PRIVACY POLICY
Last Updated: July 7, 2026

1. General Provisions
1.1. This Privacy Policy (hereinafter referred to as the "Policy") is drafted in accordance with international data protection standards, including the General Data Protection Regulation (GDPR) and other applicable privacy laws. It defines the procedures for processing personal data and the security measures implemented by RangeVision (hereinafter referred to as the "Operator" or "we") and applies to all information received from users of the website www.rangevision.com (hereinafter referred to as the "Website"), including information sent via email.
1.2. The Data Protection Officer responsible for organizing personal data processing can be contacted through info@rangevision.com with the subject line "Data Protection Officer" or at the address specified in Section 6.2.
1.3. This Policy is published in its current version as of May 29, 2025, and remains in effect until a new version is adopted.
1.4. The Operator reserves the right to modify this Policy.
1.5. Users will be notified of changes by publishing a new version on the Website at least 10 days before it takes effect.
1.6. The current version of the Policy is always available at: https://rangevision.com/privacy-policy.

2. Purposes of Personal Data Collection
2.1. The Operator collects and processes personal data exclusively for legitimate and ethical purposes aimed at providing services in accordance with User requests:
2.1.1. Processing User inquiries and automating sales and service processes.
2.1.2. Concluding and fulfilling contracts.
2.1.3. Preparing commercial proposals upon User request.
2.1.4. Organizing demonstrations (offline/online).
2.1.5. Consultations: equipment selection, software recommendations, project planning.
2.1.6. Service provision: training, 3D scanning, reverse engineering.
2.1.7. Technical support.
2.1.8. Conducting commercial activities as defined in the company's charter.
2.1.9. Providing access to the Website and its features.
2.1.10. Analyzing advertising effectiveness and improving service quality.
2.2. The Operator may, with the User's explicit consent (provided by checking a special checkbox when filling out forms on the Website or through another unambiguous method), collect personal data for:
2.2.1. Advertising and/or informational newsletters.
2.2.2. Marketing research.

3. Legal Basis for Personal Data Processing
3.1. The Operator processes personal data exclusively when there are legitimate legal grounds provided by applicable data protection legislation. The main legal bases for processing personal data are:
3.1.1. Consent of the data subject, expressed in written or electronic form.
3.1.2. Contract performance — when processing is necessary for the fulfillment of obligations under a contract to which the User is a party, or for entering into a contract at the User's initiative.
3.1.3. Legitimate interests of the Operator — when processing is necessary for the purposes of legitimate interests pursued by the Operator, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
3.1.4. Compliance with legal obligations — when processing is necessary for compliance with legal obligations to which the Operator is subject.

4. Volume and Categories of Processed Personal Data
4.1. When processing personal data, the Operator strictly adheres to the principle of data minimization, collecting only those details that are necessary to achieve specific, predefined processing purposes:
4.1.1. Personal data of the User in accordance with the purposes specified in Sections 2.1.1-2.1.8 and, with the subject's consent, Section 2.2:
4.1.1.1. Name
4.1.1.2. Phone number
4.1.1.3. Email address
4.1.2. Cookie files in accordance with the purposes specified in Sections 2.1.9-2.1.10. Non-technical cookies are used only with consent expressed through a cookie banner. Users can independently manage cookie settings through their browser.
4.1.2.1. Essential cookies. Always enabled. These cookies are necessary for the User to use the Website and its features. They cannot be disabled. They are set in response to User requests, such as privacy preference settings, system login, or form filling.
4.1.2.2. Analytics cookies. These cookies collect information to help the Operator understand how the Website is used, how effective marketing campaigns are, or to help the User customize the Website according to their requests. The Operator uses industry-standard web analytics tools to track website performance and user behavior.
4.1.2.3. Advertising cookies. These cookies collect information to help advertising systems understand how users who came to the site through an advertisement interact with the Website. They provide anonymized data about website traffic and visitor behavior, as well as the effectiveness of individual advertisements.

5. Procedures and Conditions for Personal Data Processing
5.1. The Operator ensures the security and confidentiality of personal data; it takes all possible measures (password protection, SSL encryption, antivirus protection) to prevent unauthorized access to personal data.
5.2. Backup procedures are performed regularly, at least once a week.
5.3. Physical security of the Operator's information system (technical equipment and data carriers) is provided, including access control to prevent unauthorized entry into the information system premises. The facilities are equipped with security and fire alarm systems.
5.4. Personal data is processed on a lawful and fair basis.
5.5. Processing is limited to achieving specific, predefined purposes.
5.6. Processing of excessive data that does not correspond to the stated purposes is not permitted.
5.7. Data accuracy and relevance are ensured; measures are taken for their timely deletion or clarification.
5.8. Personal data is accessible only to a strictly defined circle of employees.
5.9. The Operator conducts regular employee training on working with personal data and annual security audits.
5.10. Data transfer to third parties is permitted only on legal grounds and with the subject's consent or in cases provided for by applicable legislation. Consent for data transfer may be withdrawn through the Data Protection Officer. Third parties are required to maintain confidentiality and comply with applicable data protection requirements. Categories of third parties to whom personal data may be transferred with the subject's consent:
5.10.1. Partners and distributors of the Operator
5.10.2. Solution integrators contracted by the Operator.
5.11. Statistical data is collected and stored in anonymized form.
5.12. The Operator uses a CRM system for customer database management. The CRM is protected by password access and encryption. The full list of security measures is provided to the data subject within 10 days of request.
5.13. Personal data retention periods:
5.13.1. Processed personal data is deleted or anonymized within 30 days after achieving the processing purposes or in case of loss of necessity to achieve these purposes, unless otherwise provided by law.
5.13.2. Personal data for contracts is stored for no more than 5 years.
5.13.3. Cookie data is stored for no more than 6 months.
5.14. Procedures in case of data breach:
5.14.1. Notification of the relevant supervisory authority. Notification is sent within 72 hours of discovering the incident, in accordance with applicable data protection regulations.
5.14.2. Informing data subjects about the breach.
5.15. The Operator does not provide for cross-border transfer of personal data, except in cases where the user has independently sent a relevant request and given appropriate consent. Cross-border data transfer is permitted only to countries that ensure adequate protection of data subjects' rights in accordance with applicable international standards.

6. Updating, Correcting, Deleting, and Destroying Personal Data; Responses to Data Subject Requests
6.1. The Operator guarantees each data subject:
6.1.1. The right to obtain confirmation of the fact of processing and the volume of their data.
6.1.2. The right to receive any clarifications on issues concerning the processing of their personal data.
6.1.3. The right to request updating or correction of inaccurate information.
6.1.4. The right to demand deletion or termination of data processing when there are legal grounds (the "right to be forgotten").
6.1.5. The right to withdraw consent for personal data processing and to exercise the right to data portability.
6.1.6. The right to restrict data processing.
6.2. All suggestions or questions regarding this Policy may be sent to the Operator by email at info@rangevision.com or to the following address:

RangeVision Data Protection Officer

Email: info@rangevision.com

6.3. All data subject requests are considered within the timeframes established by applicable law — no more than 30 calendar days from the date of receipt.