Date of posting on the Site “8” November 2017
This Policy for processing personal data (hereinafter referred to as the Policy) defines the general principles and procedure for processing personal data of Users of the online site and measures to ensure their security by the Individual entrepreneur Vitaly V. Makarkin.
TERMS AND DEFINITIONS
The parties use the following terms in the following meaning:
a) Data – other data about the User (not included in the concept of personal data).
b) Legislation – current legislation of the Russian Federation.
c) Operator – Individual entrepreneur Makarkin Vitaliy Vladimirovich, independently or jointly with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of processing personal data, the composition of personal data subject to processing, the actions (operations) performed with personal data .
d) Personal data – any information related directly or indirectly to a certain or determined individual (User).
e) User – a person who has access to the Site, through the Internet and using the Site.
f) Provision of personal data – actions aimed at disclosing Personal Data to a certain person or a certain circle of persons.
g) A website located on the Internet at makarkin.pro and Makarkin.rf.
h) The subject of personal data is the User (individual) to which the Personal Data refers.
i) Transport companies-third persons providing courier services.
Other terms used in the Policy are interpreted in accordance with the Legislation of the Russian Federation.
1.1. This Policy regarding the processing of personal data is developed in accordance with the provisions of Federal Law No. 152-FZ of 27.07.2006 “On Personal Data” (as amended and supplemented), other legislative and regulatory legal acts, and determines the procedure for working with the Personal Data of Users and ( or) transmitted by Users and requirements to ensure their security.
1.2. Activities to ensure the security of personal data are an integral part of the Operator.
PRINCIPLES OF PERSONAL DATA PROCESSING
2.1. The processing of Personal Data by the Operator is carried out in accordance with the following principles:
2.1.1. Legality and fair basis for the processing of Personal Data. The operator takes all necessary measures to comply with the requirements of the Legislation, does not process Personal Data in cases where this is not permitted by the Legislation, does not use Personal Data to the detriment of the User.
2.1.2. Processing only those Personal Data that meet the previously announced objectives of their processing. Correspondence of the content and amount of processed Personal Data to the stated processing objectives. Preventing the processing of Personal Data that is incompatible with the purposes of collecting Personal Data, as well as redundant in relation to the stated purposes of their processing.
The operator processes the Personal Data solely for the purpose of fulfilling the contractual obligations to the User.
2.1.3. Ensuring the accuracy, adequacy and relevance of Personal Data in relation to the purposes of processing Personal Data. The Operator shall take all reasonable measures to maintain the relevance of the Personal Data being processed, including but not limited to the implementation of the right of each Entity to obtain for review their Personal Data and to require the Operator to clarify, block or destroy them if the Personal Data is incomplete, outdated, inaccurate, illegally obtained or are not necessary for the above-stated processing purposes.
2.1.4. The storage of Personal Data in a form that allows the User to identify personal data is no longer than the purpose of processing Personal Data, unless the period of storage of Personal Data is established by federal law, a contract to which the User of the Personal Data is a party or beneficiary.
2.1.5. Inadmissibility of combining the databases of the Personal Data Information Systems databases created for incompatible purposes.
TERMS OF PERSONAL DATA PROCESSING
3.1. Processing of Personal Data by the Operator is allowed in the following cases:
3.1.1. If the User has the consent to process his Personal Data. The consent is given by acceptance of the Public offer placed on the Site or by registration of the Order, in the ways indicated on the Site.
3.1.2. When transferring the Personal Data of the Personal Data Subject by the User when making an order on the Site. The user guarantees that he has previously obtained consent from the subject for data transmission to the Operator.
3.1.3. Personal data are subject to publication or mandatory disclosure in accordance with the Legislation.
3.2. The Operator shall not disclose to third parties or distribute Personal Data without the consent of the User, unless otherwise provided by the Legislation.
3.3. The Operator does not process Personal Data relating to special categories relating to race and nationality, political views, religious or philosophical beliefs, health status, the intimate life of the Personal Data Entity, the personal data subject’s membership in public associations, except as expressly provided by the Legislation .
3.4. The Operator does not carry out the Transboundary Transfer of the User’s Personal Data.
COLLECTION AND PROCESSING OF PERSONAL DATA AND OTHER DATA
4.1. The operator collects and stores only those Personal Data that are necessary to provide services to the User for the sale of goods through the Site. At the same time, Personal Data may be collected both through the Site and at the Operator’s office.
4.2. The operator processes the Personal Data for the following purposes:
4.2.1. implementation of activities provided by the Charter of the Company, the current legislation of the Russian Federation;
4.2.2. fulfillment of the Operator’s obligations to the User for the sale of goods, including processing of payments, delivery of goods.
4.2.3. for communication with Users, if necessary, including for sending notifications, information and requests related to the provision of services, as well as processing applications, requests and applications of Users;
4.2.4. to improve the quality of services provided by the Operator;
4.2.5. to promote services in the market through direct contacts with users;
4.2.6. for conducting statistical and other studies on the basis of impersonal personal data.
For the purposes specified in clause 4.2. The operator processes the following personal:
Surname, name and patronymic;
The details of the bank card from which payment is made (name of the holder of the bank card, card number, CVV code);
IP address of the User;
Type of user’s browser;
Address of delivery of goods.
4.4. With respect to Personal Data and other User Data, their confidentiality is preserved, except when these data are publicly available.
4.5. The Operator has the right to keep an archival copy of the Personal Data and other Data, including after the deletion of the User’s account.
4.6. The Operator has the right to transmit Personal Data and other User Data without the User’s consent to the following persons:
4.6.1. State bodies, including the bodies of inquiry and investigation, and local self-government bodies on their reasoned request.
4.6.2. To the Operator’s partners in order to fulfill the contractual obligations to the User.
4.6.3. In other cases, expressly provided by the current legislation of the Russian Federation.
4.7. The Operator has the right to transfer Personal Data and other Data to third parties not specified in clause 4.6 of this Policy in the following cases:
4.7.1. The user expressed his consent to such actions.
4.7.2. The transfer is necessary in the framework of the User’s use of the Site or the sale of goods to the User (including for the purpose of delivering goods);
4.7.3. Transfer occurs in the framework of a sale or other transfer of business (in whole or in part), while all obligations to comply with the terms of this Policy pass to the acquirer.
4.8. The operator performs automated and manual processing of Personal Data and other Data.
4.9. Access to the Information Systems containing Personal Data is provided by the password system. Passwords are set by authorized Operator employees and are individually communicated to Operator employees who have access to Personal Data / Data.
4.10. The operator transmits the processed information to the transport (courier) companies on the basis of the User’s consent (Article 9 of the Federal Law “On Personal Data”).
4.11. The operator is not responsible for the improper handling of the User’s personal data carried out by the Transport Companies.
4.12. Upon receipt by the Operator of personal data of a request containing a personal data subject’s consent to the processing of personal data by the personal data subject, within 30 (thirty) calendar days from the date of receipt it must delete personal data.
CHANGE OF PERSONAL DATA
5.1. The User may at any time modify (update, supplement) the Personal Data by sending a written application to the Operator.
5.2. The user has the right at any time to delete Personal Data / Data.
CONFIDENTIALITY OF PERSONAL DATA
6.1. The operator ensures the confidentiality of personal data / data processed by him in accordance with the procedure provided for by the Legislation. Confidentiality is not required for:
6.1.1. Personal data after their depersonalization.
6.1.2. Personal data, access of an unlimited circle of persons to which is provided by the User or at his request (hereinafter – Personal data made by the public User).
6.1.3. Personal data subject to publication or mandatory disclosure in accordance with the Legislation.
6.1.4. It is not a violation of the confidentiality of Personal Data that the Operator provides information to transport (courier) companies and other third parties acting on the basis of an agreement with the Operator to fulfill obligations to the User.
USER CONSIDERATION FOR PERSONAL DATA PROCESSING
7.1. The User makes a decision to provide his Personal Data to the Operator and agrees to their processing freely, by his own will and in his interest. Consent to the processing of Personal Data must be specific, informed and conscious and provided by the User at the time of its Registration on the Operator’s Website, as well as in any form that allows to confirm its receipt, unless otherwise provided by the Legislation.
7.2. Personal data of persons entered into contractual obligations with the Operator, contained in unified state registers of legal entities and individual entrepreneurs, are public and public, with the exception of information on the number, date of issue and the body that issued the identity document of the individual. Protection of their confidentiality and the consent of Users for processing is not required.
7.3. In the case of requests from organizations that do not have the appropriate authority, the Operator must obtain the User’s prior consent for the provision of his Personal Data and warn those who receive Personal Data that these data can only be used for the purposes for which they are communicated and also require these individuals to confirm that this rule will (was) observed.
RIGHTS OF PERSONAL DATA SUBJECTS
8.1. The user has the right to receive information regarding the processing of his Personal Data / Data. The User has the right to require the Operator to verify his Personal Data, blocking or destroying it in the event that the Personal Data is incomplete, obsolete, inaccurate, illegally obtained or not necessary for the stated purpose of processing, and also take legal measures to protect its rights.
8.2. If the User considers that the Operator processes his Personal Data in violation of the requirements of the Legislation or otherwise violates his rights and freedoms, the User has the right to appeal against the actions or inaction of the Operator in the authorized body for the protection of the rights of subjects of Personal Data or in court.
8.3. The user has the right to protect his rights and legitimate interests, including compensation for damages and (or) compensation for moral harm in the courts.
PERSONAL DATA OF THIRD PARTIES USED BY USERS
9.1. Using the Site, the User has the right to enter data of third parties for the order of goods.
9.2. The User undertakes to obtain the preliminary consent of the subject of Personal Data for their use through the Site. The user is solely responsible for the absence of such consent.
9.3. The operator undertakes to take the necessary measures to ensure the safety of Personal data of third parties entered by the User.
10.1. To this Policy and the relationship between the User and the Operator arising in connection with the application of the Policy, the law of the Russian Federation is applicable.
10.2. All possible disputes are subject to resolution in accordance with the Legislation at the place of registration of the Operator.
Before applying to the court, the User must observe the mandatory pre-trial order and send the relevant claim to the Operator in writing. The period for responding to a claim is 30 (thirty) working days.
10.4. The Operator has the right to change this Policy at any time (in whole or in part) unilaterally without prior agreement with the User. All changes take effect the next day after posting on the Site.
CONTACT OPERATOR INFORMATION
11.1. Phone: +7 8652 217-605
11.2. E-mail: firstname.lastname@example.org
11.3. Address: 355000 Stavropol, ul. Frolenko 16, 27