Privacy

policy

1. General Provisions

1.1. This Policy is conducted by Individual Entrepreneur Bespalov Andrey Vladimirovich (hereinafter referred to as "IE") regarding the processing and ensuring the protection of personal data of individuals (subjects of personal data) based on Article 24 of the Constitution of the Russian Federation and Federal Law No. 152-FZ "On Personal Data".

1.2. The Policy applies to all personal data (subjects) that may be obtained by IE in the course of its activities, including clients of IE.

1.3. The purpose of the Policy is to provide individuals who provide their personal data with the necessary information to assess what personal data is processed by IE and for what purposes, as well as what security measures are implemented.

1.4. The Policy ensures the protection of the rights and freedoms of subjects when processing their personal data using automated means or without such means, and also establishes the responsibility of persons who have access to personal data for non-compliance with the requirements regulating the processing and protection of personal data.

1.5. Clients, using the services and services of IE, by providing their personal data to IE, including through third parties, acknowledge their consent to the processing of personal data in accordance with this Policy.

1.6. Consent to the processing of personal data may be revoked by the subject of personal data. In the event of the subject of personal data revoking consent to the processing of personal data, the operator has the right to continue processing personal data without the consent of the subject of personal data if there are grounds specified by current legislation or, otherwise, refuse to provide the service if personal data is necessary for providing such service.

1.7. This Policy may be amended by IE.

2. Concept and Composition of Personal Data

2.1. For the purposes of this Policy, personal data is understood as any information relating to an identified or identifiable individual (subject of personal data).

2.2. Depending on the subject of personal data, IE may process personal data of the following categories of subjects to carry out its activities and fulfill its obligations:

Client Data - information necessary for IE to fulfill its obligations under contractual relations with the Client and to comply with the requirements of the legislation of the Russian Federation. Personal data of the Client provided during registration on the website database-design.ru, including when the Client places Orders. Data that is automatically transmitted to the Services during their use through software installed on the user's device, including IP address, information from cookies, information about the user's browser (or other program used to access the Services), access time, address of the requested page.

3. Grounds and Purposes of Processing Personal Data

3.1. IE processes personal data to carry out its activities, including providing services to Clients. IE has the right to:

• process personal data of the Client without obtaining written consent from the subject of personal data in accordance with Article 6, paragraph 1, subparagraph 5 of the Federal Law "On Personal Data", since the processing of personal data is necessary for the performance of a contract, one of the parties to which or the beneficiary or guarantor of which is the subject of personal data, as well as for concluding a contract at the initiative of the subject of personal data or a contract under which the subject of personal data will be the beneficiary or guarantor.
• perform functions imposed on IE by the legislation of the Russian Federation in accordance with the Federal Law "On Personal Data" and other laws and regulatory legal acts of the Russian Federation, as well as the Charter and regulatory acts of IE; collect and store personal data of the Client necessary for providing services, fulfilling agreements and contracts, fulfilling obligations to the Client.

3.2. IE may use personal data of the Client for the following purposes:

• providing services to the Client;
• identifying the Client within the framework of contracts;
• communicating with the Client if necessary, including sending offers, notifications, information, and requests, both related and unrelated to the provision of services, as well as processing statements, requests, and applications from the Client;
• improving the quality of services provided by IE;
• targeting advertising materials;
• conducting statistical and other studies based on anonymized data;

4. Terms of Processing Personal Data

4.1. The terms of processing personal data are determined based on the purposes of processing in the information systems of IE, in accordance with the term of the contract, agreement with the subject of personal data.

5. Circle of Persons Allowed to Process Personal Data

5.1. To achieve the goals of Article 3 of this Policy, only those employees of IE who are assigned such a duty in accordance with their official (labor) duties are allowed to process personal data. Access to other employees may be granted only in cases provided by law. IE requires its employees to maintain confidentiality and ensure the security of personal data during their processing.

5.2. IE has the right to transfer personal data to third parties in the following cases:

The subject of personal data has explicitly expressed consent to such actions, including:

• when providing services to Clients – accepted the terms of the public offer agreement;
• the transfer is provided for by Russian or other applicable legislation within the established legislative procedure;

In this case, all obligations to comply with the conditions for ensuring the security of personal data in accordance with the current legislation of the Russian Federation and international agreements regarding the data received are transferred to the acquirer.

6. Methods of Processing Personal Data

6.1. In the process of providing services, during the internal activities of IE, both automated and non-automated processing of personal data is used.

7. Implementation of Personal Data Protection

7.1. The activities of IE regarding the processing of personal data in information systems are inextricably linked to the protection of the confidentiality of the information received. All employees of IE are obliged to ensure the confidentiality of personal data, as well as other confidential information established by IE, unless this contradicts the current legislation of the Russian Federation.

7.2. The security of personal data during their processing in the information systems of IE is ensured by an information protection system.

7.3. The exchange of personal data during their processing in the information system of personal data is carried out through secure communication channels.

7.4. When processing personal data in the information system of personal data, the following is ensured:

• conducting activities aimed at preventing unauthorized access to personal data and/or their transfer to persons not entitled to access such information;
• application of network firewalls;
• physical protection of premises and technical means that allow the processing of personal data;
• timely detection of unauthorized access to personal data;
• prevention of physical impact on technical means of automated workplaces, which may disrupt their functioning;
• the ability to promptly restore personal data modified and destroyed due to unauthorized access to them;
• constant antivirus control;
• constant analysis of the security of personal data;
• use of security attributes;
• control of the integrity of the software environment for processing personal data;
• other means and measures in accordance with current legislation.