Policy on the Processing of Personal Data1. General ProvisionsThis personal data processing policy is compiled in accordance with the requirements of the Federal Law dated 27.07.2006 No. 152-FZ "On Personal Data" (hereinafter referred to as the "Personal Data Law") and determines the procedure for processing personal data and measures to ensure the security of personal data undertaken by LLC "Operation Service" (hereinafter referred to as the "Operator").
1.1. The Operator considers the observance of human and civil rights and freedoms in the processing of personal data, including the protection of rights to privacy, personal and family secrets, as its most important goal and condition for carrying out its activities.
1.2. This policy of the Operator regarding the processing of personal data (hereinafter referred to as the "Policy") applies to all information that the Operator may receive about visitors to the website
https://en.marketliner.ru.
2. Basic Concepts Used in the Policy2.1. Automated processing of personal data – processing of personal data using computer technology.
2.2. Blocking of personal data – temporary cessation of the processing of personal data (except when processing is necessary to clarify personal data).
2.3. Website – a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the internet at the network address
https://en.marketliner.ru.
2.4. Information system of personal data – a set of personal data contained in databases, and information technologies and technical means ensuring their processing.
2.5. Depersonalization of personal data – actions resulting in the impossibility of determining, without the use of additional information, the affiliation of personal data to a specific User or other subject of personal data.
2.6. Processing of personal data – any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.7. Operator – a state body, municipal body, legal or natural person, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data to be processed, actions (operations) performed with personal data.
2.8. Personal data – any information relating directly or indirectly to a specific or identifiable User of the website
https://en.marketliner.ru.
2.9. Personal data permitted by the subject of personal data for dissemination – personal data to which an unlimited number of persons have access, provided by the subject of personal data by giving consent to the processing of personal data permitted by the subject of personal data for dissemination in the manner prescribed by the Personal Data Law (hereinafter referred to as "personal data permitted for dissemination").
2.10. User – any visitor to the website
https://en.marketliner.ru.
2.11. Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific circle of persons.
2.12. Dissemination of personal data – any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at familiarizing an unlimited circle of persons with personal data, including the publication of personal data in the media, placement in information and telecommunication networks, or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data – transfer of personal data to the territory of a foreign state to a foreign state authority, a foreign natural or foreign legal person.
2.14. Destruction of personal data – any actions resulting in the irreversible destruction of personal data with the impossibility of further restoration of the content of personal data in the personal data information system and (or) the destruction of material carriers of personal data.
3. Main Rights and Obligations of the Operator3.1. The Operator has the right to:
— receive from the subject of personal data reliable information and/or documents containing personal data;
— in case of withdrawal by the subject of personal data of consent to the processing of personal data, the Operator has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified in the Personal Data Law;
— independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations provided for by the Personal Data Law and adopted in accordance with it regulatory legal acts, unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obliged to:
— provide the subject of personal data, at his request, with information regarding the processing of his personal data;
— organize the processing of personal data in the manner prescribed by the current legislation of the Russian Federation;
— respond to requests and inquiries from subjects of personal data and their legal representatives in accordance with the requirements of the Personal Data Law;
— report to the authorized body for the protection of the rights of subjects of personal data, at the request of this body, the necessary information within 30 days from the date of receipt of such a request;
— publish or otherwise provide unrestricted access to this Policy regarding the processing of personal data;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination of personal data, as well as from other unlawful actions concerning personal data;
— terminate the transfer (dissemination, provision, access) of personal data, cease processing, and destroy personal data in the manner and cases provided for by the Personal Data Law;
— fulfill other obligations provided for by the Personal Data Law.
6. Basic rights and obligations of personal data subjects4.1. Subjects of personal data have the right to:
— Receive information regarding the processing of their personal data, except in cases provided for by federal law. The information is provided to the subject of personal data by the Operator in an accessible form and should not contain personal data related to other subjects of personal data unless there are legal grounds for disclosing such data. The list of information and the procedure for obtaining it are established by the Personal Data Law.
— Request that the Operator clarify, block, or destroy their personal data if it is incomplete, outdated, inaccurate, obtained unlawfully, or not necessary for the stated purpose of processing. They may also take measures prescribed by law to protect their rights.
— Impose a condition of prior consent for the processing of personal data for the purpose of promoting goods, works, and services in the market.
— Withdraw consent for the processing of personal data.
— Appeal against unlawful actions or inactions of the Operator in the processing of their personal data to the authorized body for the protection of the rights of personal data subjects or through the court system.
— Exercise other rights provided by the legislation of the Russian Federation.
4.2. Subjects of personal data are obliged to:
— Provide the Operator with accurate information about themselves.
— Notify the Operator about clarifications (updates, changes) to their personal data.
4.3. Individuals who provide the Operator with false information about themselves or information about another subject of personal data without the latter's consent are liable in accordance with the legislation of the Russian Federation.
5. The Operator may process the following personal data of the User:5.1. Last name, first name, middle name.
5.2. Email address.
5.3. Phone numbers.
5.4. The website also collects and processes anonymized visitor data (including cookies) using internet statistics services (Yandex.Metrica, Google Analytics, and others).
5.5. The aforementioned data is collectively referred to as "Personal Data" in this Policy.
5.6. The processing of special categories of personal data concerning race, nationality, political views, religious or philosophical beliefs, or intimate life is not carried out by the Operator.
5.7. The processing of personal data permitted for dissemination from special categories of personal data specified in Part 1 of Article 10 of the Personal Data Law is allowed if the prohibitions and conditions specified in Article 10.1 of the Personal Data Law are observed.
5.8. The User's consent to the processing of personal data permitted for dissemination is provided separately from other consents for the processing of their personal data. At the same time, the conditions specified in Article 10.1 of the Personal Data Law must be met. The requirements for the content of such consent are established by the authorized body for the protection of the rights of personal data subjects.
5.8.1. The User provides consent for the processing of personal data permitted for dissemination directly to the Operator.
5.8.2. The Operator is required to publish information on the conditions of processing, the existence of prohibitions, and the conditions for processing by an unlimited number of persons of personal data permitted for dissemination within no later than three business days after receiving such consent from the User.
5.8.3. The transfer (dissemination, provision, access) of personal data permitted by the subject of personal data for dissemination must be terminated at any time upon request by the subject of personal data. This request must include the last name, first name, middle name (if available), contact information (phone number, email address, or postal address) of the subject of personal data, as well as the list of personal data whose processing must be terminated. The personal data specified in the request may only be processed by the Operator to whom it is addressed.
5.8.4. Consent to the processing of personal data permitted for dissemination ceases to be valid from the moment the Operator receives the request specified in Clause 5.8.3 of this Policy regarding the processing of personal data.
6. Principles of Personal Data Processing6.1. The processing of personal data by the Operator is carried out in accordance with the following principles:
6.1.1. Lawfulness and fair basis. The processing of personal data is carried out on a lawful and fair basis.
6.1.2. Restriction to specific goals. The collection of personal data is carried out solely for predetermined, specific, and lawful purposes.
6.1.3. Minimization of data processing. Only personal data necessary for achieving the purposes of its processing are subject to collection.
6.1.4. Accuracy of data. The accuracy, sufficiency, and relevance of personal data concerning the purposes of its processing are ensured.
6.1.5. Limited retention period. Personal data is stored in a form that allows identifying the subject of personal data no longer than required by the purposes of personal data processing unless a retention period is established by federal law, an agreement, or the consent of the personal data subject.
6.1.6. Confidentiality. The confidentiality of personal data is ensured during its processing.
6.1.7. Prevention of unauthorized access. The Operator implements technical and organizational measures to ensure the security of personal data and prevent its unauthorized processing, access, or distribution.
7. Conditions for the Processing of Personal Data7.1. The Operator processes personal data in the following cases:
7.1.1. With the consent of the personal data subject to the processing of their personal data.
7.1.2. When the processing of personal data is necessary for the performance of a contract to which the subject of personal data is a party.
7.1.3. When the processing is required to comply with the Operator’s legal obligations.
7.1.4. When the processing is necessary to protect the vital interests of the subject of personal data or another person.
7.1.5. When the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
7.1.6. When the personal data has been made publicly available by the subject.
8. Security Measures for Personal Data8.1. To protect personal data, the Operator implements:
8.1.1. Organizational and technical measures to prevent unauthorized access to personal data.
8.1.2. Restriction of access to personal data to employees and contractors who need it for their work.
8.1.3. Use of secure channels for the transmission of personal data.
8.1.4. Data encryption methods where applicable.
8.1.5. Regular internal audits and inspections of compliance with personal data protection standards.
9. Rights of the Personal Data Subject9.1. Personal data subjects have the right to:
9.1.1. Access and obtain information regarding the processing of their personal data.
9.1.2. Request corrections or deletions of their personal data if it is inaccurate or processed unlawfully.
9.1.3. Withdraw their consent to the processing of personal data at any time.
9.1.4. File complaints regarding the processing of personal data with the relevant supervisory authorities or in court.
10. Cross-Border Data Transfer10.1. The Operator ensures that personal data is transferred to foreign countries only when the receiving country provides adequate protection of the rights of personal data subjects or with the explicit consent of the subject.
11. Responsibility of the Operator11.1. The Operator is responsible for the lawful processing and protection of personal data. Any violation of personal data processing rights can result in legal actions and penalties as prescribed by law.
12. Confidentiality of Personal Data12.1. The Operator guarantees that personal data will remain confidential and will not be disclosed to unauthorized persons unless required by law or the subject has provided explicit consent.
13. Final Provisions13.1. The Operator reserves the right to update this Policy. The latest version is always available at
https://en.marketliner.ru.