The Personal Data Processing Policy (hereinafter referred to as the “Policy”) has been developed in accordance with Federal Law No. 152-FZ “On Personal Data” dated 27.07.2006 (hereinafter referred to as “FZ-152”). This Policy defines the procedure for processing personal data and measures to ensure the security of personal data by Konstantinov Valery Mikhailovich (hereinafter referred to as the “Operator”) to protect human and civil rights and freedoms when processing personal data, including the right to privacy, personal and family confidentiality.
The Policy uses the following key terms:
Automated processing of personal data – processing of personal data using computer technology;
Blocking of personal data – temporary suspension of personal data processing (except when processing is necessary for clarifying personal data);
Anonymization of personal data – actions resulting in the inability to determine the ownership of personal data without additional information;
Processing of personal data – any action (operation) or set of actions performed with personal data using automation tools or without them, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, and destruction of personal data;
Operator – a state or municipal authority, legal or natural person who, independently or jointly with others, organizes and/or carries out the processing of personal data, as well as determines the purposes of personal data processing, the composition of personal data subject to processing, and actions (operations) performed with personal data;
Personal data – any information related directly or indirectly to a specific or identifiable individual (subject of personal data);
Provision of personal data – actions aimed at disclosing personal data to a specific person or a specific group of persons;
Distribution of personal data – actions aimed at disclosing personal data to an indefinite group of persons (transfer of personal data) or at providing access to personal data to an unlimited number of persons, including publication in the media, posting in information and telecommunication networks, or providing access to personal data in any other way;
Cross-border transfer of personal data – transfer of personal data to the territory of a foreign state, to an authority of a foreign state, or to a foreign individual or legal entity;
Destruction of personal data – actions resulting in the impossibility of restoring personal data in the personal data information system and/or the destruction of material carriers of personal data.
The company is required to publish or otherwise provide unrestricted access to this Policy in accordance with Part 2 of Article 18.1 of FZ-152.
The Operator processes personal data based on the following principles:
Legality and fairness;
Restriction of personal data processing to achieving specific, pre-defined, and legitimate purposes;
Prevention of processing personal data incompatible with the purposes of data collection;
Prevention of merging databases containing personal data processed for purposes incompatible with each other;
Processing only personal data that meets the purposes of its processing;
Compliance of the content and volume of processed personal data with the declared processing purposes;
Prevention of excessive personal data processing in relation to the declared processing purposes;
Ensuring the accuracy, sufficiency, and relevance of personal data concerning the purposes of its processing;
Destruction or anonymization of personal data upon achieving the purposes of processing or in case of loss of necessity in achieving these purposes, unless otherwise provided by federal law.
The Operator processes personal data under at least one of the following conditions:
Processing is carried out with the consent of the personal data subject;
Processing is necessary to achieve the objectives established by an international treaty of the Russian Federation or by law, to fulfill the functions, powers, and responsibilities imposed by the legislation of the Russian Federation on the Operator;
Processing is necessary for the administration of justice, execution of a court decision, or other regulatory act subject to execution in accordance with Russian Federation legislation;
Processing is necessary for the execution of a contract to which the personal data subject is a party, beneficiary, or guarantor, as well as for concluding a contract at the request of the personal data subject or a contract under which the personal data subject will be a beneficiary or guarantor;
Processing is necessary for the realization of the rights and legitimate interests of the Operator or third parties, or for achieving socially significant goals, provided that this does not infringe upon the rights and freedoms of the personal data subject;
Processing is carried out for publicly available personal data;
Processing is carried out for personal data that must be disclosed or published in accordance with federal law.
The Operator and other persons who have obtained access to personal data must not disclose or distribute personal data to third parties without the consent of the personal data subject, unless otherwise provided by federal law.
For informational purposes, the Operator may create publicly available sources of personal data, including directories and address books. With the written consent of the personal data subject, the following information may be included in such sources: full name, date and place of birth, position, contact phone numbers, email address, and other personal data provided by the subject. At any time, the personal data subject may request the removal of their information from publicly available sources.
Processing special categories of personal data related to race, nationality, political views, religious or philosophical beliefs, health status, or personal life is allowed only in the following cases:
The personal data subject has given written consent;
The personal data has been made publicly available by the subject;
Processing is carried out in accordance with laws related to state social assistance, labor legislation, pension legislation, or other state benefits;
Processing is necessary to protect the life, health, or other vital interests of the personal data subject or other persons when obtaining consent is impossible;
Processing is conducted for medical and preventive purposes, for establishing a medical diagnosis, or for providing medical or social services, provided that such processing is carried out by medical professionals required to maintain confidentiality by law;
Processing is necessary for the establishment or exercise of the legal rights of the personal data subject or third parties, or in connection with judicial proceedings;
Processing is conducted in accordance with insurance legislation.
Information that characterizes physiological and biological features of a person and enables their identification—biometric personal data—may be processed only with the written consent of the personal data subject.
The Operator has the right to delegate personal data processing to a third party with the consent of the personal data subject, unless otherwise provided by federal law, under a contract with the third party. The third party must comply with the principles and rules of personal data processing established by FZ-152 and this Policy.
Other rights and obligations of the Operator in connection with the processing of personal data are determined by the legislation of the Russian Federation in the field of personal data. All suggestions or questions regarding this Privacy Policy should be communicated to info@arcticfishing.ru
