create an account.
  • Profile and business data. Optional business name, profile photo, working hours, services offered.
  • Client records you store. Names, contact details, appointment notes, and other CRM data that you choose to enter. You are the controller of this data; we process it on your behalf.
  • Payment information. If you subscribe to a paid tier (initially available for Russian Federation users only), payment is processed by ЮKassa (YooMoney). We receive transaction metadata (amount, currency, status) but never full card numbers.
  • Support correspondence. Messages you send to roman@alekhin-dev.com.

Information collected automatically:

  • Device and usage data. Device model, OS version, app version, language, and crash diagnostics. Collected via Sentry to keep the app stable.
  • Identifiers. An internal user ID. We do not use advertising identifiers (IDFA / AAID) and do not track users across other apps or websites.
  • Logs. IP address and timestamps when you contact our backend, kept for security and abuse prevention.

Information we do not collect:

  • Precise location.
  • Contacts, photos, or microphone — unless you explicitly grant access for a feature you use.
  • Browsing history or activity in other apps.

How we use information

  • Provide, maintain, and improve the Services.
  • Authenticate accounts and sync data between your devices.
  • Respond to support requests.
  • Process payments and prevent fraud.
  • Comply with legal obligations.

Legal bases under GDPR where applicable: performance of a contract (Article 6(1)(b)), legitimate interests in operating and securing the Services (Article 6(1)(f)), consent for optional features (Article 6(1)(a)), and legal obligations (Article 6(1)(c)).

How we share information

We do not sell personal data. We share data only with:

  • Service providers (subprocessors) acting on our instructions and bound by contracts. Current list:
    • Self-hosted Supabase on a dedicated server located in the Russian Federation — backend database and authentication. All user data is stored exclusively on servers in the Russian Federation.
    • Sentry — crash and error diagnostics.
    • ЮKassa (YooMoney), for Russian Federation users — billing for paid tiers.
    • Email provider — TODO: confirm provider (Yandex 360 or Cloudflare) — transactional email.
  • Legal requests when required by law and after reviewing the request.
  • Business transfers in the event of a merger, acquisition, or sale of assets, subject to this Policy.

International transfers

The Operator processes data of users located in the Russian Federation. The backend (self-hosted Supabase) runs on a dedicated server in the Russian Federation — collection, recording, and storage of personal data take place exclusively on the territory of the Russian Federation (in accordance with Article 18(5) of Federal Law No. 152-FZ).

Data retention

We retain account data for as long as your account is active. After account deletion, data is deleted or anonymized within 30 days, except where longer retention is required by law (e.g. tax records: 4 years under Russian Federation rules).

Security

We use HTTPS in transit, encryption at rest where supported by our backend, hashed passwords, and access controls. No system is perfectly secure; if you become aware of a vulnerability please email roman@alekhin-dev.com.

Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data.
  • Object to or restrict processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time.
  • Lodge a complaint with a supervisory authority.

To exercise these rights, email roman@alekhin-dev.com. We respond within 30 days.

Account deletion

You can delete your account and all associated data directly in the app (Settings → Account → Delete account) or by emailing roman@alekhin-dev.com. See Account deletion for details.

Children

The Services are not directed to children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, contact roman@alekhin-dev.com and we will delete it.

Apple App Store / Google Play disclosures

The scheda.me app discloses its data collection practices in the App Store “App Privacy” labels and the Google Play “Data Safety” section. Those disclosures reflect this Policy. Material changes are reflected in both places.

Changes to this Policy

We may update this Policy. Material changes are announced via the app or by email at least 14 days before they take effect. The “Last updated” date at the top reflects the most recent revision. The current version is always available at alekhin-dev.com/legal/scheda-privacy-en.

Contact

Operator: Индивидуальный предприниматель Алёхин Роман Сергеевич (sole proprietor Roman Sergeevich Alekhin)
ИНН (INN): 713005978740 · ОГРНИП (OGRNIP): 326710000026194
Address: Zavodskaya ulitsa, 9, kv. 92, rp. Plekhanovo, Leninsky rayon, Tula, 301114, Tulskaya oblast, Russian Federation
Email: roman@alekhin-dev.com
Russian-language policy under 152-FZ: Политика обработки персональных данных