1.1. This User Agreement (the “Agreement”), pursuant to Articles 428, 435, 437 and clause 5 of Article 1286 of the Civil Code of the Russian Federation, is an adhesion contract between the sole proprietor Sole Proprietor “Purtov Alexander Nikolayevich” (the “Administration”) and any legal entity or natural person (the “User”) who uses the platform for creating chatbots, landing pages, and messaging campaigns (the “Service”) available at https://bot-market.net.
1.2. Acceptance of this Agreement (Article 438 of the Civil Code of the Russian Federation) is deemed to occur when the User simultaneously performs the following actions:
1.2.1. Familiarizes themselves with this Agreement and the Personal Data Processing Policy: https://bot-market.net/policy/en.
1.2.2. Registers in the Service.
1.2.3. Actually uses the Service.
1.2.4. Agrees to the terms of the Data Processing Addendum (DPA) (Appendix No. 1).
1.3. The current version of the Agreement is available at: https://bot-market.net/agree/en. If the User does not agree with any terms, the User must stop using the Service.
1.4. Acceptance of the Agreement confirms the User’s legal capacity and that the User is at least 18 years old.
1.5. Service messages. By joining the Agreement, the User agrees to receive service and operational/technical messages (security alerts, Service operations, invoices, etc.). Marketing messages are sent only with the User’s separate, prior, and verifiable consent; such consent may be withdrawn at any time (including by sending “STOP”, following an “Unsubscribe” link, or via the Account). EU/US alignment: Where applicable, marketing communications must comply with EU ePrivacy/GDPR consent requirements and US CAN-SPAM (email) and TCPA (SMS/voice) rules, including clear identification, opt-out mechanisms, and consent record-keeping.
1.6. The Data Processing Addendum (Appendix No. 1) forms an integral part of the Agreement.
2.1. Administration — Sole Proprietor “Purtov Alexander Nikolayevich,” the holder of exclusive rights to the Service, administering and maintaining its operation.
2.2. User — a legal entity or natural person who has registered in the Service and/or started using it. A representative of a legal entity is deemed authorized when taking actions of registration/payment/use.
2.3. Service / Platform — the set of software tools of the Administration (the bot-market.net website, admin panels, APIs, server software, databases, documentation, and other components) providing functionality for creating chatbots, landing pages, messaging, and related automation.
2.4. Website — the web resource at https://bot-market.net and its subdomains.
2.5. Account / User Account — the set of data and settings associated with the User, created upon Registration for working with the Service.
2.6. Dashboard / Personal Area — the Account interface providing access to settings, plans, bots, landing pages, messaging, data, and support.
2.7. User session — the period of active use of the Service until logout/timeout.
2.8. Bot (chatbot) — a software algorithm/project of the User for interaction in messengers and/or on landing pages, created by means of the Service.
2.9. Module / Block / Template — functional components/presets provided by the Service for configuring Bots and landing pages.
2.10. Content / User Content — any information and materials posted by the User in or through the Service (including texts, images, files, client/subscriber data, mailing lists, phone numbers, email addresses, messages, scripts, etc.).
2.11. Subscriber — a person receiving the User’s messages (in a messenger, by SMS, email, push, etc.).
2.12. Messaging / Campaign — sending messages (informational/marketing) by the User to recipients via the Service and/or integrations (messengers, SMS aggregators, email providers, etc.).
2.13. Plan / Tariff — the set of Service terms (limits, features, price) published at https://bot-market.net/pricing.
2.14. Subscription — paid access to the Service under the selected Plan for a Billing Period.
2.15. Add-ons / Extensions — paid options that expand the resources or functionality of the Service.
2.16. Billing Period — a calendar month unless otherwise stated in the Plan.
2.17. Personal Data (PD) — any information relating to an identified or identifiable natural person; scope and meaning as per Russian Federal Law No. 152-FZ and, where applicable, the GDPR/UK GDPR and similar laws (e.g., “personal information” under US state privacy laws such as CCPA/CPRA).
2.18. Processing of PD — any operation with PD (collection, recording, systematization, storage, alteration, use, anonymization, blocking, deletion, destruction, transfer/provision/access) — as per 152-FZ and, where applicable, GDPR/UK GDPR.
2.19. PD Operator / Data Controller — the party that determines the purposes and means of PD processing. For PD that the User processes (client/subscriber data), the Controller is the User. For PD of the User themselves (account/billing), the Controller is the Administration.
2.20. PD Processor / Data Processor — the party that processes PD on behalf of the Controller. In processing PD of the User’s clients/subscribers, the Processor is the Administration (see Appendix No. 1).
2.21. Sub-processor — a party engaged by the Processor (data centers, messaging providers, etc.) to perform part of PD operations on behalf of the Processor.
2.22. Information Security Incident — an event that led to accidental/illegal transfer, provision, access, alteration, loss of PD, or other information security violations.
2.23. Information Intermediary — a party that provides the technical ability to host/transmit materials without determining their recipient and without altering the content (Art. 1253.1 of the Civil Code of the Russian Federation), broadly comparable to a hosting/intermediary service provider under EU/US safe-harbor regimes where applicable.
2.24. Notice — a legally significant communication from one Party to the other under Sections 13–14 (including notice-and-takedown).
2.25. Notice-and-takedown — a procedure for submitting a Notice of illegality of materials/campaigns and prompt restriction/removal by the Administration.
2.26. SES — simple electronic signature (login/password of the Account or the email address specified upon registration/interaction) used to give legal effect to electronic documents (cf. “simple electronic signature” under EU eIDAS; “electronic signature” under US ESIGN/UETA).
2.27. ERIR — the Unified Register of Internet Advertising; ORD — operator of advertising data (where Russian advertising marking requirements apply).
2.28. Messenger — an information system/software for exchanging electronic messages (e.g., Telegram, WhatsApp, Viber, etc.).
2.29. Integration — a software connection of the Service with an external service/provider (payment, advertising, messenger, analytics, etc.).
2.30. IP Address — the unique network address of the User’s device.
2.31. Cookies — data fragments stored by the User’s browser/device for Service operation and analytics.
2.32. Service messages — messages about the operation of the Service (no marketing content).
2.33. Marketing messages — messages aimed at promoting goods/services; permitted only with the recipient’s prior verifiable consent and in compliance with applicable advertising/anti-spam laws (including EU ePrivacy/GDPR and, where applicable, US CAN-SPAM/TCPA).
2.34. Terms may be used in singular/plural; capitalization does not affect meaning. In case of ambiguity, interpretation shall follow Russian law and business practice.
3.1. The Administration grants the User the right to use the Service under a simple (non-exclusive) license for the purposes specified in this Agreement.
3.2. Use is permitted solely for the intended purpose of the Service.
3.3. The Agreement is mixed in nature: license terms + an agreement on the use of a simple electronic signature (Federal Law No. 63-FZ “On Electronic Signature”).
3.4. No separate license transfer deed is required; the license is deemed granted from the start of use of the Service.
3.5. Sublicensing by the User is not permitted.
3.6. Rights to the Service (code, design, databases, etc.) belong to the Administration and/or its right holders. No assignment of rights is made.
3.7. The right to use remains effective until termination of the Agreement (see Section 5).
3.8. The User uses the Service within its functionality and chosen Plan and pays consideration (if applicable).
4.1. All elements of the Service are protected intellectual property. Any use beyond this Agreement is prohibited.
4.2. Territory of use — worldwide (unless otherwise limited by third-party rights).
4.3. Revocation of the license is permitted in cases and manner provided by law and this Agreement.
4.4. The User may reproduce parts of the Service code on their device solely for caching/execution.
4.5. Making copies of the Service is not permitted (except as provided in 4.4).
4.6. Functional limitations may apply as stated in the documentation/interface of the Service.
4.7. Updates (minor/major) are provided at the Administration’s discretion.
4.8. The User must not modify, reverse engineer, decompile, or otherwise attempt to obtain the source code unless expressly permitted in writing by the Administration.
4.9. This Agreement governs use of the Service as intended; other services are governed by separate contracts/policies.
4.10. The User must comply with the laws of the Russian Federation and the country of residence. EU/US alignment: Where the User targets or processes data of EEA/UK or US residents, the User is responsible for complying with applicable EU/US laws (e.g., GDPR/UK GDPR, ePrivacy, CAN-SPAM/TCPA, US state privacy laws).
4.11. All actions performed under the Account are deemed actions of the User. Upon discovering unauthorized access, the User must promptly notify the Administration at [email protected].
4.12. Integrations. The Service integrates with external services (analytics, payments, messaging, etc.). The Administration provides technical access. Relationships concerning use of third-party services arise between the User and the relevant provider; such relationships are subject to that provider’s rules and pricing.
5.1. The Agreement takes effect upon acceptance and remains in force indefinitely unless otherwise provided in the Plan/an additional agreement.
5.2. Changes. Material changes are published and/or sent to the User no later than 10 calendar days before they take effect and apply only prospectively; terms of an already paid period are not worsened. The User may cancel the Service without penalty before the effective date of the changes.
5.3. Deletion of the Account at the User’s request is performed within 10 business days after contacting [email protected], and the Administration may identify the requester.
5.4. Termination of the Agreement entails termination of all licenses and electronic interaction.
5.5. The Administration may delete/block an Account if there have been no logins and no payments for 50 consecutive calendar days.
6.1. The Administration warrants that it holds the rights necessary to grant the license.
6.2. The Service is provided “as is.” The Administration does not warrant the absence of errors, compatibility with the User’s software/hardware, uninterrupted operation, or correction of all faults, to the maximum extent permitted by applicable law (consumer protections may grant mandatory rights).
6.3. The Administration ensures the possibility of using and paying for paid services in accordance with the paid-use license offer.
6.4. The Administration may change/expand/restrict the functionality of the Service.
6.5. The Administration may refuse registration/use in cases provided in the Agreement and by law.
6.6. The Administration may send technical/service messages.
6.7. The Administration may suspend/block access in case of a breach of the Agreement, indications of fraud, security threats, violation of third-party rights, or harm to the Administration’s brand.
6.8. The Administration may place informational and advertising messages within the Service; the User agrees to this.
6.9. The Administration processes PD in accordance with the Policy and the law.
6.10. The Administration may transfer rights/obligations under the Agreement to third parties by publishing a notice/sending a message to the User.
6.11. Maintenance windows are not considered a breach; their total duration does not exceed 24 hours per calendar month.
6.12. For support, the Administration may request technical data/log files from the User to the extent necessary for diagnostics.
7.1. The User may use the Service as intended and within its functionality.
7.2. In case of technical issues, the User contacts support.
7.3. The User must comply with the Agreement and legal norms, as well as the rights of the Administration and third parties.
7.4. Attempts to circumvent technical limitations, interfere with protection mechanisms, modify the Service, or conduct malicious activity are prohibited.
7.5. The User must protect their devices against malware.
7.6. The User must compensate losses/damages for infringement of the Administration’s IP rights.
7.7. The User warrants they will not use the Service to violate international or Russian law (including trafficking in PD, malware, access credentials, hacking, etc.).
7.8. The User must comply with the rules and restrictions of messengers (Telegram, WhatsApp, Viber, etc.), advertising, and payment platforms. Violations of such rules constitute a breach of this Agreement.
8.1. Status. The Administration acts as an information intermediary (hosting/access provider) and does not initiate transmission of User Content, determine recipients, or alter message content. The User is responsible for the legality of Content and messaging.
8.2. Anti-spam and advertising. The User’s messaging is permitted only with the prior verifiable consent of recipients and in compliance with advertising laws, internet advertising marking, and, where applicable under Russian law, transfers to the ERIR. The User must retain proof of consent and provide it upon request of the Administration/authorities. EU/US alignment: The foregoing must also meet EU ePrivacy/GDPR consent and transparency requirements and, where applicable, US CAN-SPAM (email) and TCPA (SMS/voice), including honoring opt-outs without delay.
8.3. Notice-and-Takedown. The Administration processes proper notices of illegality of materials/messaging and may promptly (no later than 24 hours) restrict access/remove materials and suspend the violator’s access. Notices shall be sent to [email protected] and must contain: (i) a description of the violation and legal basis; (ii) the exact path/bot ID/URL; (iii) requester contact details; (iv) proof of authority (if acting for a third party). EU/US alignment: The procedure is intended to be compatible with EU “notice and action” concepts and US DMCA-style notices to the extent applicable.
8.4. Repeat violations. In case of recidivism, the Administration may block the Bot/Account, delete Content, restrict messaging functions, and terminate the Agreement.
8.5. The User warrants they hold all necessary rights to posted Content and that such Content does not violate third-party rights or legal prohibitions/restrictions.
9.1. The User shall not cause harm to the Administration or third parties.
9.2. The User shall indemnify and hold the Administration harmless from losses, fines, amounts under claims/actions of third parties and authorities, as well as legal defense costs, arising from the User’s Content/messaging, processing of PD on the User’s instructions, or violations of the Agreement or law.
9.3. The Administration is not liable for: (i) actions of the User; (ii) legality and accuracy of information received/used by the User; (iii) quality of third-party goods/services; (iv) lack of internet access on the User’s side; (v) outages of providers/messengers/payment systems/data centers.
9.4. Liability cap. The Administration’s aggregate liability to the User is limited to the amount actually paid for one (1) Billing Period immediately preceding the event. The Administration is not liable for lost profits, indirect, punitive, or consequential damages. The limitations do not apply to willful misconduct, harm to life/health, or in cases where limitations are prohibited by law (including consumer protection law). Some jurisdictions (including several US states and EU member states) do not allow certain limitations; mandatory rights remain unaffected.
9.5. Nothing in the Agreement excludes or limits liability that cannot be excluded or limited by law.
10.1. Confidential Information — any business, technical, or financial information obtained by the Parties under the Agreement.
10.2. The Parties shall maintain confidentiality, except as provided by law/this Agreement or with the other Party’s written consent.
10.3. Providing information pursuant to a lawful request of authorities is not a breach, provided the other Party is notified (unless prohibited by law).
10.4. Confidentiality obligations survive indefinitely.
11.1. PD is processed in accordance with the Policy: https://bot-market.net/policy/en.
11.2. Roles.
11.2.1. With respect to the User’s own PD (registration, billing, support), the Administration acts as the PD Controller.
11.2.2. With respect to PD of the User’s clients/contacts that is hosted/processed in Bots/landing pages/messaging, the Administration acts as PD Processor on behalf of the User (the Controller). The terms of such processing are set out in Appendix No. 1 (DPA).
11.3. Localization and cross-border transfers. Databases containing PD of Russian citizens are stored in the Russian Federation. Cross-border PD transfers are permitted only in compliance with Russian law (including any required notifications to the competent authority) and on legitimate bases. EU/US alignment: Where the User or data subjects are in the EEA/UK, international transfers outside the EEA/UK require appropriate safeguards under GDPR/UK GDPR (e.g., SCCs or another valid mechanism). For US/California, the parties should ensure “service provider/processor” treatment under CCPA/CPRA; additional terms may be implemented in the DPA where necessary.
11.4. Data subject rights. Requests from data subjects shall be sent to [email protected]. The Administration/User will fulfill such requests within statutory time frames within their respective roles (controller/processor).
11.5. Deletion and export. Upon termination of the Agreement, the Administration deletes or returns to the User the PD processed on the User’s behalf within 30 calendar days, unless different retention is required by law/legitimate necessity.
12.1. The Service may contain links to third-party sites/services. The Administration does not control their content and is not responsible for it.
12.2. Following external links does not terminate this Agreement. Use of external resources is undertaken by the User independently and on the terms of the respective owners.
13.1. The Parties recognize the legal force of electronic messages/documents signed with a simple electronic signature (SES): the Account login/password or the email address specified by the User.
13.2. Messages sent from the User’s Account or from the registered email address to the Administration and vice versa are deemed signed with the SES of the respective Party.
13.3. The Parties shall ensure confidentiality of SES credentials (login/password).
13.4. Documents signed with an enhanced qualified electronic signature are equivalent to a handwritten signature.
13.5. Use of the SES for primary accounting documents is permitted to the extent allowed by accounting laws. EU/US alignment: Electronic signatures are intended to comply with EU eIDAS (simple electronic signature) and US ESIGN/UETA to the extent applicable.
14.1. Exchange of legally significant communications is permitted via the Account, messenger, email, or postal service.
14.2. A message is deemed received: (i) upon hand delivery — on the day of delivery; (ii) for registered mail — on the delivery receipt date; (iii) for email/messages in the Account — on the day of sending absent an automatic non-delivery notice.
14.3. The current version of the Agreement is posted at https://bot-market.net/agree/en.
14.4. The language of the Agreement is Russian; in case of translations, the Russian version prevails.
14.5. Nothing in the Agreement creates agency, employment, partnership, or joint venture relationships.
15.1. The Administration may immediately restrict/block access to a Bot, Account, and Dashboard in the event of: (i) violation of the Agreement/law; (ii) third-party claims of rights infringement; (iii) requirements of authorities; (iv) security threats; (v) exceeding Plan limits/non-payment.
15.2. In case of blocking due to the User’s violations, the Administration may delete the Account, Bots, Content, and data without compensation. If blocked through no fault of the User, a prorated refund for the unused paid period may be provided.
15.3. Blocking means that access to the Service and/or Content is not available, including to internet users.
16.1. The Parties are released from liability for full/partial non-performance caused by force majeure circumstances that the Parties could not foresee or prevent (including acts of authorities, sanctions, outages/failures of telecom operators, data centers, messengers, and other providers, epidemics, emergencies).
16.2. The Party for whom performance became impossible shall notify the other Party within a reasonable time. Deadlines are extended for the duration of force majeure.
17.1. All disputes shall be resolved under the law of the Russian Federation.
17.2. A pre-trial claim procedure is mandatory: one Party sends a claim, and the other Party responds within 10 business days.
17.3. If no agreement is reached, the dispute shall be referred to the court at the location of the Administration after 30 calendar days from the date of the initial claim. Note: Mandatory consumer protection rules of the User’s jurisdiction (e.g., EU/US) may grant additional rights and forums that cannot be waived.
Sole Proprietor (Individual Entrepreneur) Purtov Alexander Nikolayevich
Taxpayer ID (INN): 120701968934, Primary State Registration Number (OGRNIP): 322784700108619
Registered address: 424028, Republic of Mari El, Yoshkar-Ola, ul. Yyvana-Kyrli, 31A (as per Russian registration records)
Email: [email protected]
DATA PROCESSING ADDENDUM (DPA)
1.1. Personal Data Controller — the User (legal entity or natural person) who determines the purposes and scope of PD processed through the Service.
1.2. Personal Data Processor — Sole Proprietor “Purtov Alexander Nikolayevich” (the Administration), providing hosting/technical processing of Content and PD on the Controller’s instructions within the Service https://bot-market.net.
1.3. Personal Data (PD) — any information about a natural person uploaded/collected by the Controller when using the Service (including data of the Controller’s clients/subscribers).
1.4. Other terms — as per the Agreement and Russian Federal Law No. 152-FZ, and, where applicable, GDPR/UK GDPR and relevant US state privacy laws (e.g., CCPA/CPRA). For California, the Processor acts as a “service provider/processor” solely for business purposes designated by the Controller.
2.1. The Controller instructs, and the Processor undertakes, to process PD strictly to provide the Service: hosting, storage, routing, message delivery, technical support, security, Service accounting, and analytics.
2.2. PD operations: collection (receipt from the Controller), recording, systematization, storage, anonymization, transfer (provision, access), deletion/destruction — to the extent necessary to provide the Service.
2.3. The composition of PD is determined by the Controller (the Processor does not control the PD content uploaded by the Controller).
3.1. This DPA remains in effect for as long as the Controller uses the Service, including free periods and periods of Account blocking.
3.2. Within 30 calendar days after termination of the Agreement, the Processor deletes the PD processed on behalf of the Controller or transfers it to the Controller upon request, unless otherwise required by law/legitimate interests (e.g., dispute resolution, accounting).
4.1. The Controller warrants a lawful basis for PD processing (including data subject consents where required) and the lawfulness of instructing the Processor.
4.2. The Controller ensures data subject rights (access, rectification, withdrawal of consent, etc.) and is independently responsible to data subjects.
4.3. Upon the Processor’s request, the Controller provides, within 5 calendar days, confirmations of the lawfulness of processing and transfer of PD to the Processor.
4.4. The Controller is responsible for the selection of PD categories, legal adequacy of consent/notice texts, and the lawfulness of messaging.
5.1. The Processor processes PD strictly on the Controller’s instructions and for Service provision, observing confidentiality and PD security.
5.2. Localization. Databases containing PD of Russian citizens are hosted/processed in the Russian Federation.
5.3. Cross-border transfers. Permitted only in compliance with Russian law (including any required notifications) and with valid legal bases. EU/US alignment: Where GDPR/UK GDPR applies, the Processor will implement appropriate transfer safeguards (e.g., EU/UK Standard Contractual Clauses) as instructed by the Controller. Where CCPA/CPRA applies, the Processor will not “sell” or “share” PD and will use PD solely to perform the business purposes specified by the Controller.
5.4. Security. The Processor applies necessary legal, organizational, and technical measures to protect PD against unlawful/accidental access, destruction, alteration, blocking, copying, provision, or dissemination.
5.5. Sub-processors. The Processor may engage sub-processors (data centers, messaging providers, etc.) provided that written obligations of confidentiality and security are imposed at a level no lower than this DPA. A list of key categories of sub-processors can be provided upon the Controller’s request. Where GDPR/UK GDPR applies, the Processor will ensure sub-processor contracts impose equivalent obligations (Art. 28(2), 28(4)).
5.6. The Processor shall notify the Controller of security incidents that compromise PD confidentiality without undue delay and, in any case, no later than 24 hours after discovery, and shall assist the Controller in meeting its obligations to data subjects/authorities.
6.1. Upon receiving a request from a data subject/authority relating to the Controller’s PD, the Processor shall forward it to the Controller within 3 business days, unless the request concerns PD for which the Processor is the controller (PD of account users).
6.2. The Controller responds to such requests; the Processor shall provide reasonable assistance.
7.1. The Processor is liable to the Controller for compliance with its PD security/confidentiality obligations to the extent of actual damages, but not exceeding the fee for one Billing Period.
7.2. In the free version, the Service is provided “as is,” and the Processor’s liability is limited to the statutory minimum.
7.3. The Controller shall defend and indemnify the Processor against third-party claims (including data subjects and authorities) related to unlawful PD processing by the Controller and shall reimburse legal defense costs.
8.1. This DPA is governed by the law of the Russian Federation. Disputes are resolved as set out in the Agreement (Section 17). Mandatory privacy rules of other jurisdictions (e.g., GDPR/UK GDPR, CCPA/CPRA) apply to the extent they cannot be waived and are incorporated by reference as applicable.