Privacy Policy

GENERAL PROVISIONS

1.1. This Policy establishes the procedure of processing of personal data of https://masterportalofantonoparin.com/ website users (hereinafter – the Website) belonging to a Private Entrepreneur Oparin Anton Mikhaylovich (hereinafter – Operator), and ensures compliance with the requirements of civil rights protection when processing personal data.
1.2. This Policy is approved by the Operator and stays in force until its cancellation or its replacement with another similar internal document.
1.3. This Policy is binding on the Operator.

1.4. Operator’s bank details: Private Entrepreneur Oparin Anton Mikhaylovich:

PSRN: 316631300060682
Tax ID number: 631308976032

GENERAL DEFINITIONS OF THIS POLICY

2.1. The following general definitions concepts are used in this Policy:

The Website – computer software and hardware providing the publication of data on the Internet for general public. The Website is available by the unique electronic address or its letter code. It may contain graphic, text, audio, video and other information reproduced by means of computer;

The Operator – a person or entity organizing and (or) carrying out processing of personal data, and defining the purposes and content of personal data processing;

Personal Data – any information relating to a certain natural person or a person defined on the basis of such information (Personal Data Owner), including their surname, name, second name (if any), year, month and date of birth, a birth place, address, a marital, social and property status, education, profession, income, phone, e-mail address, and other information;

Personal Data Owner in the context of this Policy – a natural person using the https://masterportalofantonoparin.com/ website

Processing of Personal Data – actions (operations) with personal data, including collecting, systematization, accumulation, storage, specification (updating, changing), use, dissemination (including data transfer), depersonalization, blocking, destruction of personal data;

Confidentiality of Personal Data – requirement binding on the Operator, or any other person who has got access to personal data, not to allow its dissemination without the consent of the Personal Data Owner or on some other legal basis;

Dissemination of Personal Data – actions directed to the disclosure of personal data to a specific group of people or to the familiarization with personal data by the public at large, including publication of personal data in mass media, in information and telecommunication networks or providing access to personal data in a different way;

Use of Personal Data – actions (operations) with personal data made by the Operator for purposes of decision making or commission of other actions generating legal consequences concerning the Personal Data Owner or other persons, or otherwise affecting the rights and freedoms of the Personal Data Owner or other persons;

Destruction of Personal Data – actions resulting in the impossibility to restore the content of personal data in the information system of personal data, or resulting in destruction of material personal data media;

Depersonalization of Personal Data – actions resulting in the impossibility to identify a specific owner of personal data;

Blocking of Personal Data – interruption in collecting, systematizing, accumulating, using, disseminating personal data, including its disclosure;

Publicly Available Personal Data – personal data with the unlimited public access provided with the consent of the Personal Data Owner, or personal data to which the requirement of maintaining confidentiality does not extend according to the federal laws.

THE SCOPE OF PERSONAL DATA

3.1. Scope of personal data:

3.1.1. Data provided personally by the User in data forms or in files attached to data forms:

  • surname, name, second name (if any);
  • contact information, such as but not limited to: postal addresses, phone numbers, e-mail addresses;
  • other personal data of the User necessary to accomplish the purposes set forth in paragraph 3.2. of this Policy.

3.1.1. Data provided personally by the User in data forms or in files attached to data forms:

  • IP address, cookie files data;
  • information on the User’s browser, technical characteristics of the equipment and the software used by the User
  • date and time of access to the Website, addresses of required pages and suchlike information.

3.2. Personal data specified in item 3.1 of this Policy are processed in order to:

  • reply to the User requests (the full name, phone and the e-mail address are used);
  • inform the User on the statuses of his or her orders, as well as send marketing and information newsletters;
  • perform obligations on service provision;
  • analyze the quality of the provided service and improve the quality of customer service;
  • identify the participant of the loyalty program; provide for the bonus accounting;
  • identify the client;
  • gather statistics and carry out marketing analysis.

3.3. Processing of Users’ personal data is made with their consent. The User providing its personal data to the private entrepreneur Oparin Anton Mikhaylovich in order to get access to the Website services, thereby expresses his or her full consent, according to the article 9 of the Federal Law dated July 27, 2006, No. 152-FZ “On Personal Data”, to automated or non-automated processing and use of his/her personal data.

  1. CONFIDENTIALITY OF PERSONAL DATA

4.1. The data listed in article 3 of this Policy are confidential. The Operator provides confidentiality of personal data and is obliged to prevent their dissemination without the Users’ consent, or without other legal basis.
4.2. All confidentiality measures taken at collecting, processing and storage of personal data of the Users apply both to paper and to electronic (automated) data storage media.
4.3. The non-disclosure mode is cancelled in case of data depersonalization or publication in public sources (media, Internet, National Register of Legal Entities and other public registers).

  1. RIGHTS AND OBLIGATIONS OF THE PERSONAL DATA OPERATOR

5.1. Processing of the Users’ personal data is carried out by the Operator with the consent of Personal Data Owners, except for the cases provided by the paragraph 5.2 of this article. The duty to provide proof of receiving a consent to personal data processing, on the basis of this paragraph, according to the law, is assigned to the Operator.
5.2. The Operator has the right to carry out personal data processing without consent of the Personal Data Owner in the following cases:

  • processing of personal data is carried out on the basis of a federal law naming its purpose, conditions of receiving personal data and a scope of persons whose personal data are subject to processing, and also defining the Operator’s powers;
  • processing of personal data is carried out to ensure implementation of the agreement, one of the parties of which is the Personal Data Owner;
  • processing of personal data is carried out for statistical or other scientific purposes on condition of obligatory depersonalization of personal data;
  • processing of personal data is necessary for protection of life, health or other vital interests of the Personal Data Owner if it is impossible to obtain consent of the Personal Data Owner;
  • this is the processing of the personal data subject to publication according to federal laws, including personal data of the persons holding government posts, state civil service posts, personal data of candidates for elective state or municipal offices.

5.3. To ensure the rights and freedoms of the person and of the citizen, the Operator is obliged to observe the following general requirements when processing the User’s personal data.
5.3.1. When estimating the scope and amount of the User’s personal data subject to processing, the Operator is guided by the Federal Law “On Personal Data”, the legislation regulating mass media activity, and the terms of service. The Operator receives User’s personal data only in the amount necessary for achievement of the legitimate purposes of collecting and processing of personal data.
5.3.2. The Operator should not process the non-public Users’ personal data concerning their criminal records, political, religious and other convictions and private life.
5.4. The Operator ensures the User’s personal data security against its unauthorized use or loss, at its own expense, according to the procedure established by Federal Law.
5.5. In the event the Operator charges another person with personal data processing on the basis of the contract, the essential term of this contract should be the obligation imposed on the specified person to ensure confidentiality of personal data and safety of personal data at its processing.

  1. RIGHTS OF THE PERSONAL DATA OWNER

6.1. The Personal Data Owner has the right to obtain information about the Operator, its location, Operator’s personal data (if any) relating to the corresponding Personal Data Owner, and also to get insight to such personal data. The Personal Data Owner has the right to demand from the Operator specification of his/her personal data, its blocking or destruction in case personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for a stated purpose of processing, and also to take measures for protection of his/her rights provided by the law.
6.2. The information on availability of personal data should be provided by the Operator to the Personal Data Owner in accessible form, and it should not contain the personal data relating to other Personal Data Owners.
6.3. Operator gives the Personal Data Owner or his/her legally authorized representative access to their personal data upon their request. The request should contain number of the main identity document of the Personal Data Owner or his/her legally authorized representative, information about the date of issue of the specified document and the issuing authority, as well as the handwritten signature of the Personal Data Owner or his/her legally authorized representative. The request can be made in an electronic form and signed with the digital signature according to the legislation of the Russian Federation.
6.4. The Personal Data Owner has the right to get upon request the information concerning the processing of his/her personal data including:

  1. confirmation of the fact of personal data processing by the Operator, and also the purpose of such processing;
  2. the methods of personal data processing applied by the Operator;
  3. information about the persons having access to the personal data or those who can be granted such access;
  4. the list of the personal data under processing and their source;
  5. terms of personal data processing, including terms of their storage;
  6. information about the possible legal consequences for the Personal Data Owner resulting from the processing of his/her personal data.

6.5. The Personal Data Owner has the right to withdraw his/her consent to personal data processing, to limit methods and forms of personal data processing, to forbid dissemination of personal data without his/her consent.
6.6. The Personal Data Owner has the right to appeal against the actions or inaction of the Operator to an authorized body protecting the rights of Personal Data Owners or by judicial procedure.
6.7. The Personal Data Owner has the right for judicial protection of his/her rights and legitimate interests, including indemnification and compensation for moral injury.

VII. PROCESSING OF PERSONAL DATA

7.1. Processing of personal data is carried out by the Operator only for meeting the objectives determined by this Policy.
7.2. Processing of personal data by the Operator consists in receiving, systematization, accumulation, storage, specification (updating, changing), use, dissemination, depersonalization, blocking, destruction and protection against unauthorized access.
7.3. Processing of personal data is conducted by mixed (including automated) processing method.
7.4. In case of the corresponding request of the Personal Data Owner, the Operator shall be obliged to make necessary changes, destruct or block the corresponding personal data after the Owner or their legally authorized representative provide the information confirming that the personal data belonging to this Owner and processed by the Operator are incomplete, outdated, inaccurate, illegally obtained or are not necessary for a stated purpose of processing. The Operator shall be obliged to notify the Personal Data Owner or their legally authorized representative, and the third parties to whom personal data of this Owner was transferred, on the amendments and the actions taken.
7.5. The Operator destructs the User’s personal data after the lapse of 6 months of the date of the of processing of personal data, from the moment of termination of relationship between the Operator and the User.

VIII. DISCLOSURE OF PERSONAL DATA.

8.1. Disclosure of personal data is carried out by the Operator only in case of providing certain Services to the User with the User’s consent.
8.2. Disclosure of personal data to the third parties is carried out by the Operator only on the basis of the relevant contract; the essential term of this contract should be the obligation imposed on the third party to ensure confidentiality of personal data and safety of personal data at its processing.
This provision is not bounding in case of depersonalization of personal data or dealing with public personal data.
8.3. Disclosure of personal data to public authorities is carried out within their powers according to applicable law.

  1. PERSONAL DATA STORAGE

9.1. Personal data can be stored in electronic form in the territory of the Russian Federation.

  1. ACCESS TO THE CLIENTS’ PERSONAL DATA

10.1. The Operator has direct right of access to the User’s personal data.
10.2. Personal Data Owner’s access to his/her personal data is granted upon personal request or after receiving the letter of inquiry. The Operator shall be obliged to give the Personal Data Owner information on the availability of their personal data, and also to give opportunity to review the data within ten working days from the date of the request.

  1. PROTECTION OF USERS’ PERSONAL DATA

11.1. The information containing the User’s personal data in electronic format is subject to protection.
11.2. The Operator, when processing Users’ personal data, shall be obliged to take necessary organizational and technical measures for protection of personal data against illegal or casual access to them, destruction, change, blocking, copying, dissemination of personal data, and against other illegal actions.
11.3. General protection of Users’ personal data is carried out directly by the Operator.
11.4. Protection of Users’ personal data, stored in electronic databases of the Operator, against unauthorized access, distortion and destruction of information, and against other illegal actions, is provided directly by the Operator.
11.5. The access to Users’ personal data is forbidden to the persons who do not have officially registered access.
11.6. Protection of access to electronic databases containing Users’ personal data is ensured by:

  • the use of anti-virus and other hardware and software for the internal network border security, which does not allow unauthorized access to the local network of the Operator;
  • differentiation of access rights using personal accounts;

11.7. All digital applications containing personal data including information systems of personal data, folders and files containing personal data, are protected by the password.
11.11. It is allowed to copy Users’ personal data only for work-related purposes.
11.12. Answers to letters of inquiry concerning Users’ personal data, issued by competent public authorities, other organizations and institutions, are given only from the written consent of Personal Data Owners unless otherwise provided by law. Answers are made out in writing, on the headed paper of the Operator (if any), and in the volume that allows not to disclose the excessive volume of personal data.

XII. RESPONSIBILITY FOR DISCLOSURE OF INFORMATION CONTAINING PERSONAL DATA OF A PRIVATE CLIENT OR REPRESENTATIVES OF A CORPORATE CLIENT

12.1. The Operator, in case of violation of the norms regulating receiving, processing and protection of personal data, if found guilty, bears disciplinary, administrative, civil or criminal liability according to the federal laws.