POLICY
regarding the processing of personal data
1. General provisions
1.1 This Personal Data Processing Policy (hereinafter – the Policy) of Starliner LLC, legal address: 191119, St. Petersburg, ul. Policy) of Starliner LLC, legal address: 191119, St. Petersburg, 44E, Dostoevskogo str. Dostoevskogo, 44E (hereinafter referred to as the Operator) is an official document which defines the general principles, purposes and procedure of personal data processing users of the website starliner.ru, as well as its subdomains (hereinafter referred to as the Site), as well as information about the implemented measures of personal data protection. 1.2 The Policy is developed in accordance with the legislation of the Russian Federation in the field of personal data and the requirements of the Russian Federation. Federation in the field of personal data and the requirements of the General Data Protection Regulation of the European Union (GDPR). of personal data of the European Union (GDPR). 1.3. This Policy applies solely to the Site. The Operator does not control and is not responsible for third party websites to which the User can go through the links available on the Site. can access through the links available on the Site. 1.4 The Operator’s processing of personal data of other categories of subjects of personal data is regulated by other categories of personal data subjects. personal data processing by the Operator is regulated by other local acts of the Operator. 1.5. Настоящая Политика вступает в силу с момента ее утверждения и действует indefinitely, until it is replaced by a new Policy.2. Key terms and definitions
2.1 The following terms are used in this Policy: 2.1.1 Personal data information system – a set of personal data contained in databases of personal data and ensuring their processing information technologies and technical means. 2.1.2 Processing of personal data – any action (operation) or any action (operation) or set of actions (operations) performed with the use of automation means with or without the use of automation means with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion, destruction of personal data. 2.1.3 Personal data operator (operator) – a state authority, a state authority, a municipal authority, a legal entity or a natural person, independently or jointly with other persons organizing and (or) carrying out the processing of personal data. with other persons organizing and (or) carrying out the processing of personal data, as well as determining the purposes of personal data processing, the composition of personal data processing, the structure of the personal data personal data processing, as well as determining the purposes of personal data processing, the composition of the personal data to be processed, actions (operations) to be performed with personal data. personal data. 2.1.4 Personal data – any information relating to directly or indirectly defined or indirectly defined or identifiable natural person (subject of personal data); personal data – any information relating directly or indirectly to a natural person (subject of personal data). personal data); 2.1.5. Website User – any person visiting the website and using information, materials and services of the site. 2.1.6. Website – a set of interconnected web pages placed in the Internet at a unique address (URL), as well as its subdomains. Internet at a unique address (URL), as well as its sub-domains. 2.1.7. Cookies – a small piece of data sent by a web server and stored on the User’s computer. stored on the User’s computer, which the web client or web browser sends to the web server each time it sends to the web server in an HTTP request when trying to open a page of the respective website. 2.1.8. IP – a unique network address of a node in a computer network, through which the User accesses the Website. through which the User accesses the Website.3. Procedure and conditions of personal data processing
3.1 The basis for processing of personal data of the Website users is consent to the processing of personal data. 3.2 Users of the Website give their consent to the processing of their personal data in the following cases: 3.1. data in the following cases:- – when filling out the feedback form / ordering a callback on the Site;
- – when you subscribe to the newsletter;
- – when sending feedback;
- – when completing the counseling form.
- – promotion of works and services;
- – establishing feedback with the User of the Website, including sending of notifications, requests and their processing, as well as processing requests and applications from the User for the purpose of further conclusion and execution of the contract;
- – provision of technical support services to Users;
- – keeping statistics and analyzing the Website performance.
- – last name, first name, middle name;
- – phone number;
- – e-mail address
- – company name;
- – scope of work;
- – other information that the user chooses to provide.
- – IP address;
- – browser information;
- – cookie data;
- – access time;
- – referrer (address of the previous page).
4. Measures to ensure security of personal data
4.1 Security of personal data processed by the Operator, is ensured by the implementation of legal, organizational, technical and programmatic measures necessary and sufficient to ensure the requirements of the legislation of the Russian Federation. Russian Federation. 4.2 The Operator shall take the following measures to ensure the security of personal data personal data:- – Appointment of persons responsible for organizing the processing and ensuring organization of processing and protection of personal data;
- – limiting the number of the Operator’s employees having access to personal data personal data;
- – determining the level of personal data protection during processing in personal data information systems information systems of personal data;
- – establishment of rules for differentiating access to personal data, processed in the information systems of personal data and ensuring registration and accounting of all actions performed with personal data personal data;
- – restriction of access to the premises where the main technical means and systems of personal data information systems are located means and systems of personal data information systems and non-automated processing of personal data;
- – keeping records of machine-readable personal data carriers;
- – organization of redundancy and serviceability restoration information systems of personal data and personal data modified or destroyed due to unauthorized access to them;
- – Establishing requirements for the complexity of passwords for access to the information systems of personal data;
- – application of duly approved procedures for assessing conformity assessment procedures for information protection means;
- – implementation of antivirus control, prevention of introduction of malicious programs (virus programs) into the malicious programs (virus programs) and software bookmarks; and software bookmarks;
- – organization of timely updating of software, used in the information systems of personal data and information protection means information protection;
- – regular assessment of the effectiveness of the measures taken to ensuring the security of personal data;
- – detecting the facts of unauthorized access to personal data and taking measures to identify the causes and eliminate possible consequences;
- – control over the measures taken to ensure the security of personal data and security levels of information systems personal data.
5. Rights of site users
5.1 The User of the Website has the right to receive information concerning processing of his/her personal data, including information containing:- – confirmation of the fact of personal data processing by the Operator;
- – legal grounds and purposes of personal data processing;
- – the purposes and methods of personal data processing applied by the Operator;
- – name and location of the Operator, information on persons (except for the Operator’s employees) who have access to personal data. the name and location of the Operator, information about persons (except for the Operator’s employees) who have access to personal data information about persons (except for the Operator’s employees) who have access to personal data or to whom personal data may be disclosed on the basis of a contract with the Operator or on the basis of federal law;
- – processed personal data relating to the respective the personal data subject, the source of their obtaining, unless another procedure for the submission of such data is stipulated by the federal law. other procedure for submission of such data is not provided for by the federal law;
- – terms of personal data processing, including the terms of their storage;
- – the procedure for exercising the rights of the personal data subject, provided for by the Federal Law “On Personal Data”;
- – information on realized or suspected transborder transfer of personal data; and transfer of personal data;
- – the name or surname, first name, patronymic and address of the person who carries out Processing of personal data on behalf of the Operator, if the processing is or will be entrusted to such a person; and is or will be entrusted to such a person;
- – other information provided for by the Federal Law “On Personal Data” or other federal laws. data” or other federal laws.
6. Responsibility
6.1 The Administration, which has not fulfilled its obligations, shall be liable for losses incurred by the User in accordance with the current legislation of the Russian Federation. Russian Federation. 6.2 The User shall be fully responsible for compliance with the requirements of applicable laws of the Russian Federation, including, but not limited to, laws on advertising, copyright and related rights protection, protection of trademarks and service marks. not limited to the above, including full responsibility for the content and form of the materials, in case of quoting and form of materials, in case of quoting and other use of information received in connection with the use of the Site services.7. Final provisions
7.1 The Operator has the right to amend this Policy unilaterally in case of changes in regulatory legal acts of the Russian Federation. unilaterally in case of changes in the regulatory legal acts of the Russian Federation, as well as at its own discretion. Federation, as well as at its own discretion. 7.2 Control over the fulfillment of the requirements of this Policy shall be carried out by responsible for organization of personal data processing. 7.3 Persons guilty of violating the norms governing the processing and protection of personal data shall bear material, disciplinary, administrative, civil or criminal liability in accordance with the procedure established by the legislation of the Russian Federation. personal data shall bear material, disciplinary, administrative, civil or criminal liability in accordance with the procedure established by the legislation of the Russian Federation. Federation.