Personal Data Processing Policy
1. General Provisions
This Personal Data Processing Policy has been developed in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006, “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by OOO "OMACS" (hereinafter referred to as the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms when processing personal data, including the right to privacy, personal and family confidentiality, as one of its most important goals and conditions for carrying out its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may receive about visitors to the website https://omacs.ru.
2. Basic Terms Used in This Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of the processing of personal data (except in cases where processing is necessary to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the internet at https://omacs.ru.
2.4. Personal data information system — a set of personal data contained in databases, and information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data — actions that make it impossible to determine the ownership of personal data to a specific User or other subject of personal data without using additional information.
2.6. Personal data processing — any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state or municipal body, legal entity or individual, independently or jointly organizing and/or carrying out personal data processing, as well as determining the purposes of personal data processing, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of the website https://omacs.ru.
2.9. Personal data made publicly available by the data subject — personal data access to which is granted by the data subject by giving consent in accordance with the Personal Data Law (hereinafter — publicly available personal data).
2.10. User — any visitor of the website https://omacs.ru.
2.11. Provision of personal data — actions aimed at disclosing personal data to a certain person or a specific group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite group of persons (transfer of personal data) or at familiarizing an unlimited group of persons with personal data, including publication in mass media, placement in information and telecommunication networks, or providing access to personal data by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign government authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, making it impossible to restore the content of personal data in the personal data information system and/or resulting in the destruction of physical media containing personal data.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
— request accurate information and/or documents containing personal data from the personal data subject;
— in the event of withdrawal of the data subject's consent to the processing of personal data or submission of a request to terminate the processing, continue processing without consent if there are legal grounds as specified in the Personal Data Law;
— independently determine the scope and list of measures necessary and sufficient to ensure compliance with obligations under the Personal Data Law unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obliged to:
— provide the data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the current legislation of the Russian Federation;
— respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the Personal Data Law;
— submit the required information to the authorized body for the protection of personal data subjects' rights within 10 days from the date of receiving a request;
— publish or otherwise provide unrestricted access to this Policy on personal data processing;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and other illegal actions;
— terminate transfer (dissemination, provision, access), processing, and destroy personal data in cases and in accordance with procedures provided for in the Personal Data Law;
— fulfill other obligations stipulated by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information relating to the processing of their personal data, except as provided by federal law. The information is provided by the Operator in an accessible form and must not include personal data relating to other data subjects unless there are legal grounds for disclosing such data. The list and procedure for obtaining such information is established by the Personal Data Law;
— request the Operator to clarify, block, or delete their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose, and to take legal measures to protect their rights;
— require prior consent for the processing of personal data for marketing purposes;
— withdraw consent to the processing of personal data and submit a demand to stop processing;
— appeal unlawful actions or inaction of the Operator regarding the processing of their personal data to the authorized body for the protection of personal data subjects' rights or in court;
— exercise other rights provided for by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:
— provide accurate information about themselves to the Operator;
— inform the Operator of any clarification (update, change) of their personal data.
4.3. Persons who provide inaccurate information about themselves to the Operator, or information about another personal data subject without that person’s consent, shall be held liable in accordance with the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1. Personal data shall be processed lawfully and fairly.
5.2. Processing shall be limited to achieving specific, predetermined, and lawful purposes. Processing that is incompatible with the purposes of personal data collection is not permitted.
5.3. It is not allowed to combine databases containing personal data that are processed for purposes that are incompatible with one another.
5.4. Only personal data that meet the purposes of their processing shall be subject to processing.
5.5. The content and scope of processed personal data must correspond to the stated processing purposes. The processing of excessive personal data in relation to the stated purposes is not permitted.
5.6. The accuracy, sufficiency, and relevance of personal data shall be ensured where necessary for processing purposes. The Operator shall take necessary measures to delete or update incomplete or inaccurate data.
5.7. Personal data shall be stored in a form that makes it possible to identify the data subject no longer than required for the processing purposes, unless otherwise provided by federal law or a contract to which the data subject is a party, beneficiary, or guarantor. Upon achievement of processing purposes or if they are no longer necessary, personal data shall be destroyed or anonymized, unless otherwise required by federal law.
6. Purposes of Personal Data Processing
6.1. Purpose of processing — to inform the User via email newsletters.
6.2. Personal data:
— full name
— email address
— phone numbers
6.3. Legal grounds:
— the Operator’s constituent documents
— contracts concluded between the Operator and the personal data subject
6.4. Types of personal data processing:
— collection, recording, systematization, accumulation, storage, destruction, and depersonalization
— sending informational emails
7. Conditions for Personal Data Processing
7.1. Processing is carried out with the consent of the personal data subject.
7.2. Processing is necessary to achieve goals set forth in an international agreement or law of the Russian Federation, or to exercise the functions, powers, and duties of the Operator as provided by Russian law.
7.3. Processing is necessary for the administration of justice, enforcement of judicial acts, or acts of other authorities and officials subject to enforcement under Russian law.
7.4. Processing is necessary for the performance of a contract to which the data subject is a party, beneficiary, or guarantor, or for the conclusion of such a contract at the initiative of the data subject.
7.5. Processing is necessary to protect lawful interests of the Operator or third parties, or for socially significant purposes, provided this does not violate the rights and freedoms of the data subject.
7.6. Publicly available personal data, or data disclosed by the data subject at their own request, may be processed.
7.7. Processing of personal data that must be published or disclosed in accordance with federal law may also be performed.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
Security of personal data processed by the Operator is ensured through legal, organizational, and technical measures required to fully comply with applicable laws on personal data protection.
8.1. The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized access.
8.2. Personal data will never, under any circumstances, be disclosed to third parties without the data subject’s consent, except as required by applicable law or when the data subject has consented to such transfer in connection with civil-law obligations.
8.3. If inaccuracies in personal data are identified, the User may update them by sending a notification to info@omacs.ru marked “Update of Personal Data.”
8.4. The period of personal data processing is determined by the achievement of the purposes for which the data was collected, unless otherwise specified by contract or law. The User may withdraw their consent at any time by emailing a request to info@omacs.ru marked “Withdrawal of Consent to Personal Data Processing.”
8.5. All information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by those parties in accordance with their own Terms of Use and Privacy Policies. The Operator is not responsible for the actions of such third parties.
8.6. Restrictions set by the data subject on dissemination (other than access provision), as well as on processing or its conditions (other than access), do not apply when processing personal data in public or legal interests as defined by Russian law.
8.7. The Operator ensures confidentiality during the processing of personal data.
8.8. The Operator stores personal data in a form that allows identification of the data subject no longer than necessary for the stated purposes unless otherwise required by law or contract.
8.9. Grounds for terminating personal data processing include the achievement of processing purposes, expiration of the data subject’s consent, withdrawal of consent, a request to terminate processing, or discovery of unlawful processing.
9. List of Actions Taken by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, updating (modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. The Operator carries out automated processing of personal data with or without the transmission of information via telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1. Before starting cross-border transfers of personal data, the Operator must notify the authorized body for the protection of data subjects' rights of its intention (a separate notice from that of general processing notification).
10.2. Prior to submitting such notification, the Operator must obtain relevant information from foreign authorities, foreign individuals, or foreign legal entities to whom the personal data will be transferred.
11. Confidentiality of Personal Data
(This section is incomplete in your message. I can continue translating it once you provide the full text.)
Хочешь, чтобы я подготовил это всё в виде Word или PDF-документа?
This Personal Data Processing Policy has been developed in accordance with the requirements of Federal Law No. 152-FZ of July 27, 2006, “On Personal Data” (hereinafter referred to as the Personal Data Law) and defines the procedure for processing personal data and measures to ensure the security of personal data implemented by OOO "OMACS" (hereinafter referred to as the Operator).
1.1. The Operator considers the observance of human and civil rights and freedoms when processing personal data, including the right to privacy, personal and family confidentiality, as one of its most important goals and conditions for carrying out its activities.
1.2. This Policy of the Operator regarding the processing of personal data (hereinafter — the Policy) applies to all information that the Operator may receive about visitors to the website https://omacs.ru.
2. Basic Terms Used in This Policy
2.1. Automated processing of personal data — processing of personal data using computer technology.
2.2. Blocking of personal data — temporary suspension of the processing of personal data (except in cases where processing is necessary to clarify personal data).
2.3. Website — a set of graphic and informational materials, as well as computer programs and databases, ensuring their availability on the internet at https://omacs.ru.
2.4. Personal data information system — a set of personal data contained in databases, and information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data — actions that make it impossible to determine the ownership of personal data to a specific User or other subject of personal data without using additional information.
2.6. Personal data processing — any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — a state or municipal body, legal entity or individual, independently or jointly organizing and/or carrying out personal data processing, as well as determining the purposes of personal data processing, the composition of personal data to be processed, and actions (operations) performed with personal data.
2.8. Personal data — any information relating directly or indirectly to an identified or identifiable User of the website https://omacs.ru.
2.9. Personal data made publicly available by the data subject — personal data access to which is granted by the data subject by giving consent in accordance with the Personal Data Law (hereinafter — publicly available personal data).
2.10. User — any visitor of the website https://omacs.ru.
2.11. Provision of personal data — actions aimed at disclosing personal data to a certain person or a specific group of persons.
2.12. Dissemination of personal data — any actions aimed at disclosing personal data to an indefinite group of persons (transfer of personal data) or at familiarizing an unlimited group of persons with personal data, including publication in mass media, placement in information and telecommunication networks, or providing access to personal data by any other means.
2.13. Cross-border transfer of personal data — transfer of personal data to the territory of a foreign state to a foreign government authority, foreign individual, or foreign legal entity.
2.14. Destruction of personal data — any actions resulting in the irreversible destruction of personal data, making it impossible to restore the content of personal data in the personal data information system and/or resulting in the destruction of physical media containing personal data.
3. Main Rights and Obligations of the Operator
3.1. The Operator has the right to:
— request accurate information and/or documents containing personal data from the personal data subject;
— in the event of withdrawal of the data subject's consent to the processing of personal data or submission of a request to terminate the processing, continue processing without consent if there are legal grounds as specified in the Personal Data Law;
— independently determine the scope and list of measures necessary and sufficient to ensure compliance with obligations under the Personal Data Law unless otherwise provided by the Personal Data Law or other federal laws.
3.2. The Operator is obliged to:
— provide the data subject, upon request, with information regarding the processing of their personal data;
— organize personal data processing in accordance with the current legislation of the Russian Federation;
— respond to inquiries and requests from personal data subjects and their legal representatives in accordance with the Personal Data Law;
— submit the required information to the authorized body for the protection of personal data subjects' rights within 10 days from the date of receiving a request;
— publish or otherwise provide unrestricted access to this Policy on personal data processing;
— take legal, organizational, and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, provision, dissemination, and other illegal actions;
— terminate transfer (dissemination, provision, access), processing, and destroy personal data in cases and in accordance with procedures provided for in the Personal Data Law;
— fulfill other obligations stipulated by the Personal Data Law.
4. Main Rights and Obligations of Personal Data Subjects
4.1. Personal data subjects have the right to:
— receive information relating to the processing of their personal data, except as provided by federal law. The information is provided by the Operator in an accessible form and must not include personal data relating to other data subjects unless there are legal grounds for disclosing such data. The list and procedure for obtaining such information is established by the Personal Data Law;
— request the Operator to clarify, block, or delete their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated processing purpose, and to take legal measures to protect their rights;
— require prior consent for the processing of personal data for marketing purposes;
— withdraw consent to the processing of personal data and submit a demand to stop processing;
— appeal unlawful actions or inaction of the Operator regarding the processing of their personal data to the authorized body for the protection of personal data subjects' rights or in court;
— exercise other rights provided for by the legislation of the Russian Federation.
4.2. Personal data subjects are obliged to:
— provide accurate information about themselves to the Operator;
— inform the Operator of any clarification (update, change) of their personal data.
4.3. Persons who provide inaccurate information about themselves to the Operator, or information about another personal data subject without that person’s consent, shall be held liable in accordance with the legislation of the Russian Federation.
5. Principles of Personal Data Processing
5.1. Personal data shall be processed lawfully and fairly.
5.2. Processing shall be limited to achieving specific, predetermined, and lawful purposes. Processing that is incompatible with the purposes of personal data collection is not permitted.
5.3. It is not allowed to combine databases containing personal data that are processed for purposes that are incompatible with one another.
5.4. Only personal data that meet the purposes of their processing shall be subject to processing.
5.5. The content and scope of processed personal data must correspond to the stated processing purposes. The processing of excessive personal data in relation to the stated purposes is not permitted.
5.6. The accuracy, sufficiency, and relevance of personal data shall be ensured where necessary for processing purposes. The Operator shall take necessary measures to delete or update incomplete or inaccurate data.
5.7. Personal data shall be stored in a form that makes it possible to identify the data subject no longer than required for the processing purposes, unless otherwise provided by federal law or a contract to which the data subject is a party, beneficiary, or guarantor. Upon achievement of processing purposes or if they are no longer necessary, personal data shall be destroyed or anonymized, unless otherwise required by federal law.
6. Purposes of Personal Data Processing
6.1. Purpose of processing — to inform the User via email newsletters.
6.2. Personal data:
— full name
— email address
— phone numbers
6.3. Legal grounds:
— the Operator’s constituent documents
— contracts concluded between the Operator and the personal data subject
6.4. Types of personal data processing:
— collection, recording, systematization, accumulation, storage, destruction, and depersonalization
— sending informational emails
7. Conditions for Personal Data Processing
7.1. Processing is carried out with the consent of the personal data subject.
7.2. Processing is necessary to achieve goals set forth in an international agreement or law of the Russian Federation, or to exercise the functions, powers, and duties of the Operator as provided by Russian law.
7.3. Processing is necessary for the administration of justice, enforcement of judicial acts, or acts of other authorities and officials subject to enforcement under Russian law.
7.4. Processing is necessary for the performance of a contract to which the data subject is a party, beneficiary, or guarantor, or for the conclusion of such a contract at the initiative of the data subject.
7.5. Processing is necessary to protect lawful interests of the Operator or third parties, or for socially significant purposes, provided this does not violate the rights and freedoms of the data subject.
7.6. Publicly available personal data, or data disclosed by the data subject at their own request, may be processed.
7.7. Processing of personal data that must be published or disclosed in accordance with federal law may also be performed.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
Security of personal data processed by the Operator is ensured through legal, organizational, and technical measures required to fully comply with applicable laws on personal data protection.
8.1. The Operator ensures the safety of personal data and takes all possible measures to prevent unauthorized access.
8.2. Personal data will never, under any circumstances, be disclosed to third parties without the data subject’s consent, except as required by applicable law or when the data subject has consented to such transfer in connection with civil-law obligations.
8.3. If inaccuracies in personal data are identified, the User may update them by sending a notification to info@omacs.ru marked “Update of Personal Data.”
8.4. The period of personal data processing is determined by the achievement of the purposes for which the data was collected, unless otherwise specified by contract or law. The User may withdraw their consent at any time by emailing a request to info@omacs.ru marked “Withdrawal of Consent to Personal Data Processing.”
8.5. All information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by those parties in accordance with their own Terms of Use and Privacy Policies. The Operator is not responsible for the actions of such third parties.
8.6. Restrictions set by the data subject on dissemination (other than access provision), as well as on processing or its conditions (other than access), do not apply when processing personal data in public or legal interests as defined by Russian law.
8.7. The Operator ensures confidentiality during the processing of personal data.
8.8. The Operator stores personal data in a form that allows identification of the data subject no longer than necessary for the stated purposes unless otherwise required by law or contract.
8.9. Grounds for terminating personal data processing include the achievement of processing purposes, expiration of the data subject’s consent, withdrawal of consent, a request to terminate processing, or discovery of unlawful processing.
9. List of Actions Taken by the Operator with Personal Data
9.1. The Operator performs collection, recording, systematization, accumulation, storage, updating (modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. The Operator carries out automated processing of personal data with or without the transmission of information via telecommunication networks.
10. Cross-Border Transfer of Personal Data
10.1. Before starting cross-border transfers of personal data, the Operator must notify the authorized body for the protection of data subjects' rights of its intention (a separate notice from that of general processing notification).
10.2. Prior to submitting such notification, the Operator must obtain relevant information from foreign authorities, foreign individuals, or foreign legal entities to whom the personal data will be transferred.
11. Confidentiality of Personal Data
(This section is incomplete in your message. I can continue translating it once you provide the full text.)
Хочешь, чтобы я подготовил это всё в виде Word или PDF-документа?
contacts
Contact us
Order tests
ООО "ОМАКС"
142155, Московская обл., г.Подольск, мкрн Львовский,
Проезд Металлургов, д.4, стр. 2
Проезд Металлургов, д.4, стр. 2
© OMACS, 2024