1. General Provisions
This personal data processing policy is drawn up in accordance with the requirements of the Federal Law of 27.07.2006 No. 152-FZ “On Personal Data” and determines the procedure for processing and measures to ensure the security of personal data taken by Artemov G.M. (hereinafter referred to as the Operator).
1.1. The Operator aims to respect the rights and freedoms of individuals and citizens when processing their personal data, including the protection of the rights to privacy, personal and family secrets. 1.2. This policy applies to all information that the Operator can obtain about visitors to the website.
2. Basic Concepts
2.1. Automated processing of personal data – processing using computer technology. 2.2. Blocking of personal data – temporary cessation of processing. 2.3. Website – a collection of graphic and information materials, computer programs and databases that ensure their availability on the internet. 2.4. Information system of personal data – a collection of personal data contained in databases and information technologies that ensure their processing. 2.5. Depersonalization of personal data – actions that make it impossible to determine the ownership of personal data by a specific User without additional information. 2.6. Processing of personal data – any action (operation) with personal data, including collection, recording, systematization, accumulation, storage, clarification, extraction, use, transfer, depersonalization, blocking, deletion, destruction. 2.7. Operator – a legal or physical person who organizes and/or carries out the processing of personal data, determines the purposes and composition of the personal data to be processed. 2.8. Personal data – any information related to a specific or identifiable User of the website. 2.9. Personal data allowed by the subject for dissemination – data to which the subject has granted access through consent to processing. 2.10. User – any visitor to the website. 2.11. Provision of personal data – actions aimed at disclosing data to a specific group of persons. 2.12. Dissemination of personal data – actions aimed at disclosing data to an indefinite group of persons. 2.13. Cross-border transfer of personal data – transfer of data to the territory of a foreign state. 2.14. Destruction of personal data – actions resulting in the irreversible destruction of data.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
- receive reliable information and/or documents containing personal data;
- continue processing personal data without the consent of the subject if there are grounds specified in the Personal Data Law;
- independently determine measures to ensure the fulfillment of obligations provided for by the Personal Data Law.
3.2. The Operator must:
- provide the subject with information on the processing of their data;
- respond to requests and inquiries from data subjects;
- provide necessary information to the authorized body for the protection of the rights of data subjects;
- publish the Policy regarding the processing of personal data;
- take measures to protect personal data from unlawful access;
- cease processing and destroy personal data as prescribed by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
- receive information regarding the processing of their data;
- demand clarification, blocking, or destruction of their data;
- set conditions for prior consent when processing data for the promotion of goods and services;
- withdraw consent to the processing of personal data;
- appeal against unlawful actions or inaction of the Operator.
4.2. Personal data subjects must:
- provide reliable data about themselves;
- notify of changes to their data.
5. The Operator May Process the Following Personal Data of the User
5.1. Last name, first name, patronymic; 5.2. Phone number; 5.3. Email address; 5.4. Collection and processing of anonymized data about visitors using internet statistics services (Yandex Metrica, Google Analytics). 5.5. Processing of special categories of data (racial, national affiliation, political views, religious beliefs, intimate life) is not carried out.
6. Principles of Personal Data Processing
6.1. Data processing is carried out on a lawful and fair basis. 6.2. Data processing is limited to achieving specific goals. 6.3. Combining databases containing data processed for incompatible purposes is not allowed. 6.4. Only data that meets the purposes of its processing is subject to processing. 6.5. Data being processed should not be excessive in relation to the stated purposes of their processing. 6.6. Accuracy, sufficiency, and relevance of the data being processed are ensured. 6.7. Data storage is carried out no longer than necessary for the purposes of processing.
7. Purposes of Personal Data Processing
7.1. The purpose of processing User data:
- informing the User via email;
- conclusion, execution, and termination of civil law contracts;
- providing access to services and information on the website;
- clarification of order details.
7.2. The Operator has the right to send notifications about new products, services, special offers, and events. The User can opt out of receiving notifications through the contacts on the official website with the note “Unsubscribe from notifications”. 7.3. Anonymized User data is used to collect information about user actions on the site and improve the quality of the site and its content.
8. Legal Grounds for Personal Data Processing
8.1. The Operator processes User data if they are sent through forms on the website. By sending data, the User agrees to the Policy. 8.2. The Operator processes anonymized data if the User allows the storage of “cookie” files and the use of JavaScript technology.
9. Conditions for Personal Data Processing
9.1. Data processing is carried out with the consent of the subject. 9.2. Data processing is necessary to achieve the goals stipulated by an international treaty or law. 9.3. Data processing is necessary for the administration of justice, execution of a judicial act. 9.4. Data processing is necessary for the execution of a contract to which the subject is a party. 9.5. Data processing is necessary for the exercise of the rights and legitimate interests of the Operator or third parties. 9.6. Data processing, to which the subject has granted access. 9.7. Data processing, subject to publication or mandatory disclosure under federal law.
10. Procedure for Collecting, Storing, Transferring, and Other Types of Data Processing
Data security is ensured by legal, organizational, and technical measures.
10.1. The Operator ensures data integrity and prevents unauthorized access. 10.2. Data will not be transferred to third parties unless required by law or agreed upon with the subject. 10.3. The User can update data by sending a notification through the contacts on the official website with the note “Data update”. 10.4. The processing period is determined by the achievement of the purposes for which they were collected. 10.5. All information collected by third-party services is stored and processed under their User Agreement and Privacy Policy. 10.6. The Operator ensures data confidentiality. 10.7. The Operator stores data no longer than necessary for the purposes of processing.
11. List of Actions with Personal Data
11.1. The Operator collects, records, systematizes, accumulates, stores, clarifies, extracts, uses, transfers, depersonalizes, blocks, deletes, and destroys data. 11.2. The Operator performs automated data processing with or without information transmission over networks.
12. Cross-Border Data Transfer
12.1. Before cross-border data transfer, the Operator must ensure reliable protection of data subjects’ rights. 12.2. Cross-border data transfer to countries that do not provide reliable protection is possible only with the subject’s consent.
13. Data Confidentiality
The Operator and other persons who have gained access to data must not disclose or distribute them without the subject’s consent, unless otherwise provided by law.
14. Final Provisions
14.1. The User can get clarifications on data processing by contacting the Operator through the contacts on the official website. 14.2. Changes to the data processing policy will be reflected in this document. The policy is valid indefinitely until replaced by a new version.