Privacy Policy

This Privacy Policy has been developed in accordance with the Federal Law of the Russian Federation No. 152-FZ "On Personal Data" dated July 27, 2006, and defines the procedure for processing personal data of users of the Crosslybot service (hereinafter — the "Service").

The personal data operator is Sole Proprietor Antonov A.V. (TIN 262517638904, OGRNIP 312265133100116).

Personal data is processed on the following legal grounds:

• User consent — clicking the "Accept" button during registration constitutes consent to personal data processing in accordance with clause 1, part 1, article 6 of Federal Law 152-FZ
• Contract performance — data processing is necessary for providing the Service's functionality in accordance with clause 5, part 1, article 6 of Federal Law 152-FZ

Consent to personal data processing may be withdrawn at any time by deleting the account or sending a request to support@crosslybot.ru.

• Telegram ID, name and username — for user identification
• Post content — temporarily, for processing and cross-posting
• VK and Max tokens — for platform authorization (stored encrypted)
• Usage data — number of posts, projects, AI requests for limit tracking
• Payment data — transaction information (Telegram Stars, bank payments). Bank card details are processed directly by the certified payment provider and are not stored on the Service's servers
• Technical data — IP addresses, user agent, API request timestamps for security and diagnostics purposes

• Providing cross-posting and AI processing services
• Authorization on third-party platforms (VK, Max)
• Sending notifications about publication status and technical maintenance
• Improving the quality of the Service
• Analytics (anonymized)

The crosslybot.com website uses Yandex Metrica to collect anonymized visitor statistics.

Yandex Metrica uses cookies to collect information about website visits. IP addresses are anonymized and not stored in full.

• Servers are located in the Russian Federation
• Access tokens are encrypted using Fernet algorithm (AES-128-CBC)
• Only authorized personnel have access to data

Data retention periods:

• Account data — until account deletion by the user + 30-day grace period
• Posts and publication history — up to 90 days, then automatically deleted
• Usage statistics — up to 12 months
• Payment data — in accordance with Russian tax and accounting legislation requirements (up to 5 years)
• Technical logs — up to 30 days
• Blocked account data — up to 90 days from the date of blocking

We share data only in the following cases:

• Telegram, VK, Max API — for cross-posting (post content and metadata)
• OpenRouter — for AI text processing (post text only, no personal user data)
• Payment provider — for processing bank card payments. Card details are processed directly by the provider in compliance with PCI DSS standards and are not transmitted to the Provider
• Yandex Metrica — anonymized website visit data

We do not sell or share personal data with third parties for commercial purposes.

When using AI text processing features, data (post text only, without personal user information) may be transmitted via the OpenRouter service to servers located outside the Russian Federation for processing by language models.

By accepting the Terms of Service and using AI processing features, the User consents to such cross-border data transfer in accordance with Article 12 of Federal Law No. 152-FZ.

Personal user data (Telegram ID, name, tokens) is not transmitted to OpenRouter and does not leave the Service's servers.

You have the right to:

• Request information about stored data
• Request deletion of all your data
• Revoke access tokens for VK and Max
• Opt out of the Service at any time
• File a complaint with Roskomnadzor (Russian data protection authority)

The Provider reserves the right to block or restrict access to the Service without explanation in case of violation of the terms of use, the laws of the Russian Federation, the laws of the User's jurisdiction, or the rules of Telegram, VKontakte, Max platforms.

It is prohibited to use the Service for channels distributing content that violates the laws of any jurisdiction in which the User operates.

Upon account blocking, account data is retained for 90 days, after which it is automatically deleted.

To report violations, contact bot support or email support@crosslybot.ru.

To delete all your data, use the /delete command in the bot or write to support@crosslybot.ru.

Data will be deleted within 30 days of the request.

The Provider reserves the right to modify this Privacy Policy at any time without prior notice to Users. The updated version takes effect upon publication on the Service website.

The User is responsible for independently monitoring changes. Continued use of the Service after publication of changes constitutes acceptance of the updated Policy.

Sole Proprietor Antonov A.V.

Email: support@crosslybot.ru