1. GENERAL PROVISIONS
1.1. This Privacy Policy regarding the processing of personal data of users of the site https://www.dvitex.ru/ (hereinafter referred to as the Privacy Policy) has been developed and is applied in LLC Dvitex Law Firm, PSRN 1107746800490, Moscow, lane. Golutvinsky 1st, house 3-5, of 4-1 (hereinafter referred as the Operator) in accordance with clause 2, part 1 of Article 18.1 of Federal Law No. 152-FZ of 27.07.2006 "On Personal Data" (hereinafter referred as the Law on Personal Data).
1.2. This Privacy Policy defines the Operator's policy regarding the processing of personal data accepted for processing, the procedure and conditions for processing personal data of individuals who have transferred their personal data for processing to the Operator (hereinafter referred to as personal data subjects) with and without the use of automation tools, establishes procedures aimed at preventing violations of the legislation of the Russian Federation, eliminating the consequences of such violations related to the processing of personal data.
1.3. The Privacy Policy is drafted to ensure the protection of the rights and freedoms of personal data subjects when processing their personal data, as well as to establish the responsibility of the Operator's officials who have access to the personal data of personal data subjects for non-compliance with the requirements and norms governing the processing of personal data.
1.4. Personal data of a Personal data Subject is any information relating directly or indirectly to a certain or identifiable individual.
1.5. The Operator processes the following personal data of Users:
- Last name, First Name, Patronymic;
- Email address;
- Phone number;
- other data required by the Operator when providing services to Users to ensure the functioning of the Site.
1.6. The Operator processes personal data of Personal data Subjects for the following purposes:
- providing feedback from the Operator's Specialists on User requests;
- providing the possibility of online payment for services ordered on the Website;
- ensuring the fulfillment of the Operator's obligations to Users;
- for market research purposes;
- informing the Subject of personal data about promotions, contests, special offers, new services, discounts, promotional materials and other services, as well as receiving commercial or advertising information and free products, participating in exhibitions or events, performing marketing research and notifying about all special initiatives for customers;
- statistical purposes;
- for other purposes, if the relevant actions of the Operator do not contradict the current legislation, the activities of the Operator, and the consent of the Personal data Subject has been obtained for carrying out the specified processing.
1.7. The Operator processes the personal data of personal data subjects by performing any action (operation) or a set of actions (operations) performed using automation tools or without using such tools, including the following:
- collection;
- recording;
- systematization;
- accumulation;
- storage;
- clarification (update, change);
- extraction;
- usage;
- transfer (distribution, provision, access);
- depersonalization;
- blocking;
- removal;
- destruction.
2. PRINCIPLES OF PERSONAL DATA PROCESSING
2.1. When processing personal data, the Operator is guided by the following principles:
- legality and justice;
- privacy;
- timeliness and reliability of obtaining the consent of the personal data subject to the processing of personal data;
- processing only personal data that meet the purposes of their processing;
- compliance of the content and volume of the processed personal data with the stated purposes of processing. The processed personal data should not be redundant in relation to the stated purposes of their processing;
- the inadmissibility of combining databases containing personal data, the processing of which is carried out for purposes incompatible with each other;
- holding personal data in a form that allows you to identify the subject of personal data, no longer than the purposes of personal data processing require;
- destruction or depersonalization of personal data in order to achieve the goals, their processing or in case of loss of the need to achieve these goals.
2.2. The processing of personal data by the Operator is carried out in compliance with the principles and rules provided for by:
- Federal Law No. 152-FZ of 27.07.2006 "On Personal Data";
- This Privacy Policy;
- The Universal Declaration of Human Rights of 1948;
- The International Covenant on Civil and Political Rights of 1966;
- The European Convention for the Protection of Human Rights and Fundamental Freedoms of 1950;
- The provisions of the Commonwealth of Independent States Convention on Human Rights and Fundamental Freedoms (Minsk, 1995), ratified by the Russian Federation on 11.08.1998;
- The provisions of the Okinawan Charter of the Global Information Society, adopted on 22.07.2000;
- Decree of the Government of the Russian Federation No. 1119 dated 01.11.2012 "On approval of requirements for the protection of personal data during their processing in personal data information systems";
- By Order of the FSTEC of Russia dated 18.02.2013 No. 21 "On approval of the Composition and content of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems";
- Other regulatory and non-normative legal acts regulating the processing of personal data.
3. RECEIVING OF PERSONAL DATA
3.1. Personal data of personal data subjects are obtained by the Operator:
- by providing personal data by the subject when registering on the Website, when submitting applications, applications, questionnaires, forms, filling out registration forms on the Operator's website or sending by e-mail, messages by phone to the Operator's support service;
- in other ways that do not contradict the legislation of the Russian Federation and the requirements of international legislation on the protection of personal data.
3.2. The Operator receives and begins processing the Subject's personal data from the moment of receiving Subject's consent.
3.3. Consent to the processing of personal data is given by the subject of personal data from the moment of the beginning of the use of the site, including by marking in the columns "I agree to the processing of personal data, with the terms and content of the privacy policy", through the performance of the subject of personal data of specific actions.
3.4. The subject of personal data may withdraw his consent to the processing of personal data at any time. To revoke consent to the processing of personal data, it is necessary to submit an appropriate application to the Operator by available means of communication. At the same time, the Operator must terminate their processing or ensure the termination of such processing and, if the preservation of personal data is no longer required for the purposes of their processing, destroy personal data or ensure their destruction within a period not exceeding 30 (Thirty) days from the date of receipt of the specified recall.
3.5. If the Subject of personal data withdraws consent to the processing of personal data, the Operator has the right to continue processing personal data without the consent of the Subject of personal data only if there are grounds specified in the Law on Personal Data.
3.6. The subject of personal data has the right to choose which personal data will be provided to them. However, in case of incomplete provision of the necessary data, the Operator does not guarantee the ability of the subject to use all the services and products of the Site, to use all the services of the Site.
3.7. The subject of personal data can view, update or delete any personal data included in his profile at any time. To do this, he can edit his profile online in his personal account or send an email to info@dvitex.ru
4. PROCEDURE FOR PROCESSING PERSONAL DATA
4.1. The Operator takes technical and organizational and legal measures to ensure the protection of personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, distribution, as well as from other illegal actions.
4.2. When processing personal data, the Operator applies legal, organizational and technical measures to ensure the security of personal data in accordance with art. 19 of the Federal Law "On Personal Data", Decree of the Government of the Russian Federation No. 1119 dated 01.11.2012 "On Approval of requirements for the protection of personal data when Processing Them in personal Data information Systems", Methodology for Determining current threats to the security of personal data when Processing Them in Personal Data Information Systems, approved by the FSTEC of the Russian Federation on 02/14/2008, Methodological Recommendations for Ensuring the security of personal data using Cryptographic Means when Processing them in personal data information Systems using Automation Tools, approved by the FSB of the Russian Federation on 21.02.2008 No. 149/54-144.
4.3. Login and Password are used to authorize access to the Site. The personal data subject is responsible for the safety of this information. The subject of personal data does not have the right to transfer his own Username and Password to third parties, and is also obliged to take measures to ensure their confidentiality.
4.4. When transferring personal data, the Operator complies with the following requirements:
- does not disclose the personal data of the personal data subject to a third party without express consent, except in cases where it is necessary for the purposes of processing personal data, preventing threats to the life and health of the personal data subject, as well as in cases established by law;
- does not disclose personal data for commercial purposes without the express consent of the personal data subject;
- informs the persons receiving personal data that this data can only be used for the purposes for which they are reported, and requires these persons to take appropriate measures to protect personal data. The persons receiving the User's personal data are obliged to comply with the confidentiality regime;
- allows access to personal data only to authorized persons, while these persons should have the right to receive only those personal data that are necessary to perform specific functions.
4.5. The Operator has the right to disclose any information collected about the User of this Site, if disclosure is necessary in connection with an investigation or complaint regarding the misuse of the Site, or to establish (identify) a User who may violate or interfere with the rights of the Site Administration or the rights of other Users of the Site, as well as to comply with the provisions of current legislation or court decisions, ensure compliance with the terms of this Agreement, protect the rights or safety of other Users and any third parties.
4.6. Third parties independently determine the list of other persons (their employees) who have direct access to such personal data and (or) process them. The list of these persons, as well as the procedure for access and (or) processing of personal data by them, is approved by the internal documents of a Third Party.
4.7. The Operator does not sell or provide personal data to third parties for marketing purposes not provided for in this Privacy Policy, without the express consent of the subjects of personal data. The Operator may combine depersonalized data with other information received from third parties and use them to improve and personalize services, content and advertising.
4.8. The processing of personal data is carried out on the territory of the Russian Federation, the cross-border transfer of personal data is not carried out. The operator reserves the right to choose any channels for transmitting information about personal data, as well as the content of the transmitted information.
4.9. Personal information collected online is stored by the Operator and/or service providers in databases protected by physical and electronic controls, access restriction system technologies and other acceptable security measures.
4.10. The subject of personal data understands, confirms and agrees that the technical processing and transmission of information on the Operator's Website may include data transmission over various networks, including unencrypted Internet communication channels, which is never completely confidential and secure.
4.11. The subject of personal data also understands that any messages and/or information sent via the Operator's Server may be read and/or intercepted by third parties without authorization.
5. FINAL PROVISIONS
5.1. In case of any disputes or disagreements related to the implementation of these Rules, the Personal Data Subject and the Operator will make every effort to resolve them through negotiations between them. If the disputes are not resolved through negotiations, the disputes are subject to resolution in accordance with the procedure established by the current legislation of the Russian Federation.
5.2. This Privacy Policy comes into force for the Subject of personal data from the moment of the beginning of the use of the Operator's Website and is valid for an indefinite period.
5.3. This Privacy Policy may be amended and/or supplemented by the Operator at any time during the term of the Rules at its discretion without the need to obtain the consent of the Personal Data Subject. All changes and/or additions are posted by the Operator in the relevant section of the Site and come into force on the day of such posting. The subject of personal data undertakes to get acquainted with all changes and/or additions in a timely manner and independently. If the Subject of personal data does not agree with the changes made, he is obliged to refuse access to the Site, stop using the materials and services of the Site.
