Regulation on the processing of personal data
Regulations on the processing of personal data of users of the Internet resource www.fregataero.com (LLC DV Fregat Aero)
1.1 According to Art. 23 of the Constitution of the Russian Federation everyone has the right to inviolability of private life, personal, family secret, protection of his honor and good name, the realization of which is ensured by the provision of art. 24 of the RF Constitution, which states that the collection, storage, use and dissemination of information about a person's private life without his consent is not allowed. Relations related to the processing of personal data carried out by legal entities using automated means or without using such means, if the processing of personal data without the use of such means corresponds to the nature of the actions (operations) performed with personal data using automation facilities, are regulated by Federal Law of 27 July 2006 N 152-FZ "On Personal Data".
1.2 This Regulation determines the procedure for the work (reception, processing, use, transfer, storage, etc.) of employees of DV Fregat Aero LLC (hereinafter referred to as the Operator) with the personal data of users of the Internet resource www.fregataero.ru (hereinafter referred to as the Customers) and guarantees confidentiality of information about the Customer provided by the Customer to the organization; the rights of the Client when processing his personal data; responsibility of persons for non-compliance with the requirements of the rules governing the processing of personal data of the Client.
1.3 The operator has the right to exercise the authority to process personal data of Clients of other organisations under an outsourcing contract, which is hereinafter also referred to as the Operator. In this case, the Operator and the organisation with which such a contract is concluded are jointly and severally liable to the Client, whose rights are violated, for material damage and moral damage caused by such violation. The Client has the right, at his own discretion, to submit appropriate requirements to any of the specified organisations. The principles of distribution of the consequences of such compensation to the Client between the organisations are established in the relevant outsourcing contract.
2.The concept and composition of the Client's personal data
2.1 Personal Information of the Client - any information related directly or indirectly to the client (the subject of personal data).
2.2 The following information is related to the personal data of the Client:
Full Name; • sex; • Date of Birth; • Place of Birth; • Citizenship; • education, specialty; • place of work; • the state of marriage; • family composition; • place of registration; • address of residence and home telephone number; • types and amount of services rendered to the Client; • other information about the Client, necessary for the performance of the contract and allowing to identify his identity.
3. Collection, processing purposes and protection of the Client's personal data
3.1 Processing of personal data of the Client is carried out.
3.1.1 After the conclusion of a service agreement with the Client, which defines the trust and responsibility for the processing of personal data. In accordance with Clause 2 Part 2 Article 6 of the Federal Law "On Personal Data" for the purpose of executing a contract, one of the parties to which is a personal data subject, i.e. The client, and obtaining his consent to the processing of personal data is not required.
3.1.2 After sending a notice on the processing of personal data to the state supervision authority in the field of communications, information technology and mass communications of the territory, with the exception of cases provided by Part 2 of Article 22 of the Federal Law "On Personal Data".
3.1.3 After the Operator takes necessary measures to protect personal data.
3.2 All personal data of the Client should be obtained personally from the Client or from his legal representative. If the Customer's personal data can only be obtained from a third party, the Client must be notified thereof in advance and from it a written consent must be obtained.
3.3 The operator informs the Client or his legal representative about the purposes of processing personal data, prospective sources and methods of obtaining personal data.
3.4 When applying for services, the Client (or his legal representative) provides the Operator with personal data about himself in a documented form.
• passport or other identity document;
• other documents, depending on what kind of service the Client receives. In the absence of documents, the Client (or his legal representative) provides the Operator with the necessary personal data verbally.
3.5 The Operator, with the consent from the Client, can request and receive personal data of the Customer using personal data information systems using automation tools.
3.6 The processing by the Operator of the personal data of the Client is carried out exclusively with a view to providing the Client with the qualitative services provided by the contract in the required volumes, compliance with the requirements of the current legislation, other regulatory legal acts.
3.7 The operator is guided by the Constitution of the Russian Federation, other regulatory legal acts in the field of personal data processing and information protection when determining the scope and content of the processed personal data of the Client.
3.8 Protection of the Customer's personal data from unauthorized use or loss is provided by the Operator at its own expense in accordance with the procedure established by law and adopted by the Operator in accordance with it by local regulatory enactments.
4. The order of use, storage, transfer of personal data of the Client
4.1 The personal data of the Clients in the Operator is contained in personal data information systems, which are a set of personal data contained in a database, as well as information technologies and technical means that allow processing such personal data using automation tools or without using such means. In information systems, personal data can be placed on material, including paper carriers.
4.2 Access to the processing of personal data of customers (both with the use of automation tools and without the use of automation facilities) is provided in the manner specified by the Operator.
4.3 Specific duties on working with information systems of personal data and material carriers of information, including documents containing personal data of the Customers, are assigned to the Operator's employees and fixed in job descriptions.
4.4 Work with information systems of personal data, material carriers, including documents containing personal data of the Customers, is carried out in specially designated premises.
4.5 The requirements to the place of processing of personal data, including to the server data, ensuring their security are established by the Operator.
4.6 The list of persons entitled to access personal data of the Clients and processing of their personal data is determined by the order of the head of the Operator.
4.7 With the persons allowed to process the personal data of the Clients, the Nondisclosure Agreement is entered into, or appropriate changes are made to the employment contract with it.
4.8 Persons who are admitted to the processing of personal data in accordance with the established procedure have the right to process only those personal data of the Clients that are necessary for the performance of the contract.
4.9 The operator in the creation and operation of information systems of personal data of customers with the use of automation means ensures the classification of information systems in the established order.
4.10 The operator in the creation and operation of personal information systems of personal data using the means of automation and without the use of automation means takes all necessary organizational and technical measures to ensure compliance with the requirements for the processing of personal data established by the current legislation.
4.11 The operator, upon the achievement of the purposes of processing the personal data of the Customer, must stop processing these personal data and ensure their destruction in the established order.
5. Rights of Clients when processing by the Operator their personal data
5.1 In order to ensure the protection of their interests, the realisation of rights and freedoms in the field of personal data regulated by the current legislation, Clients, their legal representatives, and representatives are entitled to
• Providing the Operator with complete information about their personal data and processing of this data
• free access to their personal data, including the right to receive copies of any record containing personal data of the Client, except as provided for by federal law
• Identification of their representatives to protect their personal data
• The requirement to clarify his personal data, block or destroy it in case personal data are incomplete, outdated, inaccurate, illegally obtained or are not necessary for the stated purpose of processing, and also take legal measures to protect their rights
• The requirement to notify the Operator of all persons who have previously been informed of incorrect or incomplete personal data of the Client, about all exceptions, corrections or additions made in them
• appeal against actions or omissions of the operator to the authorized body for the protection of the rights of subjects of personal data or in court.
6. Responsibility for violation of the rules governing the processing and protection of personal data of clients.
6.1 Persons guilty of violating the requirements of this Federal Law are liable under the laws of the Russian Federation.
6.2 Moral damage caused to the subject of personal data due to violation of his rights, violation of the rules for processing personal data, legislation, as well as requirements for the protection of personal data is subject to reimbursement in accordance with the legislation of the Russian Federation. Compensation for moral damage is carried out irrespective of compensation for property damage and losses incurred by the subject of personal data.
6.3 Employees of the Operator who have received access to the personal data of the students in accordance with the established procedure, those responsible for violating the rules governing the receipt, processing and protection of the personal data of the trainees are held accountable under the current legislation.
7. Final provisions
This version of the Regulation comes into force from 27.02.2015 and is valid until the approval of the new provision.
15 May 2019
28 April 2019
28 April 2019
28 April 2019
Our servicesWant to be our partner?
3 Mar 14:59
3 Mar 14:59