Personal Data Processing Policy
1. General Provisions
This personal data processing policy has been drawn up in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data undertaken by Mikhailov Ivan Sergeevich (hereinafter referred to as the Operator).
1.1. The Operator sets as its most important goal and condition for carrying out its activities the observance of human and civil rights and freedoms when processing personal data, including the protection of rights to privacy, personal and family secrets.
1.2. This Policy of the Operator regarding personal data processing (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors of the website https://thenovaconsulting.com.
2. Basic Concepts Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary cessation of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https://thenovaconsulting.com.
2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means that ensure their processing.
2.5. Anonymization of personal data — actions as a result of which it is impossible to determine, without using additional information, the принадлежность of personal data to a specific User or other personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity or individual that independently or jointly with others organizes and/or carries out the processing of personal data, and also determines the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of the website https://thenovaconsulting.com.
2.9. Personal data permitted by the personal data subject for distribution — personal data to which access is granted to an unlimited number of persons by the personal data subject by giving consent to the processing of personal data permitted for distribution in the manner provided for by the Personal Data Law (hereinafter — personal data permitted for distribution).
2.10. User — any visitor of the website https://thenovaconsulting.com.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific circle of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at familiarizing an unlimited circle of persons with personal data, including publication of personal data in mass media, placement in information and telecommunication networks or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign authority, a foreign individual or a foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data are destroyed irreversibly with the impossibility of further restoration of the content of personal data in the personal data information system and/or material carriers of personal data are destroyed.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right:
— to receive from the personal data subject reliable information and/or documents containing personal data;
— in case the personal data subject withdraws consent to the processing of personal data, as well as sends a request to terminate processing, the Operator has the right to continue processing personal data without consent if there are grounds specified in the Personal Data Law;
— to independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations предусмотренных by the Personal Data Law and regulatory legal acts adopted in accordance with it, unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obliged:
— to provide the personal data subject, upon request, with information regarding the processing of their personal data;
— to organize the processing of personal data in accordance with the procedure established by the current legislation of the Russian Federation;
— to respond to requests and appeals of personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;
— to report to the authorized body for the protection of the rights of personal data subjects, upon request, the necessary information within 10 days from the date of receipt of such request;
— to publish or otherwise ensure unrestricted access to this Policy;
— to take legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution, as well as from other unlawful actions;
— to terminate transfer (distribution, provision, access), terminate processing and destroy personal data in cases предусмотренных by the Personal Data Law;
— to fulfill other obligations предусмотренные by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right:
— to receive information regarding the processing of their personal data, except in cases provided by federal laws;
— to demand clarification, blocking or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained or not necessary for the stated purpose;
— to put forward a condition of prior consent when processing personal data for marketing purposes;
— to withdraw consent and request termination of processing;
— to appeal against unlawful actions or inaction of the Operator;
— to exercise other rights предусмотренные by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged:
— to provide reliable data about themselves;
— to inform the Operator about updates or changes to their personal data.
4.3. Persons who have provided false information bear responsibility in accordance with the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1. Processing is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined and lawful purposes.
5.3. It is not allowed to combine databases processed for incompatible purposes.
5.4. Only data that meets processing purposes is processed.
5.5. Content and volume correspond to stated purposes.
5.6. Accuracy, sufficiency and relevance are ensured.
5.7. Storage is carried out no longer than necessary.
6. Purposes of Personal Data Processing
Purpose — informing the User via email
Personal data —
last name, first name, patronymic
phone numbers
Legal basis — Federal Law “On Information, Information Technologies and Protection of Information” No. 149-FZ
Types of processing — collection, storage, anonymization, destruction
7. Conditions of Personal Data Processing
Processing is carried out with consent or on other legal grounds предусмотренных законом.
8. Procedure for Collection, Storage, Transfer
Security is ensured through legal, organizational and technical measures.
Data is not transferred to third parties except as required by law or consent.
Users may update or withdraw consent via email privacy@thismywebsite.com.
9. Actions Performed by the Operator
Collection, storage, use, transfer, anonymization, deletion.
10. Cross-Border Transfer
The Operator notifies authorities before transfer.
11. Confidentiality
Personal data must not be disclosed without consent.
12. Final Provisions
Users may contact the Operator at privacy@thismywebsite.com.
The Policy is valid indefinitely and is available at:
https://thenovaconsulting.com/policy_ru.
1. General Provisions
This personal data processing policy has been drawn up in accordance with the requirements of Federal Law No. 152-FZ dated July 27, 2006 “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data undertaken by Mikhailov Ivan Sergeevich (hereinafter referred to as the Operator).
1.1. The Operator sets as its most important goal and condition for carrying out its activities the observance of human and civil rights and freedoms when processing personal data, including the protection of rights to privacy, personal and family secrets.
1.2. This Policy of the Operator regarding personal data processing (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors of the website https://thenovaconsulting.com.
2. Basic Concepts Used in the Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary cessation of personal data processing (except in cases where processing is necessary to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the Internet at the network address https://thenovaconsulting.com.
2.4. Personal data information system — a set of personal data contained in databases and the information technologies and technical means that ensure their processing.
2.5. Anonymization of personal data — actions as a result of which it is impossible to determine, without using additional information, the принадлежность of personal data to a specific User or other personal data subject.
2.6. Processing of personal data — any action (operation) or set of actions (operations) performed using automation tools or without using such tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data.
2.7. Operator — a state body, municipal body, legal entity or individual that independently or jointly with others organizes and/or carries out the processing of personal data, and also determines the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of the website https://thenovaconsulting.com.
2.9. Personal data permitted by the personal data subject for distribution — personal data to which access is granted to an unlimited number of persons by the personal data subject by giving consent to the processing of personal data permitted for distribution in the manner provided for by the Personal Data Law (hereinafter — personal data permitted for distribution).
2.10. User — any visitor of the website https://thenovaconsulting.com.
2.11. Provision of personal data — actions aimed at disclosing personal data to a specific person or a specific circle of persons.
2.12. Distribution of personal data — any actions aimed at disclosing personal data to an indefinite circle of persons (transfer of personal data) or at familiarizing an unlimited circle of persons with personal data, including publication of personal data in mass media, placement in information and telecommunication networks or providing access to personal data in any other way.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign authority, a foreign individual or a foreign legal entity.
2.14. Destruction of personal data — any actions as a result of which personal data are destroyed irreversibly with the impossibility of further restoration of the content of personal data in the personal data information system and/or material carriers of personal data are destroyed.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right:
— to receive from the personal data subject reliable information and/or documents containing personal data;
— in case the personal data subject withdraws consent to the processing of personal data, as well as sends a request to terminate processing, the Operator has the right to continue processing personal data without consent if there are grounds specified in the Personal Data Law;
— to independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of obligations предусмотренных by the Personal Data Law and regulatory legal acts adopted in accordance with it, unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obliged:
— to provide the personal data subject, upon request, with information regarding the processing of their personal data;
— to organize the processing of personal data in accordance with the procedure established by the current legislation of the Russian Federation;
— to respond to requests and appeals of personal data subjects and their legal representatives in accordance with the requirements of the Personal Data Law;
— to report to the authorized body for the protection of the rights of personal data subjects, upon request, the necessary information within 10 days from the date of receipt of such request;
— to publish or otherwise ensure unrestricted access to this Policy;
— to take legal, organizational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, distribution, as well as from other unlawful actions;
— to terminate transfer (distribution, provision, access), terminate processing and destroy personal data in cases предусмотренных by the Personal Data Law;
— to fulfill other obligations предусмотренные by the Personal Data Law.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right:
— to receive information regarding the processing of their personal data, except in cases provided by federal laws;
— to demand clarification, blocking or destruction of their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained or not necessary for the stated purpose;
— to put forward a condition of prior consent when processing personal data for marketing purposes;
— to withdraw consent and request termination of processing;
— to appeal against unlawful actions or inaction of the Operator;
— to exercise other rights предусмотренные by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged:
— to provide reliable data about themselves;
— to inform the Operator about updates or changes to their personal data.
4.3. Persons who have provided false information bear responsibility in accordance with the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1. Processing is carried out on a lawful and fair basis.
5.2. Processing is limited to achieving specific, predetermined and lawful purposes.
5.3. It is not allowed to combine databases processed for incompatible purposes.
5.4. Only data that meets processing purposes is processed.
5.5. Content and volume correspond to stated purposes.
5.6. Accuracy, sufficiency and relevance are ensured.
5.7. Storage is carried out no longer than necessary.
6. Purposes of Personal Data Processing
Purpose — informing the User via email
Personal data —
last name, first name, patronymic
phone numbers
Legal basis — Federal Law “On Information, Information Technologies and Protection of Information” No. 149-FZ
Types of processing — collection, storage, anonymization, destruction
7. Conditions of Personal Data Processing
Processing is carried out with consent or on other legal grounds предусмотренных законом.
8. Procedure for Collection, Storage, Transfer
Security is ensured through legal, organizational and technical measures.
Data is not transferred to third parties except as required by law or consent.
Users may update or withdraw consent via email privacy@thismywebsite.com.
9. Actions Performed by the Operator
Collection, storage, use, transfer, anonymization, deletion.
10. Cross-Border Transfer
The Operator notifies authorities before transfer.
11. Confidentiality
Personal data must not be disclosed without consent.
12. Final Provisions
Users may contact the Operator at privacy@thismywebsite.com.
The Policy is valid indefinitely and is available at:
https://thenovaconsulting.com/policy_ru.
