Processing of personal data

The policy of Russland Group, LLC in relation to the processing of personal data

1. GENERAL PROVISIONS
The policy for the processing of personal data (hereinafter - the Policy) was developed in accordance with the Federal Law No. 152-ФЗ "About personal data” dated July 27, 2006.

  • 1.1. The Policy determines the procedure for the processing of personal data and measures to ensure the security of personal data in Russland Group, LLC (hereinafter referred to as the Operator) in order to protect the rights and freedoms of individual and citizen in the processing of personal data, including the protection of privacy and family secrets.
  • 1.2. Policy actions apply to all personal data of subjects processed by the Operator with and without the use of automation tools.
  • 1.3. The Policy is accessed by any subject of personal data.
  • 1.4. The operator has the right to make changes to the Policy. When making changes, the Policy heading indicates the date of the last update. A new version of the Policy comes into force from the moment of its posting on the website, unless otherwise provided by the new version of the Policy.

2. TERMS AND ABBREVIATIONS USED

Personal data is any information relating to a directly or indirectly defined or determined individual or legal body (the subject of personal data).
Personal data processing is any action (operation) or a set of actions (operations) performed with or without use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, refinement (update, change), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
Automated processing of personal data is a processing of personal data using computer technology. Personal Data Information System (PDIS) is a set of personal data contained in databases and ensuring their processing by information technologies and technical means.
Blocking of personal data is a temporary interruption of the processing of personal data (unless it is necessary to refine personal data).
The destruction of personal data is an action, as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the material carriers of personal data are destroyed.
Operator is an organization, independently or jointly with other persons, organizing the processing of personal data, actions (operations) performed with personal data. The operator is Russland Group, LLC, located at: 29/120, Ostrovitianova st., room 9П, Moscow, 117437.

3. PURPOSES OF PROCESSING OF PERSONAL DATA

3.1. The purpose of the processing of personal data is to fulfill the obligations of the Operator to the Users regarding the use of the Site.

4. PRINCIPLES AND CONDITIONS FOR PROCESSING OF PERSONAL DATA BY THE OPERATOR

  • 4.1. The operator processes the following personal data::
  • • clients and counterparties of the operator (individuals);
  • • clients’ representatives/employees and counterparties of the operator (legal entities).
  • 4.2. Principles and conditions for the processing of personal data:
  • 4.2.1. The security of personal data of the Operator is understood the security of personal data from unlawful or accidental access to it, destruction, alteration, blocking, copying, provision, dissemination of personal data, as well as from other illegal actions in relation to personal data and takes the necessary legal, organizational and technical measures to protect personal data.
  • 4.2.2 Processing and ensuring the security of personal data of the Operator is carried out in accordance with the requirements of the Constitution of the Russian Federation, Federal Law No. 152-ФЗ “On Personal Data”, by-laws, other defining cases and peculiarities of processing personal data of federal laws of the Russian Federation, governing and methodical documents FSTEC of Russia and the Federal Security Service of Russia.
  • 4.3. When processing personal data, the Operator adheres to the following principles:
  • • legality and fairness;
  • • restrictions on the processing of personal data to the achievement of specific, predetermined and legitimate goals;
  • • prevention of the processing of personal data incompatible with the purposes of collecting personal data;
  • • prevent the merging of databases containing personal data that are processed for purposes that are incompatible with each other;
  • • processing of personal data that meets the purposes of their processing;
  • 4.4. The operator processes personal data only if at least one of the following conditions is present:
  • • processing of personal data is carried out with the consent of the subject of personal data to the processing of his personal data;
  • • the processing of personal data is necessary to achieve the goals stipulated by law for the implementation and fulfillment of the functions, powers and duties assigned by the legislation of the Russian Federation to the operator;
  • • processing of personal data is necessary for the execution of the contract to which the subject of personal data is a party;
  • • processing of personal data is necessary for the execution of the rights and legitimate interests of the Company or third parties or to achieve socially significant goals, provided that this does not violate the rights and freedoms of the subject of personal data.
  • 4.5. The operator has the right to entrust the processing of citizens’ personal data to third parties, on the basis of an agreement with these persons. Persons engaged in the processing of personal data on behalf of the Operator undertake to comply with the principles and rules for the processing and protection of personal data provided by Federal Law No. 152-ФЗ “On Personal Data”. For each person, a list of actions (operations) with personal data that will be performed by a legal entity that processes personal data is determined, the processing goals are set, the person’s obligation to maintain confidentiality and ensure personal data security during their processing is established, and protection requirements for personal data are specified.

5. BASIC RIGHTS OF THE PERSONAL DATA SUBJECT AND OBLIGATIONS OF THE OPERATOR

  • 5.1. Fundamental rights of the subject of personal data. The subject has the right to access his personal data and the following information:
  • • legal grounds and purposes for the processing of personal data;
  • • information on the personal data processing methods used by the Operator;
  • • name and location of the Operator
  • • information on persons who have access to personal data or to whom personal data may be disclosed on the basis of an agreement with the Operator or on the basis of federal law;
  • • a list of processed personal data relating to the citizen from whom the request was received and the source of their receipt, unless a different procedure for providing such data is provided for by federal law;
  • • information on the processing time of personal data, including the storage period;
  • • information on the procedure for the implementation of citizen’s rights provided by the Federal Law No. 152-FZ “On Personal Data”;
  • • information on ongoing or alleged cross-border transfer of personal data;
  • • name and address of the person processing personal data on behalf of the Operator;
  • • other information stipulated by the Federal Law No. 152-ФЗ “On Personal Data” or other federal laws; The subject has the right to:
  • • Require clarification of their personal data, their blocking or destruction if personal data is incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing
  • • withdraw consent to the processing of personal data;
  • • contact the Operator and send requests;
  • • appeal the actions or omissions of the Operator.
  • 5.2. Operator’s obligations.
  • The operator is obliged::
  • - to provide information on the processing of personal data, when collecting personal data, upon request of the subject;
  • - to notify the subject in cases where personal data was received not from the personal data subject;
  • - in case of refusal to provide personal data, the subject is explained the consequences of such refusal;
  • - to publish or otherwise provide unrestricted access to the document defining its policy in relation to the processing of personal data, to information about the implemented requirements for the protection of personal data;
  • - to take the necessary legal, organizational and technical measures or ensure their adoption to protect personal data from unauthorized accidental access, destruction, alteration, blocking, copying, provision, dissemination of personal data, as well as from other illegal actions in relation to personal data;
  • - to give answers to inquiries and appeals of the subjects of personal data, their representatives and the authorized body for the protection of the rights of subjects of personal data.

6. RESPONSIBILITY

In case of non-compliance with the provisions of the Policy, Russland Group, LLC takes responsibility in accordance with the current legislation of the Russian Federation.

PLEASE BE AWARE!

  • You can get clarifications on issues of processing your personal data by contacting Russland Group, LLC personally or by sending an official request to the Russian Post at 129110, g. Moskva, prospekt Mira, d.70, etazh 1A, pom.III, komnata 1, ofis 24
  • If an official request is sent to Russland Group, LLC, the following must be indicated in the request text:
  • • Full name;
  • • information confirming your participation in relations with Russland Group, LLC or information otherwise confirming the fact of processing of Russland Group, LLC personal data;
  • • signature of a citizen (or his legal representative). If the request is sent in electronic form, it must be executed in the form of an electronic document and signed with an electronic signature in accordance with the legislation of the Russian Federation.
  • The web-site https://cpa.tl/ publishes the current version of the Policy of the Russland Group, LLC in relation to the processing of personal data.
  • Information on the implemented requirements for the protection of personal data of Russland Group, LLC, when processing of personal data, takes the necessary legal, organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, providing, disseminating personal data as well as from other illegal actions in relation to personal data.
  • Such measures in accordance with Federal Law No. 152-ФЗ “On Personal Data” include:
  • - information security tools that have passed the procedure for assessing compliance with the requirements of the Russian legislation in the field of information security are used;
  • - security of personal data carriers is implemented.

In order to coordinate actions to ensure the security of personal data, Russland Group, LLC has appointed persons responsible for ensuring the security of personal data.