Personal Data Processing Policy

1. General Provisions
This personal data processing policy is compiled in accordance with the requirements of the Federal Law "On Personal Data" of 27.07.2006 No. 152-FZ and the General Data Protection Regulation (GDPR) and defines the procedure of processing of personal data and measures to ensure the security of personal data by the individual entrepreneur PK AGROSIB (hereinafter — the Operator).

1.1. The Operator's main purpose and condition for its actions is to ensure observance of human and civil rights and freedoms when processing their personal data, including protection of the rights to privacy, and personal and family privacy.

1.2. The present policy of the Operator in relation to the processing of personal data (hereinafter — the Policy) applies to all information that the Operator can receive about visitors of the https://pkagrosib.com/eng-main website.

2. Terms and Definitions

2.1. "Automated processing of personal data" is the processing of personal data with the help of computing equipment;

2.2. "Blocking of personal data" is a temporary suspension of processing of personal data (except when the processing is necessary to clarify personal data);

2.3. "Website" is a complex of graphic and informational content, as well as software and databases ensuring their availability on the Internet at the https://pkagrosib.com/eng-main web address (hereinafter — the Website);

2.4. "Personal data information system" is a set of personal data contained in databases of personal data and information technology and technical means providing their processing;

2.5. "Depersonalization of personal data" is actions as a result of which it is impossible to determine, without using additional information, what personal data belongs to a particular User or another subject of personal data;

2.6. "Processing of personal data" is any action (operation) or set of actions (operations) performed, with or without the use of automated means, with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data;

2.7. "Operator" is a state authority, municipal authority, legal entity, or individual, independently or jointly with other persons, arranging and (or) carrying out the processing of personal data, as well as determining the purpose of the processing of personal data, the scope of personal data to be processed, actions (operations) performed with personal data;

2.8. "Personal data" is any information pertaining to a directly or indirectly identified or identifiable User of the https://pkagrosib.com/eng-main Website;

2.9. "Personal data allowed for dissemination by User" is personal data to which an unrestricted circle of persons is granted access by the User through consent to the processing of personal data, permitted by the User for dissemination in the manner provided by the Personal Data Law (hereinafter — Personal data permitted for dissemination);

2.10. "User" is any visitor to the https://pkagrosib.com/eng-main Website;

2.11. "Provision of personal data" is actions aimed at disclosure of personal data to a certain person or a certain group of persons;

2.12. "Distribution of personal data" is any action aimed at disclosure of personal data to an indefinite range of persons (transfer of personal data) or at familiarizing an unlimited range of persons with personal data, including publication of personal data in mass media, placement in information and telecommunication networks, or providing access to personal data in any other way;

2.13. "Cross-border personal data transfer" is the transfer of personal data to the territory of a foreign state to an authority of a foreign state, foreign individual, or foreign legal entity;

2.14. "Destruction of personal data" is any action as a result of which personal data is destroyed irretrievably with the impossibility of further restoration of the content of personal data in the personal data information system and (or) as a result of which physical media of personal data are destroyed.

3. Operator Rights and Obligations

3.1. The Operator has the right to:
— receive accurate information and/or documents containing personal data from the User;
— continue processing personal data without the consent of the User, in the event that the User withdraws consent to the processing of personal data, as well as sends an application to stop processing personal data, if there are grounds specified in the Law on Personal Data;
— independently determine the composition and list of measures necessary and sufficient to ensure the fulfillment of the obligations provided for by the Law on Personal Data and regulations adopted in accordance with it, unless otherwise provided by the Law on Personal Data or other federal laws.

3.2. The Operator is obliged to:
— provide the User, at his request, with information regarding the processing of his personal data;
— organize the processing of personal data in the manner established by the current legislation of the Russian Federation;
— respond to requests from Users and their legal representatives in accordance with the requirements of the Personal Data Law;
— report to the authorized body for the protection of the rights of personal data subjects, at the request of this body, the necessary information within 10 days from the date of receipt of such a request;
— the operator is obliged to publish or otherwise provide unrestricted access to this Policy regarding the processing of personal data;
— the operator is obliged to take legal, organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other unlawful actions in relation to personal data;
— stop the transfer (distribution, provision, access) of personal data, stop processing and destroy personal data in the manner and cases provided for by the Law on Personal Data;
— fulfill other obligations provided for by the Personal Data Law.

4. User Rights and Obligations

4.1. Users have the rights to:
— receive information regarding the processing of their personal data, except in cases provided for by federal laws. The information is provided to the User by the Operator in an accessible form, and it should not contain personal data relating to other Users, except in cases where there are legal grounds for the disclosure of such personal data. The list of information and the procedure for obtaining it is established by the Law on Personal Data;
— demand clarification of User’s own personal data from the Operator, blocking or destruction of it if the personal data is incomplete, outdated, inaccurate, illegally obtained or is not necessary for the stated purpose of processing, as well as take measures provided by law to protect their rights;
— put forward a condition of prior consent when processing personal data in order to promote goods, works and services on the market;
— withdraw consent to the processing of personal data, as well as to send a request to stop processing personal data;
— appeal to the authorized body for the protection of the rights of personal data subjects or in court against unlawful actions or inaction of the Operator when processing his personal data;
— exercise other rights provided for by the legislation of the Russian Federation.

4.2. Users are obliged to:
— provide the Operator with reliable information about yourself;
— inform the Operator about clarification (updating, changing) of personal data.

4.3. Users who provided the Operator with false information about themselves or information about another User without the latter’s consent are liable in accordance with the legislation of the Russian Federation.

5. Principles for Processing Personal Data

5.1. The processing of personal data is carried out on a legal and fair basis.

5.2. The processing of personal data is limited to the achievement of specific, pre-defined and legitimate purposes. Processing of personal data that is incompatible with the purposes of collecting personal data is not permitted.

5.3. It is not allowed to combine databases containing personal data, the processing of which is carried out for purposes that are incompatible with each other.

5.4. Only personal data that meets the purposes of their processing are subject to processing.

5.5. The content and volume of personal data processed correspond to the stated purposes of processing. Redundancy of the processed personal data in relation to the stated purposes of their processing is not allowed.

5.6. When processing personal data, the accuracy of personal data, their sufficiency, and, where necessary, relevance in relation to the purposes of processing personal data are ensured. The Operator takes the necessary measures and/or ensures that they are taken to delete or clarify incomplete or inaccurate data.

5.7. The storage of personal data is carried out in a form that makes it possible to identify the subject of personal data, no longer than required by the purposes of processing personal data, unless the period for storing personal data is established by federal law, an agreement to which the subject of personal data is a party, beneficiary or guarantor. The processed personal data is destroyed or anonymized upon achievement of the processing goals or in the event of the loss of the need to achieve these goals, unless otherwise provided by federal law.

6. Purposes Of Personal Data Processing
The purpose of processing the User's personal data is:
to provide the User with access to information via emails.
The User’s personal data includes:
  • surname, first name, patronymic, contact telephone number and e-mail address.
Legal basis for personal data processing includes:
  • the Federal Law "On Personal Data" of 27.07.2006 No. 152-FZ.
Types of personal data processing include:
  • personal data collection, recording, systematization, accumulation, storage, updating, extraction, usage, distribution, depersonalisation, blocking, removal, and destruction.
7. Conditions for Personal Data Processing

7.1. The processing of personal data is carried out with the consent of the User to the processing of his personal data.

7.2. The processing of personal data is necessary to achieve the goals provided for by an international treaty of the Russian Federation or law, to implement the functions, powers and responsibilities assigned by the legislation of the Russian Federation to the Operator.

7.3. The processing of personal data is necessary for the administration of justice, the execution of a judicial act, an act of another body or official, subject to execution in accordance with the legislation of the Russian Federation on enforcement proceedings.

7.4. The processing of personal data is necessary for the execution of an agreement to which the User is a party or beneficiary or guarantor, as well as for concluding an agreement on the initiative of the subject of personal data or an agreement under which the subject of personal data will be a beneficiary or guarantor.

7.5. The processing of personal data is necessary to exercise the rights and legitimate interests of the Operator or third parties or to achieve socially significant goals, provided that the rights and freedoms of the User are not violated.

7.6. The processing of personal data is carried out, access to an unlimited number of persons is provided by the User or at his request (hereinafter — publicly available personal data).

7.7. We process personal data that is subject to publication or mandatory disclosure in accordance with federal law.

8. Personal Data Collection, Storage, Transfer, And Other Processing Procedures
Security of personal data processed by the Operator is ensured by implementing legal, organizational, and technical measures necessary to meet in full the requirements of applicable legislation in the area of personal data protection.

8.1. The Operator provides the security of personal data and takes all possible measures aimed at excluding access to personal data by unauthorized persons.

8.2. Personal data of the User will never, under no circumstances be transferred to third parties, except in cases related to the execution of the applicable legislation.

8.3. In case of identification of inaccuracies in personal data, the User may update them on their own by sending a notice to the Operator's email address pkagrosib@gmail.com marked "Updating of personal data".

8.4. The period of processing of personal data is determined by the length of time required to achieve the purpose of processing personal data, if no other term is specified in the contract or by applicable legislation."
The User may withdraw their consent to the processing of personal data at any time by sending a notice by email to the Operator's email address pkagrosib@gmail.com marked "Withdrawal of consent to the processing of personal data".

8.5. All information that is collected by third-party services, including payment systems, communications and other service providers, is stored and processed by these persons (Operators) in accordance with their User Agreement and Privacy Policy. The Operator is not responsible for the actions of third parties, including the service providers specified in this paragraph.

8.6. Prohibitions established by the User on the transfer (except for providing access), as well as on processing or conditions for processing (except for gaining access) of personal data permitted for distribution, do not apply in cases of processing personal data in state, public and other public interests determined by law the Russian Federation law.

8.7. When processing personal data, the Operator ensures the confidentiality of personal data.

8.8. The Operator stores personal data in a form that makes it possible to identify the User for no longer than required by the purposes of processing personal data, unless the period for storing personal data is established by federal law, an agreement to which the User is a party, beneficiary or guarantor.

8.9. The conditions for terminating the processing of personal data may be the achievement of the purposes of processing personal data, the expiration of the consent of the User, the withdrawal of consent by the User or a requirement to cease the processing of personal data, as well as the identification of unlawful processing of personal data.

9. Actions performed by the Operator with received personal data

9.1. The Operator collects, records, systematizes, accumulates, stores, refines (updates, changes), extracts, uses, transfers (distribute, provide, access), depersonalizes, blocks, deletes and destroys personal data.

9.2. The Operator carries out automated processing of personal data with or without receiving and/or transmitting the received information via information and telecommunication networks.

10. Cross-Border Personal Data Transfer

10.1. Before starting activities for the cross-border transfer of personal data, the Operator is obliged to notify the authorized body for the protection of the rights of Users of its intention to carry out cross-border transfer of personal data (such notification is sent separately from the notification of the intention to process personal data).

10.2. Before submitting the above notification, the Operator is obliged to obtain relevant information from the authorities of a foreign state, foreign individuals, foreign legal entities to whom the cross-border transfer of personal data is planned.

11. Personal Data Confidentiality
The Operator and others who have access to personal data are obliged not to disclose to third parties or distribute personal data without the consent of the User, unless otherwise provided by federal law.

12. Final Provisions

12.1. The User may obtain any explanations on questions of interest regarding the processing of their personal data by contacting the Operator through email at pkagrosib@gmail.com.

12.2. This document will reflect any changes in the personal data processing policy by the Operator. The Policy is valid indefinitely until it is replaced with a new version.

12.3. The updated version of the Policy is freely available on the Internet at https://pkagrosib.com/eng-main