Personal Data Processing Policy
1. General Provisions
This Personal Data Processing Policy is drafted in accordance with the requirements of Federal Law No. 152-FZ of 27.07.2006 “On Personal Data” (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and measures taken by Sole Proprietor Mazikov Nikita Igorevich (hereinafter — the Operator) to ensure the security of personal data.
1.1. The Operator considers the observance of human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family confidentiality, as its most important goal and condition for performing its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors of the website https://estsix.com
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive from the personal data subject reliable information and/or documents containing personal data;
— continue processing personal data without the consent of the personal data subject if the latter withdraws consent or sends a request to stop processing, provided that grounds specified by the Personal Data Law exist;
— independently determine the composition and list of measures necessary and sufficient to fulfill obligations established by the Personal Data Law and related regulations, unless otherwise specified by law.
3.2. The Operator is obliged to:
— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the requirements of the legislation of the Russian Federation;
— respond to requests and inquiries from personal data subjects and their legal representatives;
— provide necessary information to the authorized body for the protection of personal data subjects’ rights within 10 days of receiving such a request;
— publish or otherwise provide unrestricted access to this Policy;
— take legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, distribution, as well as from other unlawful actions;
— cease transfer, processing and destroy personal data in cases specified by the Personal Data Law;
— perform other duties established by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information concerning the processing of their personal data (except as provided by law). Such information must be provided in an accessible form and must not contain personal data of other subjects unless there are legal grounds for disclosure;
— demand clarification, blocking, or destruction of their personal data if the data is incomplete, outdated, inaccurate, illegally obtained, or unnecessary for the declared purpose of processing;
— require prior consent for processing personal data for the purposes of marketing goods, works, and services;
— withdraw consent for personal data processing and demand termination of processing;
— appeal to the authorized body or to court against unlawful actions or inaction of the Operator;
— exercise other rights provided by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:
— provide the Operator with accurate information about themselves;
— inform the Operator about clarification (updating, changes) of their personal data.
4.3. Persons who provide the Operator with false information about themselves or information about another personal data subject without their consent bear liability under the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1. Personal data processing is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, lawful purposes and must not be incompatible with these purposes.
5.3. Databases containing personal data processed for incompatible purposes must not be combined.
5.4. Only personal data relevant to the purposes of processing may be processed.
5.5. The content and scope of processed personal data must correspond to the declared processing purposes; excessive data must not be processed.
5.6. Personal data must be accurate, sufficient, and—where necessary—kept up to date. The Operator must take measures to remove or clarify incomplete or inaccurate data.
5.7. Personal data must be stored in a form that allows identifying the data subject for no longer than required by processing purposes. After these purposes are achieved, or if the need for achieving these purposes is lost, personal data must be destroyed or depersonalized unless otherwise required by federal law.
6. Purposes of Personal Data Processing
Purpose of processing:
Informing the User by sending emails.
Personal data:
— surname, first name, patronymic
— email address
— phone numbers
Legal grounds:
Federal Law “On Information, Information Technologies and Information Protection” No. 149-FZ of 27.07.2006
Types of personal data processing:
Collection, recording, systematization, accumulation, storage, destruction and depersonalization of personal data;
Sending informational emails to the User’s email address.
7. Conditions for Personal Data Processing
7.1. Processing is carried out with the consent of the personal data subject.
7.2. Processing is necessary for purposes established by international treaties or laws of the Russian Federation, or for the performance of the Operator’s statutory functions.
7.3. Processing is necessary for the administration of justice or execution of judicial or official acts.
7.4. Processing is necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, or for the conclusion of a contract at the subject’s initiative.
7.5. Processing is necessary for the legitimate interests of the Operator or third parties, provided this does not violate the rights and freedoms of the personal data subject.
7.6. Processing is carried out for personal data made publicly available by the subject.
7.7. Processing is carried out for personal data subject to publication or mandatory disclosure under federal law.
8. Procedure for Collection, Storage, Transfer and Other Processing of Personal Data
The security of personal data processed by the Operator is ensured through legal, organizational and technical measures necessary to fully comply with the requirements of applicable personal data protection legislation.
8.1. The Operator ensures the safekeeping of personal data and takes all possible measures to prevent unauthorized access.
8.2. Personal data will never be transferred to third parties except in cases required by law or with the data subject’s consent for fulfilling obligations under a civil law contract.
8.3. If inaccuracies are found, the User may update their personal data by sending an email to est.six.6@gmail.com
with the note “Personal Data Update”.
8.4. Personal data is processed until the purposes for which it was collected are achieved unless another period is provided by the contract or law.
A User may withdraw consent at any time by sending a notification to est.six.6@gmail.com
with the note “Withdrawal of Consent for Personal Data Processing”.
8.5. All information collected by third-party services (payment systems, communication tools, service providers) is stored and processed by those parties in accordance with their User Agreements and Privacy Policies. The Operator is not responsible for actions of such third parties.
8.6. Restrictions established by the subject regarding transfer or processing of personal data permitted for dissemination do not apply when data is processed in state, public, or other public interests defined by Russian law.
8.7. The Operator ensures confidentiality of personal data.
8.8. Personal data is stored no longer than necessary for processing purposes unless otherwise required by law or contract.
8.9. Grounds for termination of processing include achievement of processing purposes, expiration of consent validity, withdrawal of consent, or detection of unlawful processing.
9. List of Actions Performed by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification, retrieval, use, transfer, depersonalization, blocking, deletion, and destruction of personal data.
9.2. Automated processing involving transfer via information and telecommunication networks may be performed.
10. Cross–Border Transfer of Personal Data
10.1. Before starting cross-border transfer, the Operator must notify the authorized body for the protection of personal data subjects’ rights (separately from the general notification).
10.2. Prior to such notification, the Operator must obtain necessary information from the foreign authorities, individuals, or organizations receiving the data.
11. Confidentiality of Personal Data
The Operator and any persons granted access to personal data must not disclose or distribute personal data to third parties without the subject’s consent unless required by federal law.
12. Final Provisions
12.1. The User may obtain any explanations regarding processing of their personal data by contacting the Operator at est.six.6@gmail.com
12.2. Any changes to this Policy will be reflected in this document. The Policy is valid indefinitely until replaced by a new version.
12.3. The current version of the Policy is publicly available on the internet at https://estsix.com/privacy_policy
This Personal Data Processing Policy is drafted in accordance with the requirements of Federal Law No. 152-FZ of 27.07.2006 “On Personal Data” (hereinafter — the Personal Data Law) and defines the procedure for processing personal data and measures taken by Sole Proprietor Mazikov Nikita Igorevich (hereinafter — the Operator) to ensure the security of personal data.
1.1. The Operator considers the observance of human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family confidentiality, as its most important goal and condition for performing its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may obtain about visitors of the website https://estsix.com
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:
— receive from the personal data subject reliable information and/or documents containing personal data;
— continue processing personal data without the consent of the personal data subject if the latter withdraws consent or sends a request to stop processing, provided that grounds specified by the Personal Data Law exist;
— independently determine the composition and list of measures necessary and sufficient to fulfill obligations established by the Personal Data Law and related regulations, unless otherwise specified by law.
3.2. The Operator is obliged to:
— provide the personal data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the requirements of the legislation of the Russian Federation;
— respond to requests and inquiries from personal data subjects and their legal representatives;
— provide necessary information to the authorized body for the protection of personal data subjects’ rights within 10 days of receiving such a request;
— publish or otherwise provide unrestricted access to this Policy;
— take legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, alteration, blocking, copying, provision, distribution, as well as from other unlawful actions;
— cease transfer, processing and destroy personal data in cases specified by the Personal Data Law;
— perform other duties established by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information concerning the processing of their personal data (except as provided by law). Such information must be provided in an accessible form and must not contain personal data of other subjects unless there are legal grounds for disclosure;
— demand clarification, blocking, or destruction of their personal data if the data is incomplete, outdated, inaccurate, illegally obtained, or unnecessary for the declared purpose of processing;
— require prior consent for processing personal data for the purposes of marketing goods, works, and services;
— withdraw consent for personal data processing and demand termination of processing;
— appeal to the authorized body or to court against unlawful actions or inaction of the Operator;
— exercise other rights provided by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:
— provide the Operator with accurate information about themselves;
— inform the Operator about clarification (updating, changes) of their personal data.
4.3. Persons who provide the Operator with false information about themselves or information about another personal data subject without their consent bear liability under the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1. Personal data processing is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined, lawful purposes and must not be incompatible with these purposes.
5.3. Databases containing personal data processed for incompatible purposes must not be combined.
5.4. Only personal data relevant to the purposes of processing may be processed.
5.5. The content and scope of processed personal data must correspond to the declared processing purposes; excessive data must not be processed.
5.6. Personal data must be accurate, sufficient, and—where necessary—kept up to date. The Operator must take measures to remove or clarify incomplete or inaccurate data.
5.7. Personal data must be stored in a form that allows identifying the data subject for no longer than required by processing purposes. After these purposes are achieved, or if the need for achieving these purposes is lost, personal data must be destroyed or depersonalized unless otherwise required by federal law.
6. Purposes of Personal Data Processing
Purpose of processing:
Informing the User by sending emails.
Personal data:
— surname, first name, patronymic
— email address
— phone numbers
Legal grounds:
Federal Law “On Information, Information Technologies and Information Protection” No. 149-FZ of 27.07.2006
Types of personal data processing:
Collection, recording, systematization, accumulation, storage, destruction and depersonalization of personal data;
Sending informational emails to the User’s email address.
7. Conditions for Personal Data Processing
7.1. Processing is carried out with the consent of the personal data subject.
7.2. Processing is necessary for purposes established by international treaties or laws of the Russian Federation, or for the performance of the Operator’s statutory functions.
7.3. Processing is necessary for the administration of justice or execution of judicial or official acts.
7.4. Processing is necessary for the performance of a contract to which the personal data subject is a party, beneficiary, or guarantor, or for the conclusion of a contract at the subject’s initiative.
7.5. Processing is necessary for the legitimate interests of the Operator or third parties, provided this does not violate the rights and freedoms of the personal data subject.
7.6. Processing is carried out for personal data made publicly available by the subject.
7.7. Processing is carried out for personal data subject to publication or mandatory disclosure under federal law.
8. Procedure for Collection, Storage, Transfer and Other Processing of Personal Data
The security of personal data processed by the Operator is ensured through legal, organizational and technical measures necessary to fully comply with the requirements of applicable personal data protection legislation.
8.1. The Operator ensures the safekeeping of personal data and takes all possible measures to prevent unauthorized access.
8.2. Personal data will never be transferred to third parties except in cases required by law or with the data subject’s consent for fulfilling obligations under a civil law contract.
8.3. If inaccuracies are found, the User may update their personal data by sending an email to est.six.6@gmail.com
with the note “Personal Data Update”.
8.4. Personal data is processed until the purposes for which it was collected are achieved unless another period is provided by the contract or law.
A User may withdraw consent at any time by sending a notification to est.six.6@gmail.com
with the note “Withdrawal of Consent for Personal Data Processing”.
8.5. All information collected by third-party services (payment systems, communication tools, service providers) is stored and processed by those parties in accordance with their User Agreements and Privacy Policies. The Operator is not responsible for actions of such third parties.
8.6. Restrictions established by the subject regarding transfer or processing of personal data permitted for dissemination do not apply when data is processed in state, public, or other public interests defined by Russian law.
8.7. The Operator ensures confidentiality of personal data.
8.8. Personal data is stored no longer than necessary for processing purposes unless otherwise required by law or contract.
8.9. Grounds for termination of processing include achievement of processing purposes, expiration of consent validity, withdrawal of consent, or detection of unlawful processing.
9. List of Actions Performed by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, clarification, retrieval, use, transfer, depersonalization, blocking, deletion, and destruction of personal data.
9.2. Automated processing involving transfer via information and telecommunication networks may be performed.
10. Cross–Border Transfer of Personal Data
10.1. Before starting cross-border transfer, the Operator must notify the authorized body for the protection of personal data subjects’ rights (separately from the general notification).
10.2. Prior to such notification, the Operator must obtain necessary information from the foreign authorities, individuals, or organizations receiving the data.
11. Confidentiality of Personal Data
The Operator and any persons granted access to personal data must not disclose or distribute personal data to third parties without the subject’s consent unless required by federal law.
12. Final Provisions
12.1. The User may obtain any explanations regarding processing of their personal data by contacting the Operator at est.six.6@gmail.com
12.2. Any changes to this Policy will be reflected in this document. The Policy is valid indefinitely until replaced by a new version.
12.3. The current version of the Policy is publicly available on the internet at https://estsix.com/privacy_policy
info@estsix.com
Москва
Тверская улица 13
Офис 305 (6 этаж)
Menu
Social Media
© 2024 All Rights Reserved
