1.1. This Policy establishes the procedure of processing of personal data of https://masterportalofantonoparin.com/ website users (hereinafter – the Website) belonging to a Private Entrepreneur Oparin Anton Mikhaylovich (hereinafter – Operator), and ensures compliance with the requirements of civil rights protection when processing personal data.
1.2. This Policy is approved by the Operator and stays in force until its cancellation or its replacement with another similar internal document.
1.3. This Policy is binding on the Operator.
1.4. Operator’s bank details: Private Entrepreneur Oparin Anton Mikhaylovich:
Tax ID number: 631308976032
Ⅱ GENERAL DEFINITIONS OF THIS POLICY
2.1. The following general definitions concepts are used in this Policy:
The Website – computer software and hardware providing the publication of data on the Internet for general public. The Website is available by the unique electronic address or its letter code. It may contain graphic, text, audio, video and other information reproduced by means of computer;
The Operator – a person or entity organizing and (or) carrying out processing of personal data, and defining the purposes and content of personal data processing;
Personal Data – any information relating to a certain natural person or a person defined on the basis of such information (Personal Data Owner), including their surname, name, second name (if any), year, month and date of birth, a birth place, address, a marital, social and property status, education, profession, income, phone, e-mail address, and other information;
Personal Data Owner in the context of this Policy – a natural person using the https://masterportalofantonoparin.com/ website
Processing of Personal Data – actions (operations) with personal data, including collecting, systematization, accumulation, storage, specification (updating, changing), use, dissemination (including data transfer), depersonalization, blocking, destruction of personal data;
Confidentiality of Personal Data – requirement binding on the Operator, or any other person who has got access to personal data, not to allow its dissemination without the consent of the Personal Data Owner or on some other legal basis;
Dissemination of Personal Data – actions directed to the disclosure of personal data to a specific group of people or to the familiarization with personal data by the public at large, including publication of personal data in mass media, in information and telecommunication networks or providing access to personal data in a different way;
Use of Personal Data – actions (operations) with personal data made by the Operator for purposes of decision making or commission of other actions generating legal consequences concerning the Personal Data Owner or other persons, or otherwise affecting the rights and freedoms of the Personal Data Owner or other persons;
Destruction of Personal Data – actions resulting in the impossibility to restore the content of personal data in the information system of personal data, or resulting in destruction of material personal data media;
Depersonalization of Personal Data – actions resulting in the impossibility to identify a specific owner of personal data;
Blocking of Personal Data – interruption in collecting, systematizing, accumulating, using, disseminating personal data, including its disclosure;
Publicly Available Personal Data – personal data with the unlimited public access provided with the consent of the Personal Data Owner, or personal data to which the requirement of maintaining confidentiality does not extend according to the federal laws.
Ⅲ THE SCOPE OF PERSONAL DATA
3.1. Scope of personal data:
3.1.1. Data provided personally by the User in data forms or in files attached to data forms:
3.1.1. Data provided personally by the User in data forms or in files attached to data forms:
3.2. Personal data specified in item 3.1 of this Policy are processed in order to:
3.3. Processing of Users’ personal data is made with their consent. The User providing its personal data to the private entrepreneur Oparin Anton Mikhaylovich in order to get access to the Website services, thereby expresses his or her full consent, according to the article 9 of the Federal Law dated July 27, 2006, No. 152-FZ “On Personal Data”, to automated or non-automated processing and use of his/her personal data.
4.1. The data listed in article 3 of this Policy are confidential. The Operator provides confidentiality of personal data and is obliged to prevent their dissemination without the Users’ consent, or without other legal basis.
4.2. All confidentiality measures taken at collecting, processing and storage of personal data of the Users apply both to paper and to electronic (automated) data storage media.
4.3. The non-disclosure mode is cancelled in case of data depersonalization or publication in public sources (media, Internet, National Register of Legal Entities and other public registers).
5.1. Processing of the Users’ personal data is carried out by the Operator with the consent of Personal Data Owners, except for the cases provided by the paragraph 5.2 of this article. The duty to provide proof of receiving a consent to personal data processing, on the basis of this paragraph, according to the law, is assigned to the Operator.
5.2. The Operator has the right to carry out personal data processing without consent of the Personal Data Owner in the following cases:
5.3. To ensure the rights and freedoms of the person and of the citizen, the Operator is obliged to observe the following general requirements when processing the User’s personal data.
5.3.1. When estimating the scope and amount of the User’s personal data subject to processing, the Operator is guided by the Federal Law “On Personal Data”, the legislation regulating mass media activity, and the terms of service. The Operator receives User’s personal data only in the amount necessary for achievement of the legitimate purposes of collecting and processing of personal data.
5.3.2. The Operator should not process the non-public Users’ personal data concerning their criminal records, political, religious and other convictions and private life.
5.4. The Operator ensures the User’s personal data security against its unauthorized use or loss, at its own expense, according to the procedure established by Federal Law.
5.5. In the event the Operator charges another person with personal data processing on the basis of the contract, the essential term of this contract should be the obligation imposed on the specified person to ensure confidentiality of personal data and safety of personal data at its processing.
6.1. The Personal Data Owner has the right to obtain information about the Operator, its location, Operator’s personal data (if any) relating to the corresponding Personal Data Owner, and also to get insight to such personal data. The Personal Data Owner has the right to demand from the Operator specification of his/her personal data, its blocking or destruction in case personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for a stated purpose of processing, and also to take measures for protection of his/her rights provided by the law.
6.2. The information on availability of personal data should be provided by the Operator to the Personal Data Owner in accessible form, and it should not contain the personal data relating to other Personal Data Owners.
6.3. Operator gives the Personal Data Owner or his/her legally authorized representative access to their personal data upon their request. The request should contain number of the main identity document of the Personal Data Owner or his/her legally authorized representative, information about the date of issue of the specified document and the issuing authority, as well as the handwritten signature of the Personal Data Owner or his/her legally authorized representative. The request can be made in an electronic form and signed with the digital signature according to the legislation of the Russian Federation.
6.4. The Personal Data Owner has the right to get upon request the information concerning the processing of his/her personal data including:
6.5. The Personal Data Owner has the right to withdraw his/her consent to personal data processing, to limit methods and forms of personal data processing, to forbid dissemination of personal data without his/her consent.
6.6. The Personal Data Owner has the right to appeal against the actions or inaction of the Operator to an authorized body protecting the rights of Personal Data Owners or by judicial procedure.
6.7. The Personal Data Owner has the right for judicial protection of his/her rights and legitimate interests, including indemnification and compensation for moral injury.
VII. PROCESSING OF PERSONAL DATA
7.1. Processing of personal data is carried out by the Operator only for meeting the objectives determined by this Policy.
7.2. Processing of personal data by the Operator consists in receiving, systematization, accumulation, storage, specification (updating, changing), use, dissemination, depersonalization, blocking, destruction and protection against unauthorized access.
7.3. Processing of personal data is conducted by mixed (including automated) processing method.
7.4. In case of the corresponding request of the Personal Data Owner, the Operator shall be obliged to make necessary changes, destruct or block the corresponding personal data after the Owner or their legally authorized representative provide the information confirming that the personal data belonging to this Owner and processed by the Operator are incomplete, outdated, inaccurate, illegally obtained or are not necessary for a stated purpose of processing. The Operator shall be obliged to notify the Personal Data Owner or their legally authorized representative, and the third parties to whom personal data of this Owner was transferred, on the amendments and the actions taken.
7.5. The Operator destructs the User’s personal data after the lapse of 6 months of the date of the of processing of personal data, from the moment of termination of relationship between the Operator and the User.
VIII. DISCLOSURE OF PERSONAL DATA.
8.1. Disclosure of personal data is carried out by the Operator only in case of providing certain Services to the User with the User’s consent.
8.2. Disclosure of personal data to the third parties is carried out by the Operator only on the basis of the relevant contract; the essential term of this contract should be the obligation imposed on the third party to ensure confidentiality of personal data and safety of personal data at its processing.
This provision is not bounding in case of depersonalization of personal data or dealing with public personal data.
8.3. Disclosure of personal data to public authorities is carried out within their powers according to applicable law.
9.1. Personal data can be stored in electronic form in the territory of the Russian Federation.
10.1. The Operator has direct right of access to the User’s personal data.
10.2. Personal Data Owner’s access to his/her personal data is granted upon personal request or after receiving the letter of inquiry. The Operator shall be obliged to give the Personal Data Owner information on the availability of their personal data, and also to give opportunity to review the data within ten working days from the date of the request.
11.1. The information containing the User’s personal data in electronic format is subject to protection.
11.2. The Operator, when processing Users’ personal data, shall be obliged to take necessary organizational and technical measures for protection of personal data against illegal or casual access to them, destruction, change, blocking, copying, dissemination of personal data, and against other illegal actions.
11.3. General protection of Users’ personal data is carried out directly by the Operator.
11.4. Protection of Users’ personal data, stored in electronic databases of the Operator, against unauthorized access, distortion and destruction of information, and against other illegal actions, is provided directly by the Operator.
11.5. The access to Users’ personal data is forbidden to the persons who do not have officially registered access.
11.6. Protection of access to electronic databases containing Users’ personal data is ensured by:
11.7. All digital applications containing personal data including information systems of personal data, folders and files containing personal data, are protected by the password.
11.11. It is allowed to copy Users’ personal data only for work-related purposes.
11.12. Answers to letters of inquiry concerning Users’ personal data, issued by competent public authorities, other organizations and institutions, are given only from the written consent of Personal Data Owners unless otherwise provided by law. Answers are made out in writing, on the headed paper of the Operator (if any), and in the volume that allows not to disclose the excessive volume of personal data.
XII. RESPONSIBILITY FOR DISCLOSURE OF INFORMATION CONTAINING PERSONAL DATA OF A PRIVATE CLIENT OR REPRESENTATIVES OF A CORPORATE CLIENT
12.1. The Operator, in case of violation of the norms regulating receiving, processing and protection of personal data, if found guilty, bears disciplinary, administrative, civil or criminal liability according to the federal laws.