PERSONAL DATA PROCESSING POLICY
OOO "Orgkomitet Stroitel"
September 1, 2020
This Policy is put together in accordance with the Federal Law No. 152-FZ ‘On Personal Data’, dated July 27, 2006. The present document stipulates the policy of OOO "Orgkomitet Stroitel", INN 6658450360, OGRN 1146658001753, legal address: 620014, Yekaterinburg, 1a Boris Eltsin str., office 10.5 (hereinafter – Operator, Personal Data Operator) towards personal data processing.
The Policy applies to all personal data that are processed by the Operator. The Policy applies to relationships related to personal data processing entered into by the Operator both before and after the approval of the present Policy.
In accordance with the 2nd part of 18.1 of the Federal Law No. 152-FZ ‘On Personal Data’, dated July 27, 2006, the present Policy is published to be accessible by all on the Internet on the Operator's Website.
1. BASIC TERMS
Personal Data – any information related to directly or indirectly specified person (Personal Data Subject).
Personal Data Subject (User) – person who is directly or indirectly specified with the help of personal data.
Personal Data Operator (Operator) – legal entity or person who independently or jointly arranges and/or performs personal data processing, as well as defines the aims of personal data processing, the volume of personal data subject to processing and personal data handling.
Personal Data Processing – any action (operation) or a series of actions (operations) performed towards personal data with or without automated software, including personal data acquisition, recording, systematization, accumulation, storage, specification (updates, alteration), extraction, use, transfer (distribution, presentation, providing access), depersonalization, blocking, deleting and annihilation of Personal Data.
Automated Personal Data Processing – personal data processing via computational tools.
Personal Data Distribution – actions pertaining to personal data disclosure to uncertain group of persons.
Personal Data Presentation – actions pertaining to personal data disclosure to particular person or certain group of persons.
Personal Data Depersonalization – actions that make it impossible to identify personal data as related to a specific personal data subject without involving any additional information.
Personal Data Blocking – temporary interruption of personal data processing (except where processing is required for personal data update or alteration).
Personal Data Annihilation – actions making it impossible to restore personal data volume in the personal data information system and/or resulting in the elimination of tangible personal data carriers.
Personal Data Information System – a set of personal data included into personal data databases, as well as the software and tools used for their processing.
Trans-border Transfer of Personal Data – personal data transfer to a foreign country, foreign government body and foreign legal entity and/or person.
Operator's Website (Website) – forum-100.ru, forum-100.com, as well as subdomains and web pages *100-forum.accredcenter.ru*.
Mobile App –100+ Forum Russia.
2. GENERAL TERMS AND CONDITIONS
2.1. By using the Website and/or Mobile app, the User agrees to the present Policy on personal data processing as well as to the User's Personal Data processing conditions.
2.2. The User acts of their own free will and grants their consent to their Personal Data processing voluntarily, by their own free will and in their own interest. Consent to Personal Data Processing may be given by the Personal Data Subject or their representative in any form where the fact of the consent given can be confirmed (including but not limited to: ticking a relevant box, pressing/tapping/clicking a relevant button during registration through the Website or Mobile App), unless stipulated otherwise by the Law of the Russian Federation related to personal data.
2.2. If the User doesn't agree with the conditions of the present Policy, they shall quit the Website and/or Mobile App.
2.3. The Policy applies to the Website and Mobile App. The Operator neither controls nor bears responsibility for any third party websites mentioned on the Website and Mobile App, should the User decide to visit any of them.
2.4. It is not the Operator's responsibility to guarantee accuracy of Personal Data provided by the User.
2.5. The present Policy stipulates the Operator's responsibilities pertaining to non-disclosure and confidentiality control towards Personal Data that the User shares at the Operator's request during registration on the Website or in the Mobile App.
2.6. Processing of the User's Personal Data is performed during an indefinite period of time and by any legal means, including informational systems of Personal Data with or without use of automated tools.
3. PRINCIPLES FOR PERSONAL DATA PROCESSING
3.1. Personal Data Processing is performed on a legitimate equitable basis.
3.2. Personal Data Processing is limited to reaching specific predetermined legitimate aims.
3.3. Personal Data Processing incompatible with the purposes of personal data acquisition is not allowed.
3.4. Combining databases that contain Personal Data processed for the purposes incompatible with each other is not allowed.
3.5. Only Personal Data that meets the purposes of their processing may be processed.
3.6. Scope and amount of Personal Data comply with the stated purposes of processing.
3.7. Personal Data redundancy in relation to the stated purposes is not allowed.
3.8. Accuracy, adequacy and actuality of Personal Data are provided in relation to the purposes of personal data processing.
3.9. Personal Data under processing are deleted or depersonalized once the purposes of processing are achieved or in case achieving these purposes is not required anymore, in case it is impossible for the Operator to remedy committed violations, unless otherwise provided by an active federal law.
4. LIST OF PERSONAL DATA PROCESSED, AS AGREED TO BY USER
4.1. Personal Data includes any information related to directly or indirectly specified person (Personal Data Subject).
4.2. Personal Data is provided by the User when filling in forms, uploading data to the Website and/or Mobile App. Personal Data includes but is not limited to:
4.2.1. Last name, first name, paternal name of the User.
4.2.2. User's employer.
4.2.3. User's job.
4.2.4. User's telephone number.
4.2.5 User's e-mail address.
4.2.6. User's place of living (country, city).
4.2.7. Biometric personal data (User's photo).
5. PURPOSES FOR PERSONAL DATA PROCESSING
5.1. Registration of the User in the Operator's database as a participant in the Operator's events, including but not limited to the International Construction Forum and Expo 100+ Technobuild.
5.2. Follow-up notices to the User by e-mail and/or SMS (including those containing advertisements), newsletter mailing, invitations to the Operator's events and other messages of promotional and/or informational nature.
The aforementioned messages and notices may be sent by the Operator, its affiliates and/or subcontractors.
5.3. Confirmation of the User's identity upon attendance of the Operator's events.
6. RIGHTS OF PERSONAL DATA SUBJECT (USER)
6.1. Receive information pertaining to their Personal Data processing, excluding cases stipulated by Federal Law. Information is given to the Personal Data Subject by the Operator in accordance with the active legislation.
6.2. Demand the Operator to update/block/delete their Personal Data in case this Personal Data are fragmentary, invalid, inaccurate, illegally acquired or are not required for the stipulated data processing purpose, as well as take measures to defend their rights provided by Law.
6.3. Should the User conclude that the Operator performs their Personal Data processing in violation of active legislation or violates their rights and freedom in any other way, the User has the right to file a complaint about actions or inaction of the Operator to an authorized body on personal data subject's rights protection, or go to court.
The User has the right to protect their rights and legal interests, including those of compensation of losses or emotional distress.
6.4. Retract their consent to Personal Data Processing. Retraction is filed in written form by the User to the Operator. This document is sent by e-mail or mail to the Operator's addresses mentioned on the Website.
7. OPERATOR'S RIGHTS AND RESPONSIBILITIES
7.1. The Operator has the right to:
7.1.1. Perform trans-border transfers of Personal Data.
7.1.2. Attract subcontractors for processing the data of the Personal Data Subject, as well as transfer the personal data for their processing to its affiliates on the condition that such subcontractors and affiliated entities bear the according responsibility in relation to confidentiality of personal data.
7.1.3. Transfer Personal Data to the bodies of inquiry and investigation and/or other authorized bodies on grounds provided by the active legislation of the Russian Federation.
7.2. The Operator has the responsibility to:
7.2. Use the received information exclusively for the purposes mentioned in parapraph 5 of the present Policy.
7.3. Take precaution measures to protect confidentiality of the User's personal data in accordance with the procedure usually employed to protect such types of information in existing practices.
7.4. Block Personal Data related to the User at their request or at the request of their legal representative or at the request of an authorized body on personal data subject's rights protection for the examination period in case any inaccuracies or violations are brought to light.
7.5. Make sure that foreign countries which receive Personal Data through trans-border transfers provide proper protection for the rights of personal data subjects before performing the aforementioned transfers.
Trans-border transfers of personal data to the territories of foreign countries which don't provide proper protection for the rights of personal data subjects may proceed if:
– Consent in written form is given by the Personal Data Subject for trans-border transfer of their Personal Data.
– A contract is being executed where one of the parties involved is the Personal Data Subject.
8. PROTECTIVE MEASURES TOWARDS PERSONAL DATA
8.1. The Operator takes sufficient and required measures, both organizational and technical, to protect Personal Data from illegal or accidental access, deletion, change, blocking, copy, distribution and other illegal actions by third parties towards the data, in accordance with the requirements of the legislation of the Russian Federation.
8.2. When the Operator signs a data processing contract with another person, the list of required protective measures towards Personal Data is agreed upon by the contract between this person and the Operator.
9. FINAL CLAUSES
9.1. The Operator, pursuant to the terms of the agreement with OOO Iventishes (INN 6311151902, OGRN 1146311003090, legal address: 443069, Samara, 110/1 Avrora str, office 218), delegates it to the latter to perform Users' Personal Data Processing to ensure functional ability of the Mobile App and to fulfill other purposes stipulated in the present Policy.
9.2. This Policy is an internal document of the Operator. The Operator reserves the right to make changes to the present Policy (to all and any of its paragraphs as well as its title). Changes are introduced by publishing a revised edition of the present Policy. The new edition of the Policy comes into effect on the day of its approval. The previous edition of the Policy becomes null and void from the moment of the approval of the new edition.
9.3. Other rights and responsibilities of the Operator related to Personal Data Processing are determined in accordance with the active legislation of the Russian Federation in the field of personal data.
9.4. The Operator's employees guilty of violating the norms regulating personal data processing and protection, bear financial, disciplinary, administrative, civil-legal or criminal responsibility in accordance with the procedure stipulated by Federal Law.
9.5. In case of any disputes between the User and the Operator, sending a letter of claim (an offer of voluntary settlement in written or digital form) is obligatory before filing a case to court.
9.6. The recipient of the letter of claim shall notify the sender about the results of reviewing their letter in written or digital form within 30 calendar days from the day of receiving the letter.