Privacy policy

1. TERMS AND DEFINITIONS

This Privacy Policy (hereinafter referred to as the Policy) uses the following terms and definitions:

Personal data – any information related to the subject of personal data, including last name, first name, patronymic, contact details (telephone, email, postal address), location (country, city region, etc.), date of birth, photo, link to a personal website, links to pages on social networks, bank card (card number, card expiration date, CVV2 or CVC2 or other security code) or electronic wallet (number and other data necessary to pay for these services);

Operator is the administrator of the site https://main.adaurum.ru, who independently or jointly with other persons organizes and (or) carries out the processing of Personal Data, as well as determines the purposes of processing Personal Data, the composition of Personal Data to be processed, actions (operations), performed with Personal Data;

Personal data subject (user) – the person to whom the Personal Data relates;

Website – a website owned by the Operator and located on the Internet at https://main.adaurum.ru;

Processing of personal data – any action (operation) or set of actions (operations) performed using automation tools or without the use of such means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;

Automated processing of personal data – processing of personal data using computer technology;

Dissemination of personal data – actions aimed at disclosing personal data to an indefinite number of persons;

Providing personal data – actions aimed at disclosing personal data to a certain person or a certain circle of persons;

Blocking of personal data – temporary cessation of processing of personal data (except for cases where processing is necessary to clarify personal data)

Destruction of personal data – actions as a result of which it becomes impossible to restore the content of personal data in the personal data information system and (or) as a result of which the material media of personal data are destroyed;

Depersonalization of personal data – actions as a result of which it becomes impossible, without the use of additional information, to determine the ownership of personal data to a specific subject of personal data;

Personal data information system is a set of personal data contained in databases and information technologies and technical means that ensure their processing.

2. GENERAL PROVISIONS

2.1. The Policy is issued and applied by the Operator in accordance with paragraphs. 2 hours 1 tbsp. 18.1 of the Federal Law of July 27, 2006 No. 152-FZ “On Personal Data” (hereinafter referred to as the Federal Law “On Personal Data”).

2.2. This Policy defines the procedure and conditions of the Operator regarding the processing of personal data, establishes procedures aimed at preventing and identifying violations of the legislation of the Russian Federation, eliminating the consequences of such violations related to the processing of personal data.

2.3. This Policy applies to all processes of collection, recording, systematization, accumulation, storage, clarification, extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data, carried out using automation tools and without use of such funds.

2.4. The purpose of processing personal data by the Operator: obtaining information about the subject of personal data in connection with the promotion of goods, works, and services of the Operator.

Subject category: site users.

Processed data: last name, first name, patronymic, contact details (telephone, email, postal address), location (country, city region, etc.), date of birth, photograph, link to personal website, links to social pages networks, bank card (card number, card expiration date, CVV2 or CVC2 or other security code) or electronic wallet (number and other data necessary to pay for these services).

Data category: general personal data.

Method of processing personal data: automated collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use.

Processing period: within 3 years from the date of last activity on the site.

Personal data is destroyed by erasing personal data from the operator’s servers.

2.5. Personal data is not distributed or provided to third parties without the consent of the personal data subject, unless otherwise provided by the agreement, and is used by the Operator solely for the execution of the agreement specified in clause 2.4 of the Policy and the conclusion of other agreements with the personal data subject.

2.6. The processing of personal data is carried out in compliance with the principles and rules provided for by the Federal Law “On Personal Data” and this Policy.

2.7. Consent to the processing of personal data is given by the subject of personal data upon registration by filling out a web form on the website https://main.adaurum.ru (hereinafter referred to as the Site) and putting a “tick” or “web mark” in the “I consent” column to process personal data and agree to the terms of the privacy policy» and clicking the appropriate button.

3. RIGHTS OF THE OPERATOR AND THE SUBJECT OF PERSONAL DATA

3.1. The personal data operator has the right:

• provide personal data of subjects to third parties, if provided for by current legislation (tax, law enforcement agencies, etc.);
• refuse to provide personal data in cases provided for by law;
• entrust the processing of personal data to other persons on the basis of agreements concluded with these persons. At the same time, the Operator obliges the person processing personal data on behalf of the Operator to comply with the principles and rules for processing personal data provided for by the Federal Law “On Personal Data”;
• the operator has other rights established by the Federal Law “On Personal Data”.

3.2. The subject of personal data has the right:

• demand clarification of your personal data, their blocking or destruction if the personal data is incomplete, outdated, unreliable, illegally obtained or not necessary for the stated purpose of processing, as well as take measures provided by law to protect your rights;
• receive information about the terms of processing of your personal data, including the periods of their storage;
• require notification of all persons who were previously provided with incorrect or incomplete personal data about all exceptions, corrections or additions made to them;
• appeal to the authorized body for the protection of the rights of personal data subjects or in court against unlawful actions or inactions during the processing of his personal data;
• the subject of personal data has other rights established by the Federal Law “On Personal Data”.

4. OPERATOR RESPONSIBILITIES

4.1. The processing of personal data by the Operator is carried out with the consent of the subject of personal data, except in cases established by the legislation of the Russian Federation.

4.2. In cases established by the legislation of the Russian Federation in the field of personal data, the Operator is obliged to inform the subject of personal data or his representative, whose powers will be properly formalized, information regarding the processing of the subject’s personal data.

4.3. The operator bears other obligations established by the Federal Law “On Personal Data”.

5. MEASURES TO ENSURE THE SECURITY OF PERSONAL DATA

5.1. When processing personal data, the Operator applies legal, organizational and technical measures to ensure the security of personal data in accordance with Article 19 of the Federal Law “On Personal Data”.

5.2. The operator takes the following measures to protect personal data:

• threats to the security of personal data during their processing in personal data information systems are identified;
• organizational and technical measures are applied to ensure the security of personal data during their processing in personal data information systems, necessary to fulfill the requirements for the protection of personal data, the implementation of which ensures the levels of personal data security established by the Government of the Russian Federation;
• the effectiveness of measures taken to ensure the security of personal data is assessed before the personal data information system is put into operation;
• measures are taken to exclude cases of unauthorized access to personal data;
• restoration of personal data modified or destroyed due to unauthorized access to it is carried out;
• rules for access to personal data processed in the information system are established, and actions performed with personal data in the personal data information system are registered and recorded;
• means of minimizing access powers, means of access control (identification and authentication of access subjects) and other security measures are implemented and applied;
• control is exercised over the measures taken to ensure the security of personal data and the level of security of personal data information systems.

6. FINAL PROVISIONS

6.1. This Policy is approved by the Operator according to the Operator’s standards, is publicly available and must be posted on the Operator’s official website on the Internet.

6.2. The policy is subject to change and/or addition in the event of changes to existing legislative acts and the emergence of new legislative acts, special regulations on the processing and protection of personal data, and the introduction of new technologies to ensure the security of personal data. Changes/additions to the Policy are carried out by the Operator without the consent of the subject of personal data (User)

6.3. The liability of the Operator’s officials who have access to personal data for failure to comply with the requirements of the standards governing the processing and protection of personal data is determined in accordance with the legislation of the Russian Federation.

Contact Information

e-mail: info@adaurum.ru