The purpose of this Personal Data Processing Policy (hereinafter - the Policy) is to establish the procedure for collection and processing of personal data by Autonomous Non-Profit Organization "Center for Advanced Management Solutions" INN 7703468652, OGRN 1187700021783 with its registered office at: Moscow, Gazetny per. 1, room II, room. 2, e- mail: firstname.lastname@example.org (hereinafter - the Operator) of information about the Users of the site "Center for Advanced Management Solutions".
When processing personal data Operator is guided by the Federal Law "On Personal Data" of 27.07.2006 No 152-FZ (as amended and supplemented), this Policy, as well as the User Agreement posted on the site "Center for perspective management decisions".
1. Basic principles of personal data processing
1.1. The operator processes personal data on the basis of the following principles:
a. of lawfulness and a just basis;
b. limiting the processing of personal data to the achievement of specific, predetermined legitimate purposes;
c. Avoid processing of personal data that is incompatible with the purpose of personal data collection;
d. Prevent combining databases containing personal data, the processing of which
is carried out for purposes that are incompatible with each other;
e. processing only those personal data that meet the purposes of its processing;
f. compliance of the content and volume of processed personal data with the
stated processing purposes;
g. Avoid processing of personal data that is excessive in relation to the stated
purposes of its processing;
h. ensuring the accuracy, adequacy and relevance of personal data in relation to the purposes of personal data processing;
i. destruction or depersonalization of personal data upon achievement of the purposes of its processing or in case of loss of necessity in achievement of these purposes, in case of impossibility of the Operator to eliminate permissible violations of personal data, unless otherwise provided by the legislation of the Russian Federation.
1.2. By submitting his/her personal data through the Center for Advanced Management Solutions Website (https://cpur.ru/) or by e-mail within the framework of communication of the User with the Operator, each User agrees to their processing in accordance with the terms and requirements of this Policy.
2. Personal data of the User processed by the Operator
2.1. The operator carries out the following actions on processing of the personal data provided by Users: collection, recording, accumulation, storage, clarification (updating, change), use, extraction, depersonalization, blocking, deletion, and destruction.
2.2. Processing of personal data is carried out by means of automation.
2.3. Sources of obtaining the User's personal data:
a. directly from the User (when the User fills out personal data collection forms);
2.4. The operator processes the following personal data of the User: a. the last name, first name of the User;
b. the User's email address (personal or corporate);
2.5. Personal data of the User is processed by the Operator for the purposes of:
a. fulfillment of the requirements and conditions of the User Agreement of the CPUUR website, to which the User has voluntarily joined;
b. providing effective technical and customer support when problems arise related to
the User's interaction with the advanced Access Mode or the open Access Mode of the INID Platform;
c. perform the functions, powers and duties imposed on the Operator by the legislation of the Russian Federation;
d. disseminating information about the research (including through the media and the "Internet") about the activities of the Operator, with the separate consent of the User;
e. to protect rights and legitimate interests of the Operator or rights and legitimate interests of third parties (including for protection and security purposes, protection against fraud, in cases of possible future legal or other legal proceedings), as well as to fulfill requirements of applicable law (for example, in case of legal or other legal proceedings, if the Operator is required to do so in accordance with applicable law);
f. for other purposes with the consent of the User and with an indication of the purposes of processing when consent is obtained.
2.6. In addition to personal data of Users, the Operator may also process anonymized personal data of subjects when such data is provided to the Operator for statistical and other research purposes on the basis of paragraphs. 9 part 1 article 6 of the Federal Law "On Personal Data" dated 27.07.2006 No 152-FZ.
2.7. On the Site of the Centre of perspective management decisions (https://cpur.ru/) impersonal data about Users (including IP-addresses) is collected and processed by means of Internet statistics services exclusively for purposes of improvement of methods and methods of information representation, improvement of servicing of users (visitors), detection of the most visited web pages and conducting statistics of visits to the specified Site. Access to such information is available only to persons specifically authorized by the Operator to perform maintenance of the said Site and warned of responsibility for accidental or intentional disclosure or unauthorized use of such information.
3. Ensuring the confidentiality of personal data of the User
3.1. The Operator processes personal data on lawful and fair grounds and will not use it for any purposes other than those of which the User has been informed through this Policy.
3.2. Personal data provided by the User to the Operator is stored on the territory of the Russian Federation in security in accordance with the laws of the Russian Federation.
3.3. The operator ensures confidentiality and does not allow the transfer (distribution, provision, access) of personal data to third parties without the consent of the subject of personal data, except in cases of compulsory provision of personal data under the laws of the Russian Federation.
3.4. The Operator keeps the Users' personal data no longer than the period necessary for the Operator to achieve the goals specified in the present Policy, but no more than three years from the moment of the relevant legal action within the legal relationship between the User and the Operator in the framework of the User Agreement.
3.6. The condition for termination of personal data processing is also termination of legal relations between the User and the Operator, liquidation of the Operator as a legal entity, satisfaction by the Operator of the User's request to delete or change the relevant personal data.
3.7. After the termination of personal data processing, the relevant personal data shall be destroyed or depersonalized. At the same time, some information may remain in the Operator's archive copies for the purposes specified in this Policy (for example, in cases of possible future litigation or other legal proceedings or in cases when the Operator complies with mandatory requirements of applicable law), and may be kept for no more than three years.
4. Security and storage of personal data
4.1. The operator shall take measures necessary and sufficient to fulfill obligations under the Federal Law "On Personal Data" of 27.07.2006 No 152-FZ and regulations adopted in accordance with it. Such measures include:
a. Appointment by the Operator of a person responsible for organizing the
processing of personal data;
b. Publication by the Operator of documents defining the Operator's policy with respect to personal data processing, local acts on personal data processing, as well as local acts establishing procedures aimed at preventing and detecting violations of the laws of the Russian Federation and eliminating the consequences of such violations;
c. implementation, together with the Processor (or Processors) of personal data, of legal, organizational and technical measures to ensure security of personal data;
d. Internal control and (or) audit of compliance of personal data processing with the Federal Law "On Personal Data" of 27.07.2006
No. 152-FZ and regulatory legal acts adopted in accordance with it, as well as the requirements to protection of personal data, the operator's policy regarding the processing of personal data, the local acts of the operator;
e. Defining assessment of harm which could be caused to personal data subjects in case of violation of the Federal Law "On Personal Data" of 27.07.2006 No 152-FZ, the ratio of this harm to the measures taken by the operator to ensure the fulfillment of obligations under the Federal Law "On Personal Data" of 27.07.2006 No 152-FZ;
f. Familiarization of the Operator's employees directly engaged in personal data processing with the provisions of personal data legislation of the Russian Federation, including requirements to protection of personal data, documents defining the Operator's policy with regard to personal data processing, local acts on personal data processing, and (or)
training of the said employees.
4.2. When processing personal data, the operator takes necessary legal, organizational and technical measures or ensures their adoption to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution personal data, as well as from other unlawful actions in relation to personal data. 5. Changing and deleting personal data
5.1. The user has the right to send a request to delete the provided personal data processed on the basis of this Policy. Upon receiving such a request via the above email, the Operator shall be obliged to stop processing such personal data and remove it from the database.
5.2. Some information may remain in the Operator's archived copies for the purposes specified in this Policy (for example, in cases of possible future litigation or other legal proceedings or in cases of the Operator's compliance with mandatory requirements of applicable law) and may be retained for no more than three years.
5.3. The operator does not carry out cross-border transfer of personal data of Users. 6. Closing Provisions
6.1. The user can get any clarifications on questions of interest concerning the processing of his personal data by contacting the Operator via e-mail email@example.com.
6.2. The operator is not responsible for the security or privacy of any information collected by third-party sites or services.
6.3. This document will reflect any changes in the Operator's personal data processing policy. The policy is valid indefinitely until replaced by a new version.
6.4. The current version of the Policy is freely available on the Internet at: cpur.ru