Personal data processing policy
1. General provisionsThe present Personal Data Processing Policy has been drawn up in accordance with the requirements of the Federal Law No. 152-FZ On Personal Data, dated July 27, 2006 (hereinafter referred to as the Law On Personal Data), and determines the procedure of personal data processing as well as the measures to ensure personal data security taken by Polistroykapital LLC (hereinafter referred to as the Operator).
1.1. The Operator sets as its most important purpose and condition for carrying out its activities the observance of human and civil rights and freedoms when processing personal data, including the protection of the rights to privacy, personal and family secrets.
1.2. The present Operator’s Policy regarding personal data processing (hereinafter referred to as the Policy) applies to all information that the Operator can obtain about the visitors of the website https://topazresidencesbytasigo.ru.
2. General definitions used herein
2.1. Automated personal data processing: personal data processing using computer equipment.
2.2. Personal data blocking: personal data processing interruption (except for cases when processing is necessary for specifying the personal data).
2.3. Website: set of graphic and information materials as well as computer programs and databases that ensure the availability of those former on the Internet at the network address: https://topazresidencesbytasigo.ru.
2.4. Personal data information system: set of personal data contained in databases as well as information technologies and technical means that ensure their processing.
2.5. Depersonalization of personal data: actions as a result of which it is impossible to determine without using additional information the ownership of personal data to a specific user or any other subject of personal data.
2.6. Personal data processing: any action (operation) or set of actions (operations) performed with personal data, using automation tools or without the use of such tools, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
2.7. Operator: a state body, a municipal body, a legal or natural person independently or jointly with other persons organizing and/or carrying out the personal data processing, as well as determining the personal data processing purposes, the composition of the personal data to be processed and actions (operations) to be performed with personal data.
2.8. Personal data: any information relating to a directly or indirectly identified or identifiable user of the website https://topazresidencesbytasigo.ru.
2.9. Personal data authorized for distribution by the subject of personal data: personal data access of an unlimited scope of persons to which is provided by the subject of personal data by giving consent to the processing of the personal data authorized by the subject of personal data for distribution in the manner prescribed by the Law On Personal Data (hereinafter referred to as personal data authorized for distribution).
2.10. User: any visitor of the website https://topazresidencesbytasigo.ru.
2.11. Providing personal data: actions aimed at disclosing personal data to a specific person or a specific scope of persons.
2.12. Personal data distribution: any actions aimed at disclosing personal data to an unlimited scope of persons (personal data transfer) or at familiarizing of an unlimited scope of persons with personal data, including the personal data publication in the media, their posting in information and telecommunication networks or providing access to the personal data by any other method.
2.13. Cross-border transfer of personal data: transfer of personal data to the territory of a foreign state to a foreign state authority, a foreign legal or natural person.
2.14. Personal data destruction: any actions as a result of which personal data get irretrievably destroyed with the impossibility of the further restoration of the personal data content in the personal data information system, and/or the material media of personal data get destroyed.
3. Operator’s basic rights and obligations
3.1. The Operator has the right:
— to obtain reliable information and/or documents containing personal data from the subject of personal data;
— in case the subject of personal data withdraws consent to the personal data processing or sends an application to cease the personal data processing –, to continue the personal data processing without any consent from the part of the subject of personal data if there are grounds specified in the Law On Personal Data;
— to independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of the obligations provided by the Law On Personal Data and regulations adopted in accordance with the latter, unless otherwise provided by the Law On Personal Data or any other federal laws.
3.2. The Operator shall:
— provide the subject of personal data, at the latter’s own request, the information concerning his/her personal data processing;
— organize the personal data processing in the manner established by the current legislation of the Russian Federation;
— respond to applications and requests of the subjects of personal data and their legal representatives in accordance with the requirements of the Law On Personal Data;
— report to the authorized body for the protection of the rights of the subjects of personal data, at the request of this body, the necessary information within 10 days from the date of receipt of such a request;
— publish the present Policy regarding the personal data processing or otherwise provide unrestricted access to it;
— take legal, organizational and technical measures for personal data from unauthorized or accidental access, destruction, changing, blocking, copying, provision, distribution, as well as from other unlawful actions towards personal data;
— cease personal data transfer (distribution, provision, access), cease personal data processing and destroy them in the manner and cases provided by the Law On Personal Data;
— fulfill other obligations provided by the Law On Personal Data.
4. Basic rights and obligations of the subjects of personal data
4.1. The subjects of personal data have the right:
— obtain information regarding their personal data processing, except for cases provided by federal laws. The information concerned shall be provided to the subject of personal data by the Operator in an accessible form, and it shall not contain any personal data relating to any other subjects of personal data, except for cases when there are legal grounds for the disclosure of such personal data. The list of the information and the procedure for obtaining it are established by the Law On Personal Data;
— require the Operator to clarify, block or destroy their personal data in case when the personal data are incomplete, outdated, inaccurate, illegally obtained or unnecessary for the stated processing purpose, as well as take legal measures to protect their own rights;
— put forward the condition of prior consent at the personal data processing in order to promote goods, works and services on the market;
— to withdraw the consent to personal data processing, as well as to send a request to cease the personal data processing;
— appeal to the authorized body for the protection of the rights of the subjects of personal data or in court against the Operator’s unlawful actions or inaction when processing their personal data;
— to exercise other rights provided for by the legislation of the Russian Federation.
4.2. The subjects of personal data shall:
— provide the Operator with reliable information about themselves;
— inform the Operator about their personal data clarification (updating, changing).
4.3. Persons who provided the Operator with unreliable information about themselves or about another subject of personal data without the latter’s consent, are liable in accordance with the legislation of the Russian Federation the legislation of the Russian Federation.
5. Principles for processing personal data
5.1. The personal data processing shall be carried out on a legal and fair basis.
5.2. The personal data processing shall be limited to the achievement of specific, pre-defined and legitimate purposes. The personal data processing that is incompatible with the purposes of collecting personal data is not permitted.
5.3. It is not allowed to combine databases containing personal data the processing of which is carried out for purposes incompatible with each other.
5.4. Only personal data that meet the purposes of their processing are subject to processing.
5.5. The content and volume of the personal data to be processed shall correspond to the stated purposes of processing. Redundancy of the personal data to be processed in relation to the stated purposes of their processing is not allowed.
5.6. When processing personal data, their accuracy, sufficiency, and, where necessary, relevance in relation to the purposes of their processing shall be ensured. The Operator shall take and/or ensure taking the necessary measures to delete or clarify incomplete or inaccurate data.
5.7. The personal data storage shall be carried out in a form allowing to identify the subject of personal data, no longer than required by the purposes of the personal data processing, unless the period of the personal data storage is established by a federal law or by a contract under which the subject of personal data is a party, beneficiary or guarantor. The personal data to be processed shall be destroyed or depersonalized upon the achievement of the processing purposes or in case when the need of their achievement is lost, unless otherwise provided by the federal law.
6. Personal data processing purposes
Processing purpose providing the User with the access to the services, information and/or materials contained on the website
Personal data full name
electronic mail address
telephone numbers
Legal grounds contracts concluded between the Operator and the subject of personal data
Kinds of personal data processing Collection, recording, systematization, accumulation, storage, destruction and depersonalization of personal data
Sending information letters to the electronic mail address
7. Personal data processing conditions
7.1. The personal data processing shall be carried out on the consent of the subject of personal data to his/her personal data processing.
7.2. The personal data processing is necessary to achieve the purposes for by an international treaty of the Russian Federation or a law, to implement the functions, powers and responsibilities assigned by the legislation of the Russian Federation to the Operator.
7.3. The personal data processing is necessary for the administration of justice, the execution of a judicial act, an act of another body or official subject to execution in accordance with the legislation of the Russian Federation on enforcement proceedings.
7.4. The personal data processing is necessary for the execution of a contract under which the subject of personal data is a party, beneficiary or guarantor, as well as for concluding a contract on the initiative of the subject of personal data or a contract under which the subject of personal data will be a beneficiary or guarantor.
7.5. The personal data processing is necessary to exercise the rights and legitimate interests of the Operator or third parties, or to achieve socially significant purposes, provided that the rights and freedoms of the subject of personal data are not violated.
7.6. The personal data access of an unlimited number of persons to which is provided by the subject of personal data or at the latter’s request (hereinafter referred to as publicly available personal data) shall be processed.
7.7. The personal data that are subject to publication or mandatory disclosure in accordance with federal law shall be processed.
8. Procedure for collecting, storage, transfer and other types of processing personal data
The security of the personal data processed by the Operator is ensured by implementing legal, organizational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.
8.1. The Operator shall ensure the safety of personal data and take all possible measures to prevent access of unauthorized persons to the personal data.
8.2. The User’s personal data will never, under no circumstances, be transferred to third parties, except in cases related to implementation of the current legislation or in the event that the subject of personal data gives consent to the Operator to transfer the data to a third party for fulfilling obligations under a civil law contract.
8.3. In case inaccuracies in the personal data are revealed, the User may update them independently, by sending a notification to the Operator to the latter’s electronic mail address: polistroykapital@gmail.com –, with the note Updating Personal Data.
8.4. The personal data processing period is determined in terms of the achievement of the purposes for which the personal data were collected, unless a different period is provided for by the contract or by the current legislation.
The User may withdraw his/her consent to the personal data processing at any moment by sending a notification to the Operator to the latter’s electronic mail address: polistroykapital@gmail.com –, with the note Withdrawal of Consent to the Personal Data Processing.
8.5. All information that is collected by third party services, including payment systems, communications and other service providers, shall be stored and processed by the specified persons (Operators) in accordance with their User Agreement and Privacy Policy. The Operator is not responsible for the actions of third parties, including the service providers specified in this section.
8.6. The prohibitions established by the subject of personal data on the transfer (except for providing access) as well as processing or processing conditions (except for obtaining access) of the personal data authorized for distribution do not apply in cases of processing personal data in state, social and other public interests determined by the legislation of the Russian Federation.
8.7. The Operator shall ensure the personal data privacy when processing the personal data.
8.8. The Operator shall store the personal data in a form allowing to determine the subject of personal data for no longer than required by the purposes of the personal data processing, unless the period for storing the personal data is specified by a federal law or a contract under which the subject of personal data will be a party, beneficiary or guarantor.
8.9. The condition for terminating personal data processing may be the achievement of the personal data processing purposes, the expiration of the consent of the subject of personal data, the withdrawal of the consent by the subject of personal data or the requirement to cease the personal data processing, as well as revealing unlawful personal data processing.
9. List of actions to be carried out by the Operator with personal data obtained
9.1. The Operator shall carry out collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
9.2. The Operator shall carry out automated processing of personal data with obtaining information and/or transmitting the information obtained via information and communication networks or without them.
10. Cross-border transfer of personal data
10.1. Prior to the commencement of activities on cross-border transfer of personal data, the Operator shall notify the authorized body for the protection of the rights of subjects of personal data of his/her intention to carry out cross-border transfer of personal data (such notification shall be sent separately from the notification on the intention to carry out the personal data processing).
10.2. Prior to submitting the above mentioned notification, the Operator shall obtain the relevant information from the authorities of the foreign state, the foreign individuals or the foreign legal entities to whom the cross-border transfer of personal data is planned.
11. Personal data privacy
The Operator and other persons who have obtained the access to the personal data shall not disclose the personal data to third parties nor distribute the personal data without the consent of the subject of personal data, unless otherwise provided by federal law.
12. Final provisions
12.1. The User may obtain any clarification on issues of interest concerning his/her personal data processing by contacting the Operator to the electronic mail address: polistroykapital@gmail.com.
12.2. This document will reflect any changes to the Operator’s personal data processing policy. The Policy shall be valid indefinitely until it is replaced with a new version.
12.3. The Policy current version is freely available on the Internet at: https://topazresidencesbytasigo.ru/personal-data-processing-policy/.