Back to the site

PERSONAL DATA PROCESSING POLICY 


1. GENERAL PROVISIONS 

1.1. This personal data processing policy (hereinafter referred to as the Policy) has been compiled in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006, «On Personal Data» and defines the personal data processing procedures and measures to ensure the security of personal data obtained by Marina Aleksandrovna Zyryanova, Taxpayer Identification Number (TIN) 745 310 250 205 (hereinafter referred to as the Operator). 

The Operator's primary goal and condition for carrying out its activities is to respect the rights and freedoms of individuals and citizens when processing their personal data, including protecting their rights to privacy and personal and family secrets.

1.2. Key Concepts Used in the Policy: Personal data — any information related to a directly or indirectly identified or identifiable individual (the subject of personal data). 

User — an individual, the subject of personal data. 

Cookies — small fragments of data related to personal data that are stored in the browser of a computer, mobile phone, or other device after the User visits the Website. 

Automated processing of personal data — the processing of personal data using computer technology. 

Blocking of personal data — the temporary cessation of the processing of personal data (except in cases where processing is necessary to clarify personal data). 

Website — a collection of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address marinazyryanova.ru/

Personal data information system — a collection of personal data contained in databases and the information technologies and technical means that support their processing;

Anonymization of personal data are actions that make it impossible to determine, without the use of additional information, the attribution of personal data to a specific User or other personal data subject; 

Processing of personal data is any action (operation) or set of actions (operations) performed with or without the use of automated tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), retrieval, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data; 

Provision of personal data are actions aimed at disclosing personal data to a specific person or an indefinite number of persons; 

Dissemination of personal data means any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data available to an indefinite number of persons, including disclosing personal data in the media, posting it on information and telecommunications networks, or providing access to personal data in any other way; 

Destruction of personal data means any actions resulting in the irreversible destruction of personal data, making it impossible to restore the contents of personal data in a personal data information system and/or resulting in the destruction of tangible media containing personal data.

1.3. The following are considered personal data subjects whose personal data is processed by the Operator in accordance with this Policy: 

1) the Operator's clients and contractors (individuals); 

2) representatives/employees of the Operator's clients and contractors (legal entities); 

3) website visitors.


2. PURPOSES AND CONDITIONS FOR PROCESSING PERSONAL DATA AND THE CORRESPONDING LISTS OF PERSONAL DATA PROCESSED 

2.1. Personal data permitted for processing within the framework of this Policy is provided by the User voluntarily by completing the User Data Form on the Website or by submitting information in person to the Operator via electronic correspondence.

 2.2. The personal data of the individuals specified in subparagraphs 1-2 of paragraph 1.3 of the Policy is processed for the following purposes: 

— identifying the party within the framework of agreements and contracts concluded with the Operator; 

— providing services to the User, access to the Site, and other services; 

— communicating with the User, sending emails to the User upon receipt of payment from the User, and sending notifications and requests to the User; 

— settling accounts with the User within the framework of contracts concluded with them; 

— transferring the results of contract performance — photographs and/or other works created within the framework of contracts concluded between the User and the Operator.

2.3. For the purposes specified in paragraph 2.2 of the Policy, the following personal data of individuals specified in subparagraphs 1-2 of paragraph 1.3 of the Policy is processed: 

1) last name, first name, and patronymic (if any); 

2) contact telephone number; 

3) email address; 

4) job title (when processing personal data of employees/representatives of counterparties — legal entities).

2.4. The processing of personal data specified in paragraph 2.3 of the Policy is carried out with the consent of the personal data subject to the processing of their personal data, with the exception of cases where the processing of personal data is necessary for the performance of an agreement to which the User is a party, beneficiary, or guarantor, as well as for the conclusion of an agreement at the initiative of the User or an agreement under which the User will be a beneficiary or guarantor, as well as in cases where the processing of personal data is necessary to achieve the goals stipulated by an international treaty of the Russian Federation or by law, or for the implementation and fulfillment of the functions, powers, and obligations imposed on the operator by the legislation of the Russian Federation.

2.5. The personal data of the persons specified in subparagraph 3 of paragraph 1.3 of this Policy (Website visitors) is processed for the following purposes: 

organizing access to information about the Operator's activities posted on the Internet; 

communication with the User, sending emails to the User upon registration on the Website; 

promoting the Operator's services and informing new clients about the quality of services — providing information about previous experience when the User publishes a review of their experience with the Operator on the Website; 

researching and analyzing data to support and improve the services and sections of the Website, as well as developing new services and sections of the Website;  

conducting statistical and other research based on anonymized data.

2.6. For the purposes specified in Section 2.5 of this Policy, the following personal data of the individuals specified in Subsection 3 of Section 1.3 of this Policy is processed: 

1) Last name, first name; 

2) Email address; 

3) Telephone number; 

4) Cookies. 

The collection and processing of cookies is governed by Section 7 of this Policy.

2.7. The processing of personal data specified in paragraph 2.6 of the Policy is carried out with the consent of the personal data subject to the processing of their personal data. 

2.8. Consent to the processing of Personal Data is determined by the User's action of checking the box next to the «I consent to the processing of my personal data in accordance with the Personal Data Processing Policy» column. 

2.9. Consent to the processing of Personal Data, including cookies, for Users using the Website to obtain information about the Operator's activities is determined by using the Website and clicking the «OK» button or a similar button on the cookie collection notification in accordance with this Privacy Policy. 

2.10. Personal data specified in paragraphs 2.3 and 2.6 of this Policy are hereinafter collectively referred to as «Personal Data.» 

2.11. Special categories of personal data are not processed.


3. PERSONAL DATA PROCESSING PROCEDURE 

3.1. Personal data may be processed with or without the use of automated tools. Personal data may be processed without the use of automated tools in the form of paper documents and in electronic form (files, databases) on electronic storage media. 

3.2. The Operator does not transfer personal data across borders.

3.3. The Operator does not transfer personal data to third parties, with the exception of: 

— cases where transfer is necessary for the performance of an agreement with the subject; 

 — cases stipulated by law (at the request of government agencies, courts, investigative bodies, and other authorized bodies on the grounds stipulated by the current legislation of the Russian Federation).

3.4. The Operator and other persons who have gained access to personal data are obligated not to disclose or distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided by federal law. 

3.5. The Operator has the right to store (archive) and consolidate documents and personal data. 

3.6. The processing period for personal data is until the purposes for which the personal data is processed are achieved. The User may revoke their consent to the processing of personal data at any time by sending a notification to the Operator via email to the Operator's email address m.zyr-zyr@yandex.ru with the subject line «Revocation of consent to the processing of personal data.»

3.7. The operator is obligated to cease processing personal data: 

— if unlawful processing of personal data is detected, carried out by the operator within a period not exceeding three business days from the date of such detection; 

— if the personal data subject revokes consent to the processing of their personal data; 

— if the purpose of processing the personal data is achieved, and to destroy the personal data within a period not exceeding thirty days from the date of achieving the purpose of processing the personal data. If it is impossible to destroy the personal data within the specified period, the operator will block such personal data and ensure the destruction of the personal data within a period not exceeding six months, unless another period is established by federal laws.


4. RIGHTS AND RESPONSIBILITIES OF THE PARTIES. 

4.1. The Operator has the right to:

 · receive reliable information from the User containing personal data;

4.2. The Operator is obligated to:

 · process personal data in accordance with the procedure established by the current legislation of the Russian Federation;

 · review the User's requests regarding the processing of personal data and provide reasoned responses;

 · take measures to clarify and destroy the User's personal data in connection with the User's (their legal representative's) submission of legal and reasonable requests;

 · organize the protection of personal data in accordance with the requirements of the legislation of the Russian Federation.

4.3. The User has the right to:

 · receive full information about their personal data processed by the Operator;

 · have their personal data updated, blocked, or destroyed if the personal data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing;

 · revoke consent to the processing of personal data;

 · if the User believes that the Operator is processing their personal data in violation of applicable law or otherwise violates their rights and freedoms, the personal data subject has the right to appeal the actions or inactions of the Operator to the authorized body for the protection of the rights of personal data subjects or in court.

 · The User has the right to protect their rights and legitimate interests, including compensation for damages and/or compensation for moral damages through legal proceedings.

 · to exercise other rights provided for by the legislation of the Russian Federation.

4.4. The User is obliged to: 

● provide the Operator with only accurate information about themselves.


5. PROCEDURE FOR PROCESSING APPEALS FROM PERSONAL DATA SUBJECTS 

5.1. The persons specified in Clause 1.3 of this Policy have the right to receive information regarding the processing of their personal data, including: 

1) confirmation of the fact of processing of personal data by the Operator; 

2) legal grounds and purposes of processing personal data; 

3) purposes and methods of processing personal data used by the Operator; 

4) processed personal data related to the relevant personal data subject, and the source of their receipt; 

5) terms of processing of personal data, including the terms of their storage; 

6) information on the methods of fulfilling the Operator's obligations established by Article 18.1 of the Federal Law «On Personal Data»; 

7) other information stipulated by the Federal Law «On Personal Data» or other federal laws. The Operator is obliged to provide the personal data subject or his/her representative, free of charge, with the opportunity to review the personal data, related to this personal data subject. 

5.2. The individuals specified in paragraph 1.3 of this Policy have the right to request that the Operator clarify their personal data, block it, or destroy it if the personal data is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing, and to take measures provided by law to protect their rights. 

5.3. The information specified in paragraph 5.1 of this Policy must be provided to the personal data subject by the Operator in an accessible form, and it must not contain personal data related to other personal data subjects, except in cases where there are legal grounds for disclosing such personal data.


5.4. The information specified in paragraph 5.1 of this Policy will be provided to the personal data subject or their representative within ten business days of the request being submitted or the Operator receiving the request from the personal data subject or their representative. The request must contain: 

1) the number of the primary identity document of the personal data subject or their representative, the date of issue of such document, and the issuing authority; 

2) information confirming the personal data subject's relationship with the Operator (contract number, contract conclusion date, code word, and/or other information), or information otherwise confirming the processing of personal data by the Operator; 

3) the signature of the personal data subject or their representative. The request may be sent in electronic form and signed with an electronic signature in accordance with the legislation of the Russian Federation.

5.5. If any inaccuracies in personal data are discovered, the User may update them independently by sending a notification to the Operator's email address m.zyr-zyr@yandex.ru with the subject «Personal Data Update.» Within seven business days from the date the personal data subject or their representative provides information confirming that the personal data is incomplete, inaccurate, or outdated, the Operator is obligated to make the necessary changes. 

5.6. Within seven business days from the date the personal data subject or their representative provides information confirming that such personal data was obtained illegally or is not necessary for the stated purpose of processing, the Operator is obligated to destroy such personal data. The Operator is obligated to notify the personal data subject or their representative of the changes made and the measures taken.


6. MEASURES TO ENSURE THE SECURITY OF PERSONAL DATA DURING PROCESSING

6.1. The security of personal data processed by the Operator is ensured by implementing legal, organizational, and technical measures necessary to fully comply with the requirements of current legislation in the field of personal data protection. 

Such protective measures include, in particular:

· Use of antivirus software to protect information;

 · Identification and authentication of users when logging into the information system using a password;

 · Restricting access by unauthorized persons to premises intended for processing personal data;

 · Storing personal data on secure media;

 · Detecting instances of unauthorized access to personal data and taking measures, including measures to detect, prevent, and mitigate the consequences of computer attacks on personal data information systems and to respond to computer incidents in them;

 · Restoring personal data modified or destroyed due to unauthorized access.

6.2. The Operator ensures the security of personal data and takes all possible measures to prevent unauthorized persons from accessing personal data.


7. COOKIES 

7.1. The following cookies are collected on the Website: 

7.1.1. Technical cookies — the collection of these cookies cannot be disabled during your visit, as they are necessary for the proper functioning and provision of the full functionality of the Website; 

7.2. Purposes of collecting cookies: 

— authentication of Website Users; 

— as an element of security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect the Website as a whole;

7.3. How to disable the collection of cookies on the website: 

7.3.1. If the User does not want cookies stored on their device, they can disable this option in their browser settings. Stored cookies can also be deleted at any time in their browser's system settings. The User can change their browser settings to accept or reject all cookies by default, or cookies from the Website. 

7.3.2. PLEASE NOTE THAT BY DISABLING COOKIES, THE USER WILL NOT BE ABLE TO USE CERTAIN FUNCTIONS AND TOOLS OF THE WEBSITE. 

Cookies are processed for statistical or other research purposes, subject to the mandatory anonymization of personal data.


8. FINAL PROVISIONS. 

The User may obtain any clarification on any questions regarding the processing of their personal data by contacting the Operator by email at m.zyr-zyr@yandex.ru. 

This document will reflect any changes to the Operator's personal data processing policy. 

This policy is valid indefinitely until it is replaced by a new version. The current version of the Policy is publicly available online at marinazyryanova.ru/


User Agreement, Privacy policy
Site by wfolio