Policy on personal data processing
1. General provisions
This personal data processing policy is compiled in accordance with the requirements of the Federal Law of 27.07.2006. No. 152-FZ “On Personal Data” and defines the procedure of personal data processing and measures to ensure security of personal data undertaken by the CENTER OF HUMANITARIAN DEVELOPMENT AND SPECIAL WORKS (hereinafter – the Operator).
1.1. The operator’s most important goal and condition for its activities is to observe human and civil rights and freedoms when processing personal data, including the protection of rights to privacy, personal and family secrets.
1.2. This Operator’s policy regarding the processing of personal data (hereinafter “Policy”) applies to all information that the Operator may receive about visitors to the website https://cgrsr.ru/.
2. Basic concepts used in the Policy
2.1. Automated processing of personal data – processing of personal data by means of computer technology;
2.2. Blocking of personal data – temporary termination of personal data processing (except when processing is necessary to clarify personal data);
2.3. Web site – a set of graphic and informational materials, as well as programs for computers and databases, making them available on the Internet at a network address https://cgrsr.ru/;
2.4. Information system of personal data is a set of personal data contained in databases of personal data, and providing information technology and technical means for its processing;
2.5. Depersonalization of personal data – actions that make it impossible to determine, without the use of additional information, whether the personal data belongs to a particular user or another subject of personal data;
2.6. Processing of personal data – any action (operation) or set of actions (operations), performed with or without the use of automation with personal data, including collection, recording, systematization, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), anonymization, blocking, removal, destruction of personal data;
2.7. Operator – a state body, municipal authority, legal entity or individual, independently or together with other persons, organizing and (or) carrying out processing of personal data, as well as determining the purpose of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data;
2.8. Personal Data – any information relating directly or indirectly to a specific or identifiable User of the website https://cgrsr.ru/;
2.9. User – any visitor to the website https://cgrsr.ru/;
2.10. Provision of personal data – actions aimed at disclosure of personal data to a certain person or a certain circle of people;
2.11. Dissemination of personal data – any action aimed at the disclosure of personal data to an indefinite range of persons (transfer of personal data) or to familiarize with personal data to an unlimited number of persons, including the publication of personal data in the media, placing in information and telecommunications networks or provide access to personal data in any other way;
2.12. Cross-border transfer of personal data – transfer of personal data to a foreign country to a foreign authority, a foreign individual or a foreign legal entity;
2.13. Destruction of personal data – any action resulting in the destruction of personal data irretrievably with the inability to further restore the content of personal data in the information system of personal data and (or) the destruction of the material media personal data.
3. The operator can process the following personal data of the User
3.1. Surname, first name, patronymic;
3.2. Email address;
3.3. Phone numbers;
3.4. The site also collects and processes impersonal data about visitors (including cookies) using Internet statistical services (Yandex Metrika and Google Analytics, etc.).
3.5. The above-mentioned data further in the text of the Policy are combined under the general term Personal Data.
4. Purposes of personal data processing
4.1. The purpose of processing of personal data of the User – the conclusion, execution and termination of civil contracts; providing access to the User to the services, information and / or materials contained on the website https://cgrsr.ru/ clarification of order details.
4.2. The Operator also has the right to send the User notifications about new products and services, special offers and different events. The User can always refuse to receive information messages by sending a letter to the Operator to the e-mail address email@example.com with the note “Refuse notifications about new products and services and special offers”..
4.3. Anonymized User data collected through Internet statistical services is used to collect information about the actions of Users on the site, to improve the quality of the site and its content.
5. Legal basis for processing personal data
5.1. The operator processes personal data of the User only in case of their filling and/or sending by the User himself through the special forms located on the site https://cgrsr.ru/. By filling in the appropriate forms and/or sending his/her personal data to the Operator, the User expresses his/her consent to this Policy.
6. Procedure for collecting, storing, transferring and other processing of personal data
The security of personal data processed by the Operator is ensured by implementing legal, organizational and technical measures necessary to comply fully with the requirements of applicable laws in the field of personal data protection.
6.1. The operator ensures the safety of personal data and takes all possible measures to exclude access to personal data by unauthorized persons.
6.2. The User’s personal information will never, under any circumstances, be disclosed to third parties, except in cases related to the execution of applicable law.
6.3. In case of detection of inaccuracies in the personal data, the User can update them independently, by sending a notice to the Operator’s e-mail address firstname.lastname@example.org with a note “Updating of personal data”.
6.4. The period of processing of personal data is unlimited. The user may withdraw their consent to the processing of personal data at any time by sending a notice by e-mail to the Operator’s e-mail address email@example.com marked “Withdrawal of consent to the processing of personal data”.
7. Cross-border transfer of personal data
7.1. Before transborder transfer of personal data, the operator must ensure that the foreign country to whose territory the transfer of personal data is to be carried out, provides reliable protection of the rights of personal data subjects.
7.2. Cross-border transfer of personal data in foreign countries that do not meet the above requirements may be carried out only if the consent in writing of the subject of personal data on the cross-border transfer of his personal data and / or performance of the contract, to which the subject of personal data.
8. Closing Provisions
8.1. The user can get any clarifications on questions of interest concerning the processing of his personal data by contacting the Operator via e-mail firstname.lastname@example.org.
8.2. This document will reflect any changes in the Operator’s personal data processing policy. The policy is valid indefinitely until replaced by a new version.
8.3. The current version of the Policy is freely available on the Internet at https://cgrsr.ru/privacy-policy/.