Personal data processing policy1. General provisionsThis personal data processing policy has been drawn up in accordance with the requirements of the Federal Law of 27.07.2006. 152-FZ «About personal data» (hereinafter - the Law on personal data) and defines the procedure for processing of personal data and measures to ensure the security of personal data, taken by Chernov Denis Anatolievich (hereinafter - Operator).
1.1. The operator has as its main objective and condition of carrying out its activities the respect of human rights and freedoms of citizens when processing their personal data, including protection of privacy, personal and family secrets.
1.2. This Operator’s Personal Data Processing Policy (hereinafter - the Policy) applies to all information that the Operator may obtain about visitors of the website
https://chernovdenis.com.
2. Key concepts used in the Policy2.1. Automated processing of personal data - processing of personal data by means of computer technology.
2.2. Blocking of personal data - temporary termination of processing of personal data (except in cases where the processing is necessary to verify personal data).
2.3. Website - a set of graphic and information materials, as well as software for computers and databases, ensuring their accessibility on the Internet by network address
https://chernovdenis.com.
2.4. Personal data information system - the set of personal data contained in databases and ensuring their processing of information technologies and technical means.
2.5. Anonymization of personal data - actions that cannot be identified without using
https://chernovdenis.com.
2.6. Processing of personal data - any action (operation) or set of actions (operations), performed using automation means or without the use of such means with personal data, including collection, recording, systematization, accumulation, storage, updating (update, change), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.7. Operator - a state authority, municipal authority, legal entity or natural person, alone or jointly with other persons organizing and/or carrying out the processing of personal data, as well as determining purposes for processing personal data, the composition of personal data to be processed, actions (transactions) carried out with personal data.
2.8. Personal data is any information that relates directly or indirectly to a particular or defined User of the website
https://chernovdenis.com.
2.9. Personal data that the subject of the personal data has authorized for dissemination - personal data, access to an unlimited number of persons who have been provided by the subject of the personal data by giving consent to the processing of personal data, Personal data authorized by the subject for dissemination in accordance with the procedure provided for by the Personal Data Act (hereinafter, personal data authorized for dissemination).
2.10. User is any visitor of the website
https://chernovdenis.com.
2.11. Provision of personal data - actions aimed at the disclosure of personal data to a specific person or group of persons.
2.12. Disclosure of personal data - any action aimed at the disclosure of personal data to an undefined group of persons (transfer of personal data) or the disclosure of personal data to an unlimited number of persons, including disclosure of personal data in the media, placement on information and telecommunications networks or provision of access to personal data by other means.
2.13. Cross-border transfer of personal data - the transfer of personal data to the territory of a foreign state authority, to a foreign natural or legal person.
2.14. The destruction of personal data - any action, as a result of which the personal data is destroyed irrevocably with the impossibility of further restoration of the personal data content in the information system of personal data and/or material carriers of personal data are destroyed.
3. Basic rights and duties of the operator3.1. The operator is entitled to:
- receive from the subject of personal data reliable information and/or documents containing personal data;
— in the event of withdrawal of consent to processing of personal data by the subject, as well as a request for termination of processing of personal data, The Operator has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified in the Personal Data Act;
— independently determine the composition and list of measures necessary and sufficient to ensure compliance with the obligations provided for by the Personal Data Act and the regulatory acts adopted in accordance therewith, unless otherwise provided by the Personal Data Act or other federal laws.
3.2. The operator shall:
- to provide the subject of personal data, upon request, with information regarding the processing of his or her personal data;
- organize the processing of personal data in accordance with the procedure established by the current legislation of the Russian Federation;
- respond to requests and queries of the subjects of personal data and their legal representatives in accordance with the requirements of the Personal Data Act;
- to provide the authorized body for the protection of the rights of subjects of personal data upon request of this body with the necessary information within 10 days from the date of receipt of such request;
- publish or otherwise provide unrestricted access to this Privacy Policy;
— to take legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, dissemination, as well as from other unlawful acts in relation to personal data;
- stop the transfer (dissemination, provision, access) of personal data, stop processing and destroy personal data in the manner and cases provided for by the Law on Personal Data;
- perform other duties provided for in the Personal Data Act.
4. Basic rights and obligations of the subjects of personal data4.1. The subjects of personal data have the right to:
— receive information regarding the processing of his personal data, except as provided by federal laws. The data is provided to the subject of personal data by the Operator in an accessible form and should not contain personal data relating to other subjects of personal data, except when there are legal grounds for disclosure of such personal data. The list of information and the procedure for obtaining it is established by the Law on personal data;
— require the operator to update its personal data, block it or destroy it if the personal data is incomplete, outdated, inaccurate, unlawfully obtained or not necessary for the stated purpose of processing, as well as taking the measures provided for by law to protect their rights;
- to provide a condition of prior consent when processing personal data for the purpose of marketing goods, works and services;
- withdrawal of consent to the processing of personal data, as well as sending a request to stop the processing of personal data;
- to appeal to the authorized body for protection of rights of subjects of personal data or in court action illegal actions or omissions of the Operator when processing his personal data;
- to the exercise of other rights provided for by the legislation of the Russian Federation.
4.2. The subjects of personal data are obliged to:
- provide the Operator with reliable data about themselves;
- to inform the Operator about updating (updating, modification) of their personal data.
4.3. Persons who provide the Operator with unreliable information about themselves, or information about other subjects of personal data without the latter’s consent are liable in accordance with the law of the Russian Federation.
5. Рrinciples of personal data processing5.1. The processing of personal data is carried out on a lawful and fair basis.
5.2. Processing of personal data is limited to the achievement of specific, predetermined and lawful purposes. Personal data processing incompatible with the purpose of collecting personal data shall not be permitted.
5.3. Databases containing personal data processed for incompatible purposes shall not be combined.
5.4. Only personal data that is relevant to the purposes of processing shall be processed.
5.5. The content and amount of personal data processed correspond to the stated purposes of processing. The personal data processed shall not be redundant in relation to the stated purposes of their processing.
5.6. When processing personal data, the accuracy of the personal data, their sufficiency and, where necessary, the relevance to the purposes for which the personal data is processed shall be ensured. The operator takes and/or ensures that necessary measures are taken to remove or correct incomplete or inaccurate data.
5.7. The storage of personal data shall be carried out in a form that allows the identification of the subject of the personal data not longer than the purposes for which the personal data are processed require, if the retention period of the personal data is not specified by federal law, the contract to which the beneficiary or guarantor for which the subject of personal data is. The personal data processed is destroyed or de-identified when the purposes of processing are achieved, or if it is no longer necessary to achieve these purposes, unless otherwise provided for by federal law.
6. Purposes of processing personal dataPurpose of processing the information to the User by sending e-mails
- surname, first name, patronymic
- E-mail address
- phone numbers
Legal basis
- Operator’s statutory (founding) documents
- Contracts concluded between the operator and the data subject
Types of personal data processing
- Collection, recording, systematization, accumulation, storage, destruction and depersonalization
- Sending information letters to the e-mail address
7. Terms of processing personal data7.1. Processing of personal data is carried out with the consent of the subject of personal data for processing his or her personal data.
7.2. Processing of personal data is necessary to achieve the purposes stipulated by an international treaty of the Russian Federation or law, to carry out the duties, powers and responsibilities imposed on the operator by the legislation of the Russian Federation.
7.3. Processing of personal data is necessary for the execution of justice, execution of a judicial act, an act of another body or official subject to execution in accordance with the legislation of the Russian Federation on enforcement proceedings.
7.4. The processing of personal data is necessary for the performance of a contract to which either the beneficial owner or guarantor is party, and also for the conclusion of a contract at the initiative of the personal data subject or contract, in which the data subject will be the beneficiary or guarantor.
7.5. Processing of personal data is necessary for the exercise of rights and legitimate interests of the operator or third parties or to achieve purposes of public interest, provided that it does not violate the rights and freedoms of the subject of personal data.
7.6. Processing of personal data, access to an unlimited number of persons provided by the subject of personal data or at his request (hereinafter - publicly available personal data).
7.7. Processing of personal data subject to publication or mandatory disclosure in accordance with federal law takes place.
8. Collection, storage, transfer and other processing of personal dataThe security of personal data processed by the Operator is ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of current legislation in the field of personal data protection.
8.1. The operator shall ensure that personal data is kept safe and take all possible measures to prevent unauthorised persons from accessing personal data.
8.2. The User’s personal data will never, under any conditions, be transferred to third parties, except in cases related to the execution of the current legislation or in case of if the subject of the personal data has given consent to the Operator for the transfer of data to a third party for the performance of obligations under a civil contract.
8.3. In case of detection of inaccuracies in personal data, the User can update them themselves by sending a notification to the Operator e-mail address mail@denische.com with the mark «Updating personal data».
8.4. The period of processing of personal data is determined by the achievement of the purposes for which the personal data were collected, unless a different period is provided for in the contract or applicable law.
The User may withdraw his consent to the processing of personal data at any time by sending a notification to the Operator via e-mail to the e-mail address of the Operator mail@denische.com with the mark «Withdrawal of consent to the processing of personal data».
8.5. All information collected by third party services, including payment systems, communication tools and other service providers, is stored and processed by the specified persons (Operators) in accordance with their User Agreement and Privacy Policy. The subject of personal data and/or with specified documents. The Operator is not responsible for the actions of third parties, including the service providers referred to in this paragraph.
8.6. The personal data subject’s prohibitions on the transfer (except access) and processing or conditions of processing (except access) of personal data permitted for distribution, do not act in cases of processing of personal data in the state, public and other public interests defined by the legislation of the Russian Federation.
8.7. The Operator shall ensure the confidentiality of personal data when processing personal data.
8.8. The Operator shall store personal data in a form that makes it possible to identify the subject of the personal data not longer than the purposes for which the personal data are processed require, if the retention period of the personal data is not specified by federal law, the contract to which the subject of personal data is a party, beneficiary or guarantor.
8.9. The termination of processing of personal data may be conditional upon the fulfilment of the purposes for which the personal data are processed, the expiry of the period of validity of the consent of the subject of the personal data, withdrawal of consent by the subject of personal data or request to stop processing of personal data, as well as detection of unlawful processing of personal data.
9. List of actions carried out by the Operator with the personal data obtained9.1. The operator shall collect, record, systematize, accumulate, store, correct (update, change), extract, use, transfer (distribution, provision, access), depersonalize, block, delete and destroy personal data.
9.2. The operator carries out automated processing of personal data with the receipt and/ or transmission of information received on information and telecommunications networks or without such.
10. Cross-border transfers of Personal Data10.1. The operator is obliged to notify the competent authority for the protection of the rights of persons subject to personal data about its intention to carry out a cross-border transfer of personal data before starting cross-border transfer activities (such notice is sent separately from the notice of intention to process personal data).
10.2. Before the above-mentioned notification, the operator is obliged to obtain relevant information from the authorities of a foreign state, foreign individuals, foreign legal entities to which the cross-border transfer of personal data is planned.
11. Сonfidentiality of the personal dataThe operator and other persons who have access to personal data are obliged not to disclose personal data to third parties or to distribute personal data without the consent of the subject of personal data, unless otherwise provided by federal law.
12. final provisions12.1. The User may obtain any clarification on matters of interest regarding the processing of his personal data by contacting the Operator via e-mail to mail@denische.com.
12.2. This document will reflect any changes to the personal data processing policy of the Operator. The policy is valid indefinitely until it is replaced by a new version.
12.3. The current version of the Open Access Policy is available on the Internet at
https://chernovdenis.com/politika.