This privacy policy. Privacy Policy

This Privacy Policy personal data (hereinafter referred to as the Privacy Policy) applies to all information that this site, which hosts the text of this Privacy Policy, can receive about the User, as well as any programs and products hosted on it.

1. Definition of terms

1.1 The following terms are used in this Privacy Policy:

1.1.1. "Site Administration" - authorized employees to manage the site, acting on its behalf, who organize and (or) process personal data, and also determine the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data.

1.1.2. "Personal data" - any information relating to a directly or indirectly identified or identifiable natural person (subject of personal data).

1.1.3. "Processing of personal data" - any action (operation) or a set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.

1.1.4. “Confidentiality of personal data” is a mandatory requirement for the Site Administration to prevent their intentional distribution without the consent of the subject of personal data or other legal grounds.

1.1.6. "Cookies" - a small piece of data sent by a web server and stored on the user's computer, which the web client or web browser sends to the web server in an HTTP request each time they try to open a page of the corresponding site.

1.1.7. "IP address" - a unique network address of a node in a computer network built using the IP protocol.

2. General provisions

2.1. The User's use of the site means acceptance of this Privacy Policy and the terms of processing the User's personal data.

2.2. In case of disagreement with the terms of the Privacy Policy, the User must stop using the site.

2.3. This Privacy Policy applies only to this site. The site administration does not control and is not responsible for third-party sites to which the User can follow the links available on this site.

2.4. The site administration does not verify the accuracy of personal data provided by the Site User.

3. Subject matter of the privacy policy

3.1. This Privacy Policy establishes the obligations of the Site Administration regarding the deliberate non-disclosure of personal data that the User provides at various requests of the Site Administration (for example, when registering on the site, placing an order, subscribing to notifications, etc.).

3.2. Personal data authorized for processing under this Privacy Policy is provided by the User by filling out special forms on the Site and usually includes the following information:

3.2.1. surname, name, patronymic of the User;

3.2.2. contact phone number of the User;

3.2.3. email address (e-mail);

3.2.4. place of residence of the User and other data.

3.3. The site administration also takes efforts to protect Personal data that is automatically transmitted during the visit to the site pages:

  • IP address;
  • information from cookies;
  • information about the browser (or other program that accesses the site);
  • access time;
  • visited page addresses;
  • referrer (address of the previous page), etc.

3.3.1. Disabling cookies may result in the inability to access the site.

3.3.2. The site collects statistics about the IP addresses of its visitors. This information used to identify and solve technical problems, to control the correctness of operations.

3.4. Any other personal information not specified above (browsers used and Operating Systems etc.) is not subject to deliberate disclosure, except as provided in paragraphs. 5.2. and 5.3. of this Privacy Policy.

4. Purposes of collecting personal information of the user

4.1. The User's personal data may be used by the Site Administration for the following purposes:

4.1.1. Identification of the User registered on the site.

4.1.2. Providing the User with access to personalized resources of the site.

4.1.3. Establishing feedback with the User, including sending notifications, requests regarding the use of the site, the provision of services, processing requests and applications from the User.

4.1.4. Determining the location of the User to ensure security, prevent fraud.

4.1.5. Confirmation of the accuracy and completeness of personal data provided by the User.

4.1.6. Providing the User with effective customer and technical support in case of problems related to the use of the site.

5. Methods and terms of processing personal information

5.1. The processing of the User's personal data is carried out without time limit, in any legal way, including in personal data information systems using automation tools or without using such tools.

5.2. The User's personal data may be transferred to authorized state authorities only on the grounds and in the manner established by applicable law.

6. Obligations of the parties

6.1. The user undertakes:

6.1.1. Provide correct and truthful information about personal data necessary to use the site.

6.1.2. Update or supplement the provided information about personal data in case of changes in this information.

6.1.3. Take steps to protect access to your confidential data stored on the site.

6.2. The site administration undertakes:

6.2.1. Use the information received solely for the purposes specified in clause 4 of this Privacy Policy.

6.2.2. Do not disclose the User's personal data, with the exception of clause 5.2. of this Privacy Policy.

6.2.3. Block personal data relating to the relevant User from the moment the User or his legal representative or authorized body for the protection of the rights of subjects of personal data has applied or requested for the period of verification, in case of revealing false personal data or illegal actions.

7. Liability of the parties

7.1. The site administration is responsible for the deliberate disclosure of the User's Personal Data in accordance with applicable law, with the exception of cases provided for in clauses. 5.2., and 7.2. of this Privacy Policy.

7.2. In case of loss or disclosure of Personal Data, the Site Administration is not responsible if this confidential information:

7.2.1. Became public property before its loss or disclosure.

7.2.2. It was received from a third party until it was received by the Site Administration.

7.2.3. It was obtained by third parties through unauthorized access to the site's files.

7.2.4. Was disclosed with the consent of the User.

7.3. The User is responsible for the legitimacy, correctness and truthfulness of the provided Personal Data in accordance with applicable law.

8. Dispute Resolution

8.1. Before going to court with a claim for disputes arising from the relationship between the Site User and the Site Administration, it is mandatory to submit a claim (a written proposal for a voluntary settlement of the dispute).

8.2. The recipient of the claim, within 30 calendar days from the date of receipt of the claim, notifies the claimant in writing of the results of the consideration of the claim.

8.3. If an agreement is not reached, the dispute will be referred to the judicial authority in accordance with applicable law.

8.4. The current legislation applies to this Privacy Policy and the relationship between the User and the Site Administration.

9. Additional terms

9.1. The site administration has the right to make changes to this Privacy Policy without the consent of the User.

9.2. The new Privacy Policy comes into force from the moment it is posted on the Site, unless otherwise provided by the new edition of the Privacy Policy.

Politics
privacy of personal data

1. GENERAL PROVISIONS

1.1. PharmPak Limited Liability Company (hereinafter referred to as the Company), as part of its activities, processes personal data and is a personal data operator with the relevant rights and obligations determined by the current legislation of the Russian Federation on the procedure for processing personal data.

1.2. Personal data privacy policy (hereinafter referred to as the Policy) is a local regulatory act of the Company that defines the basic principles, conditions and procedure for processing personal data of subjects of circulation of medicines sold by the Company and other users of the Site (hereinafter referred to as subjects of personal data or Subjects), establishing the rights and obligations of personal data subjects and the Company in the processing of personal data, as well as the requirements and measures for the protection of personal data implemented in the Company.

1.3. This Policy has been drawn up in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data” and is to be posted on the website - (hereinafter referred to as the Website).

1.4. This Policy applies to all information that the Company receives through the Site, its programs and products. This Policy also applies to information received by the Company from personal data subjects by phone, e-mail, telegrams, postal items, etc., as well as by filling out web forms by personal data subjects posted on the Company's Website.

1.5. This Policy applies to all processes of processing personal data, regardless of the form in which personal data is provided.

1.6. The use of the Site by the subject of personal data, as well as the provision by the Subject to the Company of his personal data in any way, including as provided for in clause 1.4. of this Policy, means the consent of the Subject with this Policy and the conditions for processing his personal data.

1.7. In case of disagreement with the terms of this Policy, the Subject must stop using the Site.

1.8. The Company does not verify the accuracy of personal data provided by personal data subjects.

1.9. The Company does not control compliance with the terms of confidentiality and processing of personal data of the Subjects by the owners or users of other sites to which the subject of personal data can follow the links available on the Company's Website, and is not responsible for the actions / inaction of the owners or users of such sites in the field of personal data processing and respect for confidentiality.

1.10. This Policy establishes the obligations of the Company for non-disclosure and provision of a regime for protecting the confidentiality of personal data that the Subject provides to the Company independently or at the request of the Company, including by filling out the relevant web forms posted on the Company's Website.

2. CONCEPTS AND DEFINITIONS

2.1. Basic concepts and definitions used in this Policy:

Personal data - any information relating to a directly or indirectly identified or identifiable natural person (subject of personal data);

Processing of personal data - any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;

Automated processing of personal data - processing of personal data using computer technology;

Dissemination of personal data - actions aimed at disclosing personal data to an indefinite circle of persons;

Providing personal data - actions aimed at disclosing personal data to a certain person or a certain circle of persons;

Blocking of personal data - temporary suspension of the processing of personal data (unless the processing is necessary to clarify personal data);

Destruction of personal data - actions, as a result of which it becomes impossible to restore the content of personal data in the information system of personal data and (or) as a result of which material carriers of personal data are destroyed;

Depersonalization of personal data - actions, as a result of which it becomes impossible to determine the ownership of personal data by a specific subject of personal data without the use of additional information;

Information system of personal data - a set of personal data contained in databases and technical means that ensure their processing of information technology;

Site User - a visitor to the Site who views it and also uses it to perform specific tasks and functions;

Pharmacovigilance is the activity of monitoring the efficacy and safety of medicines aimed at identifying, assessing and preventing undesirable consequences of the use of drugs;

An adverse reaction is an unintended adverse reaction of the body that may be associated with the use of a medicinal product, or a serious adverse reaction of the body associated with the use of a medicinal product, resulting in death, congenital anomalies or malformations, or posing a threat to life, requiring hospitalization or resulting in persistent loss of ability to work and (or) disability;

An official is an employee of the Company who, in the process of fulfilling his official duties carries out the processing of personal data of the Subjects and is responsible in accordance with the legislation of the Russian Federation.

3. PRINCIPLES OF PERSONAL DATA PROCESSING

3.1. The processing of personal data of the Subjects in the Company is based on the following principles:

The legality of the purposes and methods of processing the personal data of the Subjects;

Compliance of the purposes of processing the personal data of the Subjects with the purposes predetermined and declared when collecting personal data;

Compliance of the content and volume of personal data being processed with the purposes of personal data processing;

Reliability, sufficiency and relevance of personal data for the purposes of their processing, inadmissibility of processing redundant personal data in relation to the purposes of their collection and processing.

4. LEGAL BASIS FOR PROCESSING PERSONAL DATA

4.1. The legal basis for the processing of personal data is a set of legal acts, pursuant to which and in accordance with which the Company processes personal data.

4.2. This Policy of the Company is determined in accordance with the following regulations:

Constitution Russian Federation;

Federal Law No. 152-FZ of July 27, 2006 “On Personal Data”;

Federal Law No. 61-FZ of July 27, 2006 “On the Circulation of Medicines”;

Order of Roszdravnadzor dated February 15, 2017 N 1071 "On approval of the Procedure for the implementation of pharmacovigilance";

Rules of Good Pharmacovigilance Practice of the Eurasian Economic Union, approved by the Decision of the Council of the Eurasian Economic Commission N 87 dated 03.11.2016;

Other legal acts of the Russian Federation.

5. PURPOSE OF PROCESSING PERSONAL DATA

5.1. The processing of the personal data of the Subjects is carried out by the Company in order to ensure the quality and integrity of the pharmacovigilance system in terms of the organization by the Company of work with information about adverse reactions to medicinal products sold by the Company, including in the process of accepting, streamlining, reviewing and transmitting messages about side effects, adverse reactions, serious adverse and unforeseen adverse reactions when using drugs, the features of their interaction with other drugs, individual intolerance, as well as other facts and circumstances that pose a threat to human life or health or affect a change in the ratio of expected benefits to possible the risk of using drugs (hereinafter - Messages).

5.2. The Company also processes the personal data of the Subjects for the following purposes:

Identification of subjects of personal data;

Implementation by the Company of monitoring the effectiveness and safety of medicinal products in the framework of pharmacovigilance activities based on information received from the Subjects;

Carrying out activities in accordance with the Charter of the Company;

Providing information support to the Subjects;

Establishing feedback with personal data subjects, including to confirm the accuracy and completeness of personal data provided by them when contacting the Company.

In order to comply with Good Distribution Practices by the Company. For these purposes, claims received by the Company will be registered with the following information: date of receipt of the claim, name of the organization or full name of the person, their contact details (telephone / fax number, e-mail address, address for sending correspondence), name of the medicinal product, dosage form, dosage, batch (batch) number, volume, reason for the claim, and more. At the same time, the processing of personal data can be carried out both upon receipt of claims regarding the quality of medicines, and claims regarding compliance with the requirements and conditions of distribution.

5.3. In order to achieve the purposes of processing personal data, the Company may process personal data in the following scope:

Date and place of birth;

E-mail address;

Phone number;

Address of the place of registration, actual residence, address for sending correspondence;

health information;

Information about identified or suspected discrepancies in the quality of medicinal products (claims regarding the quality of medicinal products or claims regarding compliance with the requirements and conditions of distribution);

Information about side effect or an adverse drug reaction;

Information about the place of work and the position held.

6. PROCEDURE AND CONDITIONS FOR PROCESSING PERSONAL DATA

6.1. The terms of personal data processing are determined by the Company in accordance with the purposes of personal data processing.

6.2. The condition for terminating the processing of personal data is the achievement of the purposes of processing personal data, the expiration of the consent of the Subject or the withdrawal of consent by the Subject to the processing of his personal data, as well as the identification of unlawful processing of personal data.

6.3. The Company does not disclose to third parties and does not distribute personal data without the consent of the subject of personal data, unless otherwise provided by the legislation of the Russian Federation.

6.4. In case of loss or disclosure of personal data, the Company has the right not to inform the Subject of the loss or disclosure of his personal data.

6.5. The Company does not carry out cross-border transfer of personal data.

6.6. The Company transfers the processed personal data to state bodies, including Roszdravnadzor, legal entities with which the Company has concluded contracts and agreements for the purposes provided for in clause 5.1. and 5.2. of this Policy.

6.7. Personal data of personal data subjects are stored in the manner determined by the Company.

6.8. The processing of the personal data of the Subjects is entitled to be carried out by the Company's officials on the basis of the rights granted to them, executed in the prescribed manner, or by virtue of their official duties.

6.9. Officials who are allowed access to the personal data of the Subjects in accordance with this Policy receive and use only those personal data of the Subjects that they need to perform specific functions.

6.10. When processing personal data, the Company's officials must comply with the following requirements:

Do not disclose the personal data of the Subjects to a third party without the written consent of the subject of personal data, except when it is necessary in order to prevent a threat to the life and health of the subject of personal data, as well as in other cases provided for by the legislation of the Russian Federation and this Policy;

Warn persons receiving personal data of the subject of personal data in accordance with this Policy that this data can only be used for the purposes for which they are reported. Persons receiving personal data are required to maintain secrecy (confidentiality);

Do not disclose for commercial purposes the personal data of the Subject without his consent.

6.11. The regime of secrecy (confidentiality) applies to both paper and electronic (automated) media.

6.12. The Company also collects information using session and permanent cookies. Session cookies are stored on the User's computer for a certain period of time after he has left the Site. Session cookies are used by the Company to count the number of visitors to the Site. In addition, the Company uses persistent cookies that allow you to know how the User moves through the pages of the Site, what content is most interesting to him and how long the User stays on a particular page of the Site.

6.13. The Company processes the data collected using cookies only for statistical purposes, to diagnose problems with the server and for the purposes of administering the Company's Website. At the same time, the collection and processing of such data is carried out only in an anonymized form.

6.14. The user of the Site has the opportunity to delete or cancel cookies at any time, for this it is necessary to change the settings of the web browser. At the same time, if the User deletes or cancels cookies, then use all the functionality software browser, as well as the Site, the User will not be able to.

7. PROTECTION OF PERSONAL DATA

7.1. The protection of personal data must be carried out in accordance with the requirements of the current legislation of the Russian Federation on the protection of personal data.

7.2. When processing personal data, the Company takes all necessary legal, organizational and technical measures to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution.

7.3. Ensuring the security of the personal data of the Subjects received by the Company is achieved, in particular:

Appointment of officials responsible for organizing the processing of personal data of the Subjects in the Company;

The publication of this Policy, the adoption of other local acts on the processing and security of the personal data of the Subjects received by the Company;

Implementation in the Company of internal control over the compliance of personal data processing processes with the requirements provided for by the current legislation of the Russian Federation, this Policy and other local acts of the Company;

Application in the Company of organizational and technical measures to ensure the security of personal data received from the Subjects during their processing;

Familiarization of the Company's employees directly involved in the processing of personal data of the Subjects with local acts on the processing of personal data of the Subjects.

8. RIGHTS AND OBLIGATIONS OF THE COMPANY

8.1. When processing personal data, the Company is obliged to:

Process the personal data of the Subjects in strict accordance with the legislation of the Russian Federation, this Policy and other local acts of the Company;

Stop processing personal data at the request of the Subject, as well as in cases provided for by the current legislation of the Russian Federation;

Provide the Subject, upon his written request, with information on the processing of his personal data;

For automated processing of personal data, use databases located on the territory of the Russian Federation.

8.2. When processing the personal data of the Subjects, the Company has the right to:

Receive personal data from Subjects;

Check the completeness, accuracy and reliability of the personal data provided by the Subject, request additional personal data from the Subjects;

Process personal data;

Acquire and exercise other rights.

9. RIGHTS OF PERSONAL DATA SUBJECTS

9.1. The subject of personal data has the right:

Receive information regarding the processing of his personal data, including the following: confirmation of the fact of processing personal data by the Company; legal grounds and purposes of personal data processing; the purposes and methods used by the Company for processing personal data; the name and location of the Company, information about persons (excluding employees of the Company) who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the Company or on the basis of federal law; processed personal data relating to the relevant subject of personal data, the source of their receipt, unless a different procedure for the submission of such data is provided by federal law; terms of processing personal data, including the terms of their storage; information about the performed or proposed cross-border data transfer; the name or surname, first name, patronymic and address of the person who processes personal data on behalf of the Company, if the processing is or will be entrusted to such a person;

Require the Company to clarify the personal data of the Subject processed by the Company, block or destroy them if the personal data is incomplete, outdated, inaccurate, illegally obtained, inaccurate or not necessary for the stated purpose of processing;

9.2. In order to exercise their rights and protect legitimate interests, the subject of personal data has the right to apply in writing to the Company. The Company considers any written requests and complaints from personal data subjects, thoroughly investigates the facts of violations and accepts all necessary measures for their immediate elimination, punishment of the perpetrators and settlement of disputes in pre-trial order.

9.3. A written request from the subject of personal data to provide information regarding the processing of his personal data must contain the following mandatory details established by Part 3 of Art. 14 of Federal Law No. 152-FZ of July 27, 2006 “On Personal Data”, including: the number of the main identity document of the subject of personal data or his representative, information about the date of issue of the specified document and the issuing authority, information confirming participation of the subject of personal data in relations with the operator (contract number, date of conclusion of the contract, conditional verbal designation and (or) other information), or information otherwise confirming the fact of processing personal data by the operator, the signature of the subject of personal data or his representative. The request can be sent in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.

9.4. Requests from the subject of personal data to obtain information about their personal data, familiarize themselves with them, to clarify them, block or destroy them, withdraw consent to their processing can be sent to the e-mail address [email protected] or at the address: 105318, Moscow, st. Mironovskaya, 33, building 28 (PharmPak LLC).

10. FINAL PROVISIONS

10.1. This Policy is a public document of the Company and is subject to placement on the public information resource of the Company - the Website.

10.2. This Policy is subject to change, addition in case of changes in the legislation of the Russian Federation, local regulations of the Company in the field of processing and protection of personal data of the Company.

10.3. The liability of the Company, as well as its officials for failure to comply with the requirements of the rules governing the processing and protection of personal data, is established by the legislation of the Russian Federation and local regulations of the Company.

1. General provisions
This personal data processing policy has been drawn up in accordance with the requirements of the Federal Law of July 27, 2006. No. 152-FZ "On Personal Data" and determines the procedure for processing personal data and measures to ensure the security of personal data of Mikhailov Ivan Sergeevich (hereinafter referred to as the Operator).
  1. The operator sets as its most important goal and condition for the implementation of its activities the observance of the rights and freedoms of a person and a citizen in the processing of his personal data, including the protection of the rights to privacy, personal and family secrets.
  2. This Operator's policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator can receive about visitors to the https://mysite.ru website.
2. Basic concepts used in the Policy
  1. Automated processing of personal data - processing of personal data using computer technology;
  2. Blocking of personal data - temporary suspension of the processing of personal data (unless the processing is necessary to clarify personal data);
  3. Website - a set of graphic and informational materials, as well as computer programs and databases that ensure their availability on the Internet at the network address https://mysite.ru;
  4. Personal data information system - a set of personal data contained in databases and information technologies and technical means that ensure their processing;
  5. Depersonalization of personal data - actions as a result of which it is impossible to determine, without the use of additional information, the ownership of personal data by a specific User or other subject of personal data;
  6. Processing of personal data - any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
  7. Operator - government agency, municipal authority, legal or individual, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data;
  8. Personal data - any information relating directly or indirectly to a specific or identifiable User of the website https://mysite.ru;
  9. User - any visitor to the website https://mysite.ru;
  10. Providing personal data - actions aimed at disclosing personal data to a certain person or a certain circle of persons;
  11. Dissemination of personal data - any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or familiarizing with personal data of an unlimited number of persons, including the disclosure of personal data in the media, placement in information and telecommunication networks or providing access to personal data in any other way;
  12. Cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign natural or foreign legal entity;
  13. Destruction of personal data - any actions as a result of which personal data is irretrievably destroyed with the impossibility of further restoration of the content of personal data in the information system of personal data and (or) as a result of which material carriers of personal data are destroyed.
3. The Operator may process the following personal data of the User
  1. Full Name;
  2. Phone number;
  3. E-mail address;
  4. The site also collects and processes anonymous data about visitors (including cookies) using Internet statistics services (Yandex Metrika and Google Analytics and others).
  5. The above data further in the text of the Policy are united by the general concept of Personal data.
4. Purposes of personal data processing
  1. The purpose of processing the User's personal data is the conclusion, execution and termination of civil law contracts; providing the User with access to the services, information and/or materials contained on the website https://mysite.ru; clarification of order details.
  2. The Operator also has the right to send notifications to the User about new products and services, special offers and various events. The user can always refuse to receive informational messages by sending an email to the Operator [email protected] marked "Opt out of notifications about new products and services and special offers."
  3. Impersonal data of Users collected using Internet statistics services are used to collect information about the actions of Users on the site, improve the quality of the site and its content.
5. Legal grounds for the processing of personal data
  1. The Operator processes the User's personal data only if they are filled in and / or sent by the User independently through special forms located on the site https://mysite.ru. By filling out the relevant forms and / or sending their personal data to the Operator, the User expresses his consent to this Policy.
  2. The Operator processes anonymized data about the User if it is allowed in the User's browser settings (saving cookies and using JavaScript technology is enabled).
6. The procedure for collecting, storing, transferring and other types of processing of personal data
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.
  1. The operator ensures the safety of personal data and accepts all possible measures, excluding access to personal data of unauthorized persons.
  2. The User's personal data will never, under any circumstances, be transferred to third parties, except in cases related to the implementation of applicable law.
  3. In case of detection of inaccuracies in personal data, the User can update them independently by sending a notification to the Operator to the Operator’s e-mail address [email protected] marked "Updating personal data".
  4. The term for processing personal data is unlimited. The User may at any time revoke his consent to the processing of personal data by sending a notification to the Operator by e-mail to the Operator's email address. [email protected] marked "Withdrawal of consent to the processing of personal data".
7. Cross-border transfer of personal data
  1. Before the start of the cross-border transfer of personal data, the operator is obliged to make sure that the foreign state, to whose territory it is supposed to transfer personal data, ensures reliable protection rights of personal data subjects.
  2. Cross-border transfer of personal data on the territory of foreign states that do not meet the above requirements can be carried out only if there is a written consent of the subject of personal data to the cross-border transfer of his personal data and / or execution of an agreement to which the subject of personal data is a party.
8. Final provisions
  1. The user can get any clarifications on issues of interest regarding the processing of his personal data by contacting the Operator via e-mail [email protected].
  2. This document will reflect any changes in the policy of processing personal data by the Operator. The policy is valid indefinitely until it is replaced by a new version.
  3. The current version of the Policy in the public domain is located on the Internet at https://mysite.ru/policy/.

This personal data processing policy has been drawn up in accordance with the requirements of the Federal Law of July 27, 2006. No. 152-FZ "On Personal Data" and determines the procedure for processing personal data and measures to ensure the security of personal data Mineev Sergey Alekseevich (hereinafter referred to as the Operator).

  1. The operator sets as its most important goal and condition for the implementation of its activities the observance of the rights and freedoms of a person and a citizen in the processing of his personal data, including the protection of the rights to privacy, personal and family secrets.
  2. This Operator's policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator can receive about visitors to the website https://website/.

2. Basic concepts used in the Policy

  1. Automated processing of personal data - processing of personal data using computer technology;
  2. Blocking of personal data - temporary suspension of the processing of personal data (unless the processing is necessary to clarify personal data);
  3. Website - a set of graphic and informational materials, as well as computer programs and databases that ensure their availability on the Internet at the network address https://website/;
  4. Personal data information system - a set of personal data contained in databases and information technologies and technical means that ensure their processing;
  5. Depersonalization of personal data - actions as a result of which it is impossible to determine, without the use of additional information, the ownership of personal data by a specific User or other subject of personal data;
  6. Processing of personal data - any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;
  7. Operator - a state body, municipal body, legal entity or individual, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, the actions (operations) performed with personal data;
  8. Personal data - any information relating directly or indirectly to a specific or identifiable User of the website https://website/;
  9. User - any visitor to the website https://website/;
  10. Providing personal data - actions aimed at disclosing personal data to a certain person or a certain circle of persons;
  11. Dissemination of personal data - any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or familiarizing with personal data of an unlimited number of persons, including the disclosure of personal data in the media, placement in information and telecommunication networks or providing access to personal data in any other way;
  12. Cross-border transfer of personal data - transfer of personal data to the territory of a foreign state to an authority of a foreign state, a foreign individual or a foreign legal entity;
  13. Destruction of personal data - any actions as a result of which personal data is irretrievably destroyed with the impossibility of further restoration of the content of personal data in the information system of personal data and (or) as a result of which material carriers of personal data are destroyed.

3. The Operator may process the following personal data of the User

  1. Full Name;
  2. Email address;
  3. Photo;
  4. The site also collects and processes anonymous data about visitors (including cookies) using Internet statistics services (Yandex Metrika and Google Analytics and others).
  5. The above data further in the text of the Policy are united by the general concept of Personal data.

4. Purposes of personal data processing

  1. The purpose of processing the User's personal data is to provide the User with access to the services, information and / or materials contained on the website.
  2. The Operator also has the right to send notifications to the User about new products and services, special offers and various events. The user can always refuse to receive informational messages by sending an email to the Operator [email protected] marked "Opt out of notifications about new products and services and special offers."
  3. Impersonal data of Users collected using Internet statistics services are used to collect information about the actions of Users on the site, improve the quality of the site and its content.

5. Legal grounds for the processing of personal data

  1. The Operator processes the User's personal data only if they are filled in and / or sent by the User independently through special forms located on the website https://website/. By filling out the relevant forms and / or sending their personal data to the Operator, the User expresses his consent to this Policy.
  2. The Operator processes anonymized data about the User if it is allowed in the User's browser settings (saving cookies and using javascript technology is enabled).

6. The procedure for collecting, storing, transferring and other types of processing of personal data

The security of personal data processed by the Operator is ensured through the implementation of legal, organizational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.

  1. The Operator ensures the safety of personal data and takes all possible measures to exclude access to personal data of unauthorized persons.
  2. The User's personal data will never, under any circumstances, be transferred to third parties, except in cases related to the implementation of applicable law.
  3. In case of detection of inaccuracies in personal data, the User can update them independently by sending a notification to the Operator to the Operator’s e-mail address [email protected] marked "Updating personal data".
  4. The term for processing personal data is unlimited. The User may at any time revoke his consent to the processing of personal data by sending a notification to the Operator by e-mail to the Operator's email address. [email protected] marked "Withdrawal of consent to the processing of personal data".

7. Cross-border transfer of personal data

  1. Before the start of the cross-border transfer of personal data, the operator is obliged to make sure that the foreign state to whose territory the transfer of personal data is supposed to be carried out provides reliable protection of the rights of subjects of personal data.
  2. Cross-border transfer of personal data on the territory of foreign states that do not meet the above requirements can be carried out only if there is a written consent of the subject of personal data to the cross-border transfer of his personal data and / or execution of an agreement to which the subject of personal data is a party.

8. Final provisions

  1. The user can get any clarifications on issues of interest regarding the processing of his personal data by contacting the Operator via e-mail [email protected]
  2. This document will reflect any changes in the policy of processing personal data by the Operator. The policy is valid indefinitely until it is replaced by a new version.

Privacy policy for processing OOO "Zenon N.S.P." personal data

1. General Provisions

1.1. Privacy policy (hereinafter referred to as the "Policy") when processing OOO "Zenon N.S.P." (hereinafter referred to as the PROVIDER) of personal data (hereinafter referred to as PD) determines the basic principles, purposes and methods of processing PD, the lists of subjects and PD processed by the PROVIDER, the functions of the PROVIDER in the processing of PD, the rights of PD subjects, as well as the requirements implemented by the PROVIDER for the protection of PD.

1.2. The Policy is a public document of the PROVIDER and provides for the possibility of familiarization with it by any person.

1.3. The policy is valid after approval and until it is replaced by a new version.

1.4. The Policy uses terms and definitions in accordance with their meanings, as they are defined in Federal Law-152.

1.5. By virtue of clause 1 of article 1 of Federal Law-152, the Policy regulates relations related to the processing of PD carried out by the PROVIDER using automation tools, including in information and telecommunication networks, or without using such tools, if the processing of PD without using such tools complies the nature of actions (operations) performed with PD using automation tools, that is, it allows, in accordance with a given algorithm, to search for PD recorded on a tangible medium and contained in file cabinets or other systematized collections of PD, and (or) access to such PD.

1.6. The policy has been developed taking into account the requirements of the Constitution of the Russian Federation, laws and other regulatory legal acts in the field of personal data.

1.7. The provisions of the Policy serve as the basis for the development of local regulations that regulate for the PROVIDER the processing of personal data of employees and subscribers of the PROVIDER. By virtue of subparagraphs 1, 2, paragraph 2 of article 22 of Federal Law-152, the PROVIDER carries out, without notifying the authorized body for the protection of the rights of PD subjects, the processing of PD:

1) workers - processed in accordance with labor legislation;

2) Subscribers under a subscription service agreement (hereinafter referred to as SUBSCRIBERS) - received by the PROVIDER in connection with the conclusion of an agreement to which the PD subject is a party, if the PD is not distributed, and is not provided to third parties without the consent of the PD subject and is used by the PROVIDER solely to fulfill the specified agreements and conclusion of agreements with the subject of PD.

3) If necessary, the PROVIDER may process, in compliance with the current legislation, PD of other PD subjects.

Can be processed: surname, name, patronymic; year, month, date of birth, place of birth; address; marital status; education; profession; TIN, SNILS, contact information (phone number, e-mail address), other information provided for in standard forms and the established processing procedure.

1.8. The processing of biometric PD, special categories of PD relating to race, nationality, political views, religious or philosophical beliefs, intimate life, is not carried out by the PROVIDER.

1.9. The PROVIDER does not accept PD for processing from unauthorized, unidentified persons or in cases where it is impossible to establish the authenticity of PD or there are doubts about their authenticity.

PD submitted for processing to the PROVIDER may be considered unreliable and may be blocked until the receipt of supporting documents or consent to the processing of PD from the subject of the PD or his legal representative, if the PROVIDER deems it necessary.

1.10. In cases not provided for by the current legislation of the Russian Federation or the contract, PD processing is carried out after obtaining the consent of the PD subject. Consent can be expressed by the PD subject in the form of performing actions, accepting the terms of the offer agreement, putting down the appropriate marks, filling in the fields in screen and other forms, forms, sending electronic messages to the PROVIDER, or can be executed in writing in accordance with applicable law.

1.11. The PD subject must understand that his refusal to process PD, withdrawal of consent to PD processing, the requirement to destroy his PD and similar actions may lead to the impossibility of fulfilling this or that agreement with him, in particular, to the impossibility of providing him with the services of the PROVIDER or third parties .

1.12. By providing the PROVIDER with their PD, in particular by ordering and/or using the services of the PROVIDER, the PD subject agrees to the processing of his PD in accordance with this Policy. The current version of this Policy applies to all PROVIDER'S SUBSCRIBERS.

As a rule, when concluding a subscription agreement, a SUBSCRIBER provides his personal data independently when registering (creating an account) in automated system settlements on the PROVIDER's website or in the process of ordering / using the PROVIDER's services by filling out the screen form offered to him.

By filling out the on-screen form or feedback form and clicking the option expressing consent located on the page of the site on which the form is located, as well as indicating their personal data when using other services of the Site, the SUBSCRIBER agrees with this Policy and the conditions for processing and transmitting it specified in it PDn. The consent of the SUBSCRIBER to the processing of his PD by the PROVIDER in accordance with the Policy is complete and unconditional.

Visitors to the PROVIDER's website should refrain from filling out forms and/or using other services on the website in case of disagreement (full or partial) with the Policy, as well as disagreement to provide PD.

1.13. The PROVIDER does not control and is not responsible for the websites of third parties, to which the SUBSCRIBER can go through the links available on the PROVIDER's website. Third party websites may have a different privacy policy and the SUBSCRIBER may process other PD and in other ways.

1.14. For specific services, the PROVIDER may publish provisions that supplement this Policy.

1.15. The PD processed by the PROVIDER is stored on the territory of the Russian Federation.

2. Legislative and other regulatory legal acts of the Russian Federation, in accordance with which the PD processing policy by the PROVIDER is determined.

2.1. The PD processing policy by the PROVIDER is determined in accordance with the following codes, laws and other regulatory legal acts:

  • the Constitution of the Russian Federation;
  • Labor Code of the Russian Federation;
  • Civil Code of the Russian Federation;
  • Federal Law of July 27, 2006 No. 152-FZ;
  • Decree of the President of the Russian Federation of March 06, 1997 No. 188;
  • Decree of the Government of the Russian Federation of September 15, 2008 No. 687;
  • Decree of the Government of the Russian Federation of November 1, 2012 No. 1119;
  • Order of the FSTEC of Russia No. 55, FSB of Russia No. 86, Ministry of Information and Communications of Russia No. 20 dated February 13, 2008;
  • Order of the FSTEC of Russia dated February 18, 2013 No. 21;
  • Order of Roskomnadzor dated September 05, 2013 No. 996;
  • Federal Law No. 160-FZ dated December 19, 2005;
  • Federal Law No. 149-FZ dated July 27, 2006.
  • Federal Law of 07.07.2003 No. No. 126-FZ;
  • Federal Law of October 22, 2004 No. No. 125-FZ
  • other regulatory legal acts of the Russian Federation and regulatory documents of authorized state authorities.

2.2. In order to implement the provisions of the Policy, the PROVIDER may develop relevant local regulations and other documents, including:

  • Regulations on the processing of PD;
  • Regulations on ensuring the security of PD during their processing in the PD information systems of the PROVIDER;
  • other local regulations and documents regulating the PROVIDER's processing of PD.

3. Principles and purposes of PD processing.

3.1. The processing of PD by the PROVIDER is carried out taking into account the need to ensure the protection of the rights and freedoms of PD subjects, including the protection of the right to privacy, personal and family secrets, based on the following principles:

  • processing of PD is carried out by the PROVIDER on a legal basis;
  • PD processing is limited to the achievement of specific, predetermined and legitimate purposes;
  • only PD that meet the purposes of their processing are subject to processing;
  • redundancy of processed PD in relation to the stated purposes of their processing is not allowed;
  • it is not allowed to combine databases containing PD, the processing of which is carried out for purposes that are incompatible with each other;
  • when processing personal data, the accuracy of personal data and their sufficiency are ensured. The PROVIDER takes the necessary measures to remove or clarify incomplete or inaccurate PD. At the same time, the PD subject is responsible for providing reliable PD, as well as for updating the provided PD in case of any changes.
  • PD storage is carried out in a form that allows determining the PD subject, no longer than required by the purposes of PD processing, if the PD storage period is not established by law or other regulatory legal act, agreement to which the PD subject is a party;
  • processed PD are destroyed upon achievement of the goals of processing or in case of loss of the need to achieve these goals, unless otherwise provided by federal law or other regulatory legal act.

3.2. PD are processed by the PROVIDER in order to:

  • implementation of the functions, powers and obligations assigned by the legislation of the Russian Federation to the PROVIDER;
  • regulation labor relations with PROVIDER's employees;
  • preparation, conclusion, execution and termination of contracts with counterparties (SUBSCRIBERS);
  • ensuring the passage of PD subjects at the PROVIDER's facilities;
  • exercising the rights and legitimate interests of the PROVIDER or third parties in the course of carrying out its activities or achieving socially significant goals;
  • for other lawful purposes.

4. Actions of the PROVIDER when processing PD.

PROVIDER when processing PD:

  • takes measures necessary and sufficient to ensure compliance with the requirements of the legislation of the Russian Federation and local regulations of the PROVIDER in the field of PD;
  • takes measures to protect PD from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, distribution of PD, as well as from other unauthorized actions in relation to PD;
  • may appoint a person responsible for organizing the processing of PD by the PROVIDER;
  • may issue local regulations that determine the privacy policy and issues of processing and protection of PD by the PROVIDER;
  • takes measures to familiarize the PROVIDER's employees directly involved in the processing of PD with the provisions of the legislation of the Russian Federation and local regulations of the PROVIDER in the field of PD, including the requirements for the protection of PD, trains these employees;
  • provides unlimited access to this Policy by publishing it on the Internet on the official website of the PROVIDER;
  • communicates in the established manner to PD subjects or their legal representatives information about the presence of PD related to the respective PD subjects, provides an opportunity to familiarize themselves with these PD when applying and / or receiving requests from the above persons, unless otherwise provided by the legislation of the Russian Federation;
  • stops processing and destroys PD in cases provided for by the legislation of the Russian Federation in the field of PD;
  • performs other actions provided for by the legislation of the Russian Federation in the field of PD.

5. Terms of PD processing by the PROVIDER.

5.1. The PROVIDER processes PD only if at least one of the following conditions exists:

  • PD processing is carried out with the consent of the PD subject;
  • PD processing is necessary to achieve the goals in the implementation and performance of the functions, powers and duties assigned to the PROVIDER by the legislation of the Russian Federation;
  • PD processing is necessary for the execution of an agreement to which the PD subject is a party or beneficiary, as well as to conclude an agreement on the initiative of the PD subject or an agreement under which the PD subject will be the beneficiary;
  • PD processing is necessary for the implementation of the rights and legitimate interests of the PROVIDER or third parties, or for the achievement of socially significant goals, provided that the rights and freedoms of the PD subject are not violated;

5.2. The PROVIDER, without the consent of the subject of PD, does not disclose to third parties and does not distribute PD, unless otherwise provided by federal law.

5.3. Access to the PD processed by the PROVIDER is allowed only to the PROVIDER's employees working in the divisions in which the PD is processed.

5.4. The PROVIDER has the right to entrust the processing of PD to another person with the consent of the PD subject on the basis of an agreement concluded with this person. The contract must contain a list of actions (operations) with PD that will be performed by the person processing the PD, the purposes of processing, the obligation of such a person to maintain the confidentiality of the PD and ensure the security of the PD during their processing. If the PROVIDER entrusts the processing of PD to another person, the PROVIDER shall be liable to the PD subject for the actions of the said person.

6. Ways of processing PD.

6.1. The PROVIDER may collect, record, systematize, accumulate, store, clarify (update, change), extract, use, transfer (distribute, provide, access), depersonalize, block, delete and destroy PD.

6.2. Processing of PD by the PROVIDER is carried out in the following ways:

  • automated processing of PD with the receipt/transmission of PD via the Internet information and telecommunications network or without it;
  • non-automated processing of PD;
  • mixed processing of personal data.

    7. Rights of PD subjects. PD processing time.

    7.1. The PD subject has the right to:

    • obtaining information regarding the processing of his personal data, including information containing:
      1. confirmation of the fact of PD processing by the PROVIDER;
      2. legal grounds and purposes of PD processing;
      3. the purposes and methods of PD processing used by the PROVIDER;
      4. the name and location of the PROVIDER, information about persons (except for the PROVIDER's employees) who have access to PD or to whom PD may be disclosed on the basis of an agreement with the PROVIDER or on the basis of federal law;
      5. processed PD related to the relevant PD subject, the source of their receipt, unless a different procedure for the submission of such data is provided by federal law;
      6. terms of processing PD, including the terms of their storage;
      7. the procedure for the exercise by the PD subject of the rights provided for by this Federal Law;
      8. information about the completed or proposed cross-border transfer of PD;
      9. the name or surname, first name, patronymic and address of the person processing PD on behalf of the PROVIDER, if the processing is or will be entrusted to such a person;
      10. other information provided for by this legislation of the Russian Federation.
    • obtaining full information about his PD processed by the PROVIDER;
    • access to their PD, including the right to receive a copy of any record containing their PD, except as otherwise provided by federal law;
    • clarification of their PD, their blocking or destruction if the PD is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;
    • withdrawal of consent to the processing of personal data;
    • taking legal measures to protect their rights;
    • appeal against the action or inaction of the PROVIDER, carried out in violation of the requirements of the legislation of the Russian Federation in the field of PD, to the authorized body for the protection of the rights of PD subjects or to the court;
    • exercising other rights provided for by the legislation of the Russian Federation.

    7.2. A decision that gives rise to legal consequences in relation to the PD subject or otherwise affects his rights and legitimate interests can be made on the basis of exclusively automated processing of his PD only if there is a written consent of the PD subject or in cases provided for by federal laws that also establish measures to ensuring observance of the rights and legitimate interests of the PD subject.

    7.3. All requests, clarifications of the notification and withdrawal of consent to the processing of PD are sent by the PD subject or his legal representative to the PROVIDER in writing on paper at the address of the location executive body PROVIDER. The PROVIDER may require confirmation of the identity of the PD subject by requesting documentary provision of such confirmation in any form that does not contradict the law.

    7.4. The PROVIDER processes PD during the entire period of validity of the contractual relationship with the PD subject and / or until the completion of the full cycle of the PROVIDER's services and / or until the completion of the processing (satisfaction / refusal) of the claim.

    7.5. Considering that the PROVIDER is a telecom operator, if the PD subject requires the destruction of PD or the PD subject revokes consent to PD processing, the PROVIDER has the right to continue processing PD without the consent of the PD subject if there are grounds provided for by the current legislation of the Russian Federation.

    8. Measures taken by the PROVIDER to ensure the fulfillment of the obligations of the operator when processing PD.

    8.1. The PROVIDER is obliged to take measures necessary and sufficient to ensure the fulfillment of the obligations of the operator when processing PD. The PROVIDER independently determines the composition and list of such measures necessary and sufficient to ensure the fulfillment of the obligations stipulated by the current legislation of the Russian Federation, unless otherwise provided by the legislation. Such measures may include, in particular:

    • appointment by the PROVIDER of responsible persons for organizing the processing of PD;
    • publication by the PROVIDER of documents defining the PROVIDER's policy regarding PD processing, local acts on PD processing, as well as local acts establishing procedures aimed at preventing and detecting violations of the legislation of the Russian Federation, eliminating the consequences of such violations;
    • application of legal, organizational and technical measures to ensure the security of PD;
    • implementation of internal control and (or) audit of compliance of PD processing with the current legislation of the Russian Federation and regulatory legal acts adopted in accordance with it, requirements for the protection of PD, the PROVIDER's policy regarding PD processing, local acts of the operator;
    • assessment of the harm that may be caused to PD subjects in case of violation of the current legislation of the Russian Federation, the ratio of the specified harm and the measures taken by the PROVIDER aimed at ensuring the fulfillment of its obligations;
    • familiarization of the PROVIDER's employees directly involved in the processing of PD with the provisions of the legislation of the Russian Federation on PD, including the requirements for the protection of PD, documents defining the PROVIDER's policy regarding PD processing, local acts of the PROVIDER on the issues of PD processing, and / or training of these employees;
    • organizing training and conducting methodological work with employees of the PROVIDER's structural subdivisions, during whose work PD processing is carried out;
    • ensuring separate storage of PD and their material media, the processing of which is carried out for different purposes and which contain different categories of PD;
    • storage of material media of PD in compliance with the conditions that ensure the safety of PD and exclude unauthorized access to them;
    • organization of access control to the premises of the PROVIDER, security of premises with technical means of processing PD, video surveillance;
    • restriction and delimitation of access of PROVIDER employees to PD and means of their processing, monitoring of actions with PD;
    • identification of threats to the security of personal data during their processing, the formation of threat models on their basis;
    • development of a PD protection system based on the threat model;
    • use of information security tools that have passed the procedure for assessing compliance with the requirements of the legislation of the Russian Federation in the field of information security, in the case when the use of such tools is necessary to neutralize actual threats;
    • verification of the readiness and effectiveness of the use of information security tools;
    • delimitation of user access to information resources and software and hardware for processing information in the PD information system;
    • registration and accounting of user actions in the PD information system, password protection of user access to the PD information system;
    • use of anti-virus and recovery tools in the PD information system, backing up information for recovery;
    • application of firewalls, intrusion detection, security analysis and cryptographic protection of information, detection of facts of unauthorized access to PD and taking appropriate measures;
    • other measures provided for by the legislation of the Russian Federation in the field of personal data.

    8.2. Measures to ensure the security of PD during their processing in the PD information systems are established in accordance with the local regulations of the PROVIDER regulating the issues of ensuring the security of PD during their processing in the PD information systems of the PROVIDER.

    9. Control over compliance with the legislation of the Russian Federation and local regulations of the PROVIDER in the field of personal data.

    9.1. Internal control over compliance by PD processing structural subdivisions of the PROVIDER with the legislation of the Russian Federation and local regulations of the PROVIDER in the field of PD, including the requirements for the protection of PD, is carried out by the person responsible for organizing the processing of the PROVIDER's PD.

    9.2. Personal responsibility for compliance with the requirements of the legislation of the Russian Federation and local regulations of the PROVIDER in the field of PD in the structural divisions of the PROVIDER, as well as for ensuring the confidentiality and security of PD in these divisions, rests with their heads.

    10. Access to the Policy.

    10.1. The current version of the Policy on paper is stored at the location of the PROVIDER's executive body.

    10.2. The electronic version of the current version of the Policy is publicly available on the official website of the PROVIDER on the Internet at www.website

    11. Update and approval of the Policy

    11.1. The policy is put into effect after approval by the head of the PROVIDER.

    11.3. The policy is periodically reviewed and updated as necessary. The PROVIDER has the right to make changes to this Policy. When changes are made, the heading of the Policy indicates the date of approval of the current revision (version) of the Policy.

    11.4. The Policy can be updated and re-approved at any time, in particular, as changes are made to the legislation of the Russian Federation and regulatory legal acts in the field of PD, to local regulatory PROVIDERS regulating the organization of processing and ensuring the security of PD.



    • Similar content

    What does it mean in numerology?
    Ceiling

    What does it mean in numerology?

    The meaning of the name amal, amala Interpretation of the meaning of the letters of the name Amal
    Ceiling

    The meaning of the name amal, amala Interpretation of the meaning of the letters of the name Amal

    Christmas time and Christmas divination for the future
    Ceiling

    Christmas time and Christmas divination for the future