Privacy policy

POLICY ON PERSONAL DATA PROCESSING OF INDIVIDUAL ENTREPRENEUR A.V. Denisenko

1. General Provisions

1.1. The Policy on Personal Data Processing (hereinafter - the Policy) is aimed at protecting the rights and freedoms of individuals whose personal data is processed by Individual Entrepreneur A.V. Denisenko (hereinafter - the Operator).

1.2. The Policy is developed in accordance with clause 2, part 1, art. 18.1 of the Federal Law of July 27, 2006, No. 152-FZ "On Personal Data" (hereinafter - the Federal Law "On Personal Data").

1.3. The Policy contains information subject to disclosure in accordance with part 1, art. 14 of the Federal Law "On Personal Data" and is a publicly available document.

2. Information about the Operator

2.1. The Operator conducts its activities at the address: Office 520, 28 Maslennikova St., Omsk.

2.2. General Director Anna Vladimirovna Denisenko (phone +7 (913) 672-74-36) is appointed responsible for organizing the processing of personal data.

2.3. The database of information containing the personal data of citizens of the Russian Federation is located at: Office 520, 28 Maslennikova St., Omsk.

3. Information on Personal Data Processing

3.1. The Operator processes personal data on a legal and fair basis to fulfill the functions, powers, and duties imposed by law, and to exercise the rights and legitimate interests of the Operator, the Operator's employees, and third parties.

3.2. The Operator obtains personal data directly from the data subjects.

3.3. The Operator processes personal data using automated and non-automated methods, with and without the use of computer technology.

3.4. Actions for processing personal data include collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction.

3.5. Databases of information containing the personal data of citizens of the Russian Federation are located on the territory of the Russian Federation.

4. Processing of Clients' Personal Data

4.1. The Operator processes the personal data of clients within the framework of legal relations with the Operator, regulated by the second part of the Civil Code of the Russian Federation of January 26, 1996, No. 14-FZ (hereinafter - clients).

4.2. The Operator processes clients' personal data to comply with the legislation of the Russian Federation, as well as for the purpose of: — carrying out activities provided for by the OKVED of Individual Entrepreneur A.V. Denisenko; — informing about new products, special promotions, and offers.

4.3. The Operator processes clients' personal data with their consent, provided either in writing or by performing conclusive actions.

4.4. The Operator processes clients' personal data no longer than required by the purposes of personal data processing, unless otherwise provided by the legislation of the Russian Federation.

4.5. The Operator processes the following personal data of clients:
— Last name, first name, patronymic;
— Contact phone number;
— Email address; social networks;
— Profession;
— Position;
— Academic degree, title;
— Survey data on the event's topic.

4.6. To achieve the purposes of personal data processing and with the clients' consent, the Operator provides personal data or entrusts its processing to the following persons:
— Event organizers;
— Event participants.

5. Information on Ensuring the Security of Personal Data

5.1. The Operator appoints a person responsible for organizing the processing of personal data to fulfill the duties provided for by the Federal Law "On Personal Data" and the regulatory legal acts adopted in accordance with it.

5.2. The Operator applies a set of legal, organizational, and technical measures to ensure the security of personal data to ensure the confidentiality of personal data and their protection from unlawful actions:
— provides unrestricted access to the Policy, a copy of which is available at the Operator's location and may also be posted on the Operator's website (if any);
— in pursuance of the Policy, approves and implements the document "Regulation on the Processing of Personal Data" (hereinafter - the Regulation) and other local acts;
— familiarizes employees with the provisions of the legislation on personal data, as well as with the Policy and the Regulation;
— grants access to personal data processed in the Operator's information system, as well as to their physical carriers, only to employees for the performance of their job duties;
— establishes rules for access to personal data processed in the Operator's information system, and also ensures the registration and accounting of all actions with them;
— assesses the harm that may be caused to data subjects in case of violation of the Federal Law "On Personal Data";
— identifies threats to the security of personal data during their processing in the Operator's information system;
— applies organizational and technical measures and uses information security tools necessary to achieve the established level of personal data protection;
— detects facts of unauthorized access to personal data and takes response measures, including the restoration of personal data modified or destroyed as a result of unauthorized access;
— assesses the effectiveness of the measures taken to ensure the security of personal data before the commissioning of the Operator's information system;
— exercises internal control over the compliance of personal data processing with the Federal Law "On Personal Data," regulatory legal acts adopted in accordance with it, requirements for the protection of personal data, the Policy, the Regulation, and other local acts, including control over the measures taken to ensure the security of personal data and their level of protection when processed in the Operator's information system.

6. Rights of Data Subjects

6.1. The data subject has the right:
— to receive personal data relating to this subject and information regarding its processing;
— to clarify, block, or destroy their personal data if it is incomplete, outdated, inaccurate, illegally obtained, or not necessary for the stated purpose of processing;
— to withdraw their consent to the processing of personal data;
— to protect their rights and legitimate interests, including compensation for damages and moral harm in court;
— to appeal the actions or inaction of the Operator to the authorized body for the protection of the rights of data subjects or in court.

6.2. To exercise their rights and legitimate interests, data subjects have the right to contact the Operator or send a request in person or through a representative. The request must contain the information specified in part 3, art. 14 of the Federal Law "On Personal Data".

General Director Individual Entrepreneur A.V. Denisenko 21.01.2025