Privacy Policy on the Processing of Personal Data
1. General Provisions
This personal data processing policy is drafted in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006, "On Personal Data" (hereinafter referred to as the "Personal Data Law") and outlines the procedures for processing personal data and measures to ensure the security of personal data undertaken by Nikita Garayev (hereinafter referred to as the "Operator").
1.1. The Operator’s primary goal and condition for conducting its activities is to respect human and civil rights and freedoms when processing personal data, including the right to privacy, personal and family confidentiality.
1.2. This policy applies to all information that the Operator may receive regarding visitors to the website http://grvagency.ru/en.
2. Key Terms Used in the Policy
2.1. Automated Processing of Personal Data – processing of personal data using computer technology.
2.2. Blocking of Personal Data – temporary suspension of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website – a set of graphic and informational materials, as well as software and databases, ensuring their availability on the internet at http://grvagency.ru/.
2.4. Information System of Personal Data – a set of personal data contained in databases and information technologies and technical means used for their processing.
2.5. Anonymization of Personal Data – actions that make it impossible to determine the identity of personal data to a specific User or another subject without additional information.
2.6. Processing of Personal Data – any action (operation) or set of actions (operations) performed with or without automation tools regarding personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data.
2.7. Operator– a government body, municipal body, legal or physical person that independently or jointly organizes and/or carries out the processing of personal data, as well as determines the purposes of processing, the composition of personal data to be processed, and the actions (operations) performed with personal data.
2.8. **Personal Data** – any information directly or indirectly related to a specific or identifiable User of the website http://grvagency.ru/.
2.9. **Personal Data Allowed for Dissemination by the Subject of Personal Data** – personal data to which the subject of personal data has granted access to an unlimited number of people through consent for the processing of personal data permitted for dissemination, as provided by the Personal Data Law (hereinafter referred to as "personal data allowed for dissemination").
2.10. User – any visitor to the website http://grvagency.ru/en.
2.11. Provision of Personal Data – actions aimed at disclosing personal data to a specific person or group of persons.
2.12. Dissemination of Personal Data – any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data accessible to an unlimited number of persons, including publication in the media, posting in information and telecommunication networks, or providing access to personal data in any other way.
2.13. Cross-border Transfer of Personal Data – the transfer of personal data to a foreign state’s authority, foreign individual, or foreign legal entity.
2.14. Destruction of Personal Data – any actions resulting in the irreversible destruction of personal data with no possibility of further recovery of its content in the personal data information system and/or the destruction of physical carriers of personal data.
3. Key Rights and Obligations of the Operator
3.1. The Operator has the right to:
— Receive accurate information and/or documents containing personal data from the subject of personal data;
— In case the subject of personal data withdraws their consent for processing, the Operator may continue processing personal data without consent if grounds stipulated by the Personal Data Law exist;
— Independently determine the list of necessary and sufficient measures to ensure compliance with the Personal Data Law, unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obliged to:
— Provide the subject of personal data with information about the processing of their personal data upon request;
— Organize the processing of personal data in accordance with current Russian Federation legislation;
— Respond to inquiries and requests from the subjects of personal data and their legal representatives in accordance with the requirements of the Personal Data Law;
— Notify the authorized body on the protection of personal data subjects’ rights of any required information within 10 days from the date of receiving such a request;
— Publish or otherwise ensure unrestricted access to this Personal Data Processing Policy;
— Implement legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, alteration, blocking, copying, distribution, and other illegal actions;
— Cease the transmission (distribution, provision, access) of personal data, stop processing, and destroy personal data as stipulated by the Personal Data Law.