1. Introduction:
1.1. The most important condition for achieving the goals of the website https://shyganador.ru (hereinafter referred to as the operator) is to ensure the necessary and sufficient level of information security of information, which includes personal data.
1.2. The policy regarding the processing of personal data by the operator (hereinafter referred to as the regulation) determines the procedure for collecting, storing, transferring and other types of processing of personal data by the operator, as well as information on the implemented requirements for the protection of personal data.
1.3. The policy has been developed in accordance with the current legislation of the Russian Federation.
2. Composition of personal data:
2.1. Information constituting personal data is any information related to a directly or indirectly determined or determinable individual (subject of personal data).
2.2. All personal data processed by the operator is confidential, strictly protected information in accordance with the law.
3. Purposes of processing personal data:
3.1. Personal data are processed by the operator for the purposes of formalizing labor and other contractual relations, personnel, accounting, tax records, on the grounds provided for in Article 22 of the Federal Law of 27.06.2006 No. 152-FZ, 85-90 of the Labor Code of the Russian Federation, as well as for the purposes of organizing and conducting by the operator (including with the involvement of third parties) loyalty programs, marketing and / or advertising campaigns, research, surveys and other events; providing other services to subjects of personal data; promoting services and / or goods of the operator and / or the operator's partners on the market by directly contacting the operator's clients using various means of communication, including, but not limited to, by telephone, e-mail, mailing list, on the Internet, etc.; for other purposes, if the operator's actions do not contradict the current legislation.
3.2. In order to properly fulfill its duties, the Operator processes the following personal data necessary for the proper fulfillment of contractual obligations:
• personal data of individuals and legal entities, including, but not limited to, buyers, regular customers, customers of services provided by the site.
4. The procedure for collecting, storing, transferring and other types of processing personal data:
4.1. The processing of personal data carried out without the use of automation tools is carried out in such a way that for each category of personal data it is possible to determine the storage locations of personal data (material carriers). The operator has established a list of persons processing personal data or having access to them. The operator ensures the safety of personal data and takes measures to prevent unauthorized access to personal data.
4.2. The processing of personal data carried out using automation tools is carried out subject to the following actions: the operator carries out technical measures aimed at preventing unauthorized access to personal data and (or) transferring them to persons who do not have the right to access such information; protective tools are configured to promptly detect facts of unauthorized access to personal data; technical means of automated processing of personal data are isolated in order to prevent any impact on them that may result in disruption of their functioning; the operator makes backup copies of data in order to be able to immediately restore personal data modified or destroyed due to unauthorized access to them; carries out constant monitoring of ensuring the level of security of personal data.
4.3 The personal data operator transfers personal data to third parties only for the proper fulfillment of contractual obligations.
5. Information on the implemented requirements for the protection of personal data:
5.1. The operator carries out the following activities: determines threats to the security of personal data during their processing; has the right to initiate an investigation and draw up conclusions on the facts of non-compliance with the conditions for storing personal data carriers, the use of information security tools that may lead to a violation of the confidentiality of personal data or other violations leading to a decrease in the level of security of personal data, the development and adoption of measures to prevent possible dangerous consequences of such violations; has a description of the personal data protection system.
6. Rights and obligations of the operator:
6.1. The personal data operator has the right to:
• to defend their interests in court;
• provide personal data of subjects to third parties, if this is provided for by current legislation (tax, law enforcement agencies, etc.);
• refuse to provide personal data in cases provided for by law;
• use the personal data of the subject without his consent, in cases provided for by law.
7. Rights and obligations of the personal data subject:
7.1. The subject of personal data has the right to
• to demand clarification of their personal data, their blocking or destruction if the personal data is incomplete, outdated, unreliable, illegally obtained or are not necessary for the stated purpose of processing, as well as to take measures provided for by law to protect their rights;
• request a list of their personal data processed by the operator and the source of their receipt;
• receive information about the terms of processing of your personal data, including the terms of their storage;
• require notification of all persons who have previously been informed of incorrect or incomplete personal data about all exceptions, corrections or additions made to them;
• to appeal to the authorized body for the protection of the rights of personal data subjects or in court against illegal actions or omissions in the processing of their personal data;
• to protect their rights and legitimate interests, including compensation for damages and (or) compensation for moral damage in court.
8. Final provisions:
8.1. this policy is subject to change and addition in the event of new legislative acts and special regulatory documents on the processing and protection of personal data.