Personal data policy

PERSONAL DATA POLICY

• 1 General provisions
  • 1.1 Personal data policy (hereinafter - Policy) is aimed at protecting the rights and freedoms of individuals whose personal data it processes the Limited Liability Company "Phoenix Ultracapacitors" (hereinafter the Operator).
  • 1.2 The Policy is developed in accordance with the Federal law number 152-FL "On personal data" of July 27, 2006, article 18.1, part 1, paragraph 2 (hereinafter the FL "On personal data").
  • 1.3 The Policy is a publicly available document and contains information subjected to disclosure in accordance with the FL "On personal data", article 14, part 1.
• 2 Information about the operator
  • 2.1 The Operator operates at the address: 8-1-11, Tvardovskogo str., Moscow, Russia, 123458. 
• 3 Information about processing of personal data
  • 3.1 The Operator processes personal data on a legal and fair basis to perform the functions, powers and duties assigned by the legislation, exercise the rights and legitimate interests of the Operator, employees of the Operator and third parties.
  • 3.2 The Operator receives personal data directly from the data subject.
  • 3.3 The Operator processes personal data by automated and manual methods, with the use of computer equipment and without the use of such means.
  • 3.4 The processing of personal data includes collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, usage, transfer (distribution, provision, access), depersonalization, blocking, deletion and destruction.
• 4 Processing of customer personal data
  • 4.1 The Operator processes customer personal data within the legal relationship with the Operator regulated by the Civil Code of the Russian Federation of January 26, 1996 number 14-FL, part 2.
  • 4.2 The Operator processes customer personal data in order to comply with the norms of the Russian Federation legislation, as well as to:
    • — inform about new products, special promotions and offers;
    • — conclusion and execution the terms of the contract.
  • 4.3 The Operator processes customer personal data with the consent provided by the customer and/or their legal representatives by making conclusive action on this website including but not limited to placement of orders, newsletter subscriptions in accordance with the Policy.
  • 4.4 The Operator processes customer personal data no longer than it is required for the purpose of the personal data processing, unless otherwise provided by the laws of the Russian Federation.
  • 4.5 The Operator processes the following customer personal data:
    • — last name, first name, patronymic;
    • — address;
    • — phone number;
    • — email.
• 5 Information on ensuring the security of personal data
  • 5.1 The Operator appoints a person responsible for organizing the processing of personal data to perform the duties provided by the FL "On personal data" and the regulatory legal acts adopted in accordance with it.
  • 5.2. The Operator applies a set of legal, organizational and technical measures to ensure the security of personal data to ensure the confidentiality of personal data and their protection from illegal actions:
    • — provides unlimited access to the Policy, a copy of which is posted at the address of the Operator, and can also be posted on the Operator's website (if there is a website);
    • — approves and enforces the document "Regulations about processing of personal data" (hereinafter the Regulations) and other local acts in pursuance of the Policy;
    • — familiarizes employees with the provisions of the legislation on personal data, as well as with the Policy and the Regulations;
    • — provides access of employees to personal data processed in the Operator's information system as well as to their material carriers only to perform their work duties;
    • — establishes the rules for access to personal data processed in the Operator's information system, and also ensures registration and accounting of all actions with them;
    • — assesses the harm that may be caused to subjects of personal data in case of violation of the FL "On personal data";
    • — identifies threats to the security of personal data during their processing in the Operator's information system;
    • — applies organizational and technical measures and uses information protection means necessary to achieve the established level of protection of personal data;
    • — detects facts of unauthorized access to personal data and takes response measures, including the restoration of personal data modified or destroyed due to unauthorized access to them;
    • — evaluates the effectiveness of measures taken to ensure the security of personal data prior to the commissioning of the Operator's information system;
    • — carries out internal control over the compliance of the processing of personal data with the FL "On personal data", the regulatory legal acts adopted in accordance with it, the requirements for the protection of personal data, the Policy, the Regulation and other local acts, including control over the measures taken to ensure the security of personal data and their level of security when processed in the Operator's information system.
• 6 Rights of subjects of personal data
  • 6.1  The subject of personal data has the right:
    • — to receive personal data relating to this subject and information regarding their processing;
    • — to clarify, block or destroy his personal data if they are incomplete, outdated, inaccurate, illegally obtained or are not necessary for the stated purpose of processing;
    • — to revoke his consent to processing of personal data;
    • — to protect their rights and legitimate interests, including compensation for damage and compensation for moral damage in court;
    • — to appeal against the actions or omissions of the Operator to the authorized body for the protection of the rights of subjects of personal data or in court.
  • 6.2 Subjects of personal data have the right to contact the Operator or send a request in person or with a representative assistance to exercise their rights and legitimate interests. The request must contain the information specified in FL "On personal data", article 14, part 3.